adding auth req for /interactions api endpoint (#41)

* adding auth req for /interactions api endpoint * test fix
spotify · May 15, 2020 · 33c3ab9 · 33c3ab9
1 parent 98c2bd0
commit 33c3ab9
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 1 deletion.
diff --git a/comet_core/api_v0.py b/comet_core/api_v0.py
@@ -495,6 +495,7 @@ def get_issues():
 
 
 @bp.route("/interactions", methods=["GET"])
+@requires_auth
 def get_interactions_get():
     """This endpoint expose the get_interactions functionality via GET request.
     Doesn't required authentication as the information returned is deemed not sensitive.
@@ -507,6 +508,7 @@ def get_interactions_get():
 
 
 @bp.route("/interactions", methods=["POST"])
+@requires_auth
 def get_interactions_post():
     """This endpoint expose the get_interactions functionality via POST request.
     Doesn't required authentication as the information returned is deemed not sensitive.

diff --git a/setup.py b/setup.py
@@ -16,7 +16,7 @@
 
 setuptools.setup(
     name="comet-core",
-    version="2.6.0",
+    version="2.6.1",
     url="https://github.com/spotify/comet-core",
     author="Spotify Platform Security",
     author_email="wasabi@spotify.com",

diff --git a/tests/test_api_v0.py b/tests/test_api_v0.py
@@ -334,5 +334,6 @@ def test_endpoint_post_no_request_hydrator(client_without_request_hydrator):
 
 
 def test_endpoint_get_interactions(client):
+    g.test_authorized_for = ["non@existant.com"]
     res = client.post("/v0/interactions", json=post_json_data)
     assert "[]" in res.data.decode("utf-8")