SORMAS (Surveillance, Outbreak Response Management and Analysis System) is an early warning and management system to fight the spread of infectious diseases.
Investigate the Resource classes and the exposed REST endpoints
a specific rest endpoint should be accessed only with the proper user rights ( new user rights were introduced in the past and the endpoints are not considering those user rights)
The REST endpoints from the following resource classes should be investigated and the necessary user rights to access the endpoints should be adjusted (where is neccessary):
ActionResource
AdditionalTestResource
AggregateReportResource
AreaResource
BagExportResource
CampaignFormDataResource
CampaignFormMetaResource
CampaignResource
CaseResource
ClassificationResource
ClinicalVisitResource
CommunityResource
ContactResource
ContinentResource
CountryResource
CustomizableEnumValueResource
DashboardResource
DiseaseConfigurationResource
DistrictResource
DocumentResource
EnvironmentResource
EnvironmentSampleResource
EventGroupResource
EventParticipantResource
EventResource
ExternalSurveillanceToolGatewayResource
ExternalVisitsResource
FacilityResource
FeatureConfigurationResource
ImmunizationResource
InfoResource
InfrastructureResource
LabMessageResource
LineListingResource
OutbreakResource
PathogenTestResource
PersonResource
PointOfEntryResource
PrescriptionResource
RegionResource
SampleResource
ShareRequestResource
SormasToSormasResource
SubcontinentResource
SurveillanceReportResource
TaskResource
TravelEntryResource
TreatmentResource
UserResource
UserRoleResource
VisitResource
WeeklyReportResource
NOTE: TO BE DEFINED (after investigation) the exact REST endpoints which will need adjustments.
Proposed Change
Investigate the rest endpoints from the mentioned resource classes and check if the called Facade method is annotated with the proper right/rights or other user rights should be added to.
Added Value/Benefit
Consistency in the app
Security based on the usage of the correct user rights
Acceptance Criteria
[ ] All the resource classes and endpoints should be investigated and adjusted
Problem Description
Investigate the Resource classes and the exposed REST endpoints
The REST endpoints from the following resource classes should be investigated and the necessary user rights to access the endpoints should be adjusted (where is neccessary):
NOTE: TO BE DEFINED (after investigation) the exact REST endpoints which will need adjustments.
Proposed Change
Investigate the rest endpoints from the mentioned resource classes and check if the called Facade method is annotated with the proper right/rights or other user rights should be added to.
Added Value/Benefit
Acceptance Criteria
Implementation Details
No response
Mockups
No response
Additional Information
No response