Issue #761
Updated by rbarlow about 9 years ago
I noticed that we have a problem with our REST interface's URL structure. In our urls.py, the following two lines are present:
<pre>
<code class="python">
url(r'^v2/users/search/$', users.UserSearchView.as_view(),
name='user_search'),
url(r'^v2/users/(?P<login>[^/]+)/$', users.UserResourceView.as_view(), name='user_resource')
</code>
</pre>
If there were a user named "search", it would be impossible to retrieve that user because the first URL would match and it would be assumed that the REST call was requesting a search, rather than a user named "search".
However, I did not see anything in our user creation code preventing a user named "search" from being created. However, I was unable to test this, due to #760. #760, however.
.