Err...! I thought it is matching the API commands, instead, matching
doveadm cli commands.
Thanks you so much,
Ronald
On 4/1/2019 5:02 AM, Aki Tuomi wrote:
On 03 January 2019 at 22:45 Ronald Poon <ronaldp...@ud.hk> wrote:
Trying to limit the API calls to doveadm-http-api by configure allowed
commands, but once the commands added to the list, the RestAPI no longer
work.
1) Return correct reply when doveadm_allowed_commands is empty
# curl -k -H "Content-Type: application/json" -H "Authorization:
X-Dovecot-API <base64 api key>" https://localhost:9088/doveadm/v1
-d'[["quotaGet",{"user":"us...@mydomain.com"},"c01"]]'
[["doveadmResponse",[{"root":"User
quota","type":"STORAGE","value":"0","limit":1024","percent":"0"},{"root":"Userquota","type":"MESSAGE","value":"0","limit":"-","percent":"0"}],"c01"]]
2) Return unAuthorized when doveadm_allowed_commands =
quotaGet,quotaRecalc,expunge
# curl -k -H "Content-Type: application/json" -H "Authorization:
X-Dovecot-API <base64 api key>" https://localhost:9088/doveadm/v1
-d'[["quotaGet",{"user":"us...@mydomain.com"},"c01"]]'
[["error",{"type":"unAuthorized", "exitCode":0},"c01"]]
This is mostly because v1 API is not so fantastic. Try
doveadm_allowed_commands="quota get,quota recalc,expunge"
Aki
