The server runs ik but the authorizer class you provided doest seem to work.I can still access my model without login.
Closed this issue · 7 comments
GoogleCodeExporter commented
What steps will reproduce the problem?
1.
2.
3.
What is the expected output? What do you see instead?
What version of the product are you using? On what operating system?
Please provide any additional information below.
Original issue reported on code.google.com by achachiez
on 3 Jul 2012 at 9:43
GoogleCodeExporter commented
which authorizer? what does your setup code look like? which version are you
using?
Original comment by jahlborn@gmail.com
on 4 Jul 2012 at 1:13
GoogleCodeExporter commented
Here is the whole of my main.py I expect to get 404 error but still I can
receive results.I'm useing version 1.0.6
Original comment by achachiez
on 4 Jul 2012 at 5:27
Attachments:
GoogleCodeExporter commented
[deleted comment]
GoogleCodeExporter commented
The example authorizer here
http://code.google.com/p/appengine-rest-server/wiki/ExampleAuthorizer does not
work as you could expect.Since it allow unauthorized writes event though it
leaves the owner field blank.I have attached an improved version that will
return a 404 if the a read or write request is unauthorized. Hope this helps
somebody.
Original comment by achachiez
on 4 Jul 2012 at 8:36
Attachments:
GoogleCodeExporter commented
first, your version does not stop writes if the owner is blank (i'm assuming
that's what you are attempting to do, but your can_write() method does not
throw an exception if the owner is blank).
second, the Authorizer class is not responsible for requiring that a user is
valid. that is the job of the Authenticator. you should be using an
Authenticator which requires the current user to be valid.
Original comment by jahlborn@gmail.com
on 4 Jul 2012 at 1:17
GoogleCodeExporter commented
Thanks a lot I finally got it working.
Original comment by achachiez
on 4 Jul 2012 at 7:14
GoogleCodeExporter commented
Original comment by jahlborn@gmail.com
on 4 Jul 2012 at 7:55
- Changed state: Invalid