External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-03-26 05:15:02 -02:30
Code Issues Packages Projects Releases Wiki Activity

Disable the authentication classes for the webhook receivers

Browse Source 
One of them was consuming the body of the posts.  We do still need to
have an extraneous `request.body` expression, though now in
WebhookReceiverBase.post, since the `request.data` expression in the
logging also consumes the request body.
This commit is contained in:
Jeff Bradberry
2019-09-06 14:59:26 -04:00
parent 58e5f02129
commit 178a2c7c49
2 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
awx/api/generics.py
View File

@@ -164,9 +164,6 @@ class APIView(views.APIView):
if custom_header.startswith('HTTP_'): if custom_header.startswith('HTTP_'):
request.environ.pop(custom_header, None) request.environ.pop(custom_header, None)
# WTF, FIXME
request.body
drf_request = super(APIView, self).initialize_request(request, *args, **kwargs) drf_request = super(APIView, self).initialize_request(request, *args, **kwargs)
request.drf_request = drf_request request.drf_request = drf_request
try: try:

4
awx/api/views/webhooks.py
View File

@@ -51,6 +51,7 @@ class WebhookReceiverBase(APIView):
lookup_field = 'pk' lookup_field = 'pk'
permission_classes = (AllowAny,) permission_classes = (AllowAny,)
authentication_classes = ()
def get_queryset(self): def get_queryset(self):
qs_models = { qs_models = {
@@ -95,6 +96,9 @@ class WebhookReceiverBase(APIView):
@csrf_exempt @csrf_exempt
def post(self, request, *args, **kwargs): def post(self, request, *args, **kwargs):
# Ensure that the full contents of the request are captured for multiple uses.
request.body
logger.debug( logger.debug(
"headers: {}\n" "headers: {}\n"
"data: {}\n".format(request.headers, request.data) "data: {}\n".format(request.headers, request.data)