Blame
|
1 | # 11. Admin Area |
||||||
| 2 | ||||||||
| 3 | **URL:** `http(s)://url/admin` |
|||||||
| 4 | ||||||||
| 5 |  |
|||||||
| 6 | ||||||||
| 7 | > ⚠️ **Note:** The Admin area is only visible and accessible to users with the **Administrator role**. |
|||||||
| 8 | ||||||||
| 9 | The Admin Panel is the central hub for **system administration**. It provides access to the following sections: |
|||||||
| 10 | ||||||||
| 11 | | Card | Description | |
|||||||
| 12 | |------|-------------| |
|||||||
| 13 | | **Users** | User management | |
|||||||
| 14 | | **Roles & Permissions** | Roles and permissions | |
|||||||
| 15 | | **Devices** | Device token management | |
|||||||
| 16 | | **System Extra Fields** | System-wide extra fields for spools and filaments | |
|||||||
| 17 | | **System** | Plugins and system management | |
|||||||
|
18 | | **OIDC / SSO** | OpenID Connect Single Sign-On configuration | |
||||||
|
19 | |||||||
| 20 | --- |
|||||||
| 21 | ||||||||
| 22 | ## 11.1 User Management (Users) |
|||||||
| 23 | ||||||||
| 24 | **URL:** `http(s)://url/admin/users` |
|||||||
| 25 | ||||||||
| 26 |  |
|||||||
| 27 | ||||||||
| 28 | Administrators can manage all users in the system here. The table shows: |
|||||||
| 29 | ||||||||
| 30 | | Column | Description | |
|||||||
| 31 | |--------|-------------| |
|||||||
| 32 | | **EMAIL** | User's email address (used for login) | |
|||||||
| 33 | | **DISPLAY NAME** | Display name within the application | |
|||||||
| 34 | | **STATUS** | Active / Inactive | |
|||||||
| 35 | | **ROLES** | Assigned roles (e.g. Superadmin, User) | |
|||||||
| 36 | | **ACTIONS** | Edit / Reset PW | |
|||||||
| 37 | ||||||||
| 38 | Available actions: |
|||||||
| 39 | - **Add User** (top right) – Create a new user with email, password, and role |
|||||||
| 40 | - **Edit** – Change a user's email, name, or role |
|||||||
| 41 | - **Reset PW** – Reset a user's password |
|||||||
| 42 | ||||||||
| 43 | --- |
|||||||
| 44 | ||||||||
| 45 | ## 11.2 Roles & Permissions |
|||||||
| 46 | ||||||||
| 47 | **URL:** `http(s)://url/admin/roles` |
|||||||
| 48 | ||||||||
| 49 |  |
|||||||
| 50 | ||||||||
| 51 | FilaMan ships with three **built-in system roles** that cannot be deleted: |
|||||||
| 52 | ||||||||
| 53 | | Role | Key | Description | |
|||||||
| 54 | |------|-----|-------------| |
|||||||
| 55 | | **Administrator** | `admin` | Full access to all features and the admin area | |
|||||||
| 56 | | **User** | `user` | Standard user with read and write access | |
|||||||
| 57 | | **Viewer** | `viewer` | Read-only access | |
|||||||
| 58 | ||||||||
| 59 | Click **"Create Role"** (top right) to create custom roles with specific permissions. Use **"Edit Permissions"** to fine-tune what each role is allowed to do. |
|||||||
| 60 | ||||||||
| 61 | Click on a role to view and edit its assigned permissions in the **Permissions** panel on the right. |
|||||||
| 62 | ||||||||
| 63 | --- |
|||||||
| 64 | ||||||||
| 65 | ## 11.3 Devices |
|||||||
| 66 | ||||||||
| 67 | **URL:** `http(s)://url/admin/devices` |
|||||||
| 68 | ||||||||
| 69 |  |
|||||||
| 70 | ||||||||
|
71 | This section manages **external devices** that communicate with the FilaMan API (e.g. ESP32 scales with RFID scanners). Each device receives its own API token for authentication. |
||||||
|
72 | |||||||
|
73 | ### Device Actions |
||||||
| 74 | ||||||||
| 75 | - **Add device** – Create a new device with a name and optional device code |
