[ckan-changes] [ckan/ckan] 184c8b: Do not use the write_url for datastore_search
GitHub
noreply at github.com
Fri Sep 11 14:20:49 UTC 2015
Branch: refs/heads/datastore-auth-fixes
Home: https://github.com/ckan/ckan
Commit: 184c8b60e7563633303595e6795a04563b33218b
https://github.com/ckan/ckan/commit/184c8b60e7563633303595e6795a04563b33218b
Author: Ross Jones <ross at servercode.co.uk>
Date: 2015-09-11 (Fri, 11 Sep 2015)
Changed paths:
M ckanext/datastore/db.py
M ckanext/datastore/logic/action.py
M ckanext/datastore/logic/auth.py
M ckanext/datastore/tests/helpers.py
M ckanext/datastore/tests/test_dump.py
M ckanext/datastore/tests/test_interface.py
M ckanext/datastore/tests/test_plugin.py
M ckanext/datastore/tests/test_search.py
Log Message:
-----------
Do not use the write_url for datastore_search
This commit remove the use of the write_url in the datastore_search
action, as the permissions are already checked against the
auth.datastore_search function (which delegates to resource_show).
Looks like the non-removal of write_url in the action method was an
accidental oversight.
Tests (including the privacy tests for TestDatastoreSearch.test_search_private_dataset)
continue to pass.
Allows datastore_search_sql on private datasets
Moves the auth check for datastore_search_sql to the db module
where a list of the resource tables involved in the query is
available. This should allow users to query across resources
that they have access to whether they are public or private.
PEP8 cleanup and skipping tests with 8.4
As Postgres 8.4 is now legacy, we will skip tests that rely on features that no longer work.
More information about the ckan-changes
mailing list