You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Mar 31, 2022. It is now read-only.
Currently if I create user that is intended to have only REST API access - this user still can login to backoffice UI.
This user can see main screen and all components on the main screen.
He cannot open any screens from menu because he doesn't have menu / screen permissions.
But if he has some entity permissions, or if components in the main screen's initialLayout use native SQL / entityManager to load data - then user will be able to see it, without ability to restrict him.
So it feels that we need to port "login to web/backoffice ui" permission from CUBA. And provide built-in "system-backoffice-minimal" role with one this permission.
GlebDurygin
changed the title
Create specific permission "login to backoffice UI" and built-in role "system-backoffice-minimal"
Create specific permission security.ui.loginToBackofficeUi and built-in role minimal-backoffice-ui
Mar 22, 2021
GlebDurygin
changed the title
Create specific permission security.ui.loginToBackofficeUi and built-in role minimal-backoffice-ui
Create specific permission ui.loginToUi and built-in role ui-minimal
Mar 23, 2021
GlebDurygin
pushed a commit
to jmix-projects/jmix-translations
that referenced
this issue
Mar 24, 2021
Currently if I create user that is intended to have only REST API access - this user still can login to backoffice UI.
This user can see main screen and all components on the main screen.
He cannot open any screens from menu because he doesn't have menu / screen permissions.
But if he has some entity permissions, or if components in the main screen's
initialLayout
use native SQL / entityManager to load data - then user will be able to see it, without ability to restrict him.So it feels that we need to port "login to web/backoffice ui" permission from CUBA. And provide built-in "system-backoffice-minimal" role with one this permission.
Solution
ui.loginToUi
QA
ui.loginToUi
specific permission.ui-minimal
role can login to UI.The text was updated successfully, but these errors were encountered: