categories#index does not require authorization #41
Comments
|
Can't get to it atm, but if you want to submit a pull request, I'll merge it in. We can probably just comment it all out since I believe that controller was just used when they were setting stuff up (someone correct me if I'm wrong) |
|
i can't get to it right now either. a freind of mine found this issue and is in the process of fucking with it. I changed them all back, but can't guarantee he won't keep doing it until it gets fixed. I'll look into fiing it when i get home given that he was able to change them all, i assume none of the actions require authorization. I'm probably just going to get rid of the categories controller altogether unless we want to add in an auth solution. |
|
Just uploaded a fix that comments out the categories controller and its corresponding scaffold test. Will delete when it's confirmed that it doesn't interrupt anything else (I couldn't find any problems with it anyways). This ticket can be closed after the next deployment. |
if you go to http://noladex.org/categories as a logged in user and you can change the name of any of the "what i do" categories. this is a serious issue.
The text was updated successfully, but these errors were encountered: