Closed VALERA771 closed 1 year ago
Describe the bug Using command scpd_gvr any user with access to RA can set any group any won't. No permission check there
To Reproduce Steps to reproduce the behavior:
pm setgroup <id> <any group which have only access to RA>
scpd_gvr owner
Screenshots No screenshoots, very easy to reproduce
Setup (please complete the following information):
Yeah I guess they shouldn't be RA commands as this API doesn't have any kind of permission checks.
You can get the latest dev build if you want the fix.
Describe the bug Using command scpd_gvr any user with access to RA can set any group any won't. No permission check there
To Reproduce Steps to reproduce the behavior:
pm setgroup <id> <any group which have only access to RA>
scpd_gvr owner
Screenshots No screenshoots, very easy to reproduce
Setup (please complete the following information):