[
https://issues.apache.org/jira/browse/TC-462?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16106391#comment-16106391
]
ASF GitHub Bot commented on TC-462:
-----------------------------------
Github user nir-sopher commented on a diff in the pull request:
https://github.com/apache/incubator-trafficcontrol/pull/751#discussion_r130237223
--- Diff: traffic_ops/app/lib/API/DeliveryServiceRegexes.pm ---
@@ -27,12 +28,18 @@ use Validate::Tiny ':all';
sub all {
my $self = shift;
+ my $tenant_utils = Utils::Tenant->new($self);
+ my $tenants_data = $tenant_utils->create_tenants_data_from_db();
+
my $rs;
- if ( &is_privileged($self) ) {
+ if ( &is_privileged($self) or $tenant_utils->ignore_ds_users_table()) {
--- End diff --
This code was written earlier...
BTW, I thought you were just concerned about having 2 separate parameters.
Would you like to merge the "use-tenancy" and "ignore-ds-user-table" functions
as well?
> Delivery-service tenancy based access control - Regexes
> -------------------------------------------------------
>
> Key: TC-462
> URL: https://issues.apache.org/jira/browse/TC-462
> Project: Traffic Control
> Issue Type: Improvement
> Components: Traffic Ops
> Reporter: Nir Sopher
>
> We have recently added "tenancy" to the project.
> With tenancy, every resource have a tenant, where resource can be a
> delivery-service, a server (future) and even a user.
> We are now starting to enforce access-control based on the resource tenancy.
> A user can manage a resource only if the resource is under the user tenancy.
> This JIRA deals with another step of "delivery-service as a resource" -
> enforcing via the API access control on DS regexes.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
