Bugzilla – Full Text Bug Listing
| Summary: | Grant authorized users access to /logapi | ||
|---|---|---|---|
| Product: | [ECD] Orion | Reporter: | Maciej Bendkowski <maciej.bendkowski> |
| Component: | Server | Assignee: | Maciej Bendkowski <maciej.bendkowski> |
| Status: | RESOLVED FIXED | QA Contact: | |
| Severity: | normal | ||
| Priority: | P3 | CC: | ahunter.eclipse |
| Version: | 6.0 | ||
| Target Milestone: | 7.0 | ||
| Hardware: | PC | ||
| OS: | Linux | ||
| Whiteboard: | |||
|
Description
Maciej Bendkowski
Fixed with: http://git.eclipse.org/c/orion/org.eclipse.orion.server.git/commit/?id=f902b6ebacb09fc1c02cbc85c0bb0e00ef643224 The Log provider service has been hidden behind an authorization filter. (In reply to Maciej Bendkowski from comment #0) > We need a solution for granting authorization permissions to the log service > API. This task should be divided into several subtasks, including building a > dynamic role based approach for user permissions. > > For start, we should investigate the already present "user right" URL > patterns, attached to user.json files. A dedicated filter should suffice for > now, however it should be backed up with an administrator facilitation API. For now I have added a orion.conf property that matches exactly the existing orion.auth.user.creation property format so that we can access the logs for orionhub. /** * The name of a configuration property specifying a comma-separated list of users * that are allowed to access the logs service. If unspecified, then no users can * access the logs service. */ public static final String CONFIG_AUTH_LOG_SERVICE = "orion.auth.log.service"; |