Ticket #1001 (new enhancement) — at Initial Version

Opened 3 years ago

Last modified 3 years ago

API should use normal user credentials if available

Reported by: rgrp Owned by: rgrp
Priority: critical Milestone: ckan-v1.4-sprint-4
Component: ckan Keywords: bitesize core
Cc: Repository: ckan
Theme: none

Description

When using the API 'locally' i.e. from the CKAN instance (as would be the case with an ajax interface) the API, especially that allowing READ requests should use the normal user credentials if they are available prior to looking for an API key.

The key change appears to be to change _get_user_for_apikey method in lib/base.py BaseController? to check the c.user attribute (may wish to rename as the name may now be a bit misleading ...).

This is critical to incorporating any ajax editing into the frontend.

Note: See TracTickets for help on using tickets.