Closed
Bug 1011220
Opened 11 years ago
Closed 10 years ago
Vouched-user API keys have "public"-level access to user fields
Categories
(Participation Infrastructure :: Phonebook, defect)
Tracking
(Not tracked)
VERIFIED
FIXED
People
(Reporter: hoosteeno, Unassigned)
References
Details
When we undertake bug 1011209, we'll create a mechanism for any vouched user of Mozillians.org to get an API key. These API keys will have "public"-level access to Mozillians.org data. In the UI that means they can search for users and results will include users who have at least one public field. In the API it means the holders of these keys can access the following resources: * /users/ Vouched-user API keys can request information from the /users/ endpoint and will get a response including users matching the request parameters who have at least one public field. The fields returned with user records will be only those marked as public. * /lookup-user/?email=... Vouched-user API keys can lookup a user by the login email address associated with the user account. The response for this will include at least the email address sent in the request, the user's vouched status, and a (non-PII-leaking) link to a user resource. For example, if the requested record has no public fields, the response look something like this: { email=foo@bar.org, vouched=true(false), resource=/user/user_number } And if the requested record has public fields, the response will look something like this: { email=foo@bar, vouched=true(false), resource=/user/user_number, public_field_1=foo, public_field_2=bar, ... }
Updated•11 years ago
|
Assignee: nobody → giorgos
Updated•11 years ago
|
Status: NEW → ASSIGNED
Comment 1•10 years ago
|
||
De-assigning myself since I'm not working on mozillians now.
Assignee: giorgos → nobody
Updated•10 years ago
|
Status: ASSIGNED → NEW
Comment 2•10 years ago
|
||
Merged here: https://github.com/mozilla/mozillians/pull/1152
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Updated•10 years ago
|
Version: other → next
Updated•10 years ago
|
Status: RESOLVED → VERIFIED
Updated•10 years ago
|
Version: next → 2015-2.3
You need to log in
before you can comment on or make changes to this bug.
Description
•