Closed idanwe closed 4 years ago
Which version are you using? 1.0 or 2.0?
alanning:roles@1.2.15
@mitar What is the status of v2?
I think it is ready, but it is waiting for @alanning to release it (or release at least release candidate).
I made a test for 2.0 in c5e27a83ba88eecae00a28283f8ad93bc83916d0 and it is returning false for unknown roles.
And for 1.0 I made e486f5a34f93eff514205af58ace2c64fc9b2909. I cannot reproduce what you are reporting here, so I think you have an issue on your side.
I'm using enum for my defined roles. And at one place I misspelled a role
UserRole.Supervisor
instead ofUserRoe.SUPERVISOR
then I found thatRoles.userIsInRole(this.userId, undefined, 'real-madrid')
returns true. e.g.I found it as a security vulnerability.
Do you have some best practice to avoid it? Is it in purpose?