All operations under the /admin endpoint should require admin role #4852

jsenko · 2024-07-04T10:38:14Z

The following operations do not currently follow this principle:

/admin//artifactTypes GET (READ)
/admin/rules GET (READ)
/rules/{rule} GET (READ)

We can either:

For 2.x, this would be a breaking change, but we should change this for 3.x .

apicurio-bot · 2024-07-04T10:38:18Z

Thank you for reporting an issue!

Pinging @EricWittmann to respond or triage.

jsenko · 2024-07-04T11:00:07Z

Also, we should rename the default OAuth scopes

sr-admin, sr-developer, sr-readonly

to

apicurio-admin, apicurio-developer, apicurio-readonly

EricWittmann · 2024-11-05T15:36:07Z

Let's also audit the ccompat API to make sure the annotations are correct for access privs.

EricWittmann · 2024-11-12T22:11:06Z

Done and done:

Note: we didn't rename the OAuth scopes for 3.0 and at this point it would be a breaking change, so we'll have to live with it as-is.

jsenko added type/enhancement New feature or request area/rest-api 3.x labels Jul 4, 2024

jsenko assigned EricWittmann Jul 4, 2024

apicurio-bot bot added area/rules area/ui labels Jul 4, 2024

jsenko assigned jsenko and carlesarnal Jul 8, 2024

EricWittmann added this to Registry 3.0 Oct 24, 2024

EricWittmann moved this to Backlog in Registry 3.0 Oct 24, 2024

EricWittmann added this to the 3.0.4 milestone Oct 24, 2024

EricWittmann mentioned this issue Nov 12, 2024

chore(annotations): Reviewed annotations in the REST layer #5512

Merged

EricWittmann unassigned jsenko and carlesarnal Nov 12, 2024

EricWittmann closed this as completed Nov 12, 2024

github-project-automation bot moved this from In Progress to Done in Registry 3.0 Nov 12, 2024

Provide feedback