Which bundles send the UI elements to the frontend based on the user's role

ngennart · February 21, 2022, 10:55am

Hi everyone,

I am trying to figure out how the user interface is displayed. I know there are only two roles, administrator and user, and what is displayed to the user depends on these roles as explained in this post.

Openhab uses javax to manage the role using the @RolesAllowed syntax as shown below:

I’m trying to figure out how and which bundles check the user’s current authentication type and role and based on that send the authorized UI elements back to the frontend?

But I haven’t found the bundles that handles this. Someone know or can guide me?

I list the html file here maybe it can help you:

openhab-core/bundles/org.openhab.core.model.rule/plugin.xml
openhab-core/bundles/org.openhab.core.test.magic/src/main/resources/OH-INF/binding/binding.xml
openhab-core/bundles/org.openhab.core.test.magic/src/main/resources/OH-INF/config/config.xml
openhab-core/bundles/org.openhab.core.test.magic/src/main/resources/OH-INF/config/magicMultiAction.xml
openhab-core/bundles/org.openhab.core.test.magic/src/main/resources/OH-INF/config/magicSingleAction.xml
openhab-core/bundles/org.openhab.core.test.magic/src/main/resources/OH-INF/config/multipleConfig.xml
openhab-core/bundles/org.openhab.core.test.magic/src/main/resources/OH-INF/thing/channel-types.xml
openhab-core/bundles/org.openhab.core.test.magic/src/main/resources/OH-INF/thing/thing-types.xml
openhab-core/bundles/org.openhab.core.test.magic/src/main/resources/OH-INF/thing/bridge-types.xml
openhab-core/bundles/org.openhab.core.voice/src/main/resources/OH-INF/config/voice.xml
openhab-core/bundles/org.openhab.core.thing.xml
openhab-core/bundles/org.openhab.core.thing.xml/src/test/resources/example/example.xml
openhab-core/bundles/org.openhab.core.model.persistence/plugin.xml
openhab-core/bundles/org.openhab.core.storage.json/src/main/resources/OH-INF/config/jsonStorage.xml
openhab-core/bundles/org.openhab.core.binding.xml
openhab-core/bundles/org.openhab.core.addon.marketplace/src/main/resources/OH-INF/config/marketplace.xml
openhab-core/bundles/org.openhab.core.model.item/plugin.xml
openhab-core/bundles/org.openhab.core.model.script/resources/OH-INF/config/hli.xml
openhab-core/bundles/org.openhab.core.model.script/plugin.xml
openhab-core/bundles/org.openhab.core.karaf/src/main/resources/OH-INF/config/addons.xml
openhab-core/bundles/org.openhab.core.persistence/src/main/resources/OH-INF/config/persistence.xml
openhab-core/bundles/org.openhab.core.thing/src/main/resources/OH-INF/config/offsetProfile.xml
openhab-core/bundles/org.openhab.core.thing/src/main/resources/OH-INF/config/timestampOffsetProfile.xml
openhab-core/bundles/org.openhab.core.thing/src/main/resources/OH-INF/config/firmware.xml
openhab-core/bundles/org.openhab.core.thing/src/main/resources/OH-INF/config/rangeProfile.xml
openhab-core/bundles/org.openhab.core.thing/src/main/resources/OH-INF/config/hyteresisProfile.xml
openhab-core/bundles/org.openhab.core.model.thing/plugin.xml
openhab-core/bundles/org.openhab.core.ephemeris/src/main/resources/OH-INF/config/ephemeris.xml
openhab-core/bundles/org.openhab.core.config.xml
openhab-core/bundles/org.openhab.core.model.sitemap/plugin.xml
openhab-core/bundles/org.openhab.core.io.net/src/test/resources/google_weather_response.xml
openhab-core/bundles/org.openhab.core.audio/src/main/resources/OH-INF/config/audio.xml
openhab-core/bundles/org.openhab.core.io.rest.auth/src/main/resources/OH-INF/config/restauth.xml
openhab-core/bundles/org.openhab.core/src/main/resources/OH-INF/config/i18n.xml
openhab-core/bundles/org.openhab.core/src/main/resources/OH-INF/config/network.xml
openhab-core/bundles/org.openhab.core.ui/src/main/resources/OH-INF/config/sitemap.xml
openhab-core/bundles/org.openhab.core.ui/src/main/resources/OH-INF/config/chart.xml
openhab-core/bundles/org.openhab.core.model.lsp/src/main/resources/OH-INF/config/lsp.xml
openhab-core/bundles/org.openhab.core.config.discovery/src/main/resources/OH-INF/config/inbox.xml
openhab-core/bundles/org.openhab.core.io.transport.mqtt/src/main/resources/OH-INF/config/brokerConnectionInstance.xml
openhab-core/licenses/epl-2.0/xml-header-style.xml
openhab-core/features/karaf/openhab-core/src/main/feature/feature.xml
openhab-core/features/karaf/openhab-tp/src/main/feature/feature.xml
openhab-core/tools/archetype/binding/src/main/resources/archetype-resources/src/main/resources/OH-INF/binding/binding.xml
openhab-core/tools/archetype/binding/src/main/resources/archetype-resources/src/main/resources/OH-INF/thing/thing-types.xml
openhab-core/tools/archetype/binding/src/main/resources/archetype-resources/src/main/feature/feature.xml
openhab-core/tools/archetype/binding/src/main/resources/META-INF/maven/archetype-metadata.xml
openhab-core/tools/i18n-plugin/src/test/resources/acmetts.bundle/OH-INF/config/config.xml
openhab-core/tools/i18n-plugin/src/test/resources/acmeweather.bundle/OH-INF/binding/binding.xml
openhab-core/tools/i18n-plugin/src/test/resources/acmeweather.bundle/OH-INF/config/config.xml
openhab-core/tools/i18n-plugin/src/test/resources/acmeweather.bundle/OH-INF/thing/channel-types.xml
openhab-core/tools/i18n-plugin/src/test/resources/acmeweather.bundle/OH-INF/thing/thing-types.xml
openhab-core/tools/static-code-analysis/checkstyle/suppressions.xml
openhab-core/tools/static-code-analysis/spotbugs/suppressions.xml

I hope someone can help me.

Thank you very much,

Nicolas Gennart.

wborn · February 21, 2022, 1:24pm

It simply doesn’t work like that. The frontend decides what content is shown based on the user roles.

It gets the roles when authentication is successful and the roles are also part of the JSON Web Token (JWT) it receives when refreshing the token using /auth/token. It sends the JWT in the Authorization header of REST calls when it retrieves more info from the backend.

You can decode the JWT using a site like jwt.io. That will show you when the JWT expires, who it is issued to and what roles the principal has.

The JWT is signed by the backend so it can check if it is valid.

The JWTs are issued and checked by the org.openhab.core.io.rest.auth bundle.
You can find the UI in the org.openhab.ui bundle.

ngennart · February 21, 2022, 1:42pm

Thank you, it is now clear.

system · April 4, 2022, 5:43am

This topic was automatically closed 41 days after the last reply. New replies are no longer allowed.