Configure web-panel user roles

Question

Our Scenario:
I'd like to use the Logs plugin for our app.

1. app sends logs to server with MDMService.Log.
2. System Operator view the logs on web-panel.

Problem:
It looks like we need admin role to view the logs

Question:
Can I view the logs without admin role?

Answer 1

You can tune the user permissions, however it is not (yet) included in the user interface. You need to update values in the Headwind MDM database.

From the command line, run the following commands (as root):

# su postgres

# psql hmdm

Or find login and password to access the database in the XML configuration (/var/lib/tomcat8/conf/Catalina/localhost/ROOT.xml), and connect to the database by running the command

# psql hmdm -U (username)

In the PostgreSQL shell, find the list of permissions:

# SELECT id, name FROM permissions;

You will see a permission with id=110 and name='plugin_devicelog_access'. 

Then look into the list of roles:

# SELECT id, name FROM userroles;

You will see that a user role 'User' has id=3.

Insert the corresponding relation in the table of user role permissions:

# INSERT INTO userrolepermissions(roleId, permissionId) VALUES (3, 110);

Logout from the web panel and re-login. You must see the logs!

To revoke a permission, use the DELETE command:

DELETE FROM userrolepermissions WHERE roleid=3 AND permissionid=110;

Comments

If you need to create a new role, for example "Manager", do the following:

INSERT INTO userroles VALUES (4, 'Manager', 'description', 'f');

The role has been created, next we need to add the necessary permissions to this role from the list of permissions.

INSERT INTO userrolepermissions(roleId, permissionId) VALUES (4, 115);
INSERT INTO userrolepermissions(roleId, permissionId) VALUES (4, 121);
....
INSERT INTO userrolepermissions(roleId, permissionId) VALUES (4, 108);

After the necessary permissions are added logout from the web panel and re-login.

Answer 2

You can manage user roles and their permissions in Settings - User Roles.