[Bug]: Create a read-only user in the MI dashboard #3557
Labels
Comments
This was referenced Nov 5, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
Non-admin users in the wso2 mi dashboard can enable and disable runtime artifacts like proxy services, message processors, etc. This behavior should be enabled only for admin users.
Product : wso2mi-4.2.0
Steps to Reproduce
Created an RDBMS user store.
[internal_apis.file_user_store]
enable = false
[user_store]
class = "org.wso2.micro.integrator.security.user.core.jdbc.JDBCUserStoreManager"
type = "database"
[[datasource]]
id = "WSO2CarbonDB"
url= "jdbc:mysql://localhost:3306/userdb"
username="chandima"
password="Chandima"
driver="com.mysql.jdbc.Driver"
pool_options.maxActive=50
pool_options.maxWait = 60000
pool_options.testOnBorrow = true
[[datasource]]
id = "WSO2_TRANSACTION_DB"
url= "jdbc:mysql://localhost:3306/transactiondb"
username="chandima"
password="Chandima"
driver="com.mysql.jdbc.Driver"
pool_options.maxActive=50
pool_options.maxWait = 60000
pool_options.testOnBorrow = true
Created a new role (ReadOnly) and a user (test), and assigned that role to the new user (test).
Created some proxies and Synapse configurations in MI.
Logged into the MI dashboard using the non-admin user and went to the proxies section. Refer to the screenshot: you will see the disable and enable buttons. Disable the proxy and invoke the proxy using the test user (non-admin). The proxy will be disabled, and it will return a 500 error when invoked.
Affected Version(s)
wso2mi-4.2.0
OS, DB, other environment details and versions
No response
Related issue(s) (optional)
No response
Suggested label(s) (optional)
No response
Suggested assignee(s) (optional)
No response
The text was updated successfully, but these errors were encountered: