You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently resource permissions are only evaluated for machine/REST users, but not for natural users accessing resources via servlet requests from a user page. Resource permissions are determined by the app permissions alone. To support real multi-user configurations, the applicable permissions in a servlet request should be determined as the intersection of user permissions and app permissions.
Example use case: consider a building with several rooms, where some users may control the settings (e.g. the temperature setpoint) for specific rooms only, but not for all of them. A possible way to achieve this could be to restrict the resource permissions for Rooms (assuming the app does not cache the room resources).
The text was updated successfully, but these errors were encountered:
Currently resource permissions are only evaluated for machine/REST users, but not for natural users accessing resources via servlet requests from a user page. Resource permissions are determined by the app permissions alone. To support real multi-user configurations, the applicable permissions in a servlet request should be determined as the intersection of user permissions and app permissions.
Example use case: consider a building with several rooms, where some users may control the settings (e.g. the temperature setpoint) for specific rooms only, but not for all of them. A possible way to achieve this could be to restrict the resource permissions for Rooms (assuming the app does not cache the room resources).
The text was updated successfully, but these errors were encountered: