Skip to content

[BUG] Improve user authorization for creating assignment #565

New issue
New issue
Open
Open
[BUG] Improve user authorization for creating assignment#565
Assignees
athiruma
Labels
APIauthenticationbugself-scheduling
Milestone
 
2.x Series - Bowie
@athiruma

Description

@athiruma
athiruma
opened on Jan 16, 2025
  • QUADS version (rpm -qa | grep quads and/or quads --version):
  • Python version:
  • Operating System:

Describe the bug
A clear and concise description of what the bug is.

quads/src/quads/server/blueprints/schedules.py

Lines 87 to 92 in 8055b8d

@schedule_bp.route("/", methods=["POST"])
@check_access(["admin", "user"])
def create_schedule() -> Response:
data = request.get_json()
hostname = data.get("hostname")
cloud = data.get("cloud")

Both users and admins have the same authorization levels. This will cause users can create schedules on their own

To Reproduce
Steps to reproduce the behavior:

  1. Go to '...'
  2. Click on '....'
  3. Scroll down to '....'
  4. See error

Expected behavior
A clear and concise description of what you expected to happen.

Screenshots
If applicable, add screenshots to help explain your problem.

Additional context
Add any other context about the problem here.

Metadata

Metadata

Assignees

Labels

APIauthenticationbugself-scheduling

Type

No type

Projects

QUADS 2.2 Series

  • Status

    To do

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions