Kurocon
commented
2 months ago Some (previously) private information is currently made public that we (probably) don't want:
ActivityType: (something seems to go wrong with the fields specification here as well)
callbackUrl (possibly internal URL of external party)callbackSecretKey (secret passed to callback to verify its us)facebookEventId (probably irrelevant)updateCount (internal attribute for icals)placesAvailable (only show when logged in)hasWaitingParticipants (internal attribute)
CommitteeType:
abbreviation (internal attribute for LDAP groups in Claudia)
AttachmentType:
non-public attachments are visible
WebsiteBannerType / TelevisionBannerType / VivatBannerType:
startDate (exposes contract information)endDate (exposes contract information)Only active banners should be visible
Rest looks good as far as I can tell!
Please add the following information to your pull request:
Please describe what your PR is fixing Adds a GraphQL API for public resources.
Concretely, which issues does your PR solve? (Please reference them by typing
Fixes/References Inter-Actief/amelie#<issue_id>) Fixes #741Does your PR change how we process personal data, impact our privacy document, or modify (one of) our data export(s)? no
Does your PR include any django migrations? no
Does your PR include the proper translations (did you add translations for new/modified strings)? yes, I have included the translations
Does your PR include CSS changes (and did you run the
compile_css.shscript in thescriptsdirectory to regenerate thecompiled.cssfile)? no, my PR does not include CSS changesDoes your PR need external actions by for example the System Administrators? (Think about new pip packages, new (local) settings, a new regular task or cronjob, new management commands, etc.)? no
Did you properly test your PR before submitting it? yes