#196: fixed ROLE check in security checks - Githubissues

JujaLabs / itevents

Resource to subscribe on it events

Apache License 2.0

7 stars 5 forks source link

#196: fixed ROLE check in security checks #205

Closed IgorMaksymov closed 8 years ago

IgorMaksymov commented 8 years ago

connect to #196

vaa25 commented 8 years ago

@IgorMaksymov

MyBatisUserServiceTest .shouldAddSubscriber(), .shouldThrowEntityAlreadyExistsServiceExceptionWhenAddExistingSubscriber(): 1.1 userDao rule has redundant eq, any 1.2 guestRole is created two times (DRY)
some methods such setOtpToUsershouldn't be public and should be removed from service interface

@AndriyBaibak 20 min

IgorMaksymov commented 8 years ago

@vaa25 make new task for this

vaa25 commented 8 years ago

PASSED

romach commented 8 years ago

@IgorMaksymov branch name 196-permission-error doesn't match issue name (Fix 403 error when enter admin resources (/admin, /users/*/events) with admin user.) nor pull request name (#196: fixed ROLE check in security checks)

romach commented 8 years ago

@IgorMaksymov I think that we also need security test for /users/*/events

romach commented 8 years ago

@AndriyBaibak 30 minutes spent

IgorMaksymov commented 8 years ago

@romach when i was taking this task,i dont knew what exactly is happening, that why different names. http 403 is permission error, when you dont have enough rights.

IgorMaksymov commented 8 years ago

@romach fixed

romach commented 8 years ago

@IgorMaksymov you could give the issue name to branch (#196-fix-403-error-when-enter-admin-resources-with-admin)

romach commented 8 years ago

@IgorMaksymov you should run build locally before pushing to GitHub to avoid fix-commits

IgorMaksymov commented 8 years ago

@romach yes, sorry, just woke up