[GH-ISSUE #161] [Bug]: User role permissions #101

New issue

Closed

opened 2026-05-06 12:25:44 +02:00 by BreizhHardware · 10 comments

BreizhHardware commented 2026-05-06 12:25:44 +02:00

Owner

Copy link

Originally created by @cadtoolbox on GitHub (Jan 27, 2026).
Original GitHub issue: https://github.com/maziggy/bambuddy/issues/161

Originally assigned to: @maziggy on GitHub.

Bug Description

A normal user per the documentation should not be allowed to edit printer settings. It appears that a normal user has all the same permissions as an admin including adding and deleting printers.

Expected Behavior

The expectation would be normal users should not be able to:

• Add printers
• Delete printers
• Reorder the queue
• Delete from the queue jobs they do not own
• Delete archive files they do not own

Steps to Reproduce

1. Enable user authentication.
2. Create a user with the role assigned as 'user'
3. Login as the new user
4. Add or delete a printer.

Printer Model

X1

Bambuddy Version

0.1.6b11

Printer Firmware Version

na

Installation Method

Docker

Operating System

Linux (Ubuntu/Debian)

Relevant Logs / Support Package

Screenshots

No response

Additional Context

No response

Checklist

• I have searched existing issues to ensure this bug hasn't already been reported
• I am using the latest version of Bambuddy
• My printer is set to LAN Only mode

Originally created by @cadtoolbox on GitHub (Jan 27, 2026). Original GitHub issue: https://github.com/maziggy/bambuddy/issues/161 Originally assigned to: @maziggy on GitHub. ### Bug Description A normal user per the documentation should not be allowed to edit printer settings. It appears that a normal user has all the same permissions as an admin including adding and deleting printers. ### Expected Behavior The expectation would be normal users should not be able to: - Add printers - Delete printers - Reorder the queue - Delete from the queue jobs they do not own - Delete archive files they do not own ### Steps to Reproduce 1. Enable user authentication. 2. Create a user with the role assigned as 'user' 3. Login as the new user 4. Add or delete a printer. ### Printer Model X1 ### Bambuddy Version 0.1.6b11 ### Printer Firmware Version na ### Installation Method Docker ### Operating System Linux (Ubuntu/Debian) ### Relevant Logs / Support Package ```shell ``` ### Screenshots _No response_ ### Additional Context _No response_ ### Checklist - [x] I have searched existing issues to ensure this bug hasn't already been reported - [x] I am using the latest version of Bambuddy - [x] My printer is set to LAN Only mode

BreizhHardware 2026-05-06 12:25:44 +02:00

• closed this issue
• added the
  enhancement
  label

BreizhHardware commented 2026-05-06 12:25:44 +02:00

Author

Owner

Copy link

@maziggy commented on GitHub (Jan 27, 2026):

@JesseFPV can you please check? Thanks!

<!-- gh-comment-id:3803734094 --> @maziggy commented on GitHub (Jan 27, 2026): @JesseFPV can you please check? Thanks!

BreizhHardware commented 2026-05-06 12:25:44 +02:00

Author

Owner

Copy link

@maziggy commented on GitHub (Jan 27, 2026):

Looks to me like only the settings menu requires admin permissions.

<!-- gh-comment-id:3804388147 --> @maziggy commented on GitHub (Jan 27, 2026): Looks to me like only the settings menu requires admin permissions.

BreizhHardware commented 2026-05-06 12:25:45 +02:00

Author

Owner

Copy link

@cadtoolbox commented on GitHub (Jan 28, 2026):

If what features were available to normal users were configurable by the admin that would be ideal. Beyond that, having different roles with different options available would further enhance the user experience.

In my scenario, we wouldn't want normal users to be able to add or remove new printers, delete someone else's print job or re-order the queue. An admin should be allowed to add and remove printers. Additionally, an in-between type of role might be allowed to adjust the queue order.

