aboutsummaryrefslogtreecommitdiff
path: root/tests/unit/auth/fixtures/oauth2_client_fixtures.py
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2024-06-07 11:48:29 -0500
committerFrederick Muriuki Muriithi2024-06-07 11:53:26 -0500
commitc3b179f46e75e92de942a2d45d49c74cb887efc8 (patch)
tree03e2764e9fee497ca8c0b8673d3d4382aad87b60 /tests/unit/auth/fixtures/oauth2_client_fixtures.py
parent50e458b8951f036c487d7854ebe438e4dfbd6c4f (diff)
downloadgn-auth-c3b179f46e75e92de942a2d45d49c74cb887efc8.tar.gz
Replace `…/group/roles` endpoint with `…/resource/…/roles` endpoint.
The `…/group/roles` endpoint relied on the now deleted `group_roles` table that caused the implementation to be prone to privilege escalation attacks. This commit provides the `…/resource/…/roles` endpoint that provides the required functionality without the exposure.
Diffstat (limited to 'tests/unit/auth/fixtures/oauth2_client_fixtures.py')
0 files changed, 0 insertions, 0 deletions