Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement public assets #59

Closed
richturner opened this issue Nov 26, 2017 · 1 comment
Closed

Implement public assets #59

richturner opened this issue Nov 26, 2017 · 1 comment
Assignees
@christianbauer @richturner

Comments

@richturner
Copy link
Member

There is a requirement to be able to mark an asset as public and then it should be possible to query/get these public assets without being authenticated.

Having a 'public' user with hardcoded credentials that are then baked into the frontend doesn't seem great plus would require direct access grant.

Simple solution maybe:

  • have a 'public' flag on asset
  • remove Roles allowed from AssetResource::queryAssets and to programmatically limit the query to assets with public=true if user is not authenticated (realm must be specified in the request otherwise fail i.e. don't allow public assets in the master realm)
@richturner
Copy link
Member Author

Done a temporary implementation that uses the AssetType to identify public assets, anything that starts with 'urn:openremote:publc' can be accessed using the /asset/public/query API endpoint.

A realm must be specified in the request path and only protected attributes and meta can be retrieved.

richturner added a commit that referenced this issue Nov 26, 2017
@richturner
Temporary implementation of public assets (relates to #59)
c52392c
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@christianbauer christianbauer

@richturner richturner

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@christianbauer @richturner