"Datahub settings" permissions should get a choice for read and write access to Variables
admin-role is needed to see node Variables in sesam-portal or with GET /api/env call
From a security perspective it is good to only have a few admin users in node. However it is convenient for developers to be able to see what Variables are set in the node. As-is some developers get Admin user when all they need extra from Developer-roll is to see Variables.
If permissions for "Datahub settings" could get a choice for read and write access to Variables we can combine convenience for developers without the use of Admin-roll.
This is not critical functionality, but it makes it easier to avoid giving to many people admin-rights and will have a good overall impact on node security.
Please sign in to leave a comment.
Comments
0 comments