Good morning everyone, I have created a closed system mikrotik hotspot where user can customize some variables from webfig with custom skin. To prevent the user from accessing the “Design Skin” item, I removed the Policy permissions. this removes the possibility of the user modifying global variables. accordingly to be able to modify values such as:
email
bot telegram
chat id telegram
Enable helpdesk
I created a .json file that the user accesses with samba. and via deserialize I set the global variables. everything works perfectly. it would be interesting to modify the web fig to insert these values on it. Can they be inserted into the custom Skin since it is always json? or can I create a web page accessible from browsers using APIs? I wouldn’t know how to do it
No AFAIK you cannot stash other stuff there. And if they allowed it, it wouldn’t appear anywhere. You can modify it using [:de/serialize] however.
And webfig has a status page. So assuming the users have write permissions, you can some nascent config to store the desired config. Like /system/note to store JSON to modify (and disable showing it at login/etc) & then have a scheduled script that update the relevant “skin.json”/etc via deserialize/serialize stuff.
The “status” page could have the /system/note text added to it, which lets you name things too - so you don’t have to call it /system/note on the customized “Status” page.
I tried adding custom menus to the skin.json but they don’t display in webfig. the menu system notes I already use it for other purposes. I also thought about using layer 7 but it’s a pain to mess up from a user-friendly user. Could I do something with bees?
I thought your SMB approach was not a bad one. But I suppose if /system/note is taken… You can just use /system/script with some JSON. It fail if run, but you can use the “source” field to just store plain JSON & use just script “source=” as input to [:deserialize].
the user does not have Policy permissions and therefore cannot access system scripts. currently accesses a.json file via smb where it inserts the variables and consequently a script deserializes every 2 minutes. everything works very well. I set the variables and archive them in layer 7 so as to reset them upon reboot. I simply wanted to give the user the possibility to customize from webgui rather than from text editor
FWIW, you just need write permission to create a script, no policy. The script itself needs no policy since it’s just storing the JSON. But yeah the “write user” have to create the JSON as the script themself. And… I am presuming there is another background script, with policy permission, that can read the other user’s JSON-in-script.