-
Type: Improvement
-
Status: Open
-
Priority: Minor
-
Resolution: Unresolved
-
Affects Version/s: None
-
Fix Version/s: None
-
Component/s: Bulk
-
Team:PLATFORM
Sample syntax for a bulk operation via REST call is as follows:
curl -u Administrator:Administrator -H 'Content Type: application/json' -X POST 'http://localhost:8080/nuxeo/api/v1/search/bulk/setProperties' -d '{ "dc:nature": "article", "dc:subjects": ["art/architecture"], .... }
Currently, anyone can make a bulk call as long as provide valid user credentials in the -u parameter. This has caused problems at a few customer where users submit commands which they shouldn't and impact overall performance.
Could the ability to run bulk commands be configurable such that a customer could lock down who runs? Perhaps only users in an Administrators group can run and all others would be blocked if attempted?