Incorrect permission check when edit a route from the dialog

dmossakowski / skala3ma

App for managing climbing gyms, routes and competitions

https://skala3ma.com/

GNU General Public License v3.0

4 stars 2 forks source link

Incorrect permission check when edit a route from the dialog #33

Closed scorreia closed 6 months ago

scorreia commented 8 months ago

When editing the routes from the main table, I have no issue to save my changes. When editing a route via the dialog, I cannot save my changes.

dmossakowski commented 8 months ago

I think this is caused by using /api1/ endpoints to save the changes.. when this happens, try to reload the page.. if it asks for your google account again then you should be able to edit the route normally and that is the problem..

Yes we need to look into how authentication works on javascript side (as opposed on server side with flask/python)

scorreia commented 8 months ago

yes, it does not seem to happen every time. It needs a bit more of tests. Sometimes, also, when clicking on the list, the dialog opens but it is not editable.

dmossakowski commented 6 months ago

I removed the token expiration check and so this is resolved. Oauth flask client refreshes the token itself in the background so there is no security risk and there is no need to check the expiration time.

https://github.com/dmossakowski/skala3ma/pull/66