summaryrefslogtreecommitdiffstats
path: root/webapp
diff options
context:
space:
mode:
authorJannik Schönartz2019-02-26 08:23:12 +0100
committerJannik Schönartz2019-02-26 08:23:12 +0100
commite08e3feec4b329bd249f595ba807c9fbae3c282d (patch)
treee01d69b3304bea1c21674436a27901c040b9bf03 /webapp
parent[authentication] Rewrite code in async/await, fix edit account module (diff)
downloadbas-e08e3feec4b329bd249f595ba807c9fbae3c282d.tar.gz
bas-e08e3feec4b329bd249f595ba807c9fbae3c282d.tar.xz
bas-e08e3feec4b329bd249f595ba807c9fbae3c282d.zip
[permissionmanager] Fix security bug: Code was executed weather the user had the permission or not
Diffstat (limited to 'webapp')
-rw-r--r--webapp/src/components/PermissionModuleEdit.vue2
-rw-r--r--webapp/src/components/PermissionModuleGrantRevoke.vue4
2 files changed, 3 insertions, 3 deletions
diff --git a/webapp/src/components/PermissionModuleEdit.vue b/webapp/src/components/PermissionModuleEdit.vue
index 70c61f4..c026f54 100644
--- a/webapp/src/components/PermissionModuleEdit.vue
+++ b/webapp/src/components/PermissionModuleEdit.vue
@@ -272,7 +272,7 @@ export default {
groups: filteredGroups,
blacklist: filteredBlacklist
}).then(response => {
- this.$snackbar({ color: 'success', text: this.$t('roleSavedSuccess'), timeout: 15000 })
+ this.$snackbar({ color: 'success', text: this.$t('roleSavedSuccess') })
this.$store.dispatch('permissions/loadRoleData')
this.$store.commit('permissions/setEdit', false)
}).catch(error => {
diff --git a/webapp/src/components/PermissionModuleGrantRevoke.vue b/webapp/src/components/PermissionModuleGrantRevoke.vue
index 81afece..a137ea1 100644
--- a/webapp/src/components/PermissionModuleGrantRevoke.vue
+++ b/webapp/src/components/PermissionModuleGrantRevoke.vue
@@ -147,9 +147,9 @@ export default {
await this.$http.post('/api/users/' + this.selectedUsers[i].id + '/roles' + (this.grant ? '' : '/?delete'), { ids: roleIds })
}
if (this.grant) {
- this.$snackbar({ color: 'success', text: this.$t('roleGrantedSuccess'), timeout: 15000 })
+ this.$snackbar({ color: 'success', text: this.$t('roleGrantedSuccess') })
} else {
- this.$snackbar({ color: 'success', text: this.$t('roleRevokedSuccess'), timeout: 15000 })
+ this.$snackbar({ color: 'success', text: this.$t('roleRevokedSuccess') })
}
this.$store.dispatch('permissions/loadUserData')
this.$store.commit('permissions/setGrantRevoke', false