Platform Explorer / Nuxeo Platform 6.0

Extension point bindings

In component org.nuxeo.ecm.automation.server.AutomationServer

Documentation

Rest security bindings on operations

Contribution Descriptors

  • Class: org.nuxeo.ecm.automation.server.RestBinding

Existing Contributions

Contributions are presented in the same order as the registration order on this extension point. This order is displayed before the contribution name, in brackets.

  • nuxeo-drive-operations-6.0.jar 
    <extension point="bindings" target="org.nuxeo.ecm.automation.server.AutomationServer">
    <!-- Protect Nuxeo Drive integration test operations -->
    <binding name="NuxeoDrive.SetupIntegrationTests">
      <administrator>true</administrator>
    </binding>
    <binding name="NuxeoDrive.TearDownIntegrationTests">
      <administrator>true</administrator>
    </binding>
    <binding name="NuxeoDrive.WaitForAsyncCompletion">
      <administrator>true</administrator>
    </binding>
    <binding name="NuxeoDrive.SetVersioningOptions">
      <administrator>true</administrator>
    </binding>
    <binding name="NuxeoDrive.CreateTestDocuments">
      <administrator>true</administrator>
    </binding>
    <binding name="NuxeoDrive.SetActiveFactories">
      <administrator>true</administrator>
    </binding>
  </extension>
    (?) nuxeo-drive-operations-6.0.jar   Override
  • nuxeo-automation-features-6.0.jar 
    <extension point="bindings" target="org.nuxeo.ecm.automation.server.AutomationServer">
    <!-- don't allow direct access to Audit log -->
    <binding name="Audit.Query">
      <administrator>true</administrator>
    </binding>
    <binding name="Audit.PageProvider">
      <administrator>true</administrator>
    </binding>
  </extension>
    (?) nuxeo-automation-features-6.0.jar   Override
  • nuxeo-automation-server-6.0.jar 
    <extension point="bindings" target="org.nuxeo.ecm.automation.server.AutomationServer">
    <!-- don't allow GET of arbitrary URLs on the server -->
    <binding name="Blob.Create">
      <administrator>true</administrator>
    </binding>
    <!-- don't allow POST of arbitrary URLs on the server -->
    <binding name="Blob.Post">
      <administrator>true</administrator>
    </binding>
    <!-- don't allow write of arbitrary files on the server -->
    <binding name="Blob.ToFile">
      <administrator>true</administrator>
    </binding>
    <!-- don't allow arbitrary email sending on the server -->
    <binding name="Notification.SendMail">
      <administrator>true</administrator>
    </binding>

    <!-- protect access to directories -->
    <binding name="Directory.Entries">
      <administrator>true</administrator>
    </binding>
    <!-- protect arbitrary script execution -->
    <binding name="Context.RunInputScript">
      <administrator>true</administrator>
    </binding>
    <binding name="Context.RunScript">
      <administrator>true</administrator>
    </binding>
    <!-- protect counter access -->
    <binding name="Counters.GET">
      <administrator>true</administrator>
    </binding>
  </extension>
    (?) nuxeo-automation-server-6.0.jar   Override