Versions Compared

Old Version 1

changes.mady.by.user Florian Raschbichler

Saved on

compared with

New Version Current

changes.mady.by.user Daria Samkova

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Expected

...

behavior

When creating a control center user Control Center User with granular permissions selected from the existing list of Control Center User Permissions, which are created with the provided hivemq-enterprise-security-extension/scripts/sql/v1.2/insert/default_permissions_insert.sql script, the CC user Control Center User has access to all permitted information and functions.

Observed

...

behavior

Unless the HIVEMQ_SUPER_ADMIN permissions is are available for the CC userControl Center User, the pages Clients“Clients”, Analytics “Analytics” and Trace Recordings “Trace Recordings” are not accessible to the user.

Reason

There is a typo in the HIVEMQ_VIEW_DATA_CLIENT_ID permission. So this permission is never properly set and without that permission, the user cannot view any of the mentioned pages as they all contain clientIDs.

Affected Version

All version versions older than 1.5.2 are affected.

...

Fix the typo in the cc_permissions table .by executing the following SQL Update statement:

Code Block
breakoutModewide
languagesql
update cc_permissions
set permission_string = 'HIVEMQ_VIEW_DATA_CLIENT_ID' where permission_string = 'HIVEMQ_VIEW_DATA_CLIENTID';

Info

If you are using

...

HiveMQ Enterprise Security Extension version older than 1.5.2 we suggest you also add 3 new permissions that got introduced with HiveMQ 4.3:

Code Block
breakoutModewide
languagesql
insert into cc_permissions (permission_string, description)
values ('HIVEMQ_VIEW_PAGE_RETAINED_MESSAGE_LIST', 'alloed to view retained message list'),
       ('HIVEMQ_VIEW_PAGE_RETAINED_MESSAGE_DETAIL', 'alloed to view retained message details'),
       ('HIVEMQ_VIEW_DATA_USER_PROPERTIES', 'allowed to see user properties of messages')
;