Uploaded image for project: 'Moodle app'
  1. Moodle app
  2. MOBILE-498 Push Notification for MoodleMobile
  3. MOBILE-490

Access keys created by API doesn't have permissions enabled

XMLWordPrintable

    • Icon: Sub-task Sub-task
    • Resolution: Fixed
    • Icon: Minor Minor
    • 1.4
    • 1.3.3
    • Push notifications
    • MOODLE_13_STABLE
    • MOODLE_14_STABLE

      Hi,

      after creating an accesskey in Airnotifier using the API:

      curl -i -H "Accept: application/json" -H "X-AN-APP-NAME: moodle" -X POST -d "url=sitemoodleurl&siteid=12EFab765" http://localhost:8801/accesskeys/

      I have noticed that the key doesn't have any type of permissions enabled.

      I think that at least these permissions should be enabled by default:
      -Create token
      -Delete token
      -Notification

      Without these permissions Moodle sites that have created an Acces key using the API can't do anything

      It will be also interesting if the API supports also "description" and "contact email" as POST params, in the same way you can add this fields when you add a key manually. This will help us to display which API key belongs to which site and also a contact email for reporting abuse, etc...

            dongsheng Dongsheng Cai
            jleyva Juan Leyva
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved:

                Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.