-
Notifications
You must be signed in to change notification settings - Fork 156
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Filter cohorts and concepts by permission #2245
Changes from 23 commits
610af40
20e985d
b792094
db76dfe
feab759
1762c70
61f30fb
e41524a
f001a2d
bcaa822
b8f5220
c9b63ea
477c46c
317cf3e
e26efba
83befff
3d80d5c
0d0690f
247effd
efa3557
28d6480
23a86bc
8c7a54f
04ac2c8
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,56 +1,21 @@ | ||
compile: | ||
mvn clean | ||
mvn compile -Pwebapi-postgresql-laertes | ||
mvn clean compile -DskipUnitTests -DskipITtests -s WebAPIConfig/settings.xml -P webapi-postgresql | ||
|
||
package: compile | ||
mvn package -Pwebapi-postgresql-laertes | ||
mvn package -DskipUnitTests -DskipITtests -s WebAPIConfig/settings.xml -P webapi-postgresql | ||
|
||
deploy: package | ||
sudo service tomcat7 stop | ||
sleep 4 | ||
sudo rm -rf /var/lib/tomcat7/webapps/WebAPI* | ||
sudo cp -r target/WebAPI.war /var/lib/tomcat7/webapps/ | ||
sudo chown tomcat7 /var/lib/tomcat7/webapps/WebAPI.war | ||
sudo chgrp tomcat7 /var/lib/tomcat7/webapps/WebAPI.war | ||
sudo service tomcat7 start | ||
deploy: package | ||
/home/ubuntu/Downloads/apache-tomcat-8.5.84-DEV/bin/shutdown.sh | ||
mv /home/ubuntu/Downloads/apache-tomcat-8.5.84-DEV/webapps/WebAPI /mnt/disk1/webapi-dev-tmp/WebAPI-FOLDER-`date +%m%d%H%S` | ||
mv /home/ubuntu/Downloads/apache-tomcat-8.5.84-DEV/webapps/WebAPI.war /mnt/disk1/webapi-dev-tmp/WebAPI.war-`date +%m%d%H%S` | ||
mv target/WebAPI.war /home/ubuntu/Downloads/apache-tomcat-8.5.84-DEV/webapps/ | ||
/home/ubuntu/Downloads/apache-tomcat-8.5.84-DEV/bin/startup.sh | ||
|
||
git-push: | ||
git push myfork master | ||
git push | ||
|
||
test: | ||
wget -O tests/test-general-evidence.json "http://localhost:8080/WebAPI/LAERTES_CDM/evidence/752061" | ||
wget -O tests/test-drug-hoi.json "http://localhost:8080/WebAPI/LAERTES_CDM/evidence/drughoi/752061-374013" | ||
wget -O tests/test-drug.json "http://localhost:8080/WebAPI/LAERTES_CDM/evidence/drug/752061" | ||
wget -O tests/test-hoi.json "http://localhost:8080/WebAPI/LAERTES_CDM/evidence/hoi/320073" | ||
wget -O tests/test-info.json "http://localhost:8080/WebAPI/LAERTES_CDM/evidence/info" | ||
wget -O tests/test-drug-hoi-eu-spc.json "http://localhost:8080/WebAPI/LAERTES_CDM/evidence/drughoi/904351-4190045" | ||
wget -O tests/test-drug-hoi-splicer.json "http://localhost:8080/WebAPI/LAERTES_CDM/evidence/drughoi/19133853-195588" | ||
wget -O tests/test-drug-hoi-faers-counts-and-signals.json "http://localhost:8080/WebAPI/LAERTES_CDM/evidence/drughoi/1154343-433031" | ||
wget -O tests/test-drug-hoi-pubmed-mesh-cr.json "http://localhost:8080/WebAPI/LAERTES_CDM/evidence/drughoi/1154343-433031" | ||
wget -O tests/test-drug-hoi-pubmed-mesh-clin-trial.json "http://localhost:8080/WebAPI/LAERTES_CDM/evidence/drughoi/789578-378144" | ||
wget -O tests/test-drug-hoi-pubmed-mesh-other.json "http://localhost:8080/WebAPI/LAERTES_CDM/evidence/drughoi/19010482-316866" | ||
wget -O tests/test-drug-hoi-semmed-cr.json "http://localhost:8080/WebAPI/LAERTES_CDM/evidence/drughoi/1112807-441202" | ||
wget -O tests/test-drug-hoi-semmed-clin-trial.json "http://localhost:8080/WebAPI/LAERTES_CDM/evidence/drughoi/19059744-381591" | ||
wget -O tests/test-drug-rollup-ingredient.json "http://localhost:8080/WebAPI/LAERTES_CDM/evidence/drugrollup/ingredient/1000632" | ||
wget -O tests/test-drug-rollup-clin-drug.json "http://localhost:8080/WebAPI/LAERTES_CDM/evidence/drugrollup/clinicaldrug/19074181" | ||
