[Engine-devel] Permissions involved in using REST API

Jonathan Daugherty jtd at galois.com
Mon Nov 11 18:16:39 UTC 2013


> regular users *can* access the API, they just need to pass the
> filter:true in the request header.

Oh, so it does.  It wasn't clear from the earlier mention whether it
applied only to admins and it never occurred to me to try it this way.
Thanks!  It seems to me this should be unnecessary, though.  Can't the
engine detect whether filtering should be enabled implicitly based on
the user's status?

Also: can we get this documented somewhere?

Thanks!

-- 
  Jonathan Daugherty
  Software Engineer
  Galois, Inc.



More information about the Engine-devel mailing list