Open GoogleCodeExporter opened 9 years ago
Egree, need for more diff. access of javamelody
Original comment by miroko....@gmail.com
on 9 Oct 2013 at 11:49
I agree with the reporter. It is extremely useful to, say, view sessions, but
when it is possible to invalidate them, we have to restrict access to the whole
page much more.
In all companies I have worked, developers can view the logs and monitoring
pages. But they should not be able to alter the production system directly.
Original comment by anderius
on 13 Nov 2013 at 10:19
I would very much like to see improvements in this area. For the JIRA plugin,
JavaMelody restricts access to only those users with the "JIRA System
Administrators" permission.
However, I would want to allow a lesser access (as per the comments above) to
"JIRA Administrators".
Ideally, what is available should be configurable so that the same user can
have access to different things on different systems. So, someone might be
have "JIRA Administrators" permissions on both a production and test
instance... and be given a bit more access on the test instance than on the
production instance - but still not as much as "JIRA System Administrators".
Configuration would also allow the existing over-broad access to be cut back a
bit on production systems.
Original comment by msymo...@gmail.com
on 20 Jul 2014 at 1:00
Original issue reported on code.google.com by
matt.deb...@gmail.com
on 18 Sep 2013 at 9:42