Tenant user rights

Hello,

I run Chirpstack v4 on Docker. When I create a user, and add it to a tenant without any editing rights (not admin, not tenant admin, not gateway admin, not device admin), the user can still delete the existing devices. Am I doing something wrong?

Thanks for help!

Samim

I was unable to confirm this via the web UI, but I did not test via gRPC directly. I was not able to delete a device as an unprivileged tenant user, but strangely, when I attempted to do so, it logged me out(!).

Logging back in showed the device still present.

Thank you for prompt response and explanation. Yes, you are right, neither device nor gateway can be deleted by unprivileged user. If attempted, the unprivileged user will be logged out. I confirmed that also with my instance of Chirpstack, but what confused me was that these buttons (Add gateway, Delete gateway, Delete device) even exist and are enabled, if a user is unprivileged.

Oh, that’s a bit different than “the user can still delete the existing devices”. UI design choice, I guess.

Could you create a GitHub issue for this, then I’ll look into this and fix it where needed. This is not intentional (Issues · chirpstack/chirpstack · GitHub)