For rest service, I allow for retrieval of nodes. Am I suppose to be able to get the nodes even if I am not logged in. I enabled session authentication but i am still able to get the list of current nodes by just going to the endpoint/node of my Drupal Webiste website.
Anyone with the 'View published content' permission should be able to retrieve a node.
A URL to retrieve a node would look something like this:
http://www.example.com/my_endpoint_path/node/123.json
The path my_endpoint/node refers to the Index resource, which returns a list of nodes.
Here's a complete listing of examples for the Services module: http://tylerfrankenstein.com/user/4/code/drupal-services-examples
Related
I have a secret which contains very sensitive information.
I want to make sure that this secret can only be accessed by a certain service account and nobody else.
Using RBAC, I can tell which user can access which resources. But is there some way where I can tell that this secret can only be accessed by this user?
as far as i know , There is no straight forward way to get that info (might require write a script to that iterates through rolebindings & clusterrolebindings).
Recently found a plugin called kubectl who-can on kubectl-who-can that fetches those kind details with one command.
It is possible to get it done with Validating webhook where the API request fields are parsed and checked for matching users.
OPA can be used to do some heavy lifting.
I'm studying Kubernetes now, and have a question about Kubernetes Users. I learned how to create Users and how to limit access by Role, but when should I use it? For example, if a malicious user (not a k8s user, but an operating user) penetrates the k8s server, they can switch the administrator easily (if they can see .kube/config). In addition to that, if a user switches his or her user account and forgets to switch back, then another person who enters next can also use the first user's account. I doubt if I misunderstand the usage of k8s Users, but there seems to be no documents about why k8s prepared it. I assume that Users are only used for doing something from within pods, but if so, what's the difference between Users and Service Accounts?
Kubernetes has a very loose idea of a user. It knows that authentication is a thing, and that the output of that is a name and maybe some groups and tags. But really all it does it hand that info off to the authorization plugins to decide if a given request is allowed or not. ServiceAccounts are a specific object type because they generate you a JWT signed by the cluster, but there isn't a specific User type, that only exists within the context of your authentication plugin(s).
Why can't I reuse names from endpoints that have been previously deleted? For example, if I create an endpoint named "acme-cdn1", delete it, and try to create a new endpoint with the same name I get the following message: "Error, that endpoint name already exists." Is it necessary delete the entire CDN profile in order to reuse old endpoint names?
No, you cannot.
CDN endpoint is reserved for sometime once created. This is to prevent other people create CDN endpoint right after you delete your endpoint and get your traffic due to CDN setup take 3 hours +.
For example, let's say I created a CDN endpoint called myendpoint.azureedge.net and I was using it to streaming my pictures. And I deleted myendpoint.azureedge.net. Suddenly, you created the endpoint called myendpoint.azureedge.net. When you visit the url, you can still see my pictures even you already set the different origin.
Such operation will not be completed for at least two hours. In this case your CDN endpoint is not usable and you will be billed on the traffic which is not acceptable.
By RESTful best services there is the HATEOAS principle which told us that we should not allow the client to build resource URL-s. If we follow this principle, it will be pretty hard to share the current state of the client. For example if you have a REST service on the server, and you gets data via AJAX with a single page javascript client, then you will have 2 urls. One for the client state, and one for the result you got from the REST service. You can share only the client state with the use due to pushState... If somebody runs the client with a previously shared url, then her client won't know about the url of the REST service it should call, because the client cannot build URL-s, just receive from the REST service and utilize it.
For example:
I browse the http://my.client.com
the page gets the root resource from the http://my.api.com, and return a link
the link contains the http://my.api.com/users url, with rel user collection
after that the client displays a button with label: userlist
I click on that button, the client get the data from the api, and prints the user list
if I want to share the user list with my girlfriend, then I have to change the browser url from the client with pushState, for example from http://my.client.com to http://my.client.com/users
after that I send that url to my girlfriend
she copy-pastes that into her browsers address bar and presses enter. after that the client says a huge wtf, because - like John Snow - it knows nothing about what state that url means...
This problem can be solved, if we allow the client to build GET http://my.api.com/users from the url: http://my.client.com/users, but this won't be RESTful, because the client should not build api urls...
If I want to display a nested menu in the client, then that is another problem, because I don't want to send the whole menu tree in every answer. I could create a menu projection for every resource, or use the OPTIONS method, or a custom method to send that data, but that would be a pain in the back. This can be solved by following the rel=up links - got from the REST service - in series, but if I don't know from where should I follow, it will not work...
This problem occurs by google bots too...
How can I both solve this problem, and stay inside the boundaries of the HATEOAS principle?
Normally we don't want to share all of that information with anybody, so we cannot export all of that just the current page we are in.
There is nothing wrong with storing the whole resource on the client and then pushing it up to the server to change the state on the server. If you are worried your resources are getting too large though you could break the resources out a bit. So say you have an order resource and that needs to associate with an address. You don't need to put the address in the order resource, just a link to the address to use. The user can add or alter that address independently. So you might have something like
www.myapi.com/users/1234/shippingaddresses/default
And the client can PUT a new address to this resource. Then in the body of the order resource you can have a link to this resource
POST www.myapi.com/users/1234/orders
{
...order information...
"shipping_address": "www.myapi.com/users/1234/shippingaddresses/default"
}
To be RESTful the client should not build that URL, it should have been given it by the server at some point in the recent past, possibly when the users is selecting which address to use. For example, in the previous step the client could have requested all addresses
GET www.myapi.com/users/1234/shippingaddresses
And presented the list of addresses to the user in a drop down list.
I have a REST service with authentication. So I can prevent clients which aren't authenticated from doing specific things.
But how to do the access control for a community-like service?
I mean, there is stuff like
you can edit your profile
just your friends can download it
just admins can delete your profile
moderators can delete posts
etc.
Which seems like different problems to me
I got something like roles: admin, moderator, user
I got something like "friends": a dynamic list of users
I can do a match on the route for every request. since it's a REST service the route defines how what gets done. So I could intercept every route and check it for permissions, which would keep the permission checking from the controllers.
But how to store it? Attaching it to every piece of information in the DB or building and maintaining a separate datastructure? if the last one, how to structure it?