+1 from me. David
On Wed, Jan 6, 2021 at 8:28 AM Ina Panova <[email protected]> wrote: > +1 to the change. > > > -------- > Regards, > > Ina Panova > Senior Software Engineer| Pulp| Red Hat Inc. > > "Do not go where the path may lead, > go instead where there is no path and leave a trail." > > > On Wed, Dec 16, 2020 at 8:14 PM Tanya Tereshchenko <[email protected]> > wrote: > >> It sounds like a good idea, and additional +1 that it doesn't break >> things. >> >> On Tue, Dec 15, 2020 at 5:57 PM Matthias Dellweg <[email protected]> >> wrote: >> >>> In today's pulpcore meeting, we discussed that any endpoint that is not >>> aware of RBAC yet will be open to every authenticated user. >>> >>> The suggestion that was given, is that we change that default. So all >>> endpoints will raise permission errors unless RBAC opens them up. >>> This would not affect any existing installation, where we only allowed >>> the use of a single admin user. And by circumventing the permission >>> framework this special user will remain to be able to talk to all available >>> endpoints without restrictions. >>> On the other hand it should smooth out the transition period until we >>> have RBAC in all places. Since you could start giving permissions to users >>> for viewsets that have an access_policy, while not risking to give them >>> access to other sensitive parts that don't have it yet. >>> >>> What do you all think? >>> _______________________________________________ >>> Pulp-dev mailing list >>> [email protected] >>> https://www.redhat.com/mailman/listinfo/pulp-dev >>> >> _______________________________________________ >> Pulp-dev mailing list >> [email protected] >> https://www.redhat.com/mailman/listinfo/pulp-dev >> > _______________________________________________ > Pulp-dev mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/pulp-dev >
_______________________________________________ Pulp-dev mailing list [email protected] https://www.redhat.com/mailman/listinfo/pulp-dev
