sreilly1
commented
8 years ago Will not be fixed, unsure as to why the login system,which works damn fine wasn't used.
Closed sreilly1 closed 8 years ago
sreilly1
commented
8 years ago Will not be fixed, unsure as to why the login system,which works damn fine wasn't used.
Not all routes are securely protected, i.e. a logged in user can still change the url in the address bar to visit a webpage which they are not allowed to on the portal (e.g. PHD students can actually access the admin portal when they are logged in). The aforementioned is assuming that the routes themselves don't check the users role.
This issue should be resolved prior to the demonstration, but should wait till everyone has implemented their part.
We should still check with Helen as to how much of a concern this is to her.