wget -O tests/test-drug-rollup-branded-drug.json "http://localhost:8080/WebAPI/LAERTES_CDM/evidence/drugrollup/brandeddrug/1000640" | ||
wget -O tests/test-rdf-evidencesummary.json "http://localhost:8080/WebAPI/LAERTES_CDM/evidence/evidencesummary?conditionID=139900&drugID=1115008&evidenceGroup=Literature" | ||
wget -O tests/test-rdf-evidencedetails.json "http://localhost:8080/WebAPI/LAERTES_CDM/evidence/evidencedetails?conditionID=24134&drugID=1115008&evidenceType=SPL_SPLICER_ADR" | ||
wget -O /tmp/tests/test-drug-rollup-branded-drug.json "http://api.ohdsi.org/WebAPI/CS1/evidence/drugrollup/brandeddrug/1000640" | ||
|
||
test-public: | ||
wget -O tests/test-general-evidence.json "http://api.ohdsi.org/WebAPI/CS1/evidence/1000640" | ||
wget -O /tmp/tests/test-drug-hoi.json "http://api.ohdsi.org/WebAPI/CS1/evidence/drughoi/1000640-137682" | ||
wget -O /tmp/tests/test-drug.json "http://api.ohdsi.org/WebAPI/CS1/evidence/drug/1000640" | ||
wget -O /tmp/tests/test-hoi.json "http://api.ohdsi.org/WebAPI/CS1/evidence/hoi/320073" | ||
wget -O /tmp/tests/test-info.json "http://api.ohdsi.org/WebAPI/CS1/evidence/info" | ||
wget -O /tmp/tests/test-drug-hoi-eu-spc.json "http://api.ohdsi.org/WebAPI/CS1/evidence/drughoi/40239056-75053" | ||
wget -O /tmp/tests/test-drug-hoi-splicer.json "http://api.ohdsi.org/WebAPI/CS1/evidence/drughoi/19133853-195588" | ||
wget -O /tmp/tests/test-drug-hoi-faers-counts-and-signals.json "http://api.ohdsi.org/WebAPI/CS1/evidence/drughoi/1154343-433031" | ||
wget -O /tmp/tests/test-drug-hoi-pubmed-mesh-cr.json "http://api.ohdsi.org/WebAPI/CS1/evidence/drughoi/1154343-433031" | ||
wget -O /tmp/tests/test-drug-hoi-pubmed-mesh-clin-trial.json "http://api.ohdsi.org/WebAPI/CS1/evidence/drughoi/789578-378144" | ||
wget -O /tmp/tests/test-drug-hoi-pubmed-mesh-other.json "http://api.ohdsi.org/WebAPI/CS1/evidence/drughoi/19010482-316866" | ||
wget -O /tmp/tests/test-drug-hoi-semmed-cr.json "http://api.ohdsi.org/WebAPI/CS1/evidence/drughoi/1782521-45612000" | ||
wget -O /tmp/tests/test-drug-hoi-semmed-clin-trial.json "http://api.ohdsi.org/WebAPI/CS1/evidence/drughoi/1303425-45616736" | ||
wget -O /tmp/tests/test-drug-rollup-ingredient.json "http://api.ohdsi.org/WebAPI/CS1/evidence/drugrollup/ingredient/1000632" | ||
wget -O /tmp/tests/test-drug-rollup-clin-drug.json "http://api.ohdsi.org/WebAPI/CS1/evidence/drugrollup/clinicaldrug/19074181" | ||
wget -O /tmp/tests/test-drug-rollup-branded-drug.json "http://api.ohdsi.org/WebAPI/CS1/evidence/drugrollup/brandeddrug/1000640" |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -42,9 +42,11 @@ | |
import org.ohdsi.webapi.versioning.dto.VersionUpdateDTO; | ||
import org.springframework.core.convert.ConversionService; | ||
import org.springframework.data.domain.Page; | ||
import org.springframework.data.domain.PageImpl; | ||
import org.springframework.data.domain.Pageable; | ||
import org.springframework.stereotype.Controller; | ||
import org.springframework.transaction.annotation.Transactional; | ||
import org.springframework.beans.factory.annotation.Value; | ||
import org.springframework.web.bind.annotation.RequestBody; | ||
|
||
import javax.ws.rs.Consumes; | ||
|
@@ -63,6 +65,7 @@ | |
import java.io.ByteArrayOutputStream; | ||
import java.io.IOException; | ||
import java.io.StringWriter; | ||
import java.util.ArrayList; | ||
import java.util.Collections; | ||
import java.util.List; | ||
import java.util.Map; | ||
|
@@ -86,6 +89,9 @@ public class CcController { | |
private CharacterizationChecker checker; | ||
private PermissionService permissionService; | ||
|
||
@Value("#{'${security.defaultglobalreadpermissions}'.equals(false)}") | ||
rkboyce marked this conversation as resolved.
Show resolved
Hide resolved
|
||
private boolean defaultglobalreadpermissions; | ||
|
||
public CcController( | ||
final CcService service, | ||
final FeAnalysisService feAnalysisService, | ||
|
@@ -151,11 +157,28 @@ public CohortCharacterizationDTO copy(@PathParam("id") final Long id) { | |
@Produces(MediaType.APPLICATION_JSON) | ||
@Consumes(MediaType.APPLICATION_JSON) | ||
public Page<CcShortDTO> list(@Pagination Pageable pageable) { | ||
return service.getPage(pageable).map(entity -> { | ||
CcShortDTO dto = convertCcToShortDto(entity); | ||
permissionService.fillWriteAccess(entity, dto); | ||
return dto; | ||
}); | ||
if (defaultglobalreadpermissions == true) { // don't filter based on read permissions | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This is a place wehre we want to have proper stayle: defaultGlobalReadPermissions There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. corrected |
||
return service.getPage(pageable).map(entity -> { | ||
CcShortDTO dto = convertCcToShortDto(entity); | ||
permissionService.fillWriteAccess(entity, dto); | ||
permissionService.fillReadAccess(entity, dto); | ||
return dto; | ||
}); | ||
} else { // filter out what the user does not have read access to | ||
List<CcShortDTO> dtolist = new ArrayList<CcShortDTO>(); | ||
|
||
Page<CohortCharacterizationEntity> newpage = service.getPage(pageable); | ||
|
||
for (CohortCharacterizationEntity entity : newpage) { | ||
if(permissionService.hasReadAccess(entity)){ | ||
CcShortDTO dto = convertCcToShortDto(entity); | ||
permissionService.fillWriteAccess(entity, dto); | ||
permissionService.fillReadAccess(entity, dto); | ||
dtolist.add(dto); | ||
} | ||
} | ||
return new PageImpl<CcShortDTO>(dtolist, pageable, dtolist.size()); | ||
} | ||
} | ||
|
||
/** | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -22,6 +22,7 @@ | |
import org.slf4j.Logger; | ||
import org.slf4j.LoggerFactory; | ||
import org.springframework.beans.factory.annotation.Autowired; | ||
import org.springframework.beans.factory.annotation.Value; | ||
import org.springframework.core.convert.support.GenericConversionService; | ||
import org.springframework.stereotype.Controller; | ||
|
||
|
@@ -70,7 +71,10 @@ public class EstimationController { | |
private final ScriptExecutionService executionService; | ||
private EstimationChecker checker; | ||
private PermissionService permissionService; | ||
|
||
|
||
@Value("#{'${security.defaultglobalreadpermissions}'.equals(false)}") | ||
private boolean defaultglobalreadpermissions; | ||
rkboyce marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
||
public EstimationController(EstimationService service, | ||
GenericConversionService conversionService, | ||
CommonGenerationSensitiveInfoService sensitiveInfoService, | ||
|
@@ -97,14 +101,26 @@ public EstimationController(EstimationService service, | |
@Path("/") | ||
@Produces(MediaType.APPLICATION_JSON) | ||
public List<EstimationShortDTO> getAnalysisList() { | ||
|
||
return StreamSupport.stream(service.getAnalysisList().spliterator(), false) | ||
.map(analysis -> { | ||
EstimationShortDTO dto = conversionService.convert(analysis, EstimationShortDTO.class); | ||
permissionService.fillWriteAccess(analysis, dto); | ||
return dto; | ||
}) | ||
.collect(Collectors.toList()); | ||
if (defaultglobalreadpermissions == true) { // don't filter based on read permissions | ||
return StreamSupport.stream(service.getAnalysisList().spliterator(), false) | ||
.map(analysis -> { | ||
EstimationShortDTO dto = conversionService.convert(analysis, EstimationShortDTO.class); | ||
permissionService.fillWriteAccess(analysis, dto); | ||
permissionService.fillReadAccess(analysis, dto); | ||
return dto; | ||
}) | ||
.collect(Collectors.toList()); | ||
} else { | ||
return StreamSupport.stream(service.getAnalysisList().spliterator(), false) | ||
.filter(candidateEstimation -> permissionService.hasReadAccess(candidateEstimation)) | ||
.map(analysis -> { | ||
EstimationShortDTO dto = conversionService.convert(analysis, EstimationShortDTO.class); | ||
permissionService.fillWriteAccess(analysis, dto); | ||
permissionService.fillReadAccess(analysis, dto); | ||
return dto; | ||
}) | ||
.collect(Collectors.toList()); | ||
} | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I believe this was mentioned before but you can put the filter conditional in the stream expression:
|
||
} | ||
|
||
/** | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -25,15 +25,18 @@ | |
import org.ohdsi.webapi.versioning.dto.VersionDTO; | ||
import org.ohdsi.webapi.versioning.dto.VersionUpdateDTO; | ||
import org.springframework.beans.factory.annotation.Autowired; | ||
import org.springframework.beans.factory.annotation.Value; | ||
import org.springframework.core.convert.ConversionService; | ||
import org.springframework.data.domain.Page; | ||
import org.springframework.data.domain.PageImpl; | ||
import org.springframework.data.domain.Pageable; | ||
import org.springframework.stereotype.Controller; | ||
import org.springframework.web.bind.annotation.RequestBody; | ||
|
||
import javax.transaction.Transactional; | ||
import javax.ws.rs.*; | ||
import javax.ws.rs.core.MediaType; | ||
import java.util.ArrayList; | ||
import java.util.Collections; | ||
import java.util.List; | ||
import java.util.Map; | ||
|
@@ -53,6 +56,9 @@ public class PathwayController { | |
private PathwayChecker checker; | ||
private PermissionService permissionService; | ||
|
||
@Value("#{'${security.defaultglobalreadpermissions}'.equals(false)}") | ||
private boolean defaultglobalreadpermissions; | ||
|
||
@Autowired | ||
public PathwayController(ConversionService conversionService, ConverterUtils converterUtils, PathwayService pathwayService, SourceService sourceService, CommonGenerationSensitiveInfoService sensitiveInfoService, PathwayChecker checker, PermissionService permissionService, I18nService i18nService) { | ||
|
||
|
@@ -156,13 +162,29 @@ public PathwayAnalysisDTO importAnalysis(final PathwayAnalysisExportDTO dto) { | |
@Consumes(MediaType.APPLICATION_JSON) | ||
@Transactional | ||
public Page<PathwayAnalysisDTO> list(@Pagination Pageable pageable) { | ||
|
||
return pathwayService.getPage(pageable).map(pa -> { | ||
PathwayAnalysisDTO dto = conversionService.convert(pa, PathwayAnalysisDTO.class); | ||
permissionService.fillWriteAccess(pa, dto); | ||
return dto; | ||
}); | ||
if (defaultglobalreadpermissions == true) { // don't filter based on read permissions | ||
return pathwayService.getPage(pageable).map(pa -> { | ||
PathwayAnalysisDTO dto = conversionService.convert(pa, PathwayAnalysisDTO.class); | ||
permissionService.fillWriteAccess(pa, dto); | ||
