foremancommunity-templatesforeman_api
Fixes #11579 - Reports show/destroy restricted by host authorization (CVE-2015-5233)
ReportsController 'show' and 'destroy' now perform a check to see ifthe User is authorized to see the Host associated with the Report. Incase it's not, it returns 404, as to not give hints whether a Report...
Fixes #9678 - Can't update admin flag for users via API
find_resource needs to be defined prior to UsersMixin is included as itrequires the variable @user being set.
(cherry picked from commit 1b1b39861e485523b0cc0c6435fef30c38df7e07)
Refs #3809 - Remove various small cops
Refs #3809 - Remove cops for empty lines
Refs #3809 - Remove useless assignments
Fixes #7733 - Remove hosts.yml fixtures and use FactoryGirl instead
Refs #3809 - Use parentheses in method definitions
Refs #3809 - Remove rubocop TODOs
Removed the following TODOs so that cops for these will run from now on:
Lint/AmbiguousOperator, DefEndAlignment, DeprecatedClassMethodsEnsureReturn, RequireParentheses, Void, BlockAlignment, EndAlignment,UselessAccessModifier,...
fixes #6964 - replace default scope that hides users with explicit scope
Fixes #813 - External usergroups can be linked to an LDAP auth source
View revisions
Also available in: Atom