Actions
Issue #7052
closedAs an unauthenticated user I can list pulp_file repoistories
Status:
CLOSED - WORKSFORME
Priority:
Normal
Assignee:
-
Category:
-
Sprint/Milestone:
-
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Version:
Platform Release:
OS:
Triaged:
No
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Quarter:
Description
To Reproduce¶
- Have an empty Pulp system (no repositories). I'm not sure if this step is meaningful or not
- Ensure httpie won't submit any authentication credentials, e.g. delete your .netrc file on a dev environment
- Run
http localhost/pulp/api/v3/repositories/file/file/
- Observe you'll get something like:
HTTP/1.1 200 OK
Allow: GET, POST, HEAD, OPTIONS
Connection: keep-alive
Content-Length: 52
Content-Type: application/json
Date: Fri, 26 Jun 2020 18:28:21 GMT
Server: nginx/1.18.0
Vary: Accept, Cookie
X-Frame-Options: SAMEORIGIN
{
"count": 0,
"next": null,
"previous": null,
"results": []
}
Expected Result¶
HTTP/1.1 403 Forbidden
Allow: GET, POST, HEAD, OPTIONS
Connection: keep-alive
Content-Length: 58
Content-Type: application/json
Date: Fri, 26 Jun 2020 18:28:05 GMT
Server: nginx/1.18.0
Vary: Accept, Cookie
X-Frame-Options: SAMEORIGIN
{
"detail": "Authentication credentials were not provided."
}
Updated by fao89 almost 4 years ago
- Status changed from NEW to CLOSED - WORKSFORME
Actions