[jboss-jira] [JBoss JIRA] (WFLY-2131) read-operation-names to return a filtered list of allowed operations
Kabir Khan (JIRA)
jira-events at lists.jboss.org
Thu Sep 26 07:11:02 EDT 2013
[ https://issues.jboss.org/browse/WFLY-2131?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12807550#comment-12807550 ]
Kabir Khan commented on WFLY-2131:
----------------------------------
As mentioned on https://github.com/wildfly/wildfly/pull/5147:
This simply strips out the operations which are not valid for the current user.
I have not done, and don't know if the following are necessary:
1) Make the stripping out configurable, e.g. by adding a parameter to the operation
2) Include the stripped out operation names in an operation header (vaguely similar to what read-resource does for non readable resources)
> read-operation-names to return a filtered list of allowed operations
> --------------------------------------------------------------------
>
> Key: WFLY-2131
> URL: https://issues.jboss.org/browse/WFLY-2131
> Project: WildFly
> Issue Type: Sub-task
> Components: Domain Management
> Reporter: Alexey Loubyansky
> Assignee: Kabir Khan
> Fix For: 8.0.0.CR1
>
>
> As discussed on IRC with Kabir, Heiko and me, we agreed that read-operation-names should return only the operations the caller is permitted to execute.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list