summaryrefslogtreecommitdiffstats
path: root/rust/fatcat-api-spec/src
diff options
context:
space:
mode:
authorBryan Newbold <bnewbold@robocracy.org>2019-04-09 22:01:21 -0700
committerBryan Newbold <bnewbold@robocracy.org>2019-04-09 22:01:24 -0700
commitb1b4ecc1d7bc3aaffc6d8f88ad99709867c0dc14 (patch)
tree38481a83ad3bbcf16d7c78923a9da355efc42e1e /rust/fatcat-api-spec/src
parent1655a55f61658664d437bd2a018e6eb1243dfbfc (diff)
downloadfatcat-b1b4ecc1d7bc3aaffc6d8f88ad99709867c0dc14.tar.gz
fatcat-b1b4ecc1d7bc3aaffc6d8f88ad99709867c0dc14.zip
don't require auth for editgroup annotations
Amazing that this bug found it's way through... because most testing is from Python, and was having serious auth config leakage with python_client. We're still in 0.x, and this is such a small/eggregious bug that i'm not going to tag as a backwards-incompatible schema update (but will note in CHANGELOG).
Diffstat (limited to 'rust/fatcat-api-spec/src')
-rw-r--r--rust/fatcat-api-spec/src/server.rs2
1 files changed, 0 insertions, 2 deletions
diff --git a/rust/fatcat-api-spec/src/server.rs b/rust/fatcat-api-spec/src/server.rs
index af13948e..90b4d19a 100644
--- a/rust/fatcat-api-spec/src/server.rs
+++ b/rust/fatcat-api-spec/src/server.rs
@@ -4196,8 +4196,6 @@ where
context.auth_data = req.extensions.remove::<AuthData>();
context.authorization = req.extensions.remove::<Authorization>();
- let authorization = context.authorization.as_ref().ok_or_else(|| Response::with((status::Forbidden, "Unauthenticated".to_string())))?;
-
// Path parameters
let param_editgroup_id = {
let param = req