Skip to content
This repository has been archived by the owner on May 29, 2019. It is now read-only.

Add route-based ACL support #38

Open
raymondfeng opened this issue Jul 9, 2015 · 2 comments
Open

Add route-based ACL support #38

raymondfeng opened this issue Jul 9, 2015 · 2 comments
Labels
#tbr
Milestone
#Epic: Gateway

Comments

@raymondfeng
Copy link
Contributor

To protect API endpoints, we need to add route-based ACLs so that the gateway can reject unauthorized requests. This is a prerequisite to #36.

We probably need to introduce the following:

  1. Scopes to group a set of routes. Each scope has a name.
  2. ACL rules to ALLOW/DENY principals (mostly roles) against the scopes
  3. Role/RoleMapping will be inherited from loopback
@raymondfeng raymondfeng self-assigned this Jul 9, 2015
@raymondfeng raymondfeng added this to the #Epic: Gateway milestone Jul 9, 2015
@raymondfeng raymondfeng added #review and removed #wip labels Jul 27, 2015
@raymondfeng raymondfeng mentioned this issue Jul 27, 2015
Closed
@raymondfeng raymondfeng assigned ritch and unassigned raymondfeng Jul 27, 2015
@raymondfeng
Copy link
Contributor Author

@ritch Please review strongloop/loopback#1545

@ritch ritch assigned raymondfeng and unassigned ritch Jul 28, 2015
@raymondfeng raymondfeng added #tbr and removed #review labels Aug 7, 2015
@chandadharap
Copy link

Needs to be assigned else he won't know to review. Reassigning.

@chandadharap chandadharap assigned ritch and unassigned raymondfeng Nov 2, 2015
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
#tbr
Milestone
#Epic: Gateway
Development

No branches or pull requests
3 participants
@ritch @raymondfeng @chandadharap