1
0 Comments

Account Permissions Page

A friend, Lily Waters, had a great idea of providing a page where users can see what Lakebed app permissions they [do not] have. This was relatively trivial to add and will allow users to ask their system admin to grant them additional permissions if needed.

A newly registered user: https://twitter.com/lakebed_io/status/1192548090042929153/photo/1
A system admin user: https://twitter.com/lakebed_io/status/1192548090042929153/photo/2

One of the reasons I had not done this before is that malicious users will use this information to find vulnerabilities. I have to accept that malicious users are going to know about these end-points whether they're published or not. The system admin can remove access to this page if they feel it presents too much risk.

Trending on Indie Hackers
How I grew a side project to 100k Unique Visitors in 7 days with 0 audience 49 comments Competing with Product Hunt: a month later 33 comments Why do you hate marketing? 29 comments My Top 20 Free Tools That I Use Everyday as an Indie Hacker 18 comments $15k revenues in <4 months as a solopreneur 14 comments Use Your Product 13 comments