diff options
Diffstat (limited to 'server')
-rw-r--r-- | server/src/leap/soledad/server/url_mapper.py | 22 |
1 files changed, 10 insertions, 12 deletions
diff --git a/server/src/leap/soledad/server/url_mapper.py b/server/src/leap/soledad/server/url_mapper.py index a0edeaca..d4961c92 100644 --- a/server/src/leap/soledad/server/url_mapper.py +++ b/server/src/leap/soledad/server/url_mapper.py @@ -50,18 +50,14 @@ class URLMapper(object): This method sets up the following authorization rules: - URL path | Authorized actions - -------------------------------------------------- - / | GET - /robots.txt | GET - /shared-db | GET - /shared-db/docs | - - /shared-db/doc/{any_id} | GET, PUT, DELETE - /shared-db/sync-from/{source} | - - /user-db | - - /user-db/docs | - - /user-db/doc/{id} | - - /user-db/sync-from/{source} | GET, PUT, POST + URL path | Authorized actions + ---------------------------------------------------- + / | GET + /robots.txt | GET + /shared-db | GET + /shared-db/doc/{any_id} | GET, PUT, DELETE + /user-{uuid}/sync-from/{source} | GET, PUT, POST + /blobs/{uuid}/{blob_id} | GET, PUT, POST """ # auth info for global resource self._connect('/', ['GET']) @@ -75,3 +71,5 @@ class URLMapper(object): # auth info for user-db sync resource self._connect('/user-{uuid}/sync-from/{source_replica_uid}', ['GET', 'PUT', 'POST']) + # auth info for blobs resource + self._connect('/blobs/{uuid}/{blob_id}', ['GET', 'PUT']) |