search

ecrin-github / rms-portal-new

RMS Portal with Python backend
MIT License
0 stars 0 forks source link

Prevent unauthorized users to view DTP/DUP/People pages and edit manager/other orgs objects #31

Closed cudillal closed 3 months ago

cudillal commented 4 months ago

Currently, you can view/edit any object so long as you have the correct URL. Authorization checks should be added to prevent this.