Users should not have access to view all machine IDs on web UI #11
Description
Describe the bug
Currently users can view all machine IDs even if they should not have access to them. Although machines are protected with passwords, this still exposes metadata that should not be exposed, leaking information (though hopefully your users are not your adversaries!)
This also applies to the groups tab in the rustdesk app.
Describe the environment
Not relevant, but docker compose, latest
How to Reproduce the bug
Steps to reproduce the behavior:
- create a normal non-admin user
- browse devices page, see all devices listed
Expected behavior
only devices for that individual user should be listed if they are not an admin
Additional context
N/A
Notes
- Please write in english only. If you provide some images in different languages, you're required to write a translation in english.
- In any case, NEVER put here the content if your
id_ed25519file