Bullet-proof the private field filtering in the user resource.
Review Request #7425 — Created June 15, 2015 and discarded
The user API resource does some filtering on the payload data to remove any fields that the caller shouldn't see. If the payload data already has some information removed, it's possible that this could fail. We now bullet-proof this, removing only fields found in the payload.
Unit tests pass.
SM
-
This should be fine for the most part.
-
reviewboard/webapi/resources/user.py (Diff revision 1) I'm pretty sure this case ever happening is going to be a subtle bug with the serialization and caching code. I'm wondering if we should maybe log something here as a warning about possible subtle bugs surfacing?