Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Order of capability checks at endpoints is confusing #1751
Steps to reproduce:
Only admins are allowed to write CA connectors. So we should instead get a message
Please note that this is not a security bug, because users will never be allowed to write CA connectors. If we remove the policy, we get the expected behavior:
Similar behavior can be found for several other endpoints. We should always check for the admin role before performing any policy checks.