mmesiti
commented
5 years ago The problem I see is that fixing this without complete understanding of what's going on may cause security issues?
Closed mmesiti closed 5 years ago
mmesiti
commented
5 years ago The problem I see is that fixing this without complete understanding of what's going on may cause security issues?
markgdawson
commented
5 years ago You almost certainly know this, but this is actually a problem in the funding source detail view, redirecting to list when user is unapproved.
mmesiti
commented
5 years ago exactly.
We worked out that this happens only when the funding source is not approved. When the funding source is approved, FundingSource.save actually creates the pre-approved FundingSourceMemberships for the creator (and the pi if necessary).
edbennett
commented
5 years ago I think this is closable now…
looking at
funding/list/, clicking on any funding source redirects tofunding/listagain. The issue lies inFundingsourceDetailView.user_passes_test, that always returnsFalse.