search

wso2 / product-micro-integrator

The cloud-native configuration driven runtime that helps developers implement composite microservices.
https://wso2.com/integration/
Apache License 2.0
204 stars 221 forks source link

[Bug]: Create a read-only user in the MI dashboard #3557

Closed tdkmalan90 closed 2 days ago

tdkmalan90 commented 3 months ago

Description

Non-admin users in the wso2 mi dashboard can enable and disable runtime artifacts like proxy services, message processors, etc. This behavior should be enabled only for admin users.

Product : wso2mi-4.2.0

Steps to Reproduce

Created an RDBMS user store. [internal_apis.file_user_store] enable = false

[user_store] class = "org.wso2.micro.integrator.security.user.core.jdbc.JDBCUserStoreManager" type = "database"

[[datasource]] id = "WSO2CarbonDB" url= "jdbc:mysql://localhost:3306/userdb" username="chandima" password="Chandima" driver="com.mysql.jdbc.Driver" pool_options.maxActive=50 pool_options.maxWait = 60000 pool_options.testOnBorrow = true

[[datasource]] id = "WSO2_TRANSACTION_DB" url= "jdbc:mysql://localhost:3306/transactiondb" username="chandima" password="Chandima" driver="com.mysql.jdbc.Driver" pool_options.maxActive=50 pool_options.maxWait = 60000 pool_options.testOnBorrow = true

Created a new role (ReadOnly) and a user (test), and assigned that role to the new user (test). Created some proxies and Synapse configurations in MI. Logged into the MI dashboard using the non-admin user and went to the proxies section. Refer to the screenshot: you will see the disable and enable buttons. Disable the proxy and invoke the proxy using the test user (non-admin). The proxy will be disabled, and it will return a 500 error when invoked.

Affected Version(s)

wso2mi-4.2.0

OS, DB, other environment details and versions

No response

Related issue(s) (optional)

No response

Suggested label(s) (optional)

No response

Suggested assignee(s) (optional)

No response