If you select “everyone” as a group that can access a given data explorer query, it doesn’t complain. You can then get the link to access that query on the page that lists the queries, and it is in the form: https://my.forum.domain/g/everyone/reports/43
But if you try to visit that link you just get “something went wrong.”
Trust level 0 does work, so guessing this response also applies here:
why would you want to give everyone access to your database, such a security risk
To me the request is about removing a quirk from the UI. If it is broken don’t show it
what sam said…
in my case, it’s a login required site. i’m designing the query. queries are read only already per the design of the plugin.
so i see it as just a cheap way to expose some data otherwise not readily available in the UI. another approach would be to jam the same query into a dedicated plugin and then install that plugin…
but if i’m missing something here from the security perspective, i’m still listening.
https://github.com/discourse/discourse-data-explorer/pull/59
All good, group everyone does not show up but trust_level_0 can be used to the same effect.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.