Showing process ids otherwise inaccessible when filtering with org #109
Labels
question
Further information is requested
Comments
|
It should behave like the v1 version and judging by the code it already does the filtering based on the current user's orgs and projects, e.g. https://github.com/walmartlabs/concord/blob/master/server/impl/src/main/java/com/walmartlabs/concord/server/process/ProcessResourceV2.java#L252 Can you make a test to illustrate the issue? |
|
Hey @pranavparikh! Any updates? Should we keep the issue open? |
|
@ibodrov , |
|
@pranavparikh any progress or should we close this? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
When logged in with a non admin account , /api/v2/process?initiator=myusername&limit=50 doesn’t return the process id from the org where the user doesn't have access to. But we do see such process ids with this call /api/v2/process?orgName=notmyorgname&&initiator=nonadminuser&projectName=notmyproject&limit=50 . If the user doesn’t have access to the org and the project, should it still show the processes if filtered by the org and project name?
The text was updated successfully, but these errors were encountered: