-
Notifications
You must be signed in to change notification settings - Fork 912
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
RUN-945: Return basic Rundeck server info without any authorization. #7772
Conversation
…f user has READ access, all other data is included
rundeckapp/src/test/groovy/rundeck/controllers/ApiControllerSpec.groovy
Outdated
Show resolved
Hide resolved
) | ||
] | ||
|
||
if(authorizingSystem.isAuthorized(RundeckAccess.System.READ_OR_OPS_ADMIN)){ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What is the difference between RundeckAccess.System.AUTH_READ_OR_OPS_ADMIN
and RundeckAccess.System.READ_OR_OPS_ADMIN
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
RundeckAccess.System.AUTH_READ_OR_OPS_ADMIN
is a string to name auth actions and RundeckAccess.System.READ_OR_OPS_ADMIN
is the auth action
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It seems like a duplication.
When I checked the source code, I found
put(AUTH_READ_OR_OPS_ADMIN, READ_OR_OPS_ADMIN);
which indicates those two things are 1:1 matched.
I think there is an opportunity to improve the code. Let's plan it in another PR.
Thanks.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The fix can solve the problem. There are some minor improvements that should be addressed.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Tested. It worked as expected.
Is this a bugfix, or an enhancement? Please describe.
"Process Automation" menu does not work if the user does not have
read
accessDescribe the solution you've implemented
The
/server/info
endpoint was changed to accept request without any authorization and returns only basic info. All other info is included if the user hasread
access