Permission seems wrong

[doggy8088]

When I make a request to PUT https://jsonbin.org/username/test/_perms, the https://jsonbin.org/username/test will become public. After the /username/test become public, all the url that prefix /username/test will become public. This seems a bit problem. For example, the url /username/test123 still become public which means this is probably wrong.

[remy]

I did spot that a little time ago but thought I'd squashed it.

Maybe a test that confirms this would be a good start (there's automated tests in the test directory if you want to have a go at a PR).

On Tue, 14 Feb 2017, 07:38 Will 保哥, notifications@github.com wrote:

When I make a request to PUT https://jsonbin.org/username/test/_perms, the https://jsonbin.org/username/test will become public. After the /username/test become public, all the url that prefix /username/test will become public. This seems a bit problem. For example, the url /username/test123 still become public which means this is probably wrong.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/remy/jsonbin/issues/17, or mute the thread https://github.com/notifications/unsubscribe-auth/AAA1hDfUquVS6c7fw2fpcdnq5sXD1OFaks5rcVoQgaJpZM4MAJvk .

[remy]

Yeah, here https://github.com/remy/jsonbin/blob/master/lib/routes/api.js#L50

[doggy8088]

@remy Is this OK? https://github.com/remy/jsonbin/pull/18/files

[remy]

I need to add tests for it when I have time. I've not read the code in detail yet either.

On Sat, 18 Feb 2017, 18:18 Will 保哥, notifications@github.com wrote:

@remy https://github.com/remy Is this OK? https://github.com/remy/jsonbin/pull/18/files

— You are receiving this because you were mentioned.

Reply to this email directly, view it on GitHub https://github.com/remy/jsonbin/issues/17#issuecomment-280864493, or mute the thread https://github.com/notifications/unsubscribe-auth/AAA1hKxgp6KIOjyETc9YlGlIzsdP1BDhks5rdzYGgaJpZM4MAJvk .