- Issue created by @penyaskito
- Merge request !1265#3535221: Pending changes leaking entities that user might have no access to β (Merged) created by penyaskito
- πΊπΈUnited States tedbow Ithaca, NY, USA
Working addressing @larowlan MR comments
- πΊπΈUnited States tedbow Ithaca, NY, USA
I chatted with @larowlan and he was ok with his 2 remaining questions to be handled in follow-ups. so I created π Determine if names of unviewable entities in cache tags of /xb/api/v0/auto-saves/pending is information disclosure Active (I would have liked this nid to end in a 3) and π ApiAutoSaveControllerTest::testPost should use a less power for permission than 'bypass node access' Active
- πΊπΈUnited States tedbow Ithaca, NY, USA
If this comes back green I will merge
-
tedbow β
committed 2cee2fe6 on 0.x authored by
penyaskito β
Issue #3535221: Pending changes leaking entities that user might have no...
-
tedbow β
committed 2cee2fe6 on 0.x authored by
penyaskito β
- πΊπΈUnited States tedbow Ithaca, NY, USA
π Create UI for selective publishing of changes Active and this issue both passed tests on their own but in combo make
\Drupal\Tests\experience_builder\Kernel\ApiAutoSaveControllerTest::testDeletefail.Will open up follow-up MR
- Merge request !1276#3535221 now you need view label access to get entities in pending auto-save list β (Merged) created by tedbow
- πΊπΈUnited States tedbow Ithaca, NY, USA
media library e2e test failed. Guessing not related.
- First commit to issue fork.
-
effulgentsia β
committed 0e856e43 on 0.x authored by
tedbow β
Issue #3535221 by penyaskito, tedbow, larowlan: Pending changes leaking...
-
effulgentsia β
committed 0e856e43 on 0.x authored by
tedbow β
