Preference authorization processor #8915
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Closes #8893
Prevents unauthorized access to patrons' preferences. Instead, patrons will be able to access their own preferences, while admins can access all patrons' preferences.
These changes include access to
json
andyml
encodings of patron preferences, not just the preference pages.Technical
A new processor was created to aid with authorization. The
PreferenceProcessor
, when handling a request for patron preferences, gets a reference to the authenticatedUser
. If the request was unauthenticated, a401
error is raised. Then, the processor checks if theUser
is the owner of the requested preferences, or is an admin. If neither are true, a403
error is raised.If all checks pass, or the request is not for preferences, the processor handles the request as per usual.
Testing
At a minimum, the following should be tested:
While logged out:
/people/{username}/preferences
pagejson
oryml
preference requestsWhile logged in as a non-admin:
json
andyml
preference requests for one's own preferencesjson
andyml
preference requests for other patrons' preferencesWhile logged in as an admin:
json
oryml
preference requests for any accountOther:
/account/preferences
requests should be unaffected by these changesSpecial deployment notes
This is a new processor, so we should be vigilant when this is deployed, and ensure that pages not related to preferences are unaffected, etc.
Screenshot
Stakeholders