This is an automated email from the ASF dual-hosted git repository.
ocket8888 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficcontrol.git
The following commit(s) were added to refs/heads/master by this push:
new 206ccb6 Fix DELETE deliveryservice_server permissions (#3773)
206ccb6 is described below
commit 206ccb6d125fcecfd546b69b08b91214ecf4601f
Author: Rawlin Peters <[email protected]>
AuthorDate: Mon Aug 5 08:50:23 2019 -0600
Fix DELETE deliveryservice_server permissions (#3773)
The permissions are supposed to be Operations and above (not read-only).
---
CHANGELOG.md | 1 +
traffic_ops/traffic_ops_golang/routing/routes.go | 2 +-
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 904dfbd..da3ad42 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -52,6 +52,7 @@ The format is based on [Keep a
Changelog](http://keepachangelog.com/en/1.0.0/).
- Changed traffic_ops_ort.pl so that hdr_rw-<ds>.config files are compared
with strict ordering and line duplication when detecting configuration changes.
- Traffic Ops (golang), Traffic Monitor, Traffic Stats are now compiled using
Go version 1.11. Grove was already being compiled with this version which
improves performance for TLS when RSA certificates are used.
- Fixed issue #3497: TO API clients that don't specify the latest minor
version will overwrite/default any fields introduced in later versions
+- Fixed permissions on DELETE
/api/$version/deliveryservice_server/{dsid}/{serverid} endpoint
- Issue 3476: Traffic Router returns partial result for CLIENT_STEERING
Delivery Services when Regional Geoblocking or Anonymous Blocking is enabled.
- Upgraded Traffic Portal to AngularJS 1.7.8
- Issue 3275: Improved the snapshot diff performance and experience.
diff --git a/traffic_ops/traffic_ops_golang/routing/routes.go
b/traffic_ops/traffic_ops_golang/routing/routes.go
index f85dfcb..3cfd7fc 100644
--- a/traffic_ops/traffic_ops_golang/routing/routes.go
+++ b/traffic_ops/traffic_ops_golang/routing/routes.go
@@ -209,7 +209,7 @@ func Routes(d ServerData) ([]Route, []RawRoute,
http.Handler, error) {
{1.1, http.MethodPost, `regions/?$`,
api.CreateHandler(®ion.TORegion{}), auth.PrivLevelOperations, Authenticated,
nil},
{1.1, http.MethodDelete, `regions/{id}$`,
api.DeleteHandler(®ion.TORegion{}), auth.PrivLevelOperations, Authenticated,
nil},
- {1.1, http.MethodDelete,
`deliveryservice_server/{dsid}/{serverid}`, dsserver.Delete,
auth.PrivLevelReadOnly, Authenticated, nil},
+ {1.1, http.MethodDelete,
`deliveryservice_server/{dsid}/{serverid}`, dsserver.Delete,
auth.PrivLevelOperations, Authenticated, nil},
// get all edge servers associated with a delivery service
(from deliveryservice_server table)