|||||||
| 76 | - **Create token** – Generate a new API token for a device |
|||||||
|
77 | - **Revoke token** – Disable access for a device |
||||||
|
78 | - **Edit** – Change device name and settings |
||||||
| 79 | ||||||||
| 80 | ### Auto-Assign Configuration |
|||||||
| 81 | ||||||||
| 82 | For each device, the following settings for **automatic spool assignment** can be configured: |
|||||||
| 83 | ||||||||
| 84 | | Setting | Description | |
|||||||
| 85 | |---------|-------------| |
|||||||
| 86 | | **Auto-Assign enabled** | When enabled, weighing a spool on this device will automatically send a pending assignment to all connected printers. As soon as the spool is inserted into an AMS slot, the filament settings are automatically transmitted. | |
|||||||
| 87 | | **Auto-Assign Timeout** | Time in seconds after which a pending assignment is automatically discarded (default: 60 seconds). If no spool is inserted within this time, the assignment expires. | |
|||||||
| 88 | ||||||||
| 89 | > **Note:** Auto-Assign is configured per device, not per printer. When Auto-Assign is enabled for a device, ALL connected printers are notified. The assignment then happens automatically on whichever printer the spool is actually inserted into. |
|||||||
| 90 | ||||||||
|
91 | For more details on the workflow: → [Printers: Automatic Spool Assignment](/Docs/En/09-Printers#automatic-spool-assignment-auto-assignment) |
||||||
|
92 | |||||||
| 93 | --- |
|||||||
| 94 | ||||||||
| 95 | ## 11.4 Extra Fields |
|||||||
| 96 | ||||||||
| 97 | **URL:** `http(s)://url/admin/extra-fields` |
|||||||
| 98 | ||||||||
| 99 |  |
|||||||
| 100 | ||||||||
| 101 | **System Extra Fields** allow administrators to define additional data fields for spools and filaments beyond the standard fields. These fields are automatically added to all filaments or spools. |
|||||||
| 102 | ||||||||
| 103 | | Column | Description | |
|||||||
| 104 | |--------|-------------| |
|||||||
| 105 | | **TARGET TYPE** | Whether the field applies to filaments or spools | |
|||||||
| 106 | | **KEY (JSON)** | Internal JSON key for the field | |
|||||||
| 107 | | **DISPLAY LABEL** | Label shown in the user interface | |
|||||||
| 108 | | **DEFAULT VALUE (OPTIONAL)** | Optional default value | |
|||||||
| 109 | ||||||||
| 110 | Click **"Add Field"** (top right) to create a new extra field. |
|||||||
| 111 | ||||||||
| 112 | Examples for extra fields: |
|||||||
| 113 | - "Drying time" for spools |
|||||||
| 114 | - "Print temperature" for filaments |
|||||||
| 115 | - "Supplier" as an additional manufacturer field |
|||||||
| 116 | ||||||||
| 117 | Once extra fields are created, they appear as additional input fields in the corresponding forms (Add Spool, Add Filament). |
|||||||
| 118 | ||||||||
| 119 | --- |
|||||||
| 120 | ||||||||
|
121 | ## 11.5 System (Plugin Management) |
||||||
|
122 | |||||||
| 123 | **URL:** `http(s)://url/admin/system` |
|||||||
| 124 | ||||||||
| 125 |  |
|||||||
| 126 | ||||||||
|
127 | The System section is the central place for **plugin management**. All installed plugins are displayed and managed here. |
||||||
| 128 | ||||||||
| 129 | ### Plugin Overview |
|||||||
| 130 | ||||||||
| 131 | The plugin table shows all installed plugins with the following columns: |
|||||||
| 132 | ||||||||
| 133 | | Column | Description | |
|||||||
| 134 | |--------|-------------| |
|||||||
| 135 | | **NAME** | Plugin name and short description | |
