stable

Clone or download

Read-only

story #12237: limit access to the tracker SOAP API to whitelisted users

An administrator can use the setting soap_tracker_whitelisted_users to limit access to the tracker SOAP API: * if the setting is not set, access is allowed for all users * if the setting is set to an empty string, all users access are allowed * if the setting is comma separated list of usernames, only those usernames can use the tracker SOAP API Even if a user is whitelisted to access the tracker SOAP API, the tracker permissions still apply. Change-Id: I4c7f1fcb2da4302f89b12d4bde7916b3cc048aa3

Modified Files

Name
A plugins/tracker/include/Tracker/SOAP/NotTrackerWhitelistedUserException.php +29 −0 Go to diff View file
A plugins/tracker/include/Tracker/SOAP/SOAPRequestValidatorTrackerWhitelistedUser.php +75 −0 Go to diff View file
M plugins/tracker/include/Tracker/SOAPServer.class.php +3 −2 Go to diff View file
A plugins/tracker/phpunit/Tracker/SOAP/SOAPRequestValidatorTrackerWhitelistedUserTest.php +83 −0 Go to diff View file
M plugins/tracker/www/soap/index.php +4 −1 Go to diff View file
M src/common/autoload.php +3 −2 Go to diff View file
A src/common/soap/SOAPRequestValidator.php +54 −0 Go to diff View file
M src/common/soap/SOAP_RequestValidator.class.php +2 −1 Go to diff View file
M src/common/svn/SVN_SOAPServer.class.php +4 −2 Go to diff View file