"Datahub settings" permissions should get a choice for read and write access to Variables

Planned
Follow
Morten Frellumstad (ekstern)

admin-role is needed to see node Variables in sesam-portal or with GET /api/env call

From a security perspective it is good to only have a few admin users in node. However it is convenient for developers to be able to see what Variables are set in the node. As-is some developers get Admin user when all they need extra from Developer-roll is to see Variables.

If permissions for "Datahub settings" could get a choice for read and write access to Variables we can combine convenience for developers without the use of Admin-roll.

This is not critical functionality, but it makes it easier to avoid giving to many people admin-rights and will have a good overall impact on node security.

0

Comments

1 comment

Date Votes
  • Official comment
    Geir Ove Grønmo

    We agree. Environment variables are useful for all users that can create pipes and systems. The environment variables should not contain any sensitive information anyway, so it makes sense to let users see the environment variables available.

    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post