Hi Abimaran, This was designed to check role as we wanted to restrict import export access only to admin users. This is because the user who accesses this tool gets the capability to export any API available in his tenant. Users with only create and publish permissions should not be able to export other users' APIs. As this can cause API ownership issues.
You can import and export APIs with only admin role. However, after importing these APIs are on CREATED state. In order to edit them and publish them, user should have crete and publish permissions. Thanks. On Thu, Mar 10, 2016 at 1:28 AM, Abimaran Kugathasan <[email protected]> wrote: > Hi Thilini, > > So, we can have admin role without any permissions set it. Will this work? > Why this was designed to check the role, not permission? > > On Tue, Mar 8, 2016 at 10:39 PM, Thilini Cooray <[email protected]> wrote: > >> Hi Abimaran, >> >> At the moment this tools functioning based on role based approach not >> permission based. Therefore any user with admin role in the server can use >> it. >> >> Thanks. >> >> On Wed, Mar 9, 2016 at 8:25 AM, Abimaran Kugathasan <[email protected]> >> wrote: >> >>> Hi Chamin, >>> >>> My question was what are the permission the user need to have to >>> export/import the API, not about invoking the API. >>> >>> On Tue, Mar 8, 2016 at 9:43 PM, Chamin Dias <[email protected]> wrote: >>> >>>> Hi, >>>> >>>> After importing the API, it will be in "Created" state. Please change >>>> the lifecycle of the API to "Published". After that, any user who has >>>> "Internal/subscriber" role can invoke the imported API. >>>> >>>> Thanks. >>>> >>>> On Wed, Mar 9, 2016 at 7:16 AM, Abimaran Kugathasan <[email protected]> >>>> wrote: >>>> >>>>> Hi Thilini. >>>>> >>>>> Thanks for the response. I thought it's supported through both https >>>>> and http only default https supported. >>>>> >>>>> Do you know what are the permission we need to have for the user who >>>>> will invoke this API Export/Import functionality? >>>>> >>>>> On Tue, Mar 8, 2016 at 10:27 AM, Thilini Cooray <[email protected]> >>>>> wrote: >>>>> >>>>>> Hi Abimaran, >>>>>> >>>>>> API Import Export tool is accessible to users with admin privileges. >>>>>> Admin credentials needs to be passed and all details of APIs >>>>>> (including their actual endpoints, security levels) are routed through >>>>>> public channels. >>>>>> Therefore we decided to restrict it only for HTTPS considering the >>>>>> security aspects. >>>>>> >>>>>> Thanks. >>>>>> >>>>>> On Tue, Mar 8, 2016 at 8:03 PM, Abimaran Kugathasan < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> Hi, >>>>>>> >>>>>>> >>>>>>> Why API Import/Export [1] should be done only through HTTPS? >>>>>>> >>>>>>> I tried through HTTP Servlet port, it don't work >>>>>>> >>>>>>> curl -H "Authorization:Basic YWRtaW46YWRtaW4=" -X GET " >>>>>>> http://localhost:9763/api-import-export-v1.0.1/export-api?name=CalculatorAPI&version=1.0&provider=admin"; >>>>>>> -k > CalculatorAPI.zip >>>>>>> >>>>>>> Following log noticed >>>>>>> >>>>>>> [2016-03-08 09:32:45,981] WARN - CompositeValve To enable SaaS mode >>>>>>> for the webapp, /api-import-export-v1.0.1, configure the >>>>>>> CarbonTomcatRealm >>>>>>> in META-INF/context.xml. >>>>>>> >>>>>>> >>>>>>> [1] : >>>>>>> https://docs.wso2.com/display/AM1100/Migrating+the+APIs+to+a+Different+Environment >>>>>>> >>>>>>> -- >>>>>>> Thanks >>>>>>> Abimaran Kugathasan >>>>>>> >>>>>>> Software Engineer | WSO2 Inc >>>>>>> Data & APIs Technologies Team >>>>>>> Mobile : +94 773922820 >>>>>>> >>>>>>> <http://stackoverflow.com/users/515034> >>>>>>> <http://lk.linkedin.com/in/abimaran> >>>>>>> <http://www.lkabimaran.blogspot.com/> >>>>>>> <https://github.com/abimarank> <https://twitter.com/abimaran> >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Best Regards, >>>>>> >>>>>> *Thilini Cooray* >>>>>> Software Engineer >>>>>> Mobile : +94 (0) 774 570 112 <%2B94%20%280%29%20773%20451194> >>>>>> E-mail : [email protected] >>>>>> >>>>>> WSO2 Inc. www.wso2.com >>>>>> lean.enterprise.middleware >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> Thanks >>>>> Abimaran Kugathasan >>>>> >>>>> Software Engineer | WSO2 Inc >>>>> Data & APIs Technologies Team >>>>> Mobile : +94 773922820 >>>>> >>>>> <http://stackoverflow.com/users/515034> >>>>> <http://lk.linkedin.com/in/abimaran> >>>>> <http://www.lkabimaran.blogspot.com/> <https://github.com/abimarank> >>>>> <https://twitter.com/abimaran> >>>>> >>>>> >>>> >>>> >>>> -- >>>> Chamin Dias >>>> *Software Engineer* >>>> Mobile : +94 (0) 716 097455 <%2B94%20%280%29%20773%20451194> >>>> Email : [email protected] >>>> Blog : https://chamindias.wordpress.com/ >>>> >>> >>> >>> >>> -- >>> Thanks >>> Abimaran Kugathasan >>> >>> Software Engineer | WSO2 Inc >>> Data & APIs Technologies Team >>> Mobile : +94 773922820 >>> >>> <http://stackoverflow.com/users/515034> >>> <http://lk.linkedin.com/in/abimaran> >>> <http://www.lkabimaran.blogspot.com/> <https://github.com/abimarank> >>> <https://twitter.com/abimaran> >>> >>> >> >> >> -- >> Best Regards, >> >> *Thilini Cooray* >> Software Engineer >> Mobile : +94 (0) 774 570 112 <%2B94%20%280%29%20773%20451194> >> E-mail : [email protected] >> >> WSO2 Inc. www.wso2.com >> lean.enterprise.middleware >> > > > > -- > Thanks > Abimaran Kugathasan > > Software Engineer | WSO2 Inc > Data & APIs Technologies Team > Mobile : +94 773922820 > > <http://stackoverflow.com/users/515034> > <http://lk.linkedin.com/in/abimaran> > <http://www.lkabimaran.blogspot.com/> <https://github.com/abimarank> > <https://twitter.com/abimaran> > > -- Best Regards, *Thilini Cooray* Software Engineer Mobile : +94 (0) 774 570 112 <%2B94%20%280%29%20773%20451194> E-mail : [email protected] WSO2 Inc. www.wso2.com lean.enterprise.middleware
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
