Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add permission check when user update VodcfsSession #32

Open
danny900714 opened this issue Feb 17, 2022 · 0 comments
Open

Add permission check when user update VodcfsSession #32

danny900714 opened this issue Feb 17, 2022 · 0 comments
Labels
backend The backend providing GraphQL API bug 🐛 Something isn't working domain: vodcfs session The domain resource
Milestone
1.0.0

Comments

@danny900714
Copy link
Member

Currently, casl allow all update action to VodcfsSession. However, updating VodcfsSeesion of different user than actor is an unwilling operation for default USER role. Hence, we should find a way to validate full domain object in PoliciesGuard.
@danny900714 danny900714 added bug 🐛 Something isn't working backend The backend providing GraphQL API domain: vodcfs session The domain resource labels Feb 17, 2022
@danny900714 danny900714 added this to the 0.2.0 milestone Feb 17, 2022
@danny900714 danny900714 self-assigned this Feb 17, 2022
@danny900714 danny900714 moved this to Todo in Conote Feb 17, 2022
@danny900714 danny900714 removed their assignment Feb 21, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
backend The backend providing GraphQL API bug 🐛 Something isn't working domain: vodcfs session The domain resource
Projects
Conote
Status: Todo
Milestone
1.0.0
Development

No branches or pull requests
1 participant
@danny900714