Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow the layers copy from external portals #158

Open
vjrj opened this issue Dec 15, 2020 · 2 comments
Open

Allow the layers copy from external portals #158

vjrj opened this issue Dec 15, 2020 · 2 comments
Assignees
@adam-collins
Milestone
2.2.0

Comments

@vjrj
Copy link
Contributor

vjrj commented Dec 15, 2020

Currently the creation of common layers in each LA spatial portal is a tedious and time cost effort. With common layers, I mean layers generic that can be used in any LA portal, like world or similar layers.

spatial-service has a copy layers functionality but this is only allowed to auth systems in a local LA portal via an api-key.

It would be interesting to have a central spatial service in the LA community that allows that copy operation to others LA portals without this restriction of with some external or different authorization. This can relief this layer creation task in other LA portals.

The login function in:

spatial-service/grails-app/controllers/au/org/ala/spatial/service/ManageLayersController.groovy

Line 583 in 49af0d8

def copy() {

is the responsible of allowing or not the copy right now.

As this login is used for other layer tasks, it will be nice if this can be deactivated or configured in other way to allow these copy operations. I can send some PR if we agree in some option.

I can create a shared spatial service for this purpose and offer it its use to the LA community, but it will be nice if I can copy first some general layers (for instance from ALA).

Any comment? TIA
@adam-collins
Copy link
Collaborator

The use of app specific keys was intended for copying between test and prod. Both the spatial key and api key will be deprecated. Noting that there are some restrictions on distributing layers, depending on the layer licence.

Thoughts

  1. Add JWT authentication for access to permitted layers from a remote spatial-service instances.
  2. Package individual permitted layers and push to a public S3 bucket or similar. This would be more work but result in lower impact on the server when in use.

@adam-collins adam-collins self-assigned this Jan 21, 2025
@adam-collins
Copy link
Collaborator

Opted to add JWT to the copy page. The updated services require JWT with the default role ROLE_ADMIN, because not all layers will have permission for a copy. JWT is always required but it can be set to ROLE_USER for more open access to layer files.

Related to #236

adam-collins pushed a commit that referenced this issue Jan 21, 2025
#158 change remote layer copy to use JWT
a8459f7
@adam-collins adam-collins added this to the 2.2.0 milestone Jan 21, 2025
@adam-collins adam-collins mentioned this issue Jan 23, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@adam-collins adam-collins

Labels
None yet
Projects
None yet
Milestone
2.2.0
Development

No branches or pull requests
2 participants
@vjrj @adam-collins