Skip to content

fix(api-aco): check security authorization while decorating cms methods #4667

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: dev
Choose a base branch
from
Open

fix(api-aco): check security authorization while decorating cms methods #4667

wants to merge 1 commit into from

Conversation

leopuleo
Copy link
Contributor

Changes

With this PR, we are disabling FLP decoration applied to CMS CRUD methods when authorisation is disabled, such as when using context.security.withoutAuthorization.

How Has This Been Tested?

Manually

@leopuleo leopuleo requested a review from Pavel910 July 15, 2025 08:31
@leopuleo leopuleo self-assigned this Jul 15, 2025
@Pavel910 Pavel910 added this to the 5.43.3 milestone Jul 15, 2025
brunozoric
brunozoric approved these changes Jul 17, 2025
View reviewed changes
Copy link
Contributor

@brunozoric brunozoric left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code looks ok. If the logic if (!context.security.isAuthorizationEnabled()) { is correct, everything is fine.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@brunozoric brunozoric brunozoric approved these changes

@Pavel910 Pavel910 Awaiting requested review from Pavel910

Assignees

@leopuleo leopuleo

Labels
None yet
Projects
None yet
Milestone
5.43.3
Development

Successfully merging this pull request may close these issues.
3 participants
@leopuleo @brunozoric @Pavel910