fusio icon indicating copy to clipboard operation
fusio copied to clipboard
verified publisher icon apioo

Add option to lock the backend

Open chriskapp opened this issue 7 years ago • 2 comments

For users who only use the deploy command it might be useful to provide a lock option for the backend. This means if this lock is set it is not longer possible to create, update or delete resources at the /backend/* routes. Users could activate this flag after deployment on a production system so it is no longer possible to change anything. This could prevent user mistakes and it would also increase the security.

chriskapp avatar Jul 14 '18 08:07 chriskapp

Is it possible to just create two versions of the backend account? One for whoever deploys the system, and one for "read only" end user? (I think this would be easier, and wouldn't require manually locking as you just wouldn't give them the master account) (Also not sure if I remember correctly but you may have other changes planned that would make this easier)

EvoPulseGaming avatar Nov 21 '19 17:11 EvoPulseGaming

Yes with the new scopes for the backend, which are available in the next release, we can create accounts with specific rights i.e. a readonly account. So the idea here was basically to disable the complete backend API but Iam not sure whether this is needed anymore.

chriskapp avatar Nov 21 '19 20:11 chriskapp