<< Back to previous view

[QB-3643] Prevent triggering on disabled configuration through rest API
Created: 07/Dec/20  Updated: 12/Feb/22

Status: Resolved
Project: QuickBuild
Component/s: None
Affects Version/s: 10.0.28
Fix Version/s: 11.0.0, 10.0.42, 8.0.47

Type: Improvement Priority: Major
Reporter: Dong Van Thang Assigned To: Robin Shen
Resolution: Fixed Votes: 3
Remaining Estimate: Unknown Time Spent: Unknown
Original Estimate: Unknown


 Description   
Dear PMEase QB Admins,

Currently, users can be triggerable on disabled configuration through rest API. Please consider about that policy.

Thank you so much!

 Comments   
Comment by DPI SVMC [ 10/Dec/20 01:59 AM ]
We are using QB8 & QB10. please implement for bot of them! Thank you so much!
Comment by KienBui [ 10/Dec/20 04:28 AM ]
Also in this topic, user also can put any vars with any values. I think QB should prevent this.
My opinion, users (not admin permission) only put any vars, defined at configuration setting, with valid values. This is related policy and security. A user can make a request without policy and will make QB system doen't work well. So, it is very difficult to control and manage.
I hope that you can implement it soon.
Comment by DPI SVMC [ 16/Dec/20 08:08 AM ]
Please consider about this policy.
Thank you.
Comment by Dong Van Thang [ 14/Jan/21 06:30 AM ]
Excuse me, Please review the task. We'd like to block triggerable function on disabled configuration through rest API.

Thank you so much!
Comment by Robin Shen [ 15/Jan/21 01:54 AM ]
Will investigate this in QB11. Thanks for the all the feedback provided.
Generated at Fri Apr 19 14:17:23 UTC 2024 using JIRA 189.