Permission override on nested field with djangoldp_account
When I use djangoldp_notification with djangoldp_account, I can't access my own /users/ME/inbox/
It give me a 403.
But if I set a djangoldp_urls like this djangoldp_urls.py it works fine. (Notice, it's nearly the same as account, without dependencies like profile)
I also made a lighter djangoldp_notification with this djangoldp_urls for easier tests. djangoldp_default.zip
To reproduce working ex.
Set an empty sib manager server, put on folder then activate it.
$ pip install -U sib-manager
$ sib startproject myproject
$ cd myproject
$ unzip /path/to/djangoldp_default.zip
$ nano packages.yml # add "djangoldp_default: djangoldp_default" on ldppackages
$ sib install myproject
$ ./manage.py runserver
- Login to /admin/ with admin/admin
- Add a notification on yourself.
- Go to /users/1/inbox/ you'll see your notification
(you may also have a makemigrations & migrate to do before runserver)
To reproduce unworking ex.
Set an empty sib manager server like this:
$ pip install -U sib-manager
$ sib startproject myproject_2
$ cd myproject_2
Add on packages.yml:
ldppackages:
djangoldp_circle: djangoldp_circle
djangoldp_notification: djangoldp_notification
djangoldp_account: djangoldp_account
djangoldp_profile: djangoldp_profile
oidc_provider: 'git+https://github.com/jblemee/django-oidc-provider.git@develop'
$ sib install myproject
$ ./manage.py runserver
- Login to /admin/ with admin/admin
- Add a notification on yourself.
- Go to /users/1/inbox/ you'll see a 403