<!-- gh-comment-id:3810513570 --> @cadtoolbox commented on GitHub (Jan 28, 2026): If what features were available to normal users were configurable by the admin that would be ideal. Beyond that, having different roles with different options available would further enhance the user experience. In my scenario, we wouldn't want normal users to be able to add or remove new printers, delete someone else's print job or re-order the queue. An admin should be allowed to add and remove printers. Additionally, an in-between type of role might be allowed to adjust the queue order.

BreizhHardware commented 2026-05-06 12:25:45 +02:00

Author

Owner

Copy link

@JesseFPV commented on GitHub (Jan 28, 2026):

Currently it only handles the page access but not real roles in the background as the system was not made with this in mind. It could be done but requires a lot of rework. As it is an open source project you are totally free to take on this job!

<!-- gh-comment-id:3811385179 --> @JesseFPV commented on GitHub (Jan 28, 2026): Currently it only handles the page access but not real roles in the background as the system was not made with this in mind. It could be done but requires a lot of rework. As it is an open source project you are totally free to take on this job!

BreizhHardware commented 2026-05-06 12:25:45 +02:00

Author

Owner

Copy link

@maziggy commented on GitHub (Jan 28, 2026):

Now where we have a build-in authentication it makes sense to extend it as suggested. That's at least my opinion. I'll put it on the open task list. If you don't have the time @JesseFPV I'll look into it.

<!-- gh-comment-id:3811430503 --> @maziggy commented on GitHub (Jan 28, 2026): Now where we have a build-in authentication it makes sense to extend it as suggested. That's at least my opinion. I'll put it on the open task list. If you don't have the time @JesseFPV I'll look into it.

BreizhHardware commented 2026-05-06 12:25:45 +02:00

Author

Owner

Copy link

@JesseFPV commented on GitHub (Jan 28, 2026):

I totally agree, but it is not a bug but future request and requires a lot of work on the main architecture. I think its something for the roadmap.

<!-- gh-comment-id:3812247986 --> @JesseFPV commented on GitHub (Jan 28, 2026): I totally agree, but it is not a bug but future request and requires a lot of work on the main architecture. I think its something for the roadmap.

BreizhHardware commented 2026-05-06 12:25:45 +02:00

Author

Owner

Copy link

@maziggy commented on GitHub (Jan 31, 2026):

Complete user/group authentication is available in branch feature/auth_details. I've tested it roughly. Please chekc and let me know if it works for you.

<!-- gh-comment-id:3828230776 --> @maziggy commented on GitHub (Jan 31, 2026): Complete user/group authentication is available in branch feature/auth_details. I've tested it roughly. Please chekc and let me know if it works for you.

BreizhHardware commented 2026-05-06 12:25:45 +02:00

Author

Owner

Copy link

@maziggy commented on GitHub (Jan 31, 2026):

Docs -> https://wiki.bambuddy.cool/features/authentication/

<!-- gh-comment-id:3828328136 --> @maziggy commented on GitHub (Jan 31, 2026): Docs -> https://wiki.bambuddy.cool/features/authentication/

BreizhHardware commented 2026-05-06 12:25:45 +02:00

Author

Owner

Copy link

@cadtoolbox commented on GitHub (Jan 31, 2026):

@maziggy This is super helpful to have. It seems to work really well without any bugs that I've seen. A few comments:

• It would be nice to have the ability to allow someone to re-read an AMS RFID without giving them the ability to update or control the printer.
• I would think a 'User' group would also be default. This group is just allowed to print.
• Is it possible to allow people to delete and update start/stop their own jobs but not other people's jobs?
• Can you merge in feature/192 with this branch?

This may be a separate request, but it's related to user authentication and these comments. Let me know if you want to track it separately:

• When someone uploads an archive file, it would be helpful to see the username of who added it.
• Jobs in the queue, it would be nice to see who started it both on the Queue screen and on the Printer screen as its printing.

