Enforce read only clients
This commit is contained in:
parent
0e8b4751b4
commit
08f535c15c
@ -106,8 +106,14 @@ impl APIClientAuth {
|
||||
return Err(actix_web::error::ErrorBadRequest("Method mismatch!"));
|
||||
}
|
||||
|
||||
// Check for write access
|
||||
if client.readonly_client && !req.method().is_safe() {
|
||||
return Err(actix_web::error::ErrorBadRequest(
|
||||
"Read only client cannot perform write operations!",
|
||||
));
|
||||
}
|
||||
|
||||
// TODO : handle payload
|
||||
// TODO : check read only access
|
||||
// TODO : update last use (if required)
|
||||
// TODO : check for IP restriction
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user