Feature Request: Role System & LDAP Authentication

[marcel-uni-luebeck]

Summary

For enterprise/organizational use, it would be very helpful to have a role-based access control system and LDAP authentication integration.

---

1. Role-Based Access Control (RBAC)

Current Situation

The admin dashboard currently only has a single admin role with full access rights.

Proposed Roles

Role	Permissions
Admin	Full access (users, settings, all projects)
Editor	Create/edit content, manage assigned projects
Viewer	View-only access to dashboards and screens

Benefits

• Delegate content management without giving full admin access
• Protect critical settings from accidental changes
• Better audit trail of who changed what

---

2. LDAP/Active Directory Integration

Features

• Authentication: Login via LDAP/AD credentials
• Group Mapping: Map LDAP groups to application roles
• Auto-provisioning: Automatically create users on first LDAP login

Use Case

In organizations with existing LDAP infrastructure (Active Directory, OpenLDAP), this would allow:

• Centralized user management
• No need for separate passwords
• Automatic role assignment based on LDAP groups
• Easier onboarding/offboarding of users

---

Suggested Implementation

Laravel has excellent support for this via packages like LdapRecord, which would integrate well with the existing authentication system.

---

Environment

• Open Signage Version: Latest (Docker)

---

Thank you for considering this feature! 🙏

[Thiritin]

I would support that, feel free to open a PR I am happy to look over it. It can be switchable via a .env var.