Feature: Multiple Users #2506
Feature: Multiple Users #2506
Conversation
|
This feature I agree that will put Uptime Kuma into another level. However, my answer is simply no. I don't recommend anyone working on it in this stage because it is a super super big task.
Didn't mention there are still so many pull requests I haven't reviewed yet. I think I will put my time on them first. |
|
Well, I will say I begun this as a test to see it was even possible, I created ways to add sub users, remove them and let them login, now I haven’t looked at permissions but the way I was going to add them, a proper way, would use way less than 150 files, but If you still want a pause on this I can close it, and when you mention the notifications my idea of read only user is that they will get notifications, and can see everything but not able to remove users, add monitors etc. |
|
@ItIzJR Would it be possible for you to share what you have done so far? It might help in making a decision if we can see how you are planning to implement this. |
|
Would you like images or code examples? |
|
You could probably just commit it (you can always revert the commit later), or you could copy in some examples. |
|
And you just want what I have done? Which is adding / deleting sub users and logging them in? |
|
Yeah, just something so that we can see in code how you are thinking about implementing multiple users. |
|
It didn't import correctly for some reason, so until I get back on tomorrow it'll have to be this way, if you check the repo for this under the "main" branch, the files will be in the areas with the commit message "sub user files" |
|
and... I just realized I forgot to include the most important part when I committed them, which was the login stuff, hopefully this will get you the main idea of how I will be planning on implementing these files though, also if you want I can also come up with the best way of implementing permissions, with as few changes as possible, while being secure as possible, I have actually done this before so I don't think it will be too hard. |
I see nothing changed in |
|
That would be due to the weird way GitHub imported it, whenever I get back from work if I have time I’ll fix it, but like I said the changes are in the files with “sub user files” in the main branch if you want to manually look at them, Ik it takes a lot more time, or you can wait till I get it to be fixed. |
|
Alright I have added all the files into main and they show up under the changes, also it seems after merging whatever you pulled today it throws and error, in your commit checking. This is what the files produce: 4ac66338175c06856f340976400a13b7.mp4375f8a8819f0ff5fe080094cc2b82375.mp4 |
|
I see the problem here. The reason we cannot see the commits is because they have been made on the |
|
Oh I didn’t notice that I’ll update it real quick, then I have to go but that gives you guys time to take a look |
|
I have to fix some stuff, I’ll have it updated as soon as possible |
Revert "Merge"
|
just my 2cents. |
Yes, definitely, the support (or at least designing/planning to support) of external authentication systems is a must, especially if we want to future proof. |
|
Already had that in mind, and ill get the code up today for you to look at |
|
Just noticed this issue: #2238 :) It's helpful! |
|
Sorry for my delay, I’ll get the code situated asap, been a busy week at work. I would definitely be able to implement that, thanks for the suggestion, and that is if they end up approving this. |
db/patch-sub-users.sql
Outdated
| -- You should not modify if this have pushed to Github, unless it does serious wrong with the db. | ||
| BEGIN TRANSACTION; | ||
|
|
||
| CREATE TABLE [sub_users]( |
There was a problem hiding this comment.
No idea why commits present here, but the File changed still shows nothing.
However, creating a new table sub_users which is not what I want to do unfortunately. As in this way, I believe all user related features have to re-implemented in order to handle both user and sub_users, which is not ideal. The best way should be keep using user table only.
As I said before, there will be so many discussions on how to design in code or in UI/UX, so I do not want anyone working on it.
If you want to contribute to this project, I would recommend that you should start from other smaller feature first.
There was a problem hiding this comment.
Yes, the users table is already set up for multiple users as each monitor has a foreign key referencing the user that created it. The only changes I think that need to be made to the actual database would be some sort of field for access level in the users table and possibly a visibility field in monitors/status pages. A group system might be something to look into to make management easier. @louislam, is there a discussion/issue that could be used for people to discuss the implementation of multi users to help keep everything in one place?
There was a problem hiding this comment.
I mainly made that for testing because I wasn’t sure if the user part was for multiple or not, definitely should of asked about that, but I could easily just turn that into a permission implementation.
|
Is this going to be worked upon? |
|
@louislam please add this❤️ |
|
@louislam In terms of a permissions system, could we do something a bit like OAuth scopes? E.g: monitor:read, monitor:write and so on. For another example of these, you can have a look at the GitHub personal access tokens. This would allow us to just have all the scopes for a user in the database (schema to be determined) and then each page simply checks to see if the user has the required scope for that specific page. This would also probably make it fairly simple to implement the permissions levels for OAuth in future if that is desired. This would put the requirement to validate permissions on the individual pages instead some centralised place, making it more scalable (in my opinion). This would also allow admins fine grained control over user permissions. I would be interested to hear what you, and others think. P.s. Should we use some sort of discussion system where people can discuss the big changes that don't quite fit into issues (like user permissions). Perhaps enabling GitHub discussions could be an option? |
|
Why not just start without permission system and make all users admin at first?
|
|
Gonna be honest forgot this was open, Louis didn’t seem to be a fan of having someone make this so I privately made it myself so that I could use the feature I wanted, if anyone else were to want this I could help them with implementing it, but it has multiple user and permission system already.
|
|
Just make my thought clear: we need to push things forward, and build from small part maybe useful enough, also acceptable by louislam with less UI/UX and design stuff. |
Yeah I gotcha, I’ve got a working version and the only UI added is a sub user management system and permission system, all we would need is Louis’s approval and then I could move the private repo into the one for this pr. |
|
please add this feature. |
|
How do i install ItIzJR's multi user uptime-kuma it just says: error: pathspec '1.19.2' did not match any file(s) known to git |
|
Closing in favour of #3571, as the other PR is more mature and thus has a chance of getting merged |
https://github.com/louislam/uptime-kuma/blob/master/CONTRIBUTING.md#can-i-create-a-pull-request-for-uptime-kuma
Tick the checkbox if you understand [x]:
Description
This feature, would add the ability to have the main user, (admin user) to add other users, and the main user has the ability to give these users permissions, so they can only view the monitors, status pages etc. Or they can have management permissions, such as add, remove, edit
Fixes #128
Type of change
Please delete any options that are not relevant.
( Just up for discussion and the okay from the project owner (@louislam) before I make any code, as the PR Rules go so none of these apply atm
Checklist
(including JSDoc for methods)
Screenshots (if any)
Please do not use any external image service. Instead, just paste in or drag and drop the image here, and it will be uploaded automatically.