Closed
Bug 1011227
Opened 10 years ago
Closed 9 years ago
Reviewed API keys have "mozillians"-level access to user fields
Categories
(Participation Infrastructure :: Phonebook, defect)
Tracking
(Not tracked)
VERIFIED
FIXED
People
(Reporter: hoosteeno, Unassigned)
References
Details
(Whiteboard: [kb=1635111] )
When we undertake bug 1011209, we'll create a mechanism for any vouched user of Mozillians.org to get an API key that can access the API with "public"-level access (bug 1011220). We'll also have a class of keys that can access the API with "mozillians"-level access. These keys will have access to information that users of the platform have shared only inside the network. Therefore, they will be subject to greater scrutiny and must meet higher standards. The working name for this class of keys is "reviewed". API users with a reviewed key can request data from any API resource and get a complete list of matching records in response, including fields on user records marked as both "public" and "mozillians".
Comment 1•10 years ago
|
||
Clarification: Reviewed API keys may get "mozillians" OR greater access. E.g. some keys can get "privileged" access. The level of access will be decided by the reviewers and the application needs.
Updated•9 years ago
|
Whiteboard: [kb=1635111]
Comment 2•9 years ago
|
||
Merged here: https://github.com/mozilla/mozillians/pull/1152 At the moment this can be done in /admin
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
Updated•9 years ago
|
Version: other → next
Updated•9 years ago
|
Status: RESOLVED → VERIFIED
Updated•9 years ago
|
Version: next → 2015-2.3
You need to log in
before you can comment on or make changes to this bug.
Description
•