Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Disable updating DFR3 objects through POST method #22

Closed
ghost opened this issue Oct 5, 2021 · 0 comments · Fixed by #26
Closed

Disable updating DFR3 objects through POST method #22

ghost opened this issue Oct 5, 2021 · 0 comments · Fixed by #26
Assignees
@diegoac2
Labels
bug Something isn't working good first issue Good for newcomers
Milestone
1.6.0

Comments

@ghost
Copy link

ghost commented Oct 5, 2021
edited by ghost
Loading

Dylan uses pyincore’s create_dfr3_set() method(POST api call) and provides an “id” of an existing DFR3 set in the JSON and it actually updates it. I tested it just now and it works that way. Does anyone know if this is an intended feature or just a bug (with unintended benefits). It also seems that, this option allows a user to “update” someone else’s DFR3, even though they don’t have privileges to do so - this could be exploited.

We should disable this feature(bug) on the DFR3 service
@ghost ghost added good first issue Good for newcomers bug Something isn't working labels Oct 5, 2021
@ghost ghost added this to the 1.6.0 milestone Oct 5, 2021
@ghost ghost self-assigned this Oct 13, 2021
@diegoac2 diegoac2 self-assigned this Oct 18, 2021
ghost pushed a commit that referenced this issue Oct 20, 2021
@gowthamnvv
#22: Disable setting of id when creating when POST-ing DFR3
e219224
ghost pushed a commit that referenced this issue Oct 20, 2021
@gowthamnvv
#22: moved the position of setter
6d5c82e
ghost pushed a commit that referenced this issue Oct 21, 2021
@gowthamnvv
#22: Disable setting an id during all hazards' creation
9e73a50
ghost pushed a commit that referenced this issue Oct 21, 2021
@gowthamnvv
#22: Disable setting an id during dataset creation
37fdaf4
ghost pushed a commit that referenced this issue Oct 21, 2021
@gowthamnvv
#22: Disable setting an id during DFR3 creation
49e123d
ghost pushed a commit that referenced this issue Oct 21, 2021
@gowthamnvv
#22: Disable setting an id during Space creation
e525cc8
ghost pushed a commit that referenced this issue Oct 21, 2021
@gowthamnvv
#22: Disable setting an id during eq creation
fde1b19
ghost pushed a commit that referenced this issue Oct 21, 2021
@gowthamnvv
#22: Disable setting an id during all DFR3s and hazards creation
691b9cc
ghost pushed a commit that referenced this issue Oct 21, 2021
@gowthamnvv
#22: Disable setting an id during space creation
78404e1
ghost pushed a commit that referenced this issue Oct 21, 2021
@gowthamnvv
#22: fix a format
0684aa0
ghost pushed a commit that referenced this issue Oct 21, 2021
@gowthamnvv
#22: Disable setting an id during Dataset creation
703670e
ghost pushed a commit that referenced this issue Oct 21, 2021
@gowthamnvv
#22: enable set method to pass the unit test
886913c
ghost pushed a commit that referenced this issue Oct 21, 2021
@gowthamnvv
#22: pass the failing unit test
a6e0809
ghost pushed a commit that referenced this issue Oct 21, 2021
@gowthamnvv
#22: add documentation for the validation method
c40ac7d
ghost pushed a commit that referenced this issue Oct 21, 2021
@gowthamnvv
#22: removed a duplicate block of code
a2493fe
navarroc added a commit that referenced this issue Oct 22, 2021
@navarroc
Merge pull request #26 from IN-CORE/22-disable-passing-id-on-post-calls
7866d45 
#22: Disable setting an id during eq creation
@ghost ghost linked a pull request Oct 25, 2021 that will close this issue
#22: Disable setting an id during eq creation #26
Merged
@ghost ghost closed this as completed Nov 2, 2021
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@diegoac2 diegoac2

Labels
bug Something isn't working good first issue Good for newcomers
Projects
None yet
Milestone
1.6.0
Development

Successfully merging a pull request may close this issue.

#22: Disable setting an id during eq creation IN-CORE/incore-services
1 participant
@diegoac2