New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[portal] "Portal" mode : disable management features #181

Closed
lusoalex opened this Issue Jul 28, 2016 · 5 comments

Comments

Projects
None yet
4 participants
@lusoalex

lusoalex commented Jul 28, 2016

Hello,

We expect to have two separate portals :

  • Admin Portal for API Publisher (in charge of managing API)
  • Dev Portal for API Consumer (people who will consume API)

The dev portal must only be able to read documentation, create application (if he has permission to), but must not be able to edit an API, edit documentation, etc...

As currently, gravitee have only one portal (mixing both use cases), it would be great to manage a flag "dev_portal_enabled" on the management API & UI.
If set to yes, then the web UI should not display the "cogwheel" on APIs, and the management API should be restricted (no edit access on APIs).

Regards,
Alexandre.

@brasseld brasseld changed the title from Dev Portal to [portal] "Portal" mode : disable management features Jul 28, 2016

@NicolasGeraud

This comment has been minimized.

Member

NicolasGeraud commented Jul 28, 2016

Hi,

is it a security problem ?

A flag on the UI will always be overridable by a hacker cause it's running on his browser.
And a flag on the API is like a role. No more or less secure, I think.

With a portal mode, you must have separate instances of the management-api and this introduce a new context to be manage by the API. On each resource we have to think if it may or may not be part of the "portal". In addition to permissions.

A portal mode on the UI is a good idea, not for security reason but because you can simply want to expose a more "simple" UI (and perhaps manage your API with the management-API, not via the UI.
A portal mode on the api seems complicated and does not introduce a more secure system to you.

wdyt ?

@lusoalex

This comment has been minimized.

lusoalex commented Jul 28, 2016

Hi,

My aim is to make difference between api publisher and api consumer.

As api consumer, i should not have access to the cogwheel.
So yes i agree that adding a flag on the UI is not a safe solution, the best one is to offer two distinct UI. By the way, waiting to have a dedicated UI for API consumers, may be the flag should be set/used when the website is packaged?

About Management API, if the bearer used to access to the API is well checked and include the API consumers rights, that's ok. My idea was to ensure that the API consumer will not be able to update the api settings through the api management. With well designed APIs, that's easy to guess we only need to change the http verb from GET to PUT to update a record ;)

Regards,
Alexandre.

@NicolasGeraud

This comment has been minimized.

Member

NicolasGeraud commented Jul 28, 2016

But if you change GET to PUT and you have only permissions to read api configuration, you'll get a 403 no ?

@lusoalex

This comment has been minimized.

lusoalex commented Jul 28, 2016

That was my question, i did not try to do it.
If the management API does the check, that's good ;)

I'll try it as soon as i have created an API consumer user ;)

@NicolasGeraud

This comment has been minimized.

Member

NicolasGeraud commented Jul 28, 2016

@brasseld works on that #176

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment