Ticket #340 (closed enhancement: fixed)

Opened 3 years ago

Last modified 2 years ago

is_app_admin global

Reported by: robert Owned by:
Priority: major Milestone: MediaMosa 2.2
Component: Core Version:
Keywords: Cc:
MoSCoW: Should Have Estimated time after impact analysis:
Related to project: none Tested: no
Accepted: no Estimated Hours: 0

Description

Some REST calls use is_app_admin TRUE/FALSE to identify the admin, in which case the owner check is skipped when executing the REST call.

However, this variable is still missing in most of the REST calls. Its a shortcut for the application, where the application does not need to provide the owner of the object to allow a write/delete action.

Making the is_app_admin global allows this action to work on all [POST] REST calls where the is_app_admin can help to skip owner checks.

Change History

Changed 2 years ago by Frans

  • status changed from new to closed
  • resolution set to fixed
  • milestone changed from MediaMosa X.X to MediaMosa 2.2

Changed 2 years ago by peter

  • milestone changed from MediaMosa 2.2 to MediaMosa 2.4

I assume 2.4 was meant to be selected.

Changed 2 years ago by peter

  • milestone changed from MediaMosa 2.4 to MediaMosa 2.2

Sorry. My mistake. I t is already closed ;)

Note: See TracTickets for help on using tickets.