|
From: | noreply |
Subject: | [myexperiment-hackers] [2071] trunk/lib/rest.rb: filtered API search. xml results to show only authorised entries |
Date: | Wed, 21 Jan 2009 08:08:31 -0500 (EST) |
filtered API search.xml results to show only authorised entries
--- trunk/lib/rest.rb 2009-01-21 13:07:10 UTC (rev 2070)
+++ trunk/lib/rest.rb 2009-01-21 13:08:31 UTC (rev 2071)
@@ -586,6 +586,9 @@
root['query'] = search_query
root['type' ] = query['type'] if query['type']
+ # filter out ones they are not allowed to get
+ results = results.select do |r| r.respond_to?('contribution') == false or r.authorized?('index', user) end
+
results.each do |result|
root << rest_reference(result, query)
end
[Prev in Thread] | Current Thread | [Next in Thread] |