Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: added correct api endpoint for verification & logic for Aeroworkflow #3435

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

fix: added correct api endpoint for verification & logic for Aeroworkflow #3435

wants to merge 3 commits into from

Conversation

sahil9001
Copy link
Contributor

@sahil9001 sahil9001 commented Oct 16, 2024
edited
Loading

Description:

Fixes #3434 .

API Endpoint Correction:

  • Current: The detector uses /api/{accountid}/v1/AeroAppointments for verification.
  • Issue: This endpoint is not appropriate as it might involve COGs.
  • Fix: Update to use /api/{accountid}/me, which aligns with other detector patterns.
  • Reference: https://api.aeroworkflow.com/swagger/index.html

Checklist:

  • Tests passing (make test-community)?
  • Lint passing (make lint this requires golangci-lint)?

@sahil9001
Copy link
Contributor Author

@rgmz

@sahil9001 sahil9001 changed the title fix: added correct api endpoint for verification fix: added correct api endpoint for verification & logic for Aeroworkflow Oct 17, 2024
@sahil9001 sahil9001 mentioned this pull request Oct 17, 2024
Closed
2 tasks
@zricethezav
Copy link
Collaborator

Issue: This endpoint is not appropriate as it might involve COGs.

Can you elaborate on this? I'm not familiar with COGs

@sahil9001
Copy link
Contributor Author

sahil9001 commented Oct 18, 2024
edited
Loading

Issue: This endpoint is not appropriate as it might involve COGs.

Can you elaborate on this? I'm not familiar with COGs

In this scenario, "COGs" is referring to sensitive or privileged information related to customer-owned items or data. The concern seems to be that the current endpoint (/api/{accountid}/v1/AeroAppointments) might be accessing or exposing information about customer-owned goods or property, which could be a privacy or security issue.

By switching to the /api/{accountid}/me endpoint, the system would likely be accessing only user-specific information rather than potentially sensitive customer-owned data. This change aligns better with standard practices for user verification and reduces the risk of inappropriately handling customer-owned information.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
hacktoberfest-2024
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Issue with correct endpoint & pattern detection in AeroWorkFlow
2 participants
@sahil9001 @zricethezav