search

ramses-tech / ramses

RAML + Elasticsearch / Postgres / Mongodb / Your Data Store™ + Pyramid = RESTful API
http://ramses.tech
Apache License 2.0
303 stars 29 forks source link

Fix x-ACL of items being ignored when getting a resource #98

Closed oleduc closed 8 years ago

oleduc commented 8 years ago

Hi,

Right now it appears as though the default ACLs of collection are used when trying to read a specific resource.

This is an update to magic ACLs to allow using the x-ACL of items instead of those provided for collection.

I'm not sure if this is the right way to go about this, but it seemed like the only solution because there is not other context information provided by the caller, which is a member pyramid.authorization.

I noticed that one test would fail because self.request.context was not defined, I added a check on self.request.context using hasattr, because I wasn't 100% sure this was a mocking error or if this was specification just by looking at the tests.

oleduc commented 8 years ago

@postatum Hey, is there something wrong with my PR? Any news on this?

Thanks :)

jstoiko commented 8 years ago

This has been fixed (@develop branch).