item replacement and relationships db update

author: UMTS at Teleco <crt@teleco.ch> 2025-12-22 11:06:06 +0100
committer: UMTS at Teleco <crt@teleco.ch> 2025-12-22 11:06:06 +0100
commit: 93317bd021075f2f541b667e51802d7964169a46 (patch)
tree: d4eea8a169532419451b0e262aa924debcc470c2 /backend/seckelapi/config
parent: a29302a0a7453c99d601ed0e40da1bbc6b68a417 (diff)
1 files changed, 19 insertions, 0 deletions
diff --git a/backend/seckelapi/config/security.toml b/backend/seckelapi/config/security.toml
index f72b765..4bf05b3 100644
--- a/backend/seckelapi/config/security.toml
+++ b/backend/seckelapi/config/security.toml
@@ -207,4 +207,23 @@ max_limit = 50
 max_where_conditions = 5
 user_settings_access = "read-own-only"  # Students can only read their own preferences, not modify
 
+[permissions."10"]
+# Kiosk - public terminal, can only list users for login
+rollback_on_error = true
+allow_batch_operations = false
+basic_rules = [
+    "users:r",
+    "roles:r"
+]
+advanced_rules = [
+    "users.*:block",
+    "users.id:r",
+    "users.username:r",
+    "users.name:r",
+    "users.role_id:r"
+]
+max_limit = 100
+max_where_conditions = 5
+user_settings_access = "read-own-only"
+
author	UMTS at Teleco <crt@teleco.ch>	2025-12-22 11:06:06 +0100
committer	UMTS at Teleco <crt@teleco.ch>	2025-12-22 11:06:06 +0100
commit	93317bd021075f2f541b667e51802d7964169a46 (patch)
tree	d4eea8a169532419451b0e262aa924debcc470c2 /backend/seckelapi/config
parent	a29302a0a7453c99d601ed0e40da1bbc6b68a417 (diff)