Changed access roles for health API

2024-06-02 19:04:49 +12:00 · 2020-06-07 08:43:25 +03:00 · 2020-06-07 08:43:25 +03:00 · ca07660e6e
parent ce89f0e283
commit ca07660e6e
2 changed files with 4 additions and 2 deletions
--- a/CHANGES.md
+++ b/CHANGES.md
@ -9,6 +9,10 @@

 - Fixed output of /v1/health/queue/certificates returning wrong data

+## Security
+
+- Access to health API now requires authentication with an API Key with access to `health.read` scope allowed
+
 # Version 0.6.2 (PRE-RELEASE)

 ## Features
--- a/app/config/roles.php
+++ b/app/config/roles.php
@ -24,7 +24,6 @@ $logged = [
    'projects.write',
    'locale.read',
    'avatars.read',
-    'health.read',
 ];

 $admins = [
@ -62,7 +61,6 @@ return [
            'files.read',
            'locale.read',
            'avatars.read',
-            'health.read',
        ],
    ],
    ROLE_MEMBER => [