mitchell852 opened a new issue #2488: Create a capability that can be used to secure API values URL: https://github.com/apache/trafficcontrol/issues/2488 We have some endpoints that contain secure values. For example: GET /api/parameters currently if you are an admin (priv level=30), then the values for "secure" parameters will be returned. if you are not an admin, the value will be replaced with '**********' as we move towards capability-based permissions (as opposed to priv_level based), we will need to key off of a capability (instead of a role) to determine whether to show or hide the value of secure parameters. One suggestion was to create a capability called "secure-read" or something along those lines. The presence of this capability would allow you to see the value of "secure" parameters. So for example, to access GET /api/parameters and see value of secure and non-secure parameters you'd need the following capabilities: params-read secure-read to access GET /api/parameters and see value of ONLY non-secure parameters you'd need the following capabilities: params-read
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
