You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
API access (only hass.io) should be controlled by roles. The idea behind this is, that a add-on have not to many rights to API by default and a hacker of a add-on should be limited to fuck up the hole system.
API call without API flag are included to all roles
A new add-on config option: hassio_role: "ROLE"
Follow defined rules:
default / Can call all info
homeassistant / Can control Home Assistant
manager / Can do all what a CLI should be able to do
admin / Dangerous, have full access to all
The text was updated successfully, but these errors were encountered:
API access (only hass.io) should be controlled by roles. The idea behind this is, that a add-on have not to many rights to API by default and a hacker of a add-on should be limited to fuck up the hole system.
API call without API flag are included to all roles
A new add-on config option:
hassio_role: "ROLE"
Follow defined rules:
default
/ Can call all infohomeassistant
/ Can control Home Assistantmanager
/ Can do all what a CLI should be able to doadmin
/ Dangerous, have full access to allThe text was updated successfully, but these errors were encountered: