Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add LAGOON_API_OPERATION_BLACKLIST environment variable to api #977

Merged
merged 1 commit into from Mar 19, 2019

Conversation

Projects
None yet
2 participants
@rocketeerbkw
Copy link
Member

rocketeerbkw commented Mar 18, 2019

Checklist

  • Affected Issues have been mentioned in the Closing issues section
  • Documentation has been written/updated.
  • Changelog entry has been written

Add new environment variable LAGOON_API_OPERATION_BLACKLIST to require admin role for operations (Query, Mutation, or Subscription) listed in the environment variable. The list is case and whitespace sensitive, comma separated. Values are the names of the operations from the API.

Example:
LAGOON_API_OPERATION_BLACKLIST=updateProject,addUserToProject,allEnvironments

Changelog Entry

Improvement - Add environment variable to restrict API operations to admins only (#967)

Closing issues

closes #967

@rocketeerbkw rocketeerbkw marked this pull request as ready for review Mar 18, 2019

@Schnitzel Schnitzel merged commit 4e40681 into master Mar 19, 2019

1 check passed

continuous-integration/jenkins/pr-merge This commit looks good
Details

@rocketeerbkw rocketeerbkw deleted the 967-api-operations-blacklist branch Mar 25, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.