[FOLIO-778] Enforce permissions on Okapi administrative endpoints in CI builds Created: 16/Aug/17 Updated: 15/Jul/20 Resolved: 15/Jul/20 |
|
| Status: | Closed |
| Project: | FOLIO |
| Components: | None |
| Affects versions: | None |
| Fix versions: | None |
| Type: | Task | Priority: | P3 |
| Reporter: | Wayne Schneider | Assignee: | Wayne Schneider |
| Resolution: | Done | Votes: | 0 |
| Labels: | ci | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | 30 minutes | ||
| Original estimate: | Not Specified | ||
| Issue links: |
|
||||||||||||||||||||||||||||||||||||
| Sprint: | |||||||||||||||||||||||||||||||||||||
| Development Team: | Core: Platform | ||||||||||||||||||||||||||||||||||||
| Description |
|
We should set up mod-users |
| Comments |
| Comment by Wayne Schneider [ 23/Aug/17 ] |
|
This will have to await the release of Okapi 1.10.0 |
| Comment by Wayne Schneider [ 16/Mar/18 ] |
|
Reopening this issue, it is a better description of what needs to be done than
|
| Comment by Wayne Schneider [ 27/Jul/18 ] |
|
See https://github.com/folio-org/okapi/blob/master/doc/securing.md |
| Comment by Wayne Schneider [ 29/Aug/18 ] |
|
Heikki Levanto, John Malconian (and other interested parties) – what is the best approach here? It seems like the best procedure to document (in https://github.com/folio-org/folio-install) and implement (in https://github.com/folio-org/folio-ansible) would be to secure the supertenant first, then build the rest of the system using the supertenant superuser you create (see
Other thoughts? |
| Comment by John Malconian [ 30/Aug/18 ] |
Agreed |
| Comment by Wayne Schneider [ 15/Jul/20 ] |
|
This was done long ago. |