On May 22, 2016, at 12:54 AM, Simon Hanna wrote: >While in theory it would be possible to enforce permissions in core about who >is allowed to call specific rest calls, this would require a lot of >changes. I'm not sure we want to go this way.
I've resisted this for a long time, and I may continue to do so :). I definitely consider the current REST API a privileged, administrative API for integrating known, trusted components. It should never be published on any public IP address. This isn't going to change. A while back, Andrew Stuart wrote an authenticating proxy server he called "mailmania"[1] which does exactly as Simon proposes above. It authenticates users and maps their roles to allowed REST calls. It could be exposed on a public IP and used to script the core. I'd like to either promote mailmania to a official subproject, or fork it, clean it up, and offer something much like it, either as a subproject (likely at first) or as an optional component of the core. Andrew has donated this to the FSF so we can use what we want, but I think he doesn't have time these days to develop it. I'd like to come up with a better name :). Anyway, that's the direction I think such a permission system should go in. Cheers, -Barry [1] https://gitlab.com/astuart/mailmania _______________________________________________ Mailman-Developers mailing list Mailman-Developers@python.org https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9