[Engine-devel] Permissions involved in using REST API
Itamar Heim
iheim at redhat.com
Mon Nov 11 18:18:31 UTC 2013
On 11/11/2013 01:16 PM, Jonathan Daugherty wrote:
>> regular users *can* access the API, they just need to pass the
>> filter:true in the request header.
>
> Oh, so it does. It wasn't clear from the earlier mention whether it
> applied only to admins and it never occurred to me to try it this way.
> Thanks! It seems to me this should be unnecessary, though. Can't the
> engine detect whether filtering should be enabled implicitly based on
> the user's status?
idea is an admin can also be a user. the default should just have been
reverse behavior if we could.
>
> Also: can we get this documented somewhere?
it should be, but if you can't find it easily on the wiki, please create
a page elaborting this.
More information about the Devel
mailing list