🐛(backend) fix dysfunctional permissions on document create
When creating a document access, users were benefitting on the targeted document from the highest access right they have among all documents. This is because we forgot to filter on the document ID when retrieving the role of the user. We improved all tests to secure this issue.
This commit is contained in:
Samuel Paccoud - DINUM
committed by
Samuel Paccoud
Samuel Paccoud
parent
bbcb5e0cf1
commit
1fc3029d12
@@ -23,6 +23,9 @@ and this project adheres to
|
||||
|
||||
- 🐛(frontend) invalidate queries after removing user #336
|
||||
|
||||
## Fixed
|
||||
|
||||
- 🐛(backend) Fix dysfunctional permissions on document create #329
|
||||
|
||||
## [1.5.1] - 2024-10-10
|
||||
|
||||
@@ -30,7 +33,6 @@ and this project adheres to
|
||||
|
||||
- 🐛(db) fix users duplicate #316
|
||||
|
||||
|
||||
## [1.5.0] - 2024-10-09
|
||||
|
||||
## Added
|
||||
|
||||
Reference in New Issue
Block a user