You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@trafficcontrol.apache.org by "Jeremy Mitchell (JIRA)" <ji...@apache.org> on 2017/08/16 18:58:00 UTC
[jira] [Created] (TC-535) DS URL sig key apis needs to have tenancy
check in place
Jeremy Mitchell created TC-535:
----------------------------------
Summary: DS URL sig key apis needs to have tenancy check in place
Key: TC-535
URL: https://issues.apache.org/jira/browse/TC-535
Project: Traffic Control
Issue Type: Bug
Components: Traffic Ops API
Affects Versions: 2.1.0
Reporter: Jeremy Mitchell
Assignee: Nir Sopher
Tenancy was introduced in 2.1, however, by default it is turned off via the use_tenancy parameter but when activated it is used to limit the scope of delivery services that a user can act on.
The following APIs needs to check tenancy to ensure users cannot act on ds's that they don't have access to.
post("/api/$version/deliveryservices/xmlId/:xmlId/urlkeys/generate
post("/api/$version/deliveryservices/xmlId/:xmlId/urlkeys/copyFromXmlId/:copyFromXmlId
get("/api/$version/deliveryservices/xmlId/:xmlId/urlkeys
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)