Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ALLOW headers in response to OPTIONS requests should reflect the request's permissions #88

Merged
merged 4 commits into from
Aug 4, 2023
Merged

ALLOW headers in response to OPTIONS requests should reflect the request's permissions #88

merged 4 commits into from
Aug 4, 2023

Conversation

why-not-try-calmer
Copy link
Contributor

@why-not-try-calmer why-not-try-calmer commented Jul 27, 2023
edited
Loading

This does not work yet (hence the Draft). But it will soon.

  • response headers to /items OPTIONS requests from authenticated users match their permissions
  • response headers to /items OPTIONS requests from un-authenticated users match their permissions (waiting for StackOverflow's reply)

@why-not-try-calmer why-not-try-calmer force-pushed the http-verbs-in-headers-matching-request-permissions branch 4 times, most recently from 5f7b4af to d4f17e1 Compare July 27, 2023 13:42
why-not-try-calmer
why-not-try-calmer commented Jul 27, 2023
View reviewed changes
src/signalo/core/tests.py
self.assertEqual(allowed_body, expected)
self.assertEqual(allowed_headers, allowed_body)

def test_admin_items_options(self):
Copy link
Contributor Author

@why-not-try-calmer why-not-try-calmer Jul 27, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@3nids This test (test_admin_items_options) passes. This means that QGIS will get correct responses to its authenticated OPTIONS requests, doesn't it?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

hopefully :)

@why-not-try-calmer
Enrich OPTIONS by adding allowed methods as metadata
0305ae8 
cleanup tests; added tests for options given new metadata class
@why-not-try-calmer why-not-try-calmer force-pushed the http-verbs-in-headers-matching-request-permissions branch from d4f17e1 to 0305ae8 Compare July 27, 2023 13:52
@why-not-try-calmer why-not-try-calmer marked this pull request as ready for review August 2, 2023 21:21
@why-not-try-calmer why-not-try-calmer changed the title Http verbs in headers matching request permissions Headers in response to OPTIONS requests should reflect the request's permissions Aug 2, 2023
@why-not-try-calmer why-not-try-calmer changed the title Headers in response to OPTIONS requests should reflect the request's permissions ALLOW headers in response to OPTIONS requests should reflect the request's permissions Aug 2, 2023
@why-not-try-calmer why-not-try-calmer added the enhancement New feature or request label Aug 2, 2023
@3nids 3nids merged commit 51d76c6 into main Aug 4, 2023
3 checks passed
@3nids 3nids deleted the http-verbs-in-headers-matching-request-permissions branch August 4, 2023 07:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@3nids 3nids Awaiting requested review from 3nids

Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@why-not-try-calmer @3nids