Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
dcache-frontend: remove authz checks in Quota GET methods
Motivation: All of the Frontend REST GET methods allow anonymous read (if the global property so allows it), except for `quota` (but see below). The extra check is actually not necessary, as authenticated users can see all quotas if `frontend.authz.anonymous-operations` is not `NONE`. Modification: Remove the authorization check on the `quota` GET methods. The `event` resources seem to constitute a special case, so we have not altered them; however, the method which enforces authenticated user has been moved to that class and out of `RequestUser`. Result: All of the REST GET methods now allow anonymous users to get the data if the global property allows (in the case of `NONE`, 401 not authorized is returned at login). Target: master Request: 9.1 Request: 9.0 Request: 8.2 Patch: https://rb.dcache.org/r/14014 Requires-notes: yes Acked-by: Tigran Acked-by: Dmitry
- Loading branch information
Showing
3 changed files
with
21 additions
and
22 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters