[DQT] Implement permissions on data access #5152
Assignees
Labels
Category: Feature
PR or issue that aims to introduce a new feature
Category: Security
PR or issue that aims to improve security
Comments
johnsaigle
added
Category: Feature
|
Will be resolved by @driusan's revamp |
|
It's still an issue until thats done. |
|
Permissions are enforced in the backend by #8268 but since no one will use that until there's a new frontend I think this needs to stay open. |
|
The frontend was merged in #8907. The new DQT still needs to be iterated on to incorporate all the information from the old CouchDB import scripts, but I think this can be closed as resolved now. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Users that have access to the DQT are not limited to the data of the sites and projects they belong to.
These permissions should be applied on data returned to the browser
Redmine: #10851
The text was updated successfully, but these errors were encountered: