Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

review enabled roles/groups - role/group Review api does not force another admin approval #2559

Closed
havetisyan opened this issue Mar 14, 2024 · 0 comments
Closed

review enabled roles/groups - role/group Review api does not force another admin approval #2559

havetisyan opened this issue Mar 14, 2024 · 0 comments
Labels
bug

Comments

@havetisyan
Copy link
Collaborator

when the role and/or group is configured as review-enabled, it indicates that all changes to the members must be approved by another admin.

However, if the admin uses putRoleReview or putGroupReview API, then the server only checks the audit-enabled flag and does not check the review enabled flag thus allowing any user extension to take place without the second approval.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@havetisyan