jono/mqttdevicemanager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixed ACLs and sending commands from frontend

Browse Source
This commit is contained in:
Jono Targett 2026-03-20 10:19:46 +10:30
parent c8df88ae8d
commit 51c27ac9fb
2 changed files with 27 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
broker/acl.conf
View File

@ -19,15 +19,14 @@
%% Authenticated users %% Authenticated users
%% ========================= %% =========================
{allow, {user, "bob"}, subscribe, ["device/#"]}.
%% Any authenticated user can read all device topics %% Any authenticated user can read all device topics
{allow, {user, all}, subscribe, ["device/+/meta/#"]}. {allow, all, subscribe, ["device/+/meta/#"]}.
{allow, {user, all}, subscribe, ["device/+/property/#"]}. {allow, all, subscribe, ["device/+/property/#"]}.
{allow, {user, all}, subscribe, ["device/+/command/#"]}. {allow, all, subscribe, ["device/+/command/#"]}.
%% Any authenticated user can publish commands to any device %% Any authenticated user can publish commands to any device
{allow, {user, all}, publish, ["device/+/command/+"]}. {allow, all, publish, ["device/+/command/+"]}.
%% ========================= %% =========================
@ -35,22 +34,14 @@
%% ========================= %% =========================
%% Clients can SUBSCRIBE to their own response inbox %% Clients can SUBSCRIBE to their own response inbox
{allow, {user, all}, subscribe, ["client/${clientid}/responses/#"]}. {allow, all, subscribe, ["client/${clientid}/responses/#"]}.
%% Authenticated users can PUBLISH to any client response inbox %% Authenticated users can PUBLISH to any client response inbox
{allow, {user, all}, publish, ["client/+/responses/#"]}. {allow, all, publish, ["client/+/responses/#"]}.
%% (No subscribe permission for others -> enforced by default deny) %% (No subscribe permission for others -> enforced by default deny)
%% =========================
%% Unauthenticated users
%% =========================
%% Allow anonymous users to read ONLY meta topics
{allow, {ipaddr, "0.0.0.0/0"}, subscribe, ["device/+/meta/#"]}.
%% ========================= %% =========================
%% Default deny %% Default deny
%% ========================= %% =========================

41
console/src/components/dashboard/CommandsWidget.vue
View File

@ -113,34 +113,35 @@
} }
}) })
// mqttRef.value.subscribe(`client/${mqttRef.value.clientId}/responses`, (payload, topic) => { mqttRef.value.subscribe(`client/${mqttRef.value.clientId}/responses`, (payload, topic) => {
// let response = JSON.parse(payload) let response = JSON.parse(payload)
// const responseId = response.correlation const responseId = response.correlation
// const cmd = commandByResponseId[responseId] const cmd = commandByResponseId[responseId]
// if (cmd) { if (cmd) {
// cmd.response = response cmd.response = response
// toast.add({ toast.add({
// severity: response.success ? 'success' : 'error', severity: response.success ? 'success' : 'error',
// summary: cmd.name, summary: cmd.name,
// detail: detail:
// response.message !== 'None' response.message !== 'None'
// ? response.message ? response.message
// : response.success : response.success
// ? 'Success' ? 'Success'
// : 'Failed', : 'Failed',
// life: 4000, life: 4000,
// }) })
// delete commandByResponseId[responseId] delete commandByResponseId[responseId]
// } }
// }) })
}) })
onUnmounted(() => { onUnmounted(() => {
mqttRef.value.unsubscribe(`device/${props.deviceId}/command/#`) mqttRef.value.unsubscribe(`device/${props.deviceId}/command/#`)
mqttRef.value.unsubscribe(`client/${mqttRef.value.clientId}/responses`)
}) })
const jsonFormsConfig = { const jsonFormsConfig = {