Actions
Bug #5865
openUser can access UI routes that are hidden in the UI
Status:
New
Priority:
Normal
Assignee:
-
Category:
Users, Roles and Permissions
Target version:
-
Description
1. Create a new user without any permissions
2. Login as that new user
3. Notice there is no 'domains' menu item
4. Access '/domains' in the browser
Result:
User is presented with domains index page including New Domains button
Expected:
User is told permission denied to access that page
Updated by Dominic Cleal almost 10 years ago
- Category set to Users, Roles and Permissions
Actions