-
Notifications
You must be signed in to change notification settings - Fork 991
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fixed issue [security] #19118: Improper permission management on bulk actions #3580
Conversation
… actions Dev: fix send reset email : $userManager->canEdit() Dev: fix Permission userManager->canAssignPermissions() Dev: fix roles : Permission::model()->hasGlobalPermission('superadmin', 'create') Dev: no need Permission on group : already done
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Code structure looks OK.
Left a comment on something which could be nothing or it may need amendment.
Dev: fix returned array
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Code structure looks good.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you please change the sentence to what I suggested? Thanks
Dev: fix send reset email : $userManager->canEdit()
Dev: fix Permission userManager->canAssignPermissions()
Dev: fix roles : Permission::model()->hasGlobalPermission('superadmin', 'create')
Dev: no need Permission on group : already done