Closed gkaemmer closed 2 years ago
Biggest thing here is replacing the global authorized session with local calls to authorize_query(action, model), which while sacrificing some "defense-in-depth" makes the API more similar to what we'd use in generic (non-sqlalchemy-specific) cases.
authorize_query(action, model)
@gkaemmer can we close this one?
gj
commented
2 years ago
Biggest thing here is replacing the global authorized session with local calls to
authorize_query(action, model), which while sacrificing some "defense-in-depth" makes the API more similar to what we'd use in generic (non-sqlalchemy-specific) cases.