permissionService.fillReadAccess(pa, dto); | ||
return dto; | ||
}); | ||
} else { // filter out entities that the user does not have read permissions to view | ||
List<PathwayAnalysisDTO> dtolist = new ArrayList<PathwayAnalysisDTO>(); | ||
|
||
Page<PathwayAnalysisEntity> newpage = pathwayService.getPage(pageable); | ||
for (PathwayAnalysisEntity pa : newpage) { | ||
if (permissionService.hasReadAccess(pa)) { | ||
PathwayAnalysisDTO dto = conversionService.convert(pa, PathwayAnalysisDTO.class); | ||
permissionService.fillWriteAccess(pa, dto); | ||
permissionService.fillReadAccess(pa, dto); | ||
dtolist.add(dto); | ||
} | ||
} | ||
return new PageImpl<PathwayAnalysisDTO>(dtolist, pageable, dtolist.size()); | ||
} | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I believe this can be written same as in Estimation:
|
||
} | ||
|
||
|
||
/** | ||
* Check that a pathway analysis name exists. | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -21,6 +21,7 @@ | |
import org.slf4j.Logger; | ||
import org.slf4j.LoggerFactory; | ||
import org.springframework.beans.factory.annotation.Autowired; | ||
import org.springframework.beans.factory.annotation.Value; | ||
import org.springframework.core.convert.support.GenericConversionService; | ||
import org.springframework.stereotype.Controller; | ||
|
||
|
@@ -67,6 +68,9 @@ public class PredictionController { | |
|
||
private PermissionService permissionService; | ||
|
||
@Value("#{'${security.defaultglobalreadpermissions}'.equals(false)}") | ||
private boolean defaultglobalreadpermissions; | ||
|
||
@Autowired | ||
public PredictionController(PredictionService service, | ||
GenericConversionService conversionService, | ||
|
@@ -93,26 +97,40 @@ public PredictionController(PredictionService service, | |
@GET | ||
@Path("/") | ||
@Produces(MediaType.APPLICATION_JSON) | ||
public List<CommonAnalysisDTO> getAnalysisList() { | ||
|
||
return StreamSupport | ||
.stream(service.getAnalysisList().spliterator(), false) | ||
.map(analysis -> { | ||
CommonAnalysisDTO dto = conversionService.convert(analysis, CommonAnalysisDTO.class); | ||
permissionService.fillWriteAccess(analysis, dto); | ||
return dto; | ||
}) | ||
.collect(Collectors.toList()); | ||
} | ||
|
||
/** | ||
* Check to see if a prediction design exists by name | ||
* | ||
* @summary Prediction design exists by name | ||
* @param id The prediction design id | ||
* @param name The prediction design name | ||
* @return 1 if a prediction design with the given name and id exist in WebAPI and 0 otherwise | ||
*/ | ||
public List<CommonAnalysisDTO> getAnalysisList() { | ||
if (defaultglobalreadpermissions == true) { // don't filter based on read permissions | ||
return StreamSupport | ||
.stream(service.getAnalysisList().spliterator(), false) | ||
.map(analysis -> { | ||
CommonAnalysisDTO dto = conversionService.convert(analysis, CommonAnalysisDTO.class); | ||
permissionService.fillWriteAccess(analysis, dto); | ||
permissionService.fillReadAccess(analysis, dto); | ||
return dto; | ||
}) | ||
.collect(Collectors.toList()); | ||
} else { | ||
return StreamSupport | ||
.stream(service.getAnalysisList().spliterator(), false) | ||
.filter(candidateAnalysis -> permissionService.hasReadAccess(candidateAnalysis)) | ||
.map(analysis -> { | ||
CommonAnalysisDTO dto = conversionService.convert(analysis, CommonAnalysisDTO.class); | ||
permissionService.fillWriteAccess(analysis, dto); | ||
permissionService.fillReadAccess(analysis, dto); | ||
return dto; | ||
