Fixed ACLs and sending commands from frontend

2026-03-20 10:19:46 +10:30 · 2026-03-20 10:19:46 +10:30 · 51c27ac9fb
commit 51c27ac9fb
parent c8df88ae8d
2 changed files with 27 additions and 35 deletions
--- a/broker/acl.conf
+++ b/broker/acl.conf
@ -19,15 +19,14 @@
 %% Authenticated users
 %% =========================

-{allow, {user, "bob"}, subscribe, ["device/#"]}.

 %% Any authenticated user can read all device topics
-{allow, {user, all}, subscribe, ["device/+/meta/#"]}.
-{allow, {user, all}, subscribe, ["device/+/property/#"]}.
-{allow, {user, all}, subscribe, ["device/+/command/#"]}.
+{allow, all, subscribe, ["device/+/meta/#"]}.
+{allow, all, subscribe, ["device/+/property/#"]}.
+{allow, all, subscribe, ["device/+/command/#"]}.

 %% Any authenticated user can publish commands to any device
-{allow, {user, all}, publish, ["device/+/command/+"]}.
+{allow, all, publish, ["device/+/command/+"]}.


 %% =========================
@ -35,22 +34,14 @@
 %% =========================

 %% Clients can SUBSCRIBE to their own response inbox
-{allow, {user, all}, subscribe, ["client/${clientid}/responses/#"]}.
+{allow, all, subscribe, ["client/${clientid}/responses/#"]}.

 %% Authenticated users can PUBLISH to any client response inbox
-{allow, {user, all}, publish, ["client/+/responses/#"]}.
+{allow, all, publish, ["client/+/responses/#"]}.

 %% (No subscribe permission for others -> enforced by default deny)


-%% =========================
-%% Unauthenticated users
-%% =========================
-
-%% Allow anonymous users to read ONLY meta topics
-{allow, {ipaddr, "0.0.0.0/0"}, subscribe, ["device/+/meta/#"]}.
-
-
 %% =========================
 %% Default deny
 %% =========================
--- a/console/src/components/dashboard/CommandsWidget.vue
+++ b/console/src/components/dashboard/CommandsWidget.vue
@ -113,34 +113,35 @@
      }
    })

-    // mqttRef.value.subscribe(`client/${mqttRef.value.clientId}/responses`, (payload, topic) => {
-    //   let response = JSON.parse(payload)
+    mqttRef.value.subscribe(`client/${mqttRef.value.clientId}/responses`, (payload, topic) => {
+      let response = JSON.parse(payload)

-    //   const responseId = response.correlation
-    //   const cmd = commandByResponseId[responseId]
+      const responseId = response.correlation
+      const cmd = commandByResponseId[responseId]

-    //   if (cmd) {
-    //     cmd.response = response
+      if (cmd) {
+        cmd.response = response

-    //     toast.add({
-    //       severity: response.success ? 'success' : 'error',
-    //       summary: cmd.name,
-    //       detail:
-    //         response.message !== 'None'
-    //           ? response.message
-    //           : response.success
-    //             ? 'Success'
-    //             : 'Failed',
-    //       life: 4000,
-    //     })
+        toast.add({
+          severity: response.success ? 'success' : 'error',
+          summary: cmd.name,
+          detail:
+            response.message !== 'None'
+              ? response.message
+              : response.success
+                ? 'Success'
+                : 'Failed',
+          life: 4000,
+        })

-    //     delete commandByResponseId[responseId]
-    //   }
-    // })
+        delete commandByResponseId[responseId]
+      }
+    })
  })

  onUnmounted(() => {
    mqttRef.value.unsubscribe(`device/${props.deviceId}/command/#`)
+    mqttRef.value.unsubscribe(`client/${mqttRef.value.clientId}/responses`)
  })

  const jsonFormsConfig = {