Closed gsvarovsky closed 1 year ago
It's possible, with a non-app-managed clone using genuine user credentials, to add and remove timesheet security principals (users).
This should be prevented by making principals statutory, and giving the Gateway authority over them.
Requires m-ld/m-ld-js#130
It's possible, with a non-app-managed clone using genuine user credentials, to add and remove timesheet security principals (users).
This should be prevented by making principals statutory, and giving the Gateway authority over them.
Requires m-ld/m-ld-js#130