Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-20546

add privileges for controlling actions against REST endpoints

    Details

    • Type: Improvement
    • Status: New
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 3.17.0
    • Fix Version/s: None
    • Component/s: REST, Security
    • Labels:
    • Notability:
      4

      Description

      There are no privileges controlling access for each specific REST endpoint other than nx-all. But if I just want to allow access to certain REST endpoints to a user, giving them nx-all ( admin) level access is too permissive.

      As one customer describes for the Search REST API:

      ...we are looking to have this feature to be well controlled.
      For example, users may use the API search/download feature without the admin's knowledge causing a performance issue. On a repositories such as Maven Groups, this could be a serious concern.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              plynch Peter Lynch
              Last Updated By:
              Rich Seddon Rich Seddon
              Votes:
              2 Vote for this issue
              Watchers:
              8 Start watching this issue

                Dates

                Created:
                Updated:
                Date of First Response:

                  tigCommentSecurity.panel-title