GoogleCodeExporter
commented
9 years ago which authorizer? what does your setup code look like? which version are you
using?Original comment by jahlborn@gmail.com on 4 Jul 2012 at 1:13
Closed GoogleCodeExporter closed 9 years ago
GoogleCodeExporter
commented
9 years ago which authorizer? what does your setup code look like? which version are you
using?Original comment by jahlborn@gmail.com on 4 Jul 2012 at 1:13
GoogleCodeExporter
commented
9 years ago Here is the whole of my main.py I expect to get 404 error but still I can
receive results.I'm useing version 1.0.6Original comment by achachiez on 4 Jul 2012 at 5:27
Attachments:
GoogleCodeExporter
commented
9 years ago [deleted comment]The example authorizer here
http://code.google.com/p/appengine-rest-server/wiki/ExampleAuthorizer does not
work as you could expect.Since it allow unauthorized writes event though it
leaves the owner field blank.I have attached an improved version that will
return a 404 if the a read or write request is unauthorized. Hope this helps
somebody.Original comment by achachiez on 4 Jul 2012 at 8:36
Attachments:
GoogleCodeExporter
commented
9 years ago first, your version does not stop writes if the owner is blank (i'm assuming
that's what you are attempting to do, but your can_write() method does not
throw an exception if the owner is blank).
second, the Authorizer class is not responsible for requiring that a user is
valid. that is the job of the Authenticator. you should be using an
Authenticator which requires the current user to be valid. Original comment by jahlborn@gmail.com on 4 Jul 2012 at 1:17
GoogleCodeExporter
commented
9 years ago Thanks a lot I finally got it working.Original comment by achachiez on 4 Jul 2012 at 7:14
GoogleCodeExporter
commented
9 years ago Original comment by jahlborn@gmail.com on 4 Jul 2012 at 7:55
Original issue reported on code.google.com by
achachiezon 3 Jul 2012 at 9:43