Maciej Szulik added the comment: After further investigating into the rest patch that I temporarily applied here https://bitbucket.org/soltysh/roundup/branch/rest my current findings are: - we return too much information on GET, any authenticated user gets ALL of the details from any user, including password (hashed but still it's there). - I'm not clear how the POST works, it does not accept JSON as input but rather tries to parse incoming arguments, which fails.
I'll try cutting this patch into something smaller. In the first place I'd suggest removing all modifications actions and start with just read ones. Ezio I'll ping you tomorrow on IRC to discuss this more. _______________________________________________________ PSF Meta Tracker <metatrac...@psf.upfronthosting.co.za> <http://psf.upfronthosting.co.za/roundup/meta/issue579> _______________________________________________________ _______________________________________________ Tracker-discuss mailing list Tracker-discuss@python.org https://mail.python.org/mailman/listinfo/tracker-discuss
