Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Endpoints w/o required permissions

Description

Overview

the codex and codex-package interfaces don't have required permissions for any of the endpoints. This means you can technically call these w/o logging in first.

I think we probably want to protect these with requiredPermissions and also add those same required permissions to the other modules that implement these interfaces (e.g. mod-codex-ekb, mod-codex-inventory).

See MODCDEKB-98 and MODCXINV-41

Reproducer

Please ensure that module is all tested well after addition of these permissions.

CSP Request Details

None

CSP Rejection Details

None

Potential Workaround

None

Checklist

hide

TestRail: Results

Activity

Show:

Marc Johnson October 19, 2020 at 10:50 AM
Edited

Was the intended outcome of this that the the codex multiplexer be aware of the EKB implementation of codex (via the module permissions)?

Why would we want it to be aware of the EKB implementation and not the inventory implementation?

Done

Details

Assignee

Reporter

Labels

Priority

Story Points

Sprint

Development Team

Spitfire

Fix versions

TestRail: Cases

Open TestRail: Cases

TestRail: Runs

Open TestRail: Runs
Created September 27, 2019 at 5:55 PM
Updated October 19, 2020 at 10:51 AM
Resolved November 14, 2019 at 2:12 PM
Configure
TestRail: Cases
TestRail: Runs