}) | ||
.collect(Collectors.toList()); | ||
} | ||
} | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Same comment as above: use conditional filter to reduce redundancy. |
||
|
||
|
||
/** | ||
* Check to see if a prediction design exists by name | ||
* | ||
* @summary Prediction design exists by name | ||
* @param id The prediction design id | ||
* @param name The prediction design name | ||
* @return 1 if a prediction design with the given name and id exist in WebAPI and 0 otherwise | ||
*/ | ||
Comment on lines
+126
to
+133
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Fix indent of comments, should be aligned to the following function. |
||
@GET | ||
@Path("/{id}/exists") | ||
@Produces(MediaType.APPLICATION_JSON) | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -83,26 +83,31 @@ public List<RoleDTO> listAccessesForEntity(@QueryParam("roleSearch") String role | |
} | ||
|
||
/** | ||
* Get entity role access information | ||
* Get roles that have a permission type (READ/WRITE) to entity | ||
* | ||
* @summary Get entity role information | ||
* @summary Get roles that have a specific permission (READ/WRITE) for the entity | ||
* @param entityType The entity type | ||
* @param entityId The entity ID | ||
* @return The list of roles | ||
* @return The list of permissions for the permission type | ||
* @throws Exception | ||
*/ | ||
@GET | ||
@Path("/access/{entityType}/{entityId}") | ||
@Path("/access/{entityType}/{entityId}/{permType}") | ||
@Consumes(MediaType.APPLICATION_JSON) | ||
@Produces(MediaType.APPLICATION_JSON) | ||
public List<RoleDTO> listAccessesForEntity( | ||
public List<RoleDTO> listAccessesForEntityByPermType( | ||
@PathParam("entityType") EntityType entityType, | ||
@PathParam("entityId") Integer entityId | ||
@PathParam("entityId") Integer entityId, | ||
@PathParam("permType") String permType | ||
) throws Exception { | ||
|
||
permissionService.checkCommonEntityOwnership(entityType, entityId); | ||
|
||
Set<String> permissionTemplates = permissionService.getTemplatesForType(entityType, AccessType.WRITE).keySet(); | ||
Set<String> permissionTemplates = null; | ||
if (permType == "WRITE") { | ||
permissionTemplates = permissionService.getTemplatesForType(entityType, AccessType.WRITE).keySet(); | ||
} else { | ||
permissionTemplates = permissionService.getTemplatesForType(entityType, AccessType.READ).keySet(); | ||
} | ||
Comment on lines
-95
to
+110
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. For backwards compatibility, you should maintain the endpoint /access/entityType/entityId, tho this will default to the perm type of 'WRITE'. So, revert this change to leave listAccessForEntity, but have this function call over to 'listAccessForEntityByPermType) with the perType paramater as AccessType.WRITE. In addition, i believe permType should be the enum, not the string, but will need to do some tests if the Java REST api will automatically serialize the ENUM input. The issue is that you could pass a perm type of 'BlahBlah' and it will assume that is 'READ' via the else statement. |
||
|
||
List<String> permissions = permissionTemplates | ||
.stream() | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should default this to true, and rely on settings.xml to override this setting. This will maintain current behavior between versions.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
corrected now and tested that setting the variable false in the WebAPIConfig/settings.xml works