Geofences permission and device readonly
It seems to me that at the topmost level (ignoring groups) we have
Seems correct to me. We have a lot more different object types though.
So what's the general idea?
This can be seen as:
[Geofences, Notifications] N:N Users N:N Devices N:N [Geofences, Notifications]
Where the left [Geofences, Notifications] association is a "can use" link, and the right one is a "will trigger" association.
This means that a Geofence or Notification item can be reached by a User going both left or right (through a Device), but the right path is inhibited if device readonly is enabled. This generates some interesting patterns like:
- device will trigger a geofence for a user that "cannot use" the very same geofence
- a user "can use" a geofence but can't toggle trigger on device for it
possibly other, is just a grid, but I guess it quickly becomes an N-dimensional one when adding all the other possible options.
I'm not saying that this is wrong, but just not clear what's the behavior in each (main?) cases.
thanks
If an object is linked to a user, it means that the user can manage (edit, update) that object. If an object is linked to a device, the meaning depends on the type of object, but basically it is applicable to the device.
There are some corner cases, like you mentioned, that don't make much sense, but I don't see it as a big issue. They also only happen if you enable device readonly mode, which was added after the rest of the system was already in place. And personally I think it's not used enough to worry too much about those corner cases.
I understand. Well, I guess I'm just fighting corner cases then (1 admin user, some device readonly users that needs to handle their own geofences and notifications without admin intervention, many devices where each is assigned to no more than 1 device readonly user)
The workaround I see are:
- interposing a custom server between Traccar and the tracking device to edit the "identifier" and turn it into something the user can't guess and I can change, like a UUID, and disable device readonly
- hack script to link Devices and all available Geofences automatically (similar to existing "all devices" for notifications) so when device readonly user creates a geofence, it is automatically applied to all his devices (hopefully this won't make notification "bleeding" from one user devices to another, can you confirm this?)
- ask user to send me gpx of requested geofence(s) and let me do the links
- setup device:geofence link manually on user request (I'd call this last restort)
What would be the price to request the implementation of a feature to help covering my scenario? I'm also a developer, but I can ask management to delegate this to support Traccar.
Please contact support if you want to discuss professional services.
To enable geofence enter/exit notification for an admin or non-readonly user I have to
1- create geofence (settings > geofences)
2- associate geofence to my user or other user (settings > users > geofences)
3- set device to send notification for that geofence (devices > select device > device settings > geofences)
But the general scenario is single admin user that creates users with lower permissions, then:
A- users cannot add or remove devices (device readonly)
B- users can add/remove geofences
C- users can select which geofence notifications receive for which devices
If I use the set "device readonly" on users, A and B are satisfied but C won't be possible.
If I don't set "device readonly" on users, A won't be possible, but B and C are satisfied
Is there a workaround for this?
I faced similar issue when trying to apply same pattern for notifications, but the "All devices" flag let me skip the equivalent of C step.
I find the general permission setup not easy to understand/explain, may I ask what's the idea behind this? What's the ownership and binding between users, devices, geofences, and geofences-notifications?
It seems to me that at the topmost level (ignoring groups) we have:
Users N:N Devices
Users N:N Geofences
Users N:N Notifications
Device N:N Geofences
Device N:N Notifications