From 95ac3efa8b7340f48dcc1b9ffa353566d00fc4dd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20P=C3=A9ters?= <fpeters@entrouvert.com>
Date: Mon, 26 Jun 2017 21:30:50 +0200
Subject: [PATCH] api: allow all characters but / in member UUIDs (#17196)

For example @ is used for realms and the LDAP backend used to put
username@realm in the uuid field.
---
 src/authentic2/api_urls.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/authentic2/api_urls.py b/src/authentic2/api_urls.py
index cd3ad302..7175e148 100644
--- a/src/authentic2/api_urls.py
+++ b/src/authentic2/api_urls.py
@@ -9,7 +9,7 @@ urlpatterns = patterns('',
                            name='a2-api-password-change'),
                        url(r'^user/$', api_views.user,
                            name='a2-api-user'),
-                       url(r'^roles/(?P<role_uuid>[\w+]*)/members/(?P<member_uuid>[\w+]*)/$', api_views.roles,
+                       url(r'^roles/(?P<role_uuid>[\w+]*)/members/(?P<member_uuid>[^/]+)/$', api_views.roles,
                            name='a2-api-role-member'),
                        url(r'^check-password/$', api_views.check_password,
                            name='a2-api-check-password'),
-- 
2.13.1