Fine tuning non-admin access to api_docs

Elvis_Fernandes · January 19, 2017, 7:20pm

I followed the instructions on this link (https://blog.dreamfactory.com/share-api-docs-securely) to allow access to non-admin users to the swagger docs, but the user see in the docs the wrong endpoints he have access to.

Example: I allowed the user’s role to access api_docs, gs/_table/redir/ (GET)* and gs/_table/redir (POST), but in the swagger docs the user only see gs/table/redir (GET), which he is not supposed to have access to.

Is this a bug or do I need to do something else?

Some screenshots:

Role config

User’s docs

P.S.: I’m using DreamFactory 2.4.1.

Jedi · January 26, 2017, 1:56pm

I see the same behavior. Can someone from the DF team weigh in?

Elvis_Fernandes · January 26, 2017, 2:30pm

@formerstaff @DFCommunityManager Any thoughts on this?

formerstaff · February 6, 2017, 4:22pm

Confirmed this is not behaving as it should. Filing a bug/feature request.
For now, you will need to grant access to the whole service for it to be visible in API Docs. Sorry.

formerstaff · February 6, 2017, 4:28pm

for reference this is DF-1005

teksuser · September 4, 2017, 10:51am

Is this error fixed now? If not please let me know which source code files we need to check to fix this error.

formerstaff · September 5, 2017, 2:30pm

This is fixed, as well as some additional features to API Docs that got pushed in version 2.8.1.
Please update and enjoy.

Topic		Replies	Views
Swagger API for limited user App Configuration	6	3610	September 18, 2017
Give access to Non-Admin user to API Docs REST API	2	2520	January 19, 2017
Admin no access to API Docs Users & Roles	7	4704	August 28, 2014
Trouble with API Docs for non-admin user 2.10 Users & Roles	0	1556	January 4, 2018
Create only One Public API Users & Roles	7	2882	December 21, 2015

Fine tuning non-admin access to api_docs

Related Topics