New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement a generic endpoint permission checker for Flask #68

Open

3 tasks

gossminn opened this issue Nov 21, 2024 · 0 comments

Open

3 tasks

Implement a generic endpoint permission checker for Flask #68

gossminn opened this issue Nov 21, 2024 · 0 comments

Assignees

Contributor

gossminn commented Nov 21, 2024 •

edited

Loading

Make sure that users get an appropriate error page when attempting to reach an endpoint that they don't have permission to access.
Make sure that inaccessible endpoints are invisible (e.g. calling a forbidden endpoint should give the same behavior as calling a non-existent endpoint)
Make sure that endpoint permission settings apply to sub-urls (e.g. if a user can't access /admin/, they also shouldn't be able to access /admin/xyz)

The text was updated successfully, but these errors were encountered:

gossminn self-assigned this

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment