Skip to content

Restrict Upload of Common Layers to Admin Users Only #87

Open
Open
Restrict Upload of Common Layers to Admin Users Only#87
Assignees
robertohuru
@robertohuru

Description

@robertohuru
robertohuru
opened on May 22, 2025

Description:

The current API implementation allows any authenticated user to upload common layers, which are primarily used as default global layers within the plugin. However, this poses a security and integrity concern, as these layers should be curated and managed only by users with administrative privileges.

Issue:

  • Any authenticated user can currently upload common layers.
  • Common layers serve as default global layers and should be centrally managed.
  • The existing TrendsEarth role attribute is too generic and does not provide sufficient role-based access control to differentiate between standard users and administrators.

Expected Behavior:

  • Only users with explicit administrative privileges should be allowed to upload or modify common layers.
  • Standard authenticated users should be restricted from uploading or editing these layers.

@danangmassandy @zamuzakki

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions