New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ACL-based auth policy and the @permission_required_for_context decorator. For now used with /users API #234
Commits on Nov 9, 2021
-
first implementation of ACL-based auth policy and the @permission_req…
…uired_for_context decorator. Used for one /user endpoint (GET /user/<id>)
-
make GET /users and PATCH /user/<id> work. Inn the process simplifyin…
…g /users to work for one account only, and moving API context factories to a common location
-
-
Commits on Nov 10, 2021
-
separate checking admin access and principals within policy, add test…
…s for principals matching
-
Commits on Nov 11, 2021
Commits on Nov 15, 2021
Commits on Nov 16, 2021
-
-
explicitly require marshmallow>3 as we use recent parameters (app.txt…
… already pins it >3)
-
replace load_account with Marshmallow field; enable the permission-ch…
…ecking decorator to get the resource from keyword args
-
move load_user factory to marshmallow field, as well; refactor permis…
…sion decorator a bit