summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--server/src/leap/soledad/server/auth.py11
-rw-r--r--testing/tests/server/test_server.py8
2 files changed, 6 insertions, 13 deletions
diff --git a/server/src/leap/soledad/server/auth.py b/server/src/leap/soledad/server/auth.py
index b0764569..f3d9c8a8 100644
--- a/server/src/leap/soledad/server/auth.py
+++ b/server/src/leap/soledad/server/auth.py
@@ -100,7 +100,7 @@ class URLToAuthorization(object):
/shared-db/docs | -
/shared-db/doc/{any_id} | GET, PUT, DELETE
/shared-db/sync-from/{source} | -
- /user-db | GET, PUT, DELETE
+ /user-db | -
/user-db/docs | -
/user-db/doc/{id} | -
/user-db/sync-from/{source} | GET, PUT, POST
@@ -108,19 +108,12 @@ class URLToAuthorization(object):
# auth info for global resource
self._register('/', [self.HTTP_METHOD_GET])
# auth info for shared-db database resource
- self._register(
- '/%s' % SHARED_DB_NAME,
- [self.HTTP_METHOD_GET])
+ self._register('/%s' % SHARED_DB_NAME, [self.HTTP_METHOD_GET])
# auth info for shared-db doc resource
self._register(
'/%s/doc/{id:.*}' % SHARED_DB_NAME,
[self.HTTP_METHOD_GET, self.HTTP_METHOD_PUT,
self.HTTP_METHOD_DELETE])
- # auth info for user-db database resource
- self._register(
- '/%s' % self._user_db_name,
- [self.HTTP_METHOD_GET, self.HTTP_METHOD_PUT,
- self.HTTP_METHOD_DELETE])
# auth info for user-db sync resource
self._register(
'/%s/sync-from/{source_replica_uid}' % self._user_db_name,
diff --git a/testing/tests/server/test_server.py b/testing/tests/server/test_server.py
index 6710caaf..cae2e75c 100644
--- a/testing/tests/server/test_server.py
+++ b/testing/tests/server/test_server.py
@@ -110,7 +110,7 @@ class ServerAuthorizationTestCase(BaseSoledadTest):
/shared-db/docs | -
/shared-db/doc/{id} | GET, PUT, DELETE
/shared-db/sync-from/{source} | -
- /user-db | GET, PUT, DELETE
+ /user-db | -
/user-db/docs | -
/user-db/doc/{id} | -
/user-db/sync-from/{source} | GET, PUT, POST
@@ -174,13 +174,13 @@ class ServerAuthorizationTestCase(BaseSoledadTest):
authmap.is_authorized(
self._make_environ('/shared/sync-from/x', 'POST')))
# test user-db database resource auth
- self.assertTrue(
+ self.assertFalse(
authmap.is_authorized(
self._make_environ('/%s' % dbname, 'GET')))
- self.assertTrue(
+ self.assertFalse(
authmap.is_authorized(
self._make_environ('/%s' % dbname, 'PUT')))
- self.assertTrue(
+ self.assertFalse(
authmap.is_authorized(
self._make_environ('/%s' % dbname, 'DELETE')))
self.assertFalse(