Actions
Bug #18636
closedmake "relations" visible to unauth'd Redmine API clients
% Done:
0%
Source:
Tags:
Backport:
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Crash signature (v1):
Crash signature (v2):
Description
I have to use my "ken.dreyer" Redmine account to look up relations for a ticket using the REST API.
For example this works:
curl -v -H 'X-Redmine-API-Key: foobar' http://tracker.ceph.com/issues/17858/relations.json
This does not (HTTP 403 error):
curl -v http://tracker.ceph.com/issues/17858/relations.json
The information is already public via the web UI (see http://tracker.ceph.com/issues/17858/), and it appears that it's only the REST API that is restricted in this way.
Can we disable this requirement in Redmine's settings somehow?
Actions