Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TASK: Clean up permissions checking with Role Names vs. Role IDs #950

Open
johnhenley opened this issue Jul 2, 2024 · 0 comments
Open

TASK: Clean up permissions checking with Role Names vs. Role IDs #950

johnhenley opened this issue Jul 2, 2024 · 0 comments
Assignees
@johnhenley
Labels
technical debt Issue that doesn't directly affect usability but will improve technical debt posture
Milestone
Future

Comments

@johnhenley
Copy link
Collaborator

There are a number of places in the module where permissions are checked, and sometimes use Role names vs IDs. Since these are both represented as string arrays internally, the conversion is not inherently obvious, leading to subtle bugs, and should be standardized across the module to always use one convention. Particularly in web api controllers security which inherits from DnnApiController, UserInfo.Roles returns NAMES, and needs to be converted to IDs to be passed to Forums PermissionController(). Review all and figure out a standard.
@johnhenley johnhenley added the technical debt Issue that doesn't directly affect usability but will improve technical debt posture label Jul 2, 2024
@johnhenley johnhenley added this to the Future milestone Jul 2, 2024
@johnhenley johnhenley self-assigned this Jul 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@johnhenley johnhenley

Labels
technical debt Issue that doesn't directly affect usability but will improve technical debt posture
Projects
None yet
Milestone
Future
Development

No branches or pull requests
1 participant
@johnhenley