Details
-
Bug
-
Resolution: Fixed
-
Critical
-
COmanage Registry 0.3 (Basic Shape)
Description
Several Controller's isAuthorized() method are checking 'subadmin' when they should actually check 'couadmin' for a role within the current CO. This allows a COU admin in CO 2 to (eg) see the people in CO 3 even though the COU admin has no relation to CO 3.
Attachments
Issue Links
- depends on
-
CO-239 couadmin not properly calculated
- Resolved