Project

Profile

Help

Actions
Send by e-mail Copy link

Issue #7052

closed

As an unauthenticated user I can list pulp_file repoistories

Added by bmbouter almost 4 years ago. Updated almost 4 years ago.

Status:
CLOSED - WORKSFORME
Priority:
Normal
Assignee:
-
Category:
-
Sprint/Milestone:
-
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Version:
Platform Release:
OS:
Triaged:
No
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Quarter:

Description

To Reproduce

  1. Have an empty Pulp system (no repositories). I'm not sure if this step is meaningful or not
  2. Ensure httpie won't submit any authentication credentials, e.g. delete your .netrc file on a dev environment
  3. Run http localhost/pulp/api/v3/repositories/file/file/
  4. Observe you'll get something like:
HTTP/1.1 200 OK
Allow: GET, POST, HEAD, OPTIONS
Connection: keep-alive
Content-Length: 52
Content-Type: application/json
Date: Fri, 26 Jun 2020 18:28:21 GMT
Server: nginx/1.18.0
Vary: Accept, Cookie
X-Frame-Options: SAMEORIGIN

{
    "count": 0,
    "next": null,
    "previous": null,
    "results": []
}

Expected Result

HTTP/1.1 403 Forbidden
Allow: GET, POST, HEAD, OPTIONS
Connection: keep-alive
Content-Length: 58
Content-Type: application/json
Date: Fri, 26 Jun 2020 18:28:05 GMT
Server: nginx/1.18.0
Vary: Accept, Cookie
X-Frame-Options: SAMEORIGIN

{
    "detail": "Authentication credentials were not provided."
}
Actions
Copy link
 #1

Updated by fao89 almost 4 years ago

  • Status changed from NEW to CLOSED - WORKSFORME
Actions
Send by e-mail Copy link

Also available in: Atom PDF