feat(sensor): grant read-only telemetry via allow_read_only / guest password#2823
Open
drewmccal wants to merge 1 commit into
Open
feat(sensor): grant read-only telemetry via allow_read_only / guest password#2823drewmccal wants to merge 1 commit into
drewmccal wants to merge 1 commit into
Conversation
…sword SensorMesh::handleLoginReq only accepted the admin password or an existing ACL entry, so the guest_password and allow_read_only prefs were inert for sensor nodes. Port the login cascade already used by the repeater and room-server examples: a matching guest password, or the open allow_read_only switch, now grants PERM_ACL_READ_ONLY. READ_ONLY is sufficient to read current telemetry and the min/avg/max history while admin access stays password-gated. Transient read-only viewers are not persisted to flash to avoid per-viewer FS writes. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Related to #2005
Summary
SensorMesh::handleLoginReqpreviously accepted only the admin password or an existing ACL entry, so theguest_passwordandallow_read_onlypreferences — which already exist in the common CLI and are honoured by the repeater and room-server examples — were inert for sensor nodes. There was no way to expose telemetry to non-admin clients without handing out the admin password or pre-authorising each public key withsetperm.This ports the same login cascade used by
simple_repeaterandsimple_room_serverinto the sensor, so the existing settings finally do something on a sensor node.Behaviour
On a login where the sender isn't already a known contact, the granted role is now:
PERM_ACL_ADMIN(unchanged)guest_password(when one is set) →PERM_ACL_READ_ONLYallow_read_onlyenabled →PERM_ACL_READ_ONLYfor everyoneREAD_ONLYis the level that unlocks both current telemetry and the min/avg/max history (REQ_TYPE_GET_AVG_MIN_MAX), while admin actions stay password-gated. Transient read-only viewers are not persisted to flash, avoiding an FS write per viewer.How to enable
Over serial or the companion admin console:
get allow.read.only/get guest.passwordread the current values back.Testing
Tested on hardware (RAK4631) and confirmed working end-to-end:
allow.read.only on— a non-admin client with no password is granted read-only and can read telemetry. Works cleanly.set guest.password <pw>) — the node authenticates the login, grantsREAD_ONLY, and telemetry is accessible afterward (verified via the node'sLogin success!debug and a successful telemetry read).iOS companion app limitation
The MeshCore iOS app's password prompt for a node is an admin login. When you log into a sensor with the guest password, the app shows an "access denied" error — because the node returns a successful but non-admin login (
isAdmin = 0), which the admin-oriented UI rejects. Despite the error, the login succeeds at the protocol level and telemetry is accessible afterward. So the guest-password path is functional; the error is purely a client-side UI limitation, not a firmware issue. Theallow.read.onlypath is unaffected and works without any error in the app.🤖 Generated with Claude Code