A security issue in access to orgs/locations has been filed, which doesn't take the user's associated taxonomies into account in both UI and API actions. Could somebody help write a patch to fix it?
http://projects.theforeman.org/issues/15268 is the ticket. It probably needs resource scopes for indexes and regular actions overriding in both controllers, or similar. Thanks! -- Dominic Cleal domi...@cleal.org -- You received this message because you are subscribed to the Google Groups "foreman-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to foreman-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
