Closed jschaeff closed 1 year ago
Can you explain this a little bit more? Isn't there always only one level, whether this is datacenter, network etc.?
Also, with the current design only one network can be specified at a time. Specifying more than one would cancel the restriction idea. So, in the case of specifying something in the network parameter, this cannot be appplied.
I think this could be applied only in the case when no network is specified at all and level is below datacenter.
@vpet98 there is a use case though: When you request the /restricted method, being authenticated and authorized to view some networks, you can not see the others you are not authorized to see.
Let's consider someone having access to stats for network XX2022 but not for YY2023, /restricted?level=network&network=*&datacenter=GEOFON&details=none
will reply:
GE: many data Z32015: a lot of data XX2022: many data Others: many data, representing all networks you are not allowed to see, sorry madam.
@javiquinte I let you also comment on this one.
Ok, I can also check for network=*. So, this can be applied only when all networks are requested.
Do we want this for the public method as well? E.g. /public?datacenter=GEOFON&level=network.
Filtering and grouping should not be mixed, because no one knows how the requirements will evolve in the future. What @jschaeff mentions is related to the aggregation of data. The filter will be driven by the "network" parameter.
When giving statistics to a user that is not authorized to see stats AND When there is more than one level in the result Show all the restricted statistics summed up in an "Other" network item.
If there is only one restricted network in the result, reply 403 unauthorized