White-list query parameters

### Pacifica Metadata version
1.0

### Pacifica Core Software versions
n/a

### Platform Details
All supported platforms.

### Scenario:
The decorator functions in `metadata/rest/orm.py` should white-list HTTP query parameters using the "Strong Parameters" technique (c.f., http://api.rubyonrails.org/classes/ActionController/StrongParameters.html).

### Steps to Reproduce:

1. Issue a GET request with a valid identifier and an unacceptable query parameter, e.g., using the cURL command: `curl -X GET 'http://example.com/users?_id=XYZ&foo=bar'`, where "XYZ" is a valid User ID.

2. Issue a GET request with only unacceptable query parameters, e.g., using the cURL command: `curl -X GET 'http://example.com/users?foo=bar'`.

### Expected Result:

1. Server should respond with HTTP status code: 406 Not Acceptable.

2. Server should respond with HTTP status code: 406 Not Acceptable.

### Actual Result:

1. Server responds with HTTP status code: 500 Internal Server Error.

1. Server responds with HTTP status code: 200 OK; response body is ALL records (i.e., no filtering).


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

White-list query parameters #87

Pacifica Metadata version

Pacifica Core Software versions

Platform Details

Scenario:

Steps to Reproduce:

Expected Result:

Actual Result:

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

White-list query parameters #87

Description

Pacifica Metadata version

Pacifica Core Software versions

Platform Details

Scenario:

Steps to Reproduce:

Expected Result:

Actual Result:

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions