Fix: /v1/console should only use a single permission

fixes #10563
2015-11-08 14:17:13 +01:00 · 2015-11-08 14:17:13 +01:00 · e6159ca86a
parent 1c8531fc0d
commit e6159ca86a
2 changed files with 2 additions and 3 deletions
--- a/doc/9-icinga2-api.md
+++ b/doc/9-icinga2-api.md
@ -209,8 +209,7 @@ Available permissions for specific URL endpoints:
  objects/delete/&lt;type&gt;   | /v1/objects   | Yes
  status/query/&lt;type&gt;     | /v1/status    | Yes
  events/&lt;type&gt;           | /v1/events    | No
-  console/execute-script        | /v1/console   | No
-  console/auto-complete-script  | /v1/console   | No
+  console                       | /v1/console   | No

 The required actions or types can be replaced by using a wildcard match ("*").

--- a/lib/remote/consolehandler.cpp
+++ b/lib/remote/consolehandler.cpp
@ -81,7 +81,7 @@ bool ConsoleHandler::HandleRequest(const ApiUser::Ptr& user, HttpRequest& reques

 	String methodName = request.RequestUrl->GetPath()[2];
 	
-	String permission = "console/" + methodName;
+	String permission = "console";
 	FilterUtility::CheckPermission(user, permission);

 	String session = HttpUtility::GetLastParameter(params, "session");