This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Prevent creation of shared flows with given prefix?

Posted on 03-26-2021 01:39 AM
michaelveit
New Member
Reply posted on --/--/---- --:-- AM

Is it possible to prevent the user creating shared flows with specific prefix?

Target is that users can maintain shared flows, except of platform provided ones with prefix "Platform-".

We are able to prevent users modifying them, as the path has the shared flow name in it, hence we can use wildcards in the permissions.

However, we would like prevent that the user CREATES such objects by himself. As the POST /sharedflows is used for creating new shared flows, we cannot refine the permission. Trying to use query parameters in the permissions path is not evaluated: "/sharedflows?name=Platform-*".

In the current setting, the user can create such flows, but not modify them anymore, which is a pain from concept point of view.

This is working fine for configuring read/update/delete, but not for create (I did not paste the deployment related permissions here), we would need full control for all CRUD operations:

- path: /sharedflows
  permissions: get,put
# Unfortunately, this can be imported, but is not evaluated:
- path: /sharedflows?name=Platform-*
  permissions: get
- path: /sharedflows/*
  permissions: get,delete
- path: /sharedflows/Platform-*
  permissions: get
- path: /sharedflows/*/revisions
  permissions: get
- path: /sharedflows/*/revisions/*
  permissions: get,put,delete
- path: /sharedflows/Platform-*/revisions/*
  permissions: get
0 1 248
Topic Labels
0 Likes
1 REPLY 1
Top Solution Authors
View all