Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Media scope #10607

Closed
anatol-sialitski opened this issue Jun 24, 2024 · 0 comments · Fixed by #10613 or #10620
Closed

Media scope #10607

anatol-sialitski opened this issue Jun 24, 2024 · 0 comments · Fixed by #10613 or #10620
Assignees
@anatol-sialitski

Comments

@anatol-sialitski
Copy link
Contributor

anatol-sialitski commented Jun 24, 2024
edited
Loading

There is a security implication: some intranet sites may be protected only by VHost - which is actually a bad practice. Due to this fact we need to introduce VHost config with a list of allowed projects (media projects)

mediaService.scope = <project1:draft>, <project2>

If not specified:

For endpoint mount limit the project to the one specified in site's path (allow from self) /(admin)/site/<project>/<branch>/site-path/_/media/.../<project>(:branch))

For Slash API - allow any project and branch.

Note that content permissions will further limit the access to specific media.
@anatol-sialitski anatol-sialitski self-assigned this Jun 24, 2024
anatol-sialitski added a commit that referenced this issue Jun 26, 2024
@anatol-sialitski
Media scope #10607
10725b9
@anatol-sialitski anatol-sialitski linked a pull request Jun 26, 2024 that will close this issue
Media scope #10607 #10613
Merged
anatol-sialitski added a commit that referenced this issue Jun 26, 2024
@anatol-sialitski
Media scope #10607
b0e83dd
anatol-sialitski added a commit that referenced this issue Jun 28, 2024
@anatol-sialitski
Media scope #10607
9d1624d
anatol-sialitski added a commit that referenced this issue Jun 28, 2024
@anatol-sialitski
Media scope #10607
d2da76b
anatol-sialitski added a commit that referenced this issue Jun 28, 2024
@anatol-sialitski
Media scope #10607
1b255ae
anatol-sialitski added a commit that referenced this issue Jun 28, 2024
@anatol-sialitski
Media scope #10607
7e9ecb8
@rymsha rymsha mentioned this issue Jul 1, 2024
Open
anatol-sialitski added a commit that referenced this issue Jul 1, 2024
@anatol-sialitski
Media scope #10607
048be04
@anatol-sialitski anatol-sialitski linked a pull request Jul 1, 2024 that will close this issue
Media scope #10607 #10620
Merged
rymsha pushed a commit that referenced this issue Jul 1, 2024
@anatol-sialitski @rymsha
Media scope #10607
734749c
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@anatol-sialitski anatol-sialitski

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Media scope #10607 enonic/xp
Media scope #10607 enonic/xp
1 participant
@anatol-sialitski