Skip to content

improve the agent api authorization #1077

Description

@FrankChen021

currently the RAED/WRITE is hard coded by the method name as follows:

Operation operation = rawRequest.getMethodName().startsWith("get") || rawRequest.getMethodName().startsWith("dump") ? Operation.READ : Operation.WRITE;

This line needs to be updated if an API whose name is start is added.

The better way is to add annotation to the API to define whether it's a READ or WRITE operation so that the proxy layer extract the annotation and sends the OPERATION to controller module for verification.

Metadata

Metadata

Assignees

No one assigned

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions