Filter attachments with the user permissions to avoid information leaks

Kani999 / netbox-attachments

Plugin to manage attachments for any model

Apache License 2.0

55 stars 4 forks source link

Filter attachments with the user permissions to avoid information leaks #54

Closed tibobo67 closed 7 months ago

tibobo67 commented 7 months ago

The table views display the URL link whether the user actually has the permission to access the attachment or not. This pull request restrict the displayed objects according to the users's permissions so that there is no more information leak.

Kani999 commented 7 months ago

@tibobo67 Sorry for the delay. I have to add more code to your pull request and then I will publish it. I'm currently out of office and will take a look at it during next week.

Kani999 commented 7 months ago

[ ] Bump version
[ ] create new tag
[ ] Release new version
[ ] Check for permission in the Menu and other templates

Kani999 commented 7 months ago

@tibobo67 moved to #55

Work in progress. I need to do a couple of things to get it to release.