How to secure endpoint Rest apis for role based in cuba platform

Support
#1

Hi,

I have gone through

  1. https://doc.cuba-platform.com/manual-6.8/rest_api_v2.html
  2. http://files.cuba-platform.com/swagger/6.8/#/Services
  3. rest_api_v2_custom_controllers

These are providing more flexibility.

Here my questions are

  1. How to provide Role Based Access Control to these APIs(like services, queries apis) and custom controller Rest APIs.
  2. How to provide restriction to HTTP verbs(POST,GET,PUT,DELETE) for services.

Cuba framework is providing Roles creation, by using that could i do that or is there any way to call Filter on Rest API v2 run time so that there i can give access roles to resources by writing my own code.

If do you have any sample code or example project, please share it to me.

Any guidance would be appreciated.

Thank You!!

#3

Hi,
there is no such mechanism in the platform that manages REST endpoints access using cuba security roles.

You can use filters to handle http requests. See, for example, this discussion.