Open dominik-warch opened 7 months ago
I was still not able to solve this issue - the config-generator writes new roles, users and groups into the permissions.json but no actual permissions even if they are in the config-db. Does anyone have an idea?
I've just verified the permissions_default_allow: false
and it works correctly here. Can you reproduce the issue with the latest qwc-config-generator? See also the explanation in [1]
[1] https://github.com/qgis/qwc2-demo-app/issues/548#issuecomment-2058288050
Ok, I made another try with the following steps:
Layers
for admin
with priority 1
c. Import Data
for admin
with priority 1
d. Import Data (read)
for admin
with priority 1
Now I have a bunch of permissions for data_datasets
, but still not for wms_service
and theme is also not visible for my user.
I have a bunch of warnings and validator errors:
ERROR: Validation error: None is not one of ['USER-DEFINED', 'bigint', 'boolean', 'character', 'character varying', 'date', 'double precision', 'file', 'integer', 'json', 'jsonb', 'numeric', 'real', 'smallint', 'text', 'time', 'timestamp with time zone', 'timestamp without time zone', 'uuid']
WARNING: Location: .resources.datasets[43].fields[3].data_type
WARNING: Value: null
ERROR: Validation error: None is not of type 'string'
WARNING: Location: .resources.datasets[43].fields[4].data_type
WARNING: Value: null
Could this be the reason or is this a different problem?
I also don't have to use permissions_default_allow: false
if I can block/disable individual themes for public
, if this is easier? But I didn't see a specific "block" permission in the documentation.
I have a basic working installation, with the QWC demo project and my own test project. I have deactivated the standard access via
"permissions_default_allow": false
in thetenantConfig.json
, now I wanted to create the authorization for the maps and layers for individual roles/groups. However, this does not seem to work.Here, for example, is the map permission in the Admin GUI. But the theme selection window in the client remains completely empty. I also noticed that the generated
permissions.json
only contains changes regarding new roles, groups and users, but no permissions.