Skip to content
This repository has been archived by the owner on Mar 21, 2023. It is now read-only.

Add REST API authentication and permissions #15

Merged
merged 2 commits into from Apr 21, 2016
Merged

Add REST API authentication and permissions #15

merged 2 commits into from Apr 21, 2016

Conversation

kroepke
Copy link
Member

@kroepke kroepke commented Apr 20, 2016
edited

We currently do not have roles that makes use of the permission restrictions, but they are addressable nonetheless.

@kroepke kroepke added this to the 1.0.0 milestone Apr 20, 2016
@joschi joschi self-assigned this Apr 20, 2016
joschi
joschi reviewed Apr 21, 2016
View reviewed changes
src/main/java/org/graylog/plugins/pipelineprocessor/rest/RuleResource.java
@@ -117,6 +121,7 @@ public RuleSource parse(@ApiParam(name = "rule", required = true) @NotNull RuleS

@ApiOperation(value = "Get all processing rules")
@GET
@RequiresPermissions(PipelineRestPermissions.PIPELINE_RULE_READ)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I know that we're doing this with other resources as well, but this would allow users to read rules they're not allowed to read in #get(String) via the #getAll() method.

Should we filter out rules that the user isn't allowed to read? (I doubt that this will ever happen, but at least it should work…)

@joschi
Copy link
Contributor

joschi commented Apr 21, 2016

LGTM. 👍

@joschi joschi merged commit ac73447 into master Apr 21, 2016
@joschi joschi deleted the issue-14 branch April 21, 2016 12:52
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees

@joschi joschi

Labels
ready-for-review
Projects
None yet
Milestone
1.0.0
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@kroepke @joschi