Le 13/07/2020 à 14:50, Jacques Le Roux a écrit :
Something related I already shared in the security ML:
I guess we don't want to change (I don't mean the NOTE but the feature).
// NOTE: must check permission first so that admin users can set own
password without specifying old password
I think it's OK as is and with the lazy consensus I will told the reporter so
I also have a question to you Jacopo:
I'm not quite sure you meant with (https://s.apache.org/04dt9)
// TODO: change this security group because we can't use permission groups
defined in the applications from the framework.
Which security group is it about?
I guess it's the PARTYMGR security group and anyway it's unrelated, forget it
Jacques