bug / pagure

Clone
Source Code
GIT

8351c4 Allow project-less API token to retrieve issues

Authored and Committed by Pierre-Yves Chibon 5 years ago
raw patch tree parent
2 files changed. 177 lines added. 1 lines removed.
pagure/api/issue.py
file modified
+1 -1
tests/test_pagure_flask_api_issue.py
file modified
+176 -0 
    Allow project-less API token to retrieve issues
    
    Basically, we were only allowing project-specific API token to
    retrieve the list of opened issues on a project, but there is no
    ACLs associated with listing issues, we only use this to
    authenticate the user and figure out if they can access the
    private issues or not.
    So we should allow project-less API token to perform this
    authentication check.
    
    Fixes https://pagure.io/pagure/issue/4479
    
    Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr></pingou@pingoured.fr>
file modified
+1 -1
file modified
+176 -0

Powered by Pagure 5.7.4

SSH Hostkey/Fingerprint | Documentation | About

© 2014-2019 Red Hat, Inc. and others.

Logo by Pavel Lashutin