Closed jkerr5 closed 5 years ago
Related to #45 but a subset of the overall security requirements
Currently the users with the "esri-connector-reader" role get the "rest-reader" transitively. That gives them the right to execute the connector modules.
We need one role to be able to give to users that allows them to read service descriptors and execute the connector modules.
We also need a role that has the ability to insert and update/delete descriptors as well as update the connector modules.
Maybe the descriptor collection should be protected: "http://marklogic.com/feature-services"