OctoPrint-BedLevelVisualizer icon indicating copy to clipboard operation
OctoPrint-BedLevelVisualizer copied to clipboard

Published 20 hours ago verified publisher icon jneilliii

Bed Visualizer is accessible with basic view permissions via web interface

Open jneilliii opened this issue 1 year ago • 0 comments

Discussed in https://github.com/jneilliii/OctoPrint-BedLevelVisualizer/discussions/580

Originally posted by Scutz December 21, 2022 The Bed Visualizer Plugin is being shown with basic permissions for accounts that login via the webinterface.

I tried creating an account that only has the following rights: "Settings Access, Status, Webcam" to watch my printer via work. With these permissions it was possible to access the "Bed Visualizer" Tab and start a mesh update. The damage possible is not really high, but it would be better from the privace perspective to block this setting for accounts with these permissions. Can you update this?

Thank you for your nice plugin :)

jneilliii avatar Dec 22 '22 01:12 jneilliii