Missing Optimize Application Authorization check for role entries

XMLWordPrintable

    • Type: Bug Report
    • Resolution: Fixed
    • Priority: L3 - Default
    • 3.0.0
    • Affects Version/s: 3.0.0
    • Component/s: backend
    • None

      Context:
      If roles/permission entries for collections and event based processes are created and an id is directly entered manually for which no result available from the cache, the id is resolved by a call to the engine. If a user/group for this id exists, the identity is added to the cache. This was done with OPT-2909, however a check whether this identity has an Application access permission for Optimize is not performed.

      AT:

      • identities should only get returned and added to the cache if they have an Optimize application authorization

        This is the controller panel for Smart Panels app

              Assignee:
              Unassigned
              Reporter:
              Sebastian Bathke
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Created:
                Updated:
                Resolved: