Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

do not enforce default permissions on exception views #2534

Merged
merged 1 commit into from
Apr 28, 2016
Merged

do not enforce default permissions on exception views #2534

merged 1 commit into from
Apr 28, 2016

Conversation

mmerickel
Copy link
Member

@mmerickel mmerickel commented Apr 26, 2016
edited
Loading

  • this normalizes the behavior to work similar to require_csrf
  • if an explicit permission= is set on the view it will still be enforced,
    this just affects a default permission via config.set_default_permission
  • permission=NO_PERMISSION_REQUIRED was already forced on for notfound
    and forbidden views, this just helps out with other exception views

This partially solves concerns with #2533

@mmerickel
do not enforce default permissions on exception views
2160ce9 
- this normalizes the behavior to work similar to require_csrf

- if an explicit permission= is set on the view it will still be enforced,
  this just affects a default permission via config.set_default_permission

- permission=NO_PERMISSION_REQUIRED was already forced on for notfound
  and forbidden views, this just helps out with other exception views
@mmerickel mmerickel mentioned this pull request Apr 26, 2016
Open
@digitalresistor
Copy link
Member

👍

@mmerickel mmerickel merged commit 0a1f99d into Pylons:master Apr 28, 2016
mmerickel added a commit that referenced this pull request Apr 28, 2016
@mmerickel
update changelog for #2534
4b349fa
mmerickel added a commit that referenced this pull request May 1, 2016
@mmerickel
update whatsnew with #2534
fd1c397
stevepiercy pushed a commit to stevepiercy/pyramid that referenced this pull request May 8, 2016
@mmerickel @stevepiercy
update changelog for Pylons#2534
edc22a7
stevepiercy pushed a commit to stevepiercy/pyramid that referenced this pull request May 8, 2016
@mmerickel @stevepiercy
update whatsnew with Pylons#2534
9a53096
@pyup-bot pyup-bot mentioned this pull request Feb 26, 2017
Merged
@pyup-bot pyup-bot mentioned this pull request Apr 30, 2017
Merged
@pyup-bot pyup-bot mentioned this pull request Jun 30, 2017
Merged
This was referenced Sep 29, 2017
Merged
Merged
@pyup-bot pyup-bot mentioned this pull request Dec 12, 2017
Merged
@pyup-bot pyup-bot mentioned this pull request Jun 30, 2020
Closed
@mmerickel mmerickel deleted the fix/do-not-enforce-default-permissions-on-exception-views branch November 29, 2020 03:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mmerickel @digitalresistor