Role Access Control for Resource Endpoint
Role-based access control for resource endpoint path.
By default, all resource endpoint paths are not protected. Create a new resource path record (Rest_Resource
) to protect one or more resource endpoints. The resource path definition is a regular expression so you can use .*
to protect all endpoint paths and add new resource path records to open access to selected resources (e.g. v1/models\b/?.*
).
Tables
1. Rest_Resource
- Name
- Resource Path (regex pattern, without query parameters)
2. Rest_Resource_Access
- AD_Role_ID
- Rest_Resource_ID
- Http Methods (Multi selection list of GET, POST, PUT and DELETE)
Windows
- Rest Resource Window
- Role Data Access Window (added Rest Resource Access tab)
System Config
- REST_RESOURCE_ACCESS_CONTROL
- Y/N, System level, default to Y
Examples
See examples at https://github.com/bxservice/idempiere-rest/issues/290