MantisBT: master-1.2.x dc9f0157
Author | Committer | Branch | Timestamp | Parent |
---|---|---|---|---|
vboctor | vboctor | master-1.2.x | 2014-11-04 19:10 | master-1.2.x 76a1d203 |
Affected Issues | 0016993: Handler can be set without having appropriate access rights | |||
Changeset | Handler access checks in SOAP API The mc_issue_add() and mc_issue_update() APIs were missing checks to validate that specified handler has the appropriate access level and that logged in user have access level to assign issues. mc_issue_get() was also missing the check that the user has access to view the handler assigned the issue. Fixes 0016993 |
|||
mod - api/soap/mc_issue_api.php | Diff File |