search

qgis / qwc2-demo-app

QWC2 demo application
Other
240 stars 149 forks source link

Permissions are not created #540

Open dominik-warch opened 3 months ago

dominik-warch commented 3 months ago

I have a basic working installation, with the QWC demo project and my own test project. I have deactivated the standard access via "permissions_default_allow": false in the tenantConfig.json, now I wanted to create the authorization for the maps and layers for individual roles/groups. However, this does not seem to work.

image

Here, for example, is the map permission in the Admin GUI. But the theme selection window in the client remains completely empty. I also noticed that the generated permissions.json only contains changes regarding new roles, groups and users, but no permissions.

image

dominik-warch commented 2 months ago

I was still not able to solve this issue - the config-generator writes new roles, users and groups into the permissions.json but no actual permissions even if they are in the config-db. Does anyone have an idea?

manisandro commented 2 months ago

I've just verified the permissions_default_allow: false and it works correctly here. Can you reproduce the issue with the latest qwc-config-generator? See also the explanation in [1]

[1] https://github.com/qgis/qwc2-demo-app/issues/548#issuecomment-2058288050

dominik-warch commented 2 months ago

Ok, I made another try with the following steps:

  1. Resources -> Import Maps
  2. Resources -> Import Resources (with the desired map) a. Import Layers for admin with priority 1 c. Import Data for admin with priority 1 d. Import Data (read) for admin with priority 1
  3. Generate service configuration

Now I have a bunch of permissions for data_datasets, but still not for wms_service and theme is also not visible for my user.

I have a bunch of warnings and validator errors:

ERROR: Validation error: None is not one of ['USER-DEFINED', 'bigint', 'boolean', 'character', 'character varying', 'date', 'double precision', 'file', 'integer', 'json', 'jsonb', 'numeric', 'real', 'smallint', 'text', 'time', 'timestamp with time zone', 'timestamp without time zone', 'uuid']
WARNING: Location: .resources.datasets[43].fields[3].data_type
WARNING: Value: null
ERROR: Validation error: None is not of type 'string'
WARNING: Location: .resources.datasets[43].fields[4].data_type
WARNING: Value: null

Could this be the reason or is this a different problem?

I also don't have to use permissions_default_allow: false if I can block/disable individual themes for public, if this is easier? But I didn't see a specific "block" permission in the documentation.