Sybren A. Stüvel e600d87592 Secure write access to /users endpoint ...

- Admins can PUT everything
- Users can only PUT themselves
- The 'auth' field is always taken from the original, and never overwritten
  by the PUT. It can be missing from the request, so you can GET and then
  PUT the same data.
- Nobody can POST or DELETE users

2016-04-26 12:38:44 +02:00

..

BlenderDesktopLogo.png

Some security fixes and other fixes for file storage.

2016-03-25 18:23:01 +01:00

common_test_class.py

Secure read access to /users endpoint.

2016-04-26 12:38:44 +02:00

common_test_data.py

Added /p/create entry point to create new projects.

2016-04-19 16:50:46 +02:00

common_test_settings.py

Allow overriding Eve settings from env in test

2016-04-26 12:34:16 +02:00

config_testing.py

Testing should have debug mode disabled.

2016-04-04 16:10:55 +02:00

test_auth.py

Secure write access to /users endpoint

2016-04-26 12:38:44 +02:00

test_blender_id_subclient.py

Unify tokens and subclient tokens

2016-04-13 15:33:54 +02:00

test_encoding.py

Some code simplifications & logging for Zencoder notifications.

2016-03-25 17:21:18 +01:00

test_file_caching.py

Renamed some test_xxx files to common_test_xxx.py

2016-03-25 16:05:36 +01:00

test_file_storage.py

Fixed imports for py.test

2016-03-25 18:27:27 +01:00

test_link_refresh.py

Added manage.py command to refresh (almost) expired links.

2016-04-01 13:03:27 +02:00

test_local_auth.py

Added local accounts

2016-04-26 12:34:16 +02:00

test_project_management.py

Allow deletion of projects by members of its admin group.

2016-04-25 16:41:57 +02:00