Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security endpoints sentitive by roles #606

Closed
oscarcitoz opened this issue Mar 26, 2021 · 0 comments · Fixed by #619
Closed

Security endpoints sentitive by roles #606

oscarcitoz opened this issue Mar 26, 2021 · 0 comments · Fixed by #619
Labels
type: improvement A minor improvement to an existing feature
Milestone
2.5.0

Comments

@oscarcitoz
Copy link

Sensitive endpoints are exposed to all logged in users regardless of their role, that is, everyone can have access to these endpoints, which causes a security breach due to the information they handle.

It will create a pr
#589

with the option to configure the users who can access them through roles (without affecting the default configuration)
@oscarcitoz oscarcitoz mentioned this issue Mar 26, 2021
Closed
@sdelamo sdelamo added the type: improvement A minor improvement to an existing feature label Mar 27, 2021
sdelamo added a commit that referenced this issue Apr 12, 2021
@sdelamo
docs: improve documentation about SensitiveEndpointRule replacement
1628696 
close: #606
close: #589
@sdelamo sdelamo mentioned this issue Apr 12, 2021
Merged
@sdelamo sdelamo added this to the 2.5.0 milestone Apr 12, 2021
sdelamo added a commit that referenced this issue Apr 12, 2021
@sdelamo
docs: improve documentation about SensitiveEndpointRule replacement (#…
14497fe 
…619)

* refactor: SensitiveEndpointRule constructor public

* docs: improve documentation about SensitiveEndpointRule replacement

close: #606
close: #589
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type: improvement A minor improvement to an existing feature
Projects
None yet
Milestone
2.5.0
2 participants
@sdelamo @oscarcitoz