-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
434 template paths permission check explorations #595
434 template paths permission check explorations #595
Conversation
…different type of templates - trade off: more methods and some code duplications
I tested this and works as expected, so I think we should go forward whit this. Maybe you could re add the removed tests on the business side? |
@yvespp I changed that: for testing mode, only Permission.SHAKEDOWN_TEST_MODE is requested - is this correct? Or does the user still need Permission.RESOURCE_TEMPLATE or Permission.RESOURCETYPE_TEMPLATE when in testing mode? |
@mburri I think only checking for SHAKEDOWN_TEST_MODE is ok. |
With this pull request, the permission checks to save/ update a template for resources, resource types and resource (type) relations is completely pushed to the business module.
Template Paths are now validated and absolute paths and paths traversals are not allowed