#5294 Need to do permission checks on project REST controller

asf_release_1.0.0
closed
nobody
42cc (398)
General
2014-12-10
2012-11-14
Dave Brondsema
No

http://sourceforge.net/rest/p/allura/ lists tools that are not public (e.g. private-tickets). This is a only minor security concern since we only expose the existence of such tools, the contents are already properly protected.

Related

Tickets: #5294

Discussion

  • Dave Brondsema
    Dave Brondsema
    2013-04-11

    • labels: --> 42cc
     
    • status: open --> in-progress
     
  • Created #320: [#5294] Need to do permission checks on project REST controller (1cp)

     

    Related

    Tickets: #5294

    • status: in-progress --> code-review
     
  • Closed #320. je/42cc_5294

     
  • Dave Brondsema
    Dave Brondsema
    2013-04-26

    • QA: Dave Brondsema
     
  • Dave Brondsema
    Dave Brondsema
    2013-04-26

    • status: code-review --> closed
     
  • Dave Brondsema
    Dave Brondsema
    2013-05-02

    • Milestone: forge-backlog --> forge-may-03