SORMAS-Project icon indicating copy to clipboard operation
SORMAS-Project copied to clipboard

Published 20 hours ago verified publisher icon SORMAS-Foundation

Investigate the Resource classes and the exposed REST endpoints

Open carina29 opened this issue 8 months ago • 0 comments

Problem Description

Investigate the Resource classes and the exposed REST endpoints

  • a specific rest endpoint should be accessed only with the proper user rights ( new user rights were introduced in the past and the endpoints are not considering those user rights)

The REST endpoints from the following resource classes should be investigated and the necessary user rights to access the endpoints should be adjusted (where is neccessary):

  • ActionResource
  • AdditionalTestResource
  • AggregateReportResource
  • AreaResource
  • BagExportResource
  • CampaignFormDataResource
  • CampaignFormMetaResource
  • CampaignResource
  • CaseResource
  • ClassificationResource
  • ClinicalVisitResource
  • CommunityResource
  • ContactResource
  • ContinentResource
  • CountryResource
  • CustomizableEnumValueResource
  • DashboardResource
  • DiseaseConfigurationResource
  • DistrictResource
  • DocumentResource
  • EnvironmentResource
  • EnvironmentSampleResource
  • EventGroupResource
  • EventParticipantResource
  • EventResource
  • ExternalSurveillanceToolGatewayResource
  • ExternalVisitsResource
  • FacilityResource
  • FeatureConfigurationResource
  • ImmunizationResource
  • InfoResource
  • InfrastructureResource
  • LabMessageResource
  • LineListingResource
  • OutbreakResource
  • PathogenTestResource
  • PersonResource
  • PointOfEntryResource
  • PrescriptionResource
  • RegionResource
  • SampleResource
  • ShareRequestResource
  • SormasToSormasResource
  • SubcontinentResource
  • SurveillanceReportResource
  • TaskResource
  • TravelEntryResource
  • TreatmentResource
  • UserResource
  • UserRoleResource
  • VisitResource
  • WeeklyReportResource

NOTE: TO BE DEFINED (after investigation) the exact REST endpoints which will need adjustments.

Proposed Change

Investigate the rest endpoints from the mentioned resource classes and check if the called Facade method is annotated with the proper right/rights or other user rights should be added to.

Added Value/Benefit

  • Consistency in the app
  • Security based on the usage of the correct user rights

Acceptance Criteria

  • [ ] All the resource classes and endpoints should be investigated and adjusted

Implementation Details

No response

Mockups

No response

Additional Information

No response

carina29 avatar Jun 06 '24 08:06 carina29