Support permissions in mapinfo

[BenediktSeidlSWM]

This patch adds an info_id field to the config which can be referenced in the permissions.json file. Note that this introduces a breaking change since all users have to add permissions for their mapinfo queries. An alternative, non-breaking way to do this could be to allow all queries without the info_id field set by default. However, this behaviour might be surprising for new users and could in theory lead to data leaks if deny-by-default is assumed.

[manisandro]

Thanks! I think it would be best to honour permissions_default_allow as configured in the tenatConfig.json, i.e. to default-allow the info entries if permissions_default_allow is true.

[BenediktSeidlSWM]

Test failures require an update in the permissions.json file in the qwc-services/qwc-docker repository.

Thanks! I think it would be best to honour permissions_default_allow as configured in the tenatConfig.json, i.e. to default-allow the info entries if permissions_default_allow is true.

This would require a change in qwc-services/qwc-config-generator right? I am not using the config-generator right now so I am not too familiar with the architecture.

[manisandro]

As far as the mapinfo service itself is concerned, no, it is just a matter of what is written in the permissions. Generally the config generator should be extended to generate the permissions for the mapinfo service according to the permissions configured in the admin gui and the value of permissions_default_allow.

[manisandro]

Thanks! I've updated the qwc-config-db-migrate, qwc-admin-gui and qwc-config-generator to handle the new mapinfo_query resource type, and updated the documentation

[BenediktSeidlSWM]

Thanks a lot!