Creating an invalidate content request (purge) on a delivery service should check tenancy (if turned on) #1171

mitchell852 · 2017-09-13T21:06:17Z

The following API route is used to create an "Invalidate content" (aka purge request) on a delivery service:

$r->post("/api/$version/user/current/jobs")->over( authenticated => 1, not_ldap => 1 )->to( 'Job#create_current_user_job', namespace => $namespace );

This route current checks:

if role is ops (or higher) OR if delivery service is assigned to user.

instead it should follow this logic:

if (use_tenancy = 1) { check tenancy on delivery service }
else { check if role is ops (or higher) OR if delivery service is assigned to user }

mitchell852 · 2017-09-15T16:33:09Z

@nir-sopher - i'm going to take a crack at this one

mitchell852 added bug something isn't working as intended Traffic Ops related to Traffic Ops Traffic Ops API labels Sep 13, 2017

mitchell852 self-assigned this Sep 15, 2017

mitchell852 mentioned this issue Sep 18, 2017

[Issue-1171] - check tenancy on invalidate content jobs if tenancy is turned on #1186

Merged

dewrich closed this as completed in #1186 Sep 22, 2017

mitchell852 added this to the 2.2.0 milestone Jan 17, 2018

Provide feedback