search

Cockpit-HQ / Cockpit

Cockpit Core - Content Platform
https://getcockpit.com
Other
388 stars 47 forks source link

Lokalize and permission issues #230

Closed bomas13 closed 6 days ago

bomas13 commented 2 weeks ago

I noticed that it is possible to query the API endpoint for Lokalize (GET api/lokalize/project/{project}) even w/o any "api-key" header supplied. However, providing a wrong token ends up in an "authentication failed" which matches my expectations.

This does not make any sense.

Likewise, previously it was possible to obtain tokens exclusively access to specific projects. This feature is gone completely. Will this be implemented in the future again? And if so, when?

aheinze commented 6 days ago

The fix will be available in the next release 👍 Thanks for reporting!