PetrZ
Dabbler
- Joined
- Feb 23, 2018
- Messages
- 20
Hi.
There is "Currently only the user of ID 0 (root) is allowed to access the API." in API documentation.
Is there any chance it will be changed (implemented) in future releases? That really limits some serious usage.
E.g. you want to give permit some script / person to add users or certificates and you have to tell them root passphrase?
I didn't check how it's currently implemented, but I could imagine e.g. a way of specifying API URL RegExp list allowed for user.
So there will be e.g. for user jail_admin:
At least at the beginning there is no need to implement it in GUI, I would be happy even with adding table into DB to allow adding / modifying rules using SQL queries.
There is "Currently only the user of ID 0 (root) is allowed to access the API." in API documentation.
Is there any chance it will be changed (implemented) in future releases? That really limits some serious usage.
E.g. you want to give permit some script / person to add users or certificates and you have to tell them root passphrase?
I didn't check how it's currently implemented, but I could imagine e.g. a way of specifying API URL RegExp list allowed for user.
So there will be e.g. for user jail_admin:
Code:
\/api\/v1\.0\/jails\/jails\/[^\/]+\/(stop|start)\/
At least at the beginning there is no need to implement it in GUI, I would be happy even with adding table into DB to allow adding / modifying rules using SQL queries.