Working with c8y 10.9
Some of the users have very limited access and dont have any read/create right on Inventory nor MEA.
In a custom UI, I need to generate some internal events upon a user action and these events will be listened by some EPL rule.
To link this events, I need to create a single virtual device which will not be visible to the users.
Everything works fine when the above is being done via a user who has admin rights on everything.
However if i log with a user who has limited access then I get permission denied when either creating/getting the MO or creating the internal events.
I have seen the option of the c8y_Global fragment: It is possible to make any object accessible by any user without specific rights. To grant those rights just add a new fragment called
c8y_Global to the object.
So i added this fragment to the MO and to the new events.
Now the user with limited access can READ the MO but he cannot create neither the MO nor any Events.
Am i missing something? Should not the global fragment allow the user to perform any type of actions on the object?