Skip to content

[FEATURE] - Permissions rework. #76

New issue
New issue
Open
Open
[FEATURE] - Permissions rework.#76
Assignees
bitbound
Labels
enhancementNew feature or requestfeedback_requestedDeveloper is looking for community feedback on this issue.
@bitbound

Description

@bitbound
bitbound
opened on Jan 10, 2026

I want to re-implement user permissions in a more standardized way. Below is a tentative plan. Please let me know what you think!

  • Tags will only be used for labelling devices.
  • "Static" roles will remain, but only for things where scope and/or target resource is not a factor (e.g. ServerAdmin Role).
  • I'll add Customer Tenants, Device Groups, and User Groups.
  • Devices can be added to Customer Tenants and Device Groups.
    • You'll be able to sort/filter by these on the main device grid.
  • Users can be added to multiple groups.
  • I'll add various fine-grained permissions for all the device access features.
    • V1 implementation might not be 100% comprehensive.
    • Please leave comments with any permissions that you feel are absolutely essential (e.g. one person mentioned denying access to the secure/UAC desktop).
  • Permissions can be assigned to user groups or individual users.
  • Permissions can target customer tenants, device groups, or individual devices.
  • Permissions are checked in order of principal/resource priority.
  • Deny always wins.
  • The UI will be improved.

Metadata

Metadata

Assignees

Labels

enhancementNew feature or requestfeedback_requestedDeveloper is looking for community feedback on this issue.

Projects

ControlR

Status

Planned

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions