FlexMeasures / flexmeasures Public
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Auth policy #210
Auth policy #210
Conversation
…te is older than 5 months
… roles decorators. User role decorators respect admin access. Added unified error handler for all API calls (invalid_sender).
…e to account-role checking
add documentation about account authorization
I finally got through this big PR, sorry for the delay. I advise to read through all of my comments first before addressing specific ones. This is a really nice and necessary PR. I added an
… conftest and use it where necessary; use dummy user instead of moving a user between accounts
… 2 will use the correct test user
Thanks for the explanations and changes. Besides addressing one typo, can you also open up a ticket for the incomplete service listings in API v2.0? This concept may need a significant revision so API users can see roles required and roles accepted listed separately.
I made #227 |
Closes #160
Move towards a more account-based and more central authorization policy.
I split into a few commits for better readability.