Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Fixed
    • Affects Version/s: 2.1-dev
    • Fix Version/s: 2.1-dev, 2.1
    • Component/s: Ajax
    • Labels:
      None

      Description

      Entity Editor has been broken for a long time.
      Also, the entity editor is unsecured.
      Propose fixing this bug by retrofitting onto a "ajax-direct" pipeline keyed of the /ajax pipeline mapping
      Also assign a security behavior to the ajax valve to give it RBAC security, locking out all AJAX calls not authorized by a list of trusted roles

        Activity

          People

          • Assignee:
            David Sean Taylor
            Reporter:
            David Sean Taylor
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development