gotify / server

A simple server for sending and receiving messages in real-time per WebSocket. (Includes a sleek web-ui)

Home Page:https://gotify.net

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

A proposal of access control

ywjheart opened this issue · comments

commented

Is your feature request related to a problem? Please describe.
Gotify doesn't have a right/access control to users/applications/clients so far

Describe the solution you'd like
There are two user level in Gotify so far, admin and non-admin.
My proposal:
Applications should be available to admins by default, but not non-admins. Admins can assign applications to non-admins, toggle for each user if there are multi non-admins.
Clients is signed in by a user at the moment, it should receive all messages from all applications belong to the user by default, a user should be able to toggle whether receives messages of an application, either from android clients or from Web UI.
All of the access control happens on the gotify server, older clients still can work with newer servers, because it will receive a reduced application list and received what message routed to it.

Describe alternatives you've considered

Additional context

I'd say Gotify has access control, tho only a really simple one where applications / clients are bound to only one user. There are already some issues about this namely gotify/contrib#5, #334 and a few more.

Implementing a new model for this would require a major rework which I don't think is in scope for this project. You could try out https://github.com/eternal-flame-AD/gotify-broadcast which implements an access control model similar to the one you proposed.