Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
2.1.0
-
None
-
None
Description
Tenancy was introduced in 2.1, however, by default it is turned off via the use_tenancy parameter but when activated it is used to limit the scope of delivery services that a user can act on.
PUT /api/$version/deliveryservices/:id/safe needs to check tenancy to ensure users do not attempt to update ds's that they don't have access to.