Skip to content

feat(hub): decouple systems from user for role-based access control#2004

Open
svenvg93 wants to merge 5 commits into
henrygd:mainfrom
svenvg93:feat/decouple-systems-users
Open

feat(hub): decouple systems from user for role-based access control#2004
svenvg93 wants to merge 5 commits into
henrygd:mainfrom
svenvg93:feat/decouple-systems-users

Conversation

@svenvg93
Copy link
Copy Markdown
Collaborator

@svenvg93 svenvg93 commented May 14, 2026
edited
Loading

📃 Description

Decouples systems from per-user ownership. Previously each system record had a users relation field controlling who could see it. This PR removes that field and adopts a role-based model: all authenticated users can view all systems, only admins can create/edit/delete them. A new in-app user management page replaces the need to use the PocketBase admin UI for user administration.

closes #1856

🪵 Changelog

➕ Added

  • User management page in Settings (admin only) — create, edit role, reset password, and delete users without leaving the app
  • Role-based access control — three roles: admin (full control), user (read-only), readonly (read-only, no tokens/fingerprints page)
  • Migration 2_user_email_visibility — sets emailVisibility = true for all existing users so admins can list them

✏️ Changed

  • All authenticated users can now view all systems and system-scoped data (containers, stats, SMART, etc.)
  • Only admin role users can create, update, delete, or pause systems
  • Universal token endpoint (GET /api/beszel/universal-token) now requires admin role
  • Tokens & Fingerprints settings page is now admin-only (previously excluded only readonly)
  • SMART alerts are now sent to all users with notification settings configured (previously only users with explicit system access)
  • config.yml users field per system removed — systems are globally visible, no per-system user assignment needed
  • New users are automatically marked as verified and emailVisibility = true on creation

🔧 Fixed

  • Mobile settings sidebar now correctly hides the Tokens & Fingerprints item for readonly users (desktop already did this)
  • requireAdminRole middleware now passes superusers through to endpoint handlers so they receive their specific error messages rather than a generic 403
  • USER_CREATION=true (OAuth2 mode) create rule now correctly takes precedence over the admin create rule on the users collection

🗑️ Removed

  • users relation field from systems collection (migration 1_system_access)
  • system_access join collection and all associated code (agent connect, config sync, alert targeting, frontend)
  • SHARE_ALL_SYSTEMS environment variable — all systems are now shared by default
  • config.yml per-system users list — no longer needed

📷 Screenshots

Scherm­afbeelding 2026-05-14 om 16 28 20

@svenvg93 svenvg93 marked this pull request as ready for review May 14, 2026 20:10
@svenvg93 svenvg93 requested a review from henrygd as a code owner May 14, 2026 20:10
@svenvg93 svenvg93 changed the title [wip] feat: role-based access control and user management feat: role-based access control and user management May 14, 2026
svenvg93 added 2 commits May 16, 2026 12:22
@svenvg93
Small improvements
392ef97
@svenvg93
- Group settings page
52cc4b5 
- Remove users option in the dorpdown nav
@svenvg93 svenvg93 changed the title feat: role-based access control and user management feat(hub): decouple systems from user for role-based access control May 16, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@henrygd henrygd Awaiting requested review from henrygd henrygd is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Feature]: Systems as Standalone Entities (Decouple from Users)

1 participant

@svenvg93