[CKAN-support] preventing access to API 'user_list'

Wed Nov 20 04:44:04 UTC 2013

Hi George,

I don't think we have have a config option. If you just want to stop access
to it, the least effort option would be to block that route directly from
Apache. Doing it from an extension would also be possible but be more
effort.

Nigel Babu

Developer  |  @nigelbabu <https://twitter.com/nigelbabu>

The Open Knowledge Foundation <http://okfn.org/>

Empowering through Open Knowledge

http://okfn.org/  |  @okfn <http://twitter.com/OKFN>  |  OKF on
Facebook<https://www.facebook.com/OKFNetwork> |
Blog <http://blog.okfn.org/>  |  Newsletter<http://okfn.org/about/newsletter>

 CKAN | http://ckan.org/ | @CKANproject
<http://twitter.com/CKANproject> |the world’s leading open-source data
portal platform

On 20 November 2013 06:23, George Sattler <George.sattler at xvt.com.au> wrote:

>  Hi Support
>
> Smart Services Queensland (data.qld.gov.au) have asked me to somehow
> prevent people from using the API to retrieve the user_list e.g.
> data.qld.gov.au/api/3/action/user_list . They’re going to start adding
> users with email addresses and don’t want these email addresses to be
> publicly available (which is fair enough).
>
>
>
> I thought there might have been a config option that makes it so that you
> need to be authed to access but I can’t find one. If there’s no config
> options what would the next best thing be? Some kind of extension that
> overrides the mapping or something?
>
>
>
> Thanks
>
>
>
> *George Sattler*
>
> Software Developer/Analyst
>
>
>
> Office 03 6224 2377 | Email george.sattler at xvt.com.au
>
> 34 Anglesea Street, South Hobart, TAS 7004
>
>
>
>
>
> ------------------------------
> This email and any files transmitted with it is confidential and intended
> solely for the use of the addressee. The unauthorised use, dissemination,
> forwarding, printing or copying of this communication is strictly
> prohibited. If you have received this communication in error please notify
> us immediately by reply email and destroy this communication. Any views and
> opinions presented in this email are solely those of the author and do not
> necessarily represent the views of XVT Solutions. The recipient should
> check this email and any attachments for viruses. XVT Solutions accepts no
> liability for the content of this email, and any damage caused by any
> viruses that could potentially be transmitted through this email.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.okfn.org/mailman/private/ckan-support/attachments/20131120/00e2ff91/attachment-0003.html>