•  
     
    story #13669 permission delegation for a read-only site admin (REST)
Summary
Empty
permission delegation for a read-only site admin (REST)
Empty

Overview

In order to do proper indexing with an external engine (like datafari) the API should be crawled by a user with access to all data. However there is no need for this user to modify data.

So we introduce a new top delegated permission "REST Read-only site administrator".

Users with this permission will have the right to read all resources of the platform (basically all GET/OPTIONS) but will have their regular rights for write/update routes (PATCH/POST/PUT/DELETE/...).

This permission only apply to REST resources, the user with "REST Read-only site administrator" permission won't have access to site admin web ui (even in read).

Empty
Empty
Status
Done
Development
Empty
Empty
Details
#13669
Manuel Vacelet (vaceletm)
2019-09-17 16:15
2019-07-24 17:30
14238

References

List of items referenced by or referencing this item.

Git commit

Artifact Tracker v5

Follow-ups