Disable /admin/ endpoint #67

toolness · 2016-06-29T14:03:34Z

As mentioned in #59 (comment), the /admin/ endpoint isn't documented.

Upon further investigation, it appears this endpoint is actually provided by sandman2, and exposes a Flask-Admin blueprint that allows users to view and edit table data.

The endpoint is protected by basic auth, whose username and password are determined by the AUTOAPI_ADMIN_USERNAME and AUTOAPI_ADMIN_PASSWORD environment variables, respectively.

Here's an example dataset in the admin view:

One question I have is in regards to editing the data. It seems like the database is constantly flushed and re-built from CSV data, so I assume that any edits will be wiped away when the CSVs are re-imported?

The text was updated successfully, but these errors were encountered:

toolness · 2016-07-05T12:47:12Z

Talked to @gbinal last week and it looks like we might actually just want to disable this endpoint entirely, particularly given the potential confusion/loss of data caused by editing via the admin UI and then importing a CSV later.

toolness mentioned this issue Jun 30, 2016

Make it possible to disable admin endpoint #71

Closed

vrajmohan changed the title ~~Document /admin/ endpoint~~ Disable /admin/ endpoint Jul 20, 2016

gbinal added the urgent label Aug 15, 2016

gbinal modified the milestone: MVP Aug 15, 2016

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Disable /admin/ endpoint #67

Disable /admin/ endpoint #67

toolness commented Jun 29, 2016

toolness commented Jul 5, 2016

Disable /admin/ endpoint #67

Disable /admin/ endpoint #67

Comments

toolness commented Jun 29, 2016

toolness commented Jul 5, 2016