|||||||
| 136 | | **VERSION** | Installed version (e.g. 2.1.10) | |
|||||||
| 137 | | **TYPE** | Plugin type: **Driver** (printer driver), **Import** (data import), or **Integration** (third-party connection) | |
|||||||
| 138 | | **AUTHOR** | Plugin author | |
|||||||
| 139 | | **STATUS** | Enabled/Disabled — toggleable via switch | |
|||||||
|
140 | || **ACTIONS** | Details / Update (if available) / Open / Uninstall | |
||||||
|
141 | |||||||
| 142 | ### Installing a Plugin |
|||||||
| 143 | ||||||||
| 144 | Click **"Install Plugin"** in the top right. A dialog opens with two installation options: |
|||||||
| 145 | ||||||||
| 146 | #### Option 1: Install from Plugin Registry (recommended) |
|||||||
| 147 | ||||||||
| 148 | 1. The **"Install from Registry"** dropdown shows all available plugins |
|||||||
| 149 | 2. The list is automatically loaded from the official plugin repository ([Fire-Devils/filaman-plugins](https://github.com/Fire-Devils/filaman-plugins)) on GitHub |
|||||||
| 150 | 3. Select the desired plugin from the dropdown — name, version, and description are displayed |
|||||||
| 151 | 4. Click **"Install Plugin"** to start the installation |
|||||||
| 152 | 5. FilaMan automatically downloads, validates, and installs the plugin |
|||||||
| 153 | ||||||||
| 154 | #### Option 2: Upload ZIP file manually |
|||||||
| 155 | ||||||||
| 156 | 1. Below the registry dropdown, you'll find the **"Plugin ZIP File"** section |
|||||||
| 157 | 2. Drag and drop a `.zip` file into the marked area — or click to select a file |
|||||||
| 158 | 3. The file is automatically validated (structure, manifest, security) |
|||||||
| 159 | 4. On successful validation, a confirmation with plugin details appears |
|||||||
| 160 | 5. Click **"Install Plugin"** to complete the installation |
|||||||
| 161 | ||||||||
| 162 | > **Note:** Manual ZIP uploads are intended for developers or for plugins that are not yet available in the official registry. |
|||||||
| 163 | ||||||||
| 164 | ### Checking for Updates |
|||||||
| 165 | ||||||||
| 166 | Click **"Check for Updates"** in the top right, next to the Install button. |
|||||||
| 167 | ||||||||
| 168 | - FilaMan compares installed plugin versions with the latest versions in the registry |
|||||||
| 169 | - If updates are available, a notification shows the number of available updates |
|||||||
|
170 | - Each plugin with an available update gets an **"Update to v…"** button directly in the plugin table |
||||||
| 171 | - Click this button to update the respective plugin to the latest version — no need to go through "Install Plugin" anymore |
|||||||
|
172 | |||||||
| 173 | ### Enabling / Disabling a Plugin |
|||||||
| 174 | ||||||||
| 175 | Each plugin can be enabled or disabled via the **toggle switch** in the Status column: |
|||||||
| 176 | ||||||||
| 177 | - **Enabled** — The plugin is active and its features are available (e.g. printer drivers are loaded) |
|||||||
| 178 | - **Disabled** — The plugin remains installed but is inactive. Already connected printers will be disconnected |
|||||||
| 179 | ||||||||
| 180 | ### Uninstalling a Plugin |
|||||||
| 181 | ||||||||
| 182 | 1. Click **"Uninstall"** in the Actions column of the plugin |
|||||||
| 183 | 2. Confirm the uninstallation in the confirmation dialog |
|||||||
| 184 | 3. An additional prompt asks whether to also delete the **plugin data** (e.g. extra fields, printer parameters): |
|||||||
