Controllers check for subadmin instead of couadmin and related authz fixes

XMLWordPrintable

      Several Controller's isAuthorized() method are checking 'subadmin' when they should actually check 'couadmin' for a role within the current CO. This allows a COU admin in CO 2 to (eg) see the people in CO 3 even though the COU admin has no relation to CO 3.

            Assignee:
            Benn Oshrin
            Reporter:
            Benn Oshrin
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved: