Closed BohoCode closed 4 years ago
For the first approach: In order to give a user the ability to view analytics you should have to;
Login to https://am./XUI
Select ‘Realms -> Auth’ from top menu
Select ‘Identities’ from side menu
Find username in list (or create if it does not exist yet)
Click on user
Add value ‘READ_KPI’ and PUSH_KPI
to field ‘MSISDN Number’
Click ‘Save Changes’
PUSH_KPI? That sound a bit odd? Surely it's just access to read? We want to collect KPIs for all user interactions? i.e. it's the client APIs that should all have PUSH_KPI, not the users?
Will also need PRs to release aspsp and increment version in openbanking-reference-implementation?
True, that sound a bit odd, but for the first approach to the solution I don't want to apply big changes on the source, for the moment the source have the below security control:
.antMatchers(HttpMethod.POST, "/api/kpi/**").hasAuthority(AnalyticsAuthority.PUSH_KPI.getAuthority()) .antMatchers(HttpMethod.GET, "/api/kpi/**").hasAuthority(AnalyticsAuthority.READ_KPI.getAuthority())
It's checking for the same context different authorities this mean that for push kpi will be necessary have the READ_KPI authority also and the same to read kpi. Means also that we need to apply new changes to have a final solution approach with the below changes:
@jorgesanchezperez can you add a link to the PR(s) that fixes this issue please?
Don't worry! I've found it; https://github.com/OpenBankingToolkit/openbanking-analytics/pull/142
@jorgesanchezperez This issue can be closed now?
Ah, no - leaving open for part 2 right?
I has always been the case that user permission is required to access the analytics app. For some reason, during the refactoring of applications, this functionality has disappeared. It is important for users of the analytics app that the competitive information within is kept private.
In order to give a user the ability to view analytics you should have to;