This repository has been archived by the owner on Feb 26, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 11
As a privileged bot I can write images via an API #212
Labels
Comments
jmurty
added a commit
that referenced
this issue
Apr 4, 2017
The default API pagination settings/behaviour will be reused by multiple API endpoints, so should live in a central location.
jmurty
added a commit
that referenced
this issue
Apr 4, 2017
jmurty
added a commit
that referenced
this issue
Apr 4, 2017
jmurty
added a commit
that referenced
this issue
Apr 4, 2017
Authentication: - Require authentication for any API access, instead of allowing anyone to access the APIs which is the behaviour unless you override it - enable standard Django session authentication for in-browser API access via the web UI or AJAX requests - enable per-user opaque token values for non-browser clients. Tokens can be assigned at the Django admin path /admin/authtoken/token/ Permissions: - apply Django's standard model permissions to API operations.
jmurty
added a commit
that referenced
this issue
Apr 4, 2017
jmurty
added a commit
that referenced
this issue
Apr 4, 2017
DRF's default API permissions model `DjangoModelPermissions` is overly permissive IMO because it allows *any* authenticated users to perform listing (GET), HEAD, and OPTIONS requests, even if that user has no corresponding permissions to view listings etc in the Django admin.
jmurty
added a commit
that referenced
this issue
Apr 4, 2017
jmurty
added a commit
that referenced
this issue
Apr 4, 2017
jmurty
added a commit
that referenced
this issue
Apr 4, 2017
Explicitly override the new, more restrictive, default API permissions applied GLAMkit-wide with `AllowAny` permissions for the existing pages API. This was the permission model for this API previously.
jmurty
added a commit
that referenced
this issue
Apr 7, 2017
Move the images and pages API apps into a new single central `icekit.api` app to simplify the app hierarchy and group things more sensibly in the codebase.
jmurty
added a commit
that referenced
this issue
Apr 7, 2017
Move all unit tests targeting API endpoints into the new `icekit.api` app.
jmurty
added a commit
that referenced
this issue
Apr 7, 2017
Refactor useful test cases and utility methods into base unit test class, and update images and pages unit tests to use this base class.
jmurty
added a commit
that referenced
this issue
Apr 7, 2017
- Images api URLs are now named 'images-api-list', 'images-api-detail' (was 'images-list', 'images-detail') - Pages api URLs are now named 'pages-api-list', 'pages-api-detail' (was 'page-list', 'page-detail')
jmurty
added a commit
that referenced
this issue
Apr 7, 2017
jmurty
added a commit
that referenced
this issue
Apr 7, 2017
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Set up django-rest-framework to allow writing of an
Image
for privileged users. This is so that middleware inside clients networks can send images to GLAMkit.The text was updated successfully, but these errors were encountered: