ROR 1.57.3 ES 8.13.2 Double usernames allowed?

New Features Ideas
1

:bulb: Prevent double usernames in ROR config GUI?

It seems you are able to configure multiple users with the same username (and a different password) in the ROR config GUI.

This can give some strange behaviour that your permissions change based on which password you use (and thus which username matches).

It would maybe be a good idea to prevent this and throw an error on saving in this case?

The example is a dummy config example for privacy reasons.
In this case if usera logs in with the password for keya he gets groupa permissions.
If the usera logs in with the password for keyb het gets groupb permissions.

:eyes: Example

readonlyrest:
  enable: true
  prompt_for_basic_auth: false
  access_control_rules:
  ***access rules etc***
  users:
  - username: usera
    auth_key_sha256: keya
    groups: ["groupa"]
  - username: usera
    auth_key_sha256: keyb
    groups: ["groupb"]

:rocket: Let’s do this?

  • 1
  • 2
  • 3
  • 4
  • 5
0 voters
2

yeah, we can do that :slight_smile:

1 Like