UpSnap icon indicating copy to clipboard operation
UpSnap copied to clipboard
verified publisher icon seriousm4x

[BUG] Edit Device as oidc admin user

Open domenico-dig opened this issue 1 year ago • 3 comments

The bug

II do login with OIDC provider, i have all permission image

but when i edit device i have this error image

The OS that UpSnap is running on

Ubuntu 22.04

Version of UpSnap

4..3.2

Your docker-compose.yml content

services:
  upsnap:
    container_name: upsnap
    image: ghcr.io/seriousm4x/upsnap:4 # images are also available on docker hub: seriousm4x/upsnap:4
    network_mode: host
    restart: unless-stopped
    volumes:
      - ./data:/app/pb_data
    # # To use a non-root user, create the mountpoint first (mkdir data) so that it has the right permission.
    # user: 1000:1000
    # environment:
    #   - TZ=Europe/Berlin # Set container timezone for cron schedules
    #   - UPSNAP_INTERVAL=@every 10s # Sets the interval in which the devices are pinged
    #   - UPSNAP_SCAN_RANGE=192.168.1.0/24 # Scan range is used for device discovery on local network
    #   - UPSNAP_SCAN_TIMEOUT=500ms # Scan timeout is nmap's --host-timeout value to wait for devices (https://nmap.org/book/man-performance.html)
    #   - UPSNAP_PING_PRIVILEGED=true # Set to false if you don't have root user permissions
    #   - UPSNAP_WEBSITE_TITLE=Custom name # Custom website title
    # # dns is used for name resolution during network scan
    # dns:
    #   - 192.18.0.1
    #   - 192.18.0.2
    # # you can change the listen ip:port inside the container like this:
    # entrypoint: /bin/sh -c "./upsnap serve --http 0.0.0.0:5000"
    # healthcheck:
    #   test: curl -fs "http://localhost:5000/api/health" || exit 1
    #   interval: 10s
    # # or install custom packages for shutdown
    # entrypoint: /bin/sh -c "apk update && apk add --no-cache <YOUR_PACKAGE> && rm -rf /var/cache/apk/* && ./upsnap serve --http 0.0.0.0:8090"

Reproduction steps

1. Set all privilege to user after login with oidc
2. Map Device to user
3. Login With oidc user
4. Edit device
...

Additional information

No response

domenico-dig avatar Oct 01 '24 10:10 domenico-dig

Did you check "allow edit" for the user?

Screenshot_20241007_204223

seriousm4x avatar Oct 07 '24 18:10 seriousm4x

yes is enabled

Il giorno lun 7 ott 2024 alle ore 20:44 seriousm4x @.***> ha scritto:

Did you check "allow edit" for the user?

Screenshot_20241007_204223.png (view on web) https://github.com/user-attachments/assets/3e6af5a3-85b5-4419-a54c-dc0c08a7de63

— Reply to this email directly, view it on GitHub https://github.com/seriousm4x/UpSnap/issues/800#issuecomment-2397635537, or unsubscribe https://github.com/notifications/unsubscribe-auth/BJXGSNHZLOI54ZHP4M3RI3TZ2LJABAVCNFSM6AAAAABPFH3XZ6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDGOJXGYZTKNJTG4 . You are receiving this because you authored the thread.Message ID: @.***>

domenico-dig avatar Oct 08 '24 15:10 domenico-dig

image

Il giorno lun 7 ott 2024 alle ore 20:44 seriousm4x @.***> ha scritto:

Did you check "allow edit" for the user?

Screenshot_20241007_204223.png (view on web) https://github.com/user-attachments/assets/3e6af5a3-85b5-4419-a54c-dc0c08a7de63

— Reply to this email directly, view it on GitHub https://github.com/seriousm4x/UpSnap/issues/800#issuecomment-2397635537, or unsubscribe https://github.com/notifications/unsubscribe-auth/BJXGSNHZLOI54ZHP4M3RI3TZ2LJABAVCNFSM6AAAAABPFH3XZ6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDGOJXGYZTKNJTG4 . You are receiving this because you authored the thread.Message ID: @.***>

domenico-dig avatar Oct 08 '24 15:10 domenico-dig

Is your problem related to https://github.com/seriousm4x/UpSnap/issues/715 ? You might need to forward authorization headers if you are using a reverse proxy.

seriousm4x avatar Nov 14 '24 16:11 seriousm4x

I've just tested permissions with authentik after my small changes and couldn't find any more issues. So this should be fixed in the next release.

seriousm4x avatar Dec 28 '24 11:12 seriousm4x