core: revert check_access API to get to prevent CSRF errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
c9dda17c68
commit
cabbd18880
|
@ -107,15 +107,19 @@ class ApplicationViewSet(UsedByMixin, ModelViewSet):
|
|||
return applications
|
||||
|
||||
@extend_schema(
|
||||
request=inline_serializer(
|
||||
"CheckAccessRequest", fields={"for_user": IntegerField(required=False)}
|
||||
),
|
||||
parameters=[
|
||||
OpenApiParameter(
|
||||
name="for_user",
|
||||
location=OpenApiParameter.QUERY,
|
||||
type=OpenApiTypes.INT,
|
||||
)
|
||||
],
|
||||
responses={
|
||||
200: PolicyTestResultSerializer(),
|
||||
404: OpenApiResponse(description="for_user user not found"),
|
||||
},
|
||||
)
|
||||
@action(detail=True, methods=["POST"])
|
||||
@action(detail=True, methods=["GET"])
|
||||
# pylint: disable=unused-argument
|
||||
def check_access(self, request: Request, slug: str) -> Response:
|
||||
"""Check access to a single application by slug"""
|
||||
|
|
24
schema.yml
24
schema.yml
|
@ -1504,10 +1504,14 @@ paths:
|
|||
'403':
|
||||
$ref: '#/components/schemas/GenericError'
|
||||
/api/v2beta/core/applications/{slug}/check_access/:
|
||||
post:
|
||||
operationId: core_applications_check_access_create
|
||||
get:
|
||||
operationId: core_applications_check_access_retrieve
|
||||
description: Check access to a single application by slug
|
||||
parameters:
|
||||
- in: query
|
||||
name: for_user
|
||||
schema:
|
||||
type: integer
|
||||
- in: path
|
||||
name: slug
|
||||
schema:
|
||||
|
@ -1516,17 +1520,6 @@ paths:
|
|||
required: true
|
||||
tags:
|
||||
- core
|
||||
requestBody:
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/CheckAccessRequestRequest'
|
||||
application/x-www-form-urlencoded:
|
||||
schema:
|
||||
$ref: '#/components/schemas/CheckAccessRequestRequest'
|
||||
multipart/form-data:
|
||||
schema:
|
||||
$ref: '#/components/schemas/CheckAccessRequestRequest'
|
||||
security:
|
||||
- authentik: []
|
||||
- cookieAuth: []
|
||||
|
@ -18415,11 +18408,6 @@ components:
|
|||
- shell
|
||||
- redirect
|
||||
type: string
|
||||
CheckAccessRequestRequest:
|
||||
type: object
|
||||
properties:
|
||||
for_user:
|
||||
type: integer
|
||||
ClientTypeEnum:
|
||||
enum:
|
||||
- confidential
|
||||
|
|
Reference in a new issue