continuum-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jesse McConnell" <jesse.mcconn...@gmail.com>
Subject Re: "Add project group" button not protected from unauthenticated users.
Date Tue, 26 Dec 2006 16:39:43 GMT
there are a number of things along these lines that I noticed in an
little audit of the action classes that I noticed.

Once rahul and I get the key based refactor wrapped up I think we'll
try and link up with some work jason has been kicking around to
improve the UI and xmlrpc code interface and security wise in one
swoop.

jesse

On 12/26/06, Wendy Smoak <wsmoak@gmail.com> wrote:
> On 11/28/06, Christian Edward Gruber <cgruber@israfil.net> wrote:
>
> > Hey.  Just FYI, in the trunk the unauthenticated user (and other
> > logged-in, unempowered users) can create new project groups.
>
> Thanks, this appears to be fixed in the latest code.  (The 'Add
> project group' button no longer appears.)
>
> --
> Wendy
>


-- 
jesse mcconnell
jesse.mcconnell@gmail.com

Mime
View raw message