[Engine-devel] Permissions involved in using REST API

Itamar Heim iheim at redhat.com
Mon Nov 11 18:18:31 UTC 2013


On 11/11/2013 01:16 PM, Jonathan Daugherty wrote:
>> regular users *can* access the API, they just need to pass the
>> filter:true in the request header.
>
> Oh, so it does.  It wasn't clear from the earlier mention whether it
> applied only to admins and it never occurred to me to try it this way.
> Thanks!  It seems to me this should be unnecessary, though.  Can't the
> engine detect whether filtering should be enabled implicitly based on
> the user's status?

idea is an admin can also be a user. the default should just have been 
reverse behavior if we could.

>
> Also: can we get this documented somewhere?

it should be, but if you can't find it easily on the wiki, please create 
a page elaborting this.




More information about the Devel mailing list