rpms / openqa

Clone
Source Code
GIT

Files

  1.   420c3613806de2fd82bf06167e19470c4abe1e96
  2.   0001-Only-allow-operators-and-admins-to-post-comments.patch
Blob Blame History Raw 
From 5e1e8154c33cd7eb4f9391ed0cfb44422d26843c Mon Sep 17 00:00:00 2001
From: Adam Williamson <awilliam@redhat.com>
Date: Wed, 31 Jul 2019 17:39:46 -0700
Subject: [PATCH] Only allow operators and admins to post comments

Signed-off-by: Adam Williamson <awilliam@redhat.com>
---
 lib/OpenQA/WebAPI.pm | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/lib/OpenQA/WebAPI.pm b/lib/OpenQA/WebAPI.pm
index 05348587..ba6300fb 100644
--- a/lib/OpenQA/WebAPI.pm
+++ b/lib/OpenQA/WebAPI.pm
@@ -411,14 +411,14 @@ sub startup {
     # api/v1/comments
     $api_public_r->get('/jobs/<job_id:num>/comments')->name('apiv1_list_comments')->to('comment#list');
     $api_public_r->get('/jobs/<job_id:num>/comments/<comment_id:num>')->name('apiv1_get_comment')->to('comment#text');
-    $api_ru->post('/jobs/<job_id:num>/comments')->name('apiv1_post_comment')->to('comment#create');
-    $api_ru->put('/jobs/<job_id:num>/comments/<comment_id:num>')->name('apiv1_put_comment')->to('comment#update');
+    $api_ro->post('/jobs/<job_id:num>/comments')->name('apiv1_post_comment')->to('comment#create');
+    $api_ro->put('/jobs/<job_id:num>/comments/<comment_id:num>')->name('apiv1_put_comment')->to('comment#update');
     $api_ra->delete('/jobs/<job_id:num>/comments/<comment_id:num>')->name('apiv1_delete_comment')->to('comment#delete');
     $api_public_r->get('/groups/<group_id:num>/comments')->name('apiv1_list_group_comment')->to('comment#list');
     $api_public_r->get('/groups/<group_id:num>/comments/<comment_id:num>')->name('apiv1_get_group_comment')
       ->to('comment#text');
-    $api_ru->post('/groups/<group_id:num>/comments')->name('apiv1_post_group_comment')->to('comment#create');
-    $api_ru->put('/groups/<group_id:num>/comments/<comment_id:num>')->name('apiv1_put_group_comment')
+    $api_ro->post('/groups/<group_id:num>/comments')->name('apiv1_post_group_comment')->to('comment#create');
+    $api_ro->put('/groups/<group_id:num>/comments/<comment_id:num>')->name('apiv1_put_group_comment')
       ->to('comment#update');
     $api_ra->delete('/groups/<group_id:num>/comments/<comment_id:num>')->name('apiv1_delete_group_comment')
       ->to('comment#delete');
@@ -426,9 +426,9 @@ sub startup {
       ->to('comment#list');
     $api_public_r->get('/parent_groups/<parent_group_id:num>/comments/<comment_id:num>')
       ->name('apiv1_get_parent_group_comment')->to('comment#text');
-    $api_ru->post('/parent_groups/<parent_group_id:num>/comments')->name('apiv1_post_parent_group_comment')
+    $api_ro->post('/parent_groups/<parent_group_id:num>/comments')->name('apiv1_post_parent_group_comment')
       ->to('comment#create');
-    $api_ru->put('/parent_groups/<parent_group_id:num>/comments/<comment_id:num>')
+    $api_ro->put('/parent_groups/<parent_group_id:num>/comments/<comment_id:num>')
       ->name('apiv1_put_parent_group_comment')->to('comment#update');
     $api_ra->delete('/parent_groups/<parent_group_id:num>/comments/<comment_id:num>')
       ->name('apiv1_delete_parent_group_comment')->to('comment#delete');
-- 
2.22.0
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.