WIP

Review Request #7675 — Created Oct. 2, 2015 and discarded

Information

Djblets
master

Reviewers

--WIP--

The webapi allows for arbitrary data to be set in extra_data for certain API resources. Currently, all of that information is accessible through the API which is not always desirable.
The change in progress will allow users to specify private extra data which will be abstracted from the publicly api available information.

Change strips any private data (denoted by leading double underscore __) in any resource that contains extra_data before returning it to an API call.

Associated RB change: https://reviews.reviewboard.org/r/7674/


 
Description From Last Updated

Col: 19 E702 multiple statements on one line (semicolon)

reviewbotreviewbot

Col: 19 E702 multiple statements on one line (semicolon)

reviewbotreviewbot

I think this would be better suited in a serialize_extra_data method. That way, it will be very contained and automatically …

brenniebrennie
reviewbot
  1. Tool: Pyflakes
    Processed Files:
        djblets/webapi/resources/base.py
    
    
    
    Tool: PEP8 Style Checker
    Processed Files:
        djblets/webapi/resources/base.py
    
    
  2. djblets/webapi/resources/base.py (Diff revision 1)
     
     
    Col: 19
     E702 multiple statements on one line (semicolon)
    
  3. djblets/webapi/resources/base.py (Diff revision 1)
     
     
    Col: 19
     E702 multiple statements on one line (semicolon)
    
  4. 
      
AH
AH
brennie
  1. I'm not sure if this change is better suited for RB or Djblets? May want to ask Christian if this should override ReviewBoard's WebAPIResource methods or Djblet's.

    1. Actually in hind sight, this really probably should be in RB and not Djblets. But you should ask Christian.

  2. djblets/webapi/resources/base.py (Diff revision 1)
     
     
     
     
     
     

    I think this would be better suited in a serialize_extra_data method. That way, it will be very contained and automatically called when extra_data exists.

    You're also going to want to be ensuring to step through the entire object too, because extra data can be:

    "extra_data": {
        "public_key": {
            "another_public_key": True,
            "__private_key": "a secret!"
        }
    }
    

    We won't want to return __private_key in this case, even though its nested in a public key.

  3. 
      
AH
Review request changed

Status: Discarded

Loading...