Skip to content
This repository was archived by the owner on Jan 21, 2022. It is now read-only.

Move authorization before searching db in Reporting #579

Merged
merged 2 commits into from
Mar 15, 2017
Merged

Move authorization before searching db in Reporting #579

merged 2 commits into from
Mar 15, 2017

Conversation

astefanova
Copy link
Collaborator

fixes #545
[delivers #140227121]

In order to check the authorization scope before we start searching the db and avoid DOS attacks against Abacus using an invalid token we are adding one additional parameter to Resource instance usage summary report - resource_id

@cfdreddbot
Copy link
Collaborator

Hey astefanova!

Thanks for submitting this pull request! I'm here to inform the recipients of the pull request that you and the commit authors have already signed the CLA.

@cf-gitbot
Copy link
Collaborator

We have created an issue in Pivotal Tracker to manage this:

https://www.pivotaltracker.com/story/show/141783531

The labels on this github issue will be updated when the story is started.

@coveralls
Copy link

coveralls commented Mar 15, 2017
edited
Loading

Coverage Status

Coverage decreased (-0.03%) to 92.557% when pulling c80042c on SAP:move_auth into d2df603 on cloudfoundry-incubator:master.

1 similar comment
@coveralls
Copy link

Coverage Status

Coverage decreased (-0.03%) to 92.557% when pulling c80042c on SAP:move_auth into d2df603 on cloudfoundry-incubator:master.

@rajkiranrbala rajkiranrbala merged commit 7476140 into cloudfoundry-attic:master Mar 15, 2017
@hsiliev hsiliev deleted the move_auth branch March 29, 2017 12:55
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
accepted
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Authorization check performed after reading the document
5 participants
@astefanova @cfdreddbot @cf-gitbot @coveralls @rajkiranrbala