stable
Clone or download
Read-only
story #12237: limit access to the tracker SOAP API to whitelisted users
An administrator can use the setting soap_tracker_whitelisted_users to limit access to the tracker SOAP API: * if the setting is not set, access is allowed for all users * if the setting is set to an empty string, all users access are allowed * if the setting is comma separated list of usernames, only those usernames can use the tracker SOAP API Even if a user is whitelisted to access the tracker SOAP API, the tracker permissions still apply. Change-Id: I4c7f1fcb2da4302f89b12d4bde7916b3cc048aa3
Modified Files
| Name | ||||
|---|---|---|---|---|
| A | plugins/tracker/include/Tracker/SOAP/NotTrackerWhitelistedUserException.php | +29 | −0 | Go to diff View file |
| A | plugins/tracker/include/Tracker/SOAP/SOAPRequestValidatorTrackerWhitelistedUser.php | +75 | −0 | Go to diff View file |
| M | plugins/tracker/include/Tracker/SOAPServer.class.php | +3 | −2 | Go to diff View file |
| A | plugins/tracker/phpunit/Tracker/SOAP/SOAPRequestValidatorTrackerWhitelistedUserTest.php | +83 | −0 | Go to diff View file |
| M | plugins/tracker/www/soap/index.php | +4 | −1 | Go to diff View file |
| M | src/common/autoload.php | +3 | −2 | Go to diff View file |
| A | src/common/soap/SOAPRequestValidator.php | +54 | −0 | Go to diff View file |
| M | src/common/soap/SOAP_RequestValidator.class.php | +2 | −1 | Go to diff View file |
| M | src/common/svn/SVN_SOAPServer.class.php | +4 | −2 | Go to diff View file |