Summary

WIP

Review Request #7675 — Created Oct. 2, 2015 and discarded Oct. 8, 2015, 2:09 p.m.

Information

Owner

ahache

Repository

Djblets

Branch

master

Bugs

Depends On

Reviewers

Groups

djblets, students

People

Description

--WIP--
The webapi allows for arbitrary data to be set in extra_data for certain API resources. Currently, all of that information is accessible through the API which is not always desirable.

The change in progress will allow users to specify private extra data which will be abstracted from the publicly api available information.
Change strips any private data (denoted by leading double underscore __) in any resource that contains extra_data before returning it to an API call.
Associated RB change: https://reviews.reviewboard.org/r/7674/

Testing Done

Issues

Description	From	Last Updated
Col: 19 E702 multiple statements on one line (semicolon)	reviewbot	Oct. 2, 2015, 2:41 p.m.
Col: 19 E702 multiple statements on one line (semicolon)	reviewbot	Oct. 2, 2015, 2:41 p.m.
I think this would be better suited in a serialize_extra_data method. That way, it will be very contained and automatically …	brennie	Oct. 8, 2015, 2:10 p.m.

Tool: Pyflakes
Processed Files:
    djblets/webapi/resources/base.py



Tool: PEP8 Style Checker
Processed Files:
    djblets/webapi/resources/base.py

djblets/webapi/resources/base.py (Diff revision 1)
The issue has been dropped. Show all issues
```
Col: 19
 E702 multiple statements on one line (semicolon)
```
djblets/webapi/resources/base.py (Diff revision 1)
The issue has been dropped. Show all issues
```
Col: 19
 E702 multiple statements on one line (semicolon)
```

Description:: ~
WIP
~
--WIP--
+
+
The webapi allows for arbitrary data to be set in extra_data for certain API resources. Currently, all of that information is accessible through the API which is not always desirable.
+ The change in progress will allow users to specify private extra data which will be abstracted from the publicly api available information.
+
+
Change strips any private data (denoted by leading double underscore __) in any resource that contains extra_data before returning it to an API call.
+
+
Associated RB change: https://reviews.reviewboard.org/r/7674/

Groups:: students

I'm not sure if this change is better suited for RB or Djblets? May want to ask Christian if this should override ReviewBoard's WebAPIResource methods or Djblet's.

brennie Oct. 2, 2015, 7:23 p.m.

Actually in hind sight, this really probably should be in RB and not Djblets. But you should ask Christian.

djblets/webapi/resources/base.py (Diff revision 1)

The issue has been resolved. Show all issues

I think this would be better suited in a serialize_extra_data method. That way, it will be very contained and automatically called when extra_data exists.
You're also going to want to be ensuring to step through the entire object too, because extra data can be:

"extra_data": {
    "public_key": {
        "another_public_key": True,
        "__private_key": "a secret!"
    }
}


We won't want to return __private_key in this case, even though its nested in a public key.

Status:: Discarded

~		WIP
	~	--WIP--
	+
	+	The webapi allows for arbitrary data to be set in extra_data for certain API resources. Currently, all of that information is accessible through the API which is not always desirable.
	+	The change in progress will allow users to specify private extra data which will be abstracted from the publicly api available information.
	+
	+	Change strips any private data (denoted by leading double underscore `__`) in any resource that contains extra_data before returning it to an API call.
	+
	+	Associated RB change: https://reviews.reviewboard.org/r/7674/