Giter VIP home page Giter VIP logo

apim-publisher-rbac's Introduction

APIM Publisher Role Based Access Control Extension

A role-based API access control extension for API Manager Publisher 2.1.0.

Introduction

In API Manager Publisher, by default API Creators can edit any API available in the system. This extension is to restrict that and enable role based API modification control. After enabling this extension, only the users with particular roles specified per API can only edit the particular API. However, there won’t be any restrictions with viewing the API.

Once the extension is enabled, there will be a new UI element in Publisher to specify the Editing Allowed Roles.

Configuration:

Configuring the registry indexer:

  • Build the project using "mvn clean install" and get the org.wso2.apim.example.registry.indexer.rolebasedaccess-1.0.0.jar file from the target folder (or you can use the jar file attached)

  • Copy the jar file into <APIM-HOME>/repository/components/dropins

  • Add below to <APIM-HOME>/repository/conf/registry.xml under <indexingConfiguration> --><indexers> as the first <indexer> element.

<indexer class="org.wso2.apim.example.registry.indexer.rolebasedaccess.CustomAPIIndexer"mediaTypeRegEx="application/vnd.wso2-api\+xml"profiles ="default,api-store,api-publisher"/>

The registry indexer will be invoked when we created or edited any API. It will read the API’s registry artifact and update necessary permissions based on the artifact field value for edit allowed roles. For this, an unused field of API artifact is used which is “overview_wadl”.

Configuring Publisher subtheme:

  • Copy the "custom" folder into <APIM-HOME>/repository/deployment/server/jaggeryapps/publisher/site/themes/subthemes folder. If subthemes folder is not there already, please create it.

  • Set "subtheme" element as "custom" in <APIM-HOME>/repository/deployment/server/jaggeryapps/publisher/site/conf/site.json

"theme": {  
    "base":"wso2",  
    "subtheme":"custom"  
 }
  • Add below localization elements in <APIM-HOME>/repository/deployment/server/jaggeryapps/publisher/site/conf/locales/jaggery/locale_default.json
"Edit Permissions":"Edit Permissions",  
"Edit Allowed Roles":"Edit Allowed Roles",

Restart the server after both Registry indexer and Publisher subtheme configuration

Limitations:

  • When we set an invalid role, there is no error message popping in the UI. There will be an error log in the server logs.

"ERROR - RXTIndexer Invalid role added for Publisher visible role invalidRole1"

  • Edit button is not disabled for users who does not have edit rights for the particular API.

apim-publisher-rbac's People

Contributors

malinthaprasan avatar

Watchers

avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.