Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixed issue #19118: Improper permission management on bulk actions #3579

Merged
merged 7 commits into from
Nov 6, 2023
Merged

Fixed issue #19118: Improper permission management on bulk actions #3579

merged 7 commits into from
Nov 6, 2023

Conversation

Shnoulle
Copy link
Collaborator

Dev: fix send reset email : $userManager->canEdit()
Dev: fix Permission userManager->canAssignPermissions()
Dev: fix roles : Permission::model()->hasGlobalPermission('superadmin', 'create')
Dev: check Permission on group

@Shnoulle
Fixed issue #19118: Improper permission management on bulk actions
bd45064 
Dev: fix send reset email : $userManager->canEdit()
Dev: fix Permission userManager->canAssignPermissions()
Dev: fix roles : Permission::model()->hasGlobalPermission('superadmin', 'create')
@Shnoulle
Dev: check Permission on group
98c8eaa 
Dev: same check than UserGroupController->checkBeforeAddDeleteUser
@Shnoulle
Dev: typo on test
0f3ecfa
@Shnoulle
Copy link
Collaborator Author

Use UserManager(Yii::app()->user, $model) when i can.

@Shnoulle
Copy link
Collaborator Author

6.X #3580

gabrieljenik
gabrieljenik approved these changes Oct 31, 2023
View reviewed changes
Copy link
Collaborator

@gabrieljenik gabrieljenik left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code structure looks good

@gabrieljenik gabrieljenik added Code review done Version checked for code issue without testing and removed Needs code review labels Oct 31, 2023
@tiborpacalat tiborpacalat added Tested OK This PR has been tested by QA and works as expected and removed Needs testing labels Nov 6, 2023
@tiborpacalat tiborpacalat merged commit fcd22aa into 5.x Nov 6, 2023
9 checks passed
@tiborpacalat tiborpacalat deleted the bug/5x_13118_bulkActionUser branch November 6, 2023 13:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gabrieljenik gabrieljenik gabrieljenik approved these changes

@tiborpacalat tiborpacalat Awaiting requested review from tiborpacalat

Assignees
No one assigned
Labels
Code review done Version checked for code issue without testing Tested OK This PR has been tested by QA and works as expected
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Shnoulle @gabrieljenik @tiborpacalat