Users should not be allowed to add unauthorized scopes to a collection

XMLWordPrintable

    • Type: Sub-task
    • Resolution: Fixed
    • Priority: L3 - Default
    • 2.7.0
    • Affects Version/s: None
    • Component/s: backend
    • None

      Context:
      Currently, we can add scopes for definitions that the user is not allowed to see.

      AT:

      • a user can only add scopes to a collection where he is authorized to
      • a user is authorized for a collection if he is authorized to see the definition type, key and tenants of a scope

            Assignee:
            Unassigned
            Reporter:
            Johannes
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved: