Wrong way to check Node constraint validation

Created on 24 April 2024, 2 months ago

Problem/Motivation

When creating an OpenAgenda node, constraint validation is made by calling the hasPermission function from openagenda sdk. That method calls "/v2/me/agendas" endpoint which needs admin rights. But a given public key may be able to fetch events from public agenda without needing to have admin rights.

Proposed resolution

Try to get at least the first event when validating OpenAgenda node to ensure read right is ok.

🐛 Bug report

Status

Needs review

Version

3.4

Component

Code

Created by

🇫🇷France sgostanyan

Live updates comments and jobs are added and updated live.

Comments & Activities

Issue created by @sgostanyan
Comment 2 months ago →
🇫🇷France sgostanyan
Comment 2 months ago →
🇫🇷France sgostanyan
Status changed to Needs review 2 months ago12:38pm 24 April 2024
Comment 2 months ago →
🇫🇷France sgostanyan

contrib.social Blog FAQ Discussions

Production build 0.69.0 2024