Hi Pierre, Thanks for the comment.
The security schemes implemented in buildbot was mainly done to prevent > users to do some restricted actions on the bot. > > I was not aware of the view restriction functionality in buildbot eight. > Indeed it looks like to very well implemented if the json api is not > accounting for this restriction. > I hope you have meant "Indeed it looks like NOT very well implemented", otherwise I find it hard to understand how is that an advantage that "/json" bypasses "basic auth"? > You can in theory configure read restrictions in buildbot nine, however > this is not supported by the UI, and might give you strange results. > So basically you are saying, that to control read access the best option I have is indeed to put it behind reverse proxy or otherwise implement my own web api (which would make it invisible to the internets anyway)? Regards Narunas
_______________________________________________ users mailing list [email protected] https://lists.buildbot.net/mailman/listinfo/users