<!-- gh-comment-id:3828708975 --> @cadtoolbox commented on GitHub (Jan 31, 2026): @maziggy This is super helpful to have. It seems to work really well without any bugs that I've seen. A few comments: - It would be nice to have the ability to allow someone to re-read an AMS RFID without giving them the ability to update or control the printer. - I would think a 'User' group would also be default. This group is just allowed to print. - Is it possible to allow people to delete and update start/stop their own jobs but not other people's jobs? - Can you merge in feature/192 with this branch? This may be a separate request, but it's related to user authentication and these comments. Let me know if you want to track it separately: - When someone uploads an archive file, it would be helpful to see the username of who added it. - Jobs in the queue, it would be nice to see who started it both on the Queue screen and on the Printer screen as its printing.

BreizhHardware commented 2026-05-06 12:25:45 +02:00

Author

Owner

Copy link

@maziggy commented on GitHub (Jan 31, 2026):

Please do me a favor and put this into a new issue. I'm currently already preparing the release.

<!-- gh-comment-id:3828720550 --> @maziggy commented on GitHub (Jan 31, 2026): Please do me a favor and put this into a new issue. I'm currently already preparing the release.

BreizhHardware referenced this issue 2026-05-06 12:34:00 +02:00

[PR #101] [CLOSED] v0.1.6b9 #925

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

github-repo-stats

bug-report-assets

dev

0.2.4b3

0.2.4b2

0.2.4b1

pr/1114

0.2.3.2

0.2.3.1

0.2.3

0.2.3b3

0.2.3b2

0.2.3b1

0.2.2.2

0.2.2.1

0.2.2b3

0.2.2

0.2.2b2

0.2.2b1

0.2.1.1

0.2.1

0.2.1b3

0.2.1b2

0.2.1b

0.2.0

0.2.0b

0.1.5-2-ctrl

v0.2.4b4-daily.20260508

v0.2.4b2

v0.2.4b3

v0.2.4b1

v0.2.3.2

v0.2.3.1

v0.2.3

v0.2.3b3

v0.2.3b2

v0.2.3b1-daily.20260407

v0.2.3b1

v0.2.2.2

v0.2.2.1

v0.2.3b1-daily.20260318

v0.2.3b1-daily.20260317

v0.2.3b1-daily.20260316

v0.2.2

v0.2.2b4-daily.20260314

v0.2.2b4-daily.20260313

v0.2.2b3-daily.20260312

v0.2.2b3-1

v0.2.2b2

v0.2.2-b2

v0.2.2b3

v0.2.2-b1

v0.2.2b1

v0.2.1.1

v0.2.1

v0.2.1b3

v0.2.1b2

v0.2.1b

v0.2.0

v0.1.9

v0.1.8.1

v0.1.8

v0.1.7

v0.1.6.2

v0.1.6.1

v0.1.6-hotfix

v0.1.6

v0.1.6b11

v0.1.6b10

v0.1.6b9

v0.1.6b8

v0.1.6b7

v0.1.6b6

v0.1.6b5

v0.1.6b4

v0.1.6b3

v0.1.6b2

v0.1.6b

v0.1.5-final

v0.1.5b7

v0.1.5b6

v0.1.5b5

v0.1.5b4

v0.1.5b3

v0.1.5b2

v0.1.5b

v0.1.4

v0.1.3

v0.1.2-bugfix

v0.1.2-final

v0.1.2

0.1.1

Labels

Clear labels   

A1

  

automated

  

automated

  

bug

  

bug

  

Closed due to inactivity

  

contrib

  

dependencies

  

dependencies

  

duplicate

  

enhancement

  

feedback

  

hold

  

invalid

  

Notes

  

P1S

  

pull-request

Mirrored from GitHub Pull Request

  

security

  

security

  

ThumbsUp

  

user-report

  

wontfix

No labels

A1

automated

automated

bug

bug

Closed due to inactivity

contrib

dependencies

dependencies

duplicate

enhancement

feedback

hold

invalid

Notes

P1S

pull-request

security

security

ThumbsUp

user-report

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/bambuddy#101

No description provided.