New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Auth policy #210
Auth policy #210
Conversation
…te is older than 5 months
… roles decorators. User role decorators respect admin access. Added unified error handler for all API calls (invalid_sender).
…e to account-role checking
add documentation about account authorization
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I finally got through this big PR, sorry for the delay. I advise to read through all of my comments first before addressing specific ones. This is a really nice and necessary PR. I added an 👀 symbol to my main concerns (e.g. clear naming of test users, and how we intend to use USEF roles in relation to access rights).
… conftest and use it where necessary; use dummy user instead of moving a user between accounts
… 2 will use the correct test user
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the explanations and changes. Besides addressing one typo, can you also open up a ticket for the incomplete service listings in API v2.0? This concept may need a significant revision so API users can see roles required and roles accepted listed separately.
I made #227 |
Closes #160
Move towards a more account-based and more central authorization policy.
I split into a few commits for better readability.