Remove user_exists endpoint from all auth systems

2015-06-22 18:17:37 -04:00 · 2015-06-22 18:17:37 -04:00 · 07439328a4
commit 07439328a4
parent b21a033ef3
6 changed files with 102 additions and 81 deletions
--- a/endpoints/api/suconfig.py
+++ b/endpoints/api/suconfig.py
@ -343,6 +343,10 @@ class SuperUserConfigValidate(ApiResource):
      'properties': {
        'config': {
          'type': 'object'
+        },
+        'password': {
+          'type': 'string',
+          'description': 'The users password, used for auth validation'
        }
      },
    },
@ -358,6 +362,6 @@ class SuperUserConfigValidate(ApiResource):
    # this is also safe since this method does not access any information not given in the request.
    if not CONFIG_PROVIDER.yaml_exists() or SuperUserPermission().can():
      config = request.get_json()['config']
-      return validate_service_for_config(service, config)
+      return validate_service_for_config(service, config, request.get_json().get('password', ''))

    abort(403)