GoogleCodeExporter
commented
9 years ago Egree, need for more diff. access of javamelodyOriginal comment by miroko....@gmail.com on 9 Oct 2013 at 11:49
Open GoogleCodeExporter opened 9 years ago
GoogleCodeExporter
commented
9 years ago Egree, need for more diff. access of javamelodyOriginal comment by miroko....@gmail.com on 9 Oct 2013 at 11:49
GoogleCodeExporter
commented
9 years ago I agree with the reporter. It is extremely useful to, say, view sessions, but
when it is possible to invalidate them, we have to restrict access to the whole
page much more.
In all companies I have worked, developers can view the logs and monitoring
pages. But they should not be able to alter the production system directly.Original comment by anderius on 13 Nov 2013 at 10:19
GoogleCodeExporter
commented
9 years ago I would very much like to see improvements in this area. For the JIRA plugin,
JavaMelody restricts access to only those users with the "JIRA System
Administrators" permission.
However, I would want to allow a lesser access (as per the comments above) to
"JIRA Administrators".
Ideally, what is available should be configurable so that the same user can
have access to different things on different systems. So, someone might be
have "JIRA Administrators" permissions on both a production and test
instance... and be given a bit more access on the test instance than on the
production instance - but still not as much as "JIRA System Administrators".
Configuration would also allow the existing over-broad access to be cut back a
bit on production systems.
Original comment by msymo...@gmail.com on 20 Jul 2014 at 1:00
Original issue reported on code.google.com by
matt.deb...@gmail.comon 18 Sep 2013 at 9:42