api/raw: Restrict raw object endpoint use to privileged users (!808) · Merge requests · Platform / Development / swh-web

As that endpoint can leak sensible information regarding authors in the archive, it has been decided to not make it publicly available.

So restrict its use to staff users and users with new permission swh.web.api.raw_object.

Also lift rate limit on that new endpoint to ease development of the bridge of Software Heritage to IPFS.

Migrated from D7794 (view on Phabricator)

api/raw: Restrict raw object endpoint use to privileged users