You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
single-with-populate and single-with-populate-many also need to do model level and field level authorization on all populated items
In fact with any model right now populate will exempt you from security - there needs to be a generic filter function you can pass models or collections of models to that will take care of everything
single does not run collection level authorize and needs to be fixed to do so
The text was updated successfully, but these errors were encountered:
single-with-populate and single-with-populate-many also need to do model level and field level authorization on all populated items
In fact with any model right now populate will exempt you from security - there needs to be a generic filter function you can pass models or collections of models to that will take care of everything
single does not run collection level authorize and needs to be fixed to do so
The text was updated successfully, but these errors were encountered: