Skip to content

Commit

Permalink
Fix bug where unauthorized users could interact with source_access
Browse files Browse the repository at this point in the history
  • Loading branch information
@qzapata
qzapata authored and Quinn Zapata committed Jul 29, 2019
1 parent 7b3a3c5 commit 4eab101
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions crits/core/views.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -714,6 +714,7 @@ def source_releasability(request):
error = "Expected AJAX POST!"
return render(request, "error.html", {"error" : error })

@user_passes_test(user_can_view_data)
def source_access(request):
"""
Modify a user's profile. Should be an AJAX POST.
Expand Down

0 comments on commit 4eab101

Please sign in to comment.