Replies: 1 comment
-
|
Hi @xylik Thank you for showing interest. As for your query, Authorization enforcement is not performed for the open source version of testsigma since it is a local setup. We assume that any user authenticated to your local version should have permissions on all its resources. However, we do have authorization in the paid version hosted in cloud. If you have any further queries, do reach out. Thanks |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hi guys, I was reading the testsigma "server" project code with the idea to see how you have structured your backend. It's one of the better ones I've seen out in the wild :). One thing I couldn't figure by reading the code is how do you enforce Authorization on each exposed Controller route?
I've seen Authentication filters inside "server/../security" package and also inside "server/../config" package but I couldn't find any code that checks if particular user is owner of Resource(Workspace,TestSuite,Tags ...) that is being requested or modified ...
Can you please point me where that part of Authorization enforcment is done, thx ?
Beta Was this translation helpful? Give feedback.
All reactions