Order uri callback may lead to access denied [#2321205]

Comment	File	Size	Author
#1	order_uri_callback_prevent_access_denied-2321205-1.patch	663 bytes	anrikun

Comment #1

anrikun CreditAttribution: anrikun commented 14 August 2014 at 10:07

Status:

Active

» Needs review

File	Size
order_uri_callback_prevent_access_denied-2321205-1.patch	663 bytes

Log in or register to post comments

Comment #2

rszrama CreditAttribution: rszrama commented 7 July 2015 at 19:49

Issue tags:

+sprint

Tagging for http://contribkanban.com/#/board/commerce/7.x-1.x.

Log in or register to post comments

Comment #3

mglaman

English

WI, USA

CreditAttribution: mglaman at Centarro commented 9 July 2015 at 21:52

Status:

Needs review

» Reviewed & tested by the community

Applies and makes sense to check if user passes same access checks the menu path has before returning it.

Log in or register to post comments

Comment #4

rszrama CreditAttribution: rszrama at Centarro commented 27 May 2019 at 23:11

Agreed. Compared against other entities in Commerce core and we're following a similar pattenr. Committing.

Log in or register to post comments

Comment #5

27 May 2019 at 23:12

rszrama committed 3d89816 on 7.x-1.x authored by anrikun

Issue #2321205 by anrikun, rszrama, mglaman: check the proper access...

Log in or register to post comments

Comment #6

rszrama CreditAttribution: rszrama at Centarro commented 27 May 2019 at 23:13

Status:

Reviewed & tested by the community

» Fixed

Committed.

Log in or register to post comments

Comment #7

10 June 2019 at 23:14

Status:

Fixed

» Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.

Log in or register to post comments

Order uri callback may lead to access denied

Comments

Comment #1

Comment #2

Comment #3

Comment #4

Comment #5

Comment #6

Comment #7

Thank you to these Drupal contributors

News items

Our community

Documentation

Drupal code base

Governance of community