| 185 | - **Yes** — Removes the plugin and all associated data (extra fields, saved parameters) |
|||||||
| 186 | - **No** — Removes only the plugin; data is preserved (useful when reinstalling) |
|||||||
| 187 | ||||||||
| 188 | ### Plugin Details |
|||||||
| 189 | ||||||||
| 190 | Click **"Details"** to view detailed information about a plugin: |
|||||||
| 191 | ||||||||
| 192 | - Plugin name, version, and description |
|||||||
| 193 | - Plugin type (Driver / Import / Integration) |
|||||||
| 194 | - Author and homepage |
|||||||
| 195 | - Supported capabilities (e.g. AMS support, RFID, Auto-Match) |
|||||||
| 196 | - List of printer parameters created by the plugin |
|||||||
|
197 | |||||||
| 198 | --- |
|||||||
| 199 | ||||||||
|
200 | ## 11.6 OIDC / SSO |
||||||
| 201 | ||||||||
| 202 | **URL:** `http(s)://url/admin/oidc` |
|||||||
| 203 | ||||||||
| 204 | > ⚠️ **Note:** The OIDC card on the Admin Panel is only clickable when accessing FilaMan via **HTTPS**. On HTTP connections, the card displays a notice that OIDC requires HTTPS and is not clickable. |
|||||||
| 205 | ||||||||
| 206 | This section allows administrators to configure **OpenID Connect (OIDC)** for Single Sign-On (SSO). Users can then log in using an external identity provider (e.g. Authentik, Keycloak, Azure AD). |
|||||||
| 207 | ||||||||
| 208 | ### Configuration Fields |
|||||||
| 209 | ||||||||
| 210 | | Setting | Description | |
|||||||
| 211 | |---------|-------------| |
|||||||
| 212 | | **Enabled** | Toggle to enable or disable OIDC login | |
|||||||
| 213 | | **Issuer URL** | The OIDC provider's issuer URL (must be `https://`) | |
|||||||
| 214 | | **Client ID** | The client ID registered with your OIDC provider | |
|||||||
| 215 | | **Client Secret** | The client secret (stored encrypted in the database) | |
|||||||
| 216 | | **Scopes** | OIDC scopes to request (default: `openid email profile`) | |
|||||||
| 217 | | **Button Text** | Custom label for the SSO button on the login page (e.g. "Login with Authentik") | |
|||||||
| 218 | ||||||||
| 219 | ### Requirements |
|||||||
| 220 | ||||||||
| 221 | - **HTTPS required** — OIDC only works when FilaMan is accessed via HTTPS |
|||||||
| 222 | - **`OIDC_ENC_KEY` environment variable** — Must be set for encrypting the client secret. Generate with: |
|||||||
| 223 | ```bash |
|||||||
| 224 | openssl rand -hex 32 |
|||||||
| 225 | ``` |
|||||||
| 226 | - **Existing users only** — Only users who already exist in FilaMan can log in via OIDC. The provider's email address must match an existing user account. The email must be verified by the provider. |
|||||||
| 227 | - **No auto-creation** — OIDC login does not create new user accounts |
|||||||
| 228 | ||||||||
| 229 | --- |
|||||||
| 230 | ||||||||
| 231 | ## 11.7 Danger Zone |
|||||||
|
232 | |||||||
| 233 | At the bottom of the Admin Panel you will find the red-highlighted **Danger Zone** with one critical action: |
|||||||
| 234 | ||||||||
| 235 | > ⛔ **"Delete all data"** |
|||||||
| 236 | > Permanently deletes **all** spools, filaments, manufacturers, colors, locations, and printers, including all logs and events. |
|||||||
| 237 | > **User accounts, roles, permissions, and devices are not affected.** |
|||||||
| 238 | > This action **cannot be undone!** |
|||||||
| 239 | ||||||||
| 240 | --- |
|||||||
| 241 | ||||||||
|
242 | ← [Back: Settings](/Docs/En/10-Settings) | [Next: Color Management →](/Docs/En/12-Colors) |
||||||