Raise a 403 Forbidden response if requested signer did not sign a map #170

Closed
strk opened this Issue Feb 27, 2014 · 0 comments

Comments

Projects
None yet
1 participant
Contributor

strk commented Feb 27, 2014

When accessing maps via "signed token" we should raise a 403 if the requested signer did not place a signature for the map.

Current behavior is to just consider that call as normal public access to the database instead.

\cc @rafacas

strk added this to the 1.8.4 milestone Feb 27, 2014

strk added the enhancement label Feb 27, 2014

strk self-assigned this Feb 27, 2014

@strk strk modified the milestone: 1.8.5, 1.8.4 Mar 3, 2014

strk closed this in 40a2549 Mar 3, 2014

@strk strk pushed a commit that referenced this issue Mar 3, 2014

Sandro Santilli Fix error message on missing requested signature
We don't really distinguish between missing or non-authorizing
signature. And that's fine. See #170
30eb939
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment