doveadm_allowed_commands doesn't work as expected
Aki Tuomi
aki.tuomi at open-xchange.com
Thu Jan 3 23:02:17 EET 2019
> On 03 January 2019 at 22:45 Ronald Poon <ronaldpoon at ud.hk> wrote:
>
>
> Trying to limit the API calls to doveadm-http-api by configure allowed
> commands, but once the commands added to the list, the RestAPI no longer
> work.
>
>
> 1) Return correct reply when doveadm_allowed_commands is empty
>
> # curl -k -H "Content-Type: application/json" -H "Authorization:
> X-Dovecot-API <base64 api key>" https://localhost:9088/doveadm/v1
> -d'[["quotaGet",{"user":"user1 at mydomain.com"},"c01"]]'
> [["doveadmResponse",[{"root":"User
> quota","type":"STORAGE","value":"0","limit":1024","percent":"0"},{"root":"Userquota","type":"MESSAGE","value":"0","limit":"-","percent":"0"}],"c01"]]
>
>
> 2) Return unAuthorized when doveadm_allowed_commands =
> quotaGet,quotaRecalc,expunge
>
> # curl -k -H "Content-Type: application/json" -H "Authorization:
> X-Dovecot-API <base64 api key>" https://localhost:9088/doveadm/v1
> -d'[["quotaGet",{"user":"user1 at mydomain.com"},"c01"]]'
> [["error",{"type":"unAuthorized", "exitCode":0},"c01"]]
This is mostly because v1 API is not so fantastic. Try
doveadm_allowed_commands="quota get,quota recalc,expunge"
Aki
More information about the dovecot
mailing list