Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[4.3.7] Disallow creating consumers in org without permission #4244

Merged
merged 1 commit into from
Sep 20, 2023
Merged

[4.3.7] Disallow creating consumers in org without permission #4244

merged 1 commit into from
Sep 20, 2023

Conversation

nikosmoum
Copy link
Member

  • This issue allowed a user that has no 'create consumer' permission in a certain org, to create consumers in it, if they could guess the organization key.

@nikosmoum
Disallow creating consumers in org without permission
7643e1b 
- This issue allowed a user that has no 'create consumer' permission
  in a certain org, to create consumers in it, if they could guess
  the organization key.
@sonarcloud
Copy link

sonarcloud bot commented Sep 20, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 33 Code Smells

88.9% 88.9% Coverage
0.0% 0.0% Duplication

@Ceiu Ceiu merged commit 261ef50 into candlepin-4.3.7-HOTFIX Sep 20, 2023
14 checks passed
@Ceiu Ceiu deleted the nikos/improper_auth_fix branch September 20, 2023 13:42
@nikosmoum nikosmoum mentioned this pull request Sep 22, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Ceiu Ceiu Ceiu approved these changes

Assignees
No one assigned
Labels
merge after CI
Projects
None yet
Milestone
No milestone
2 participants
@nikosmoum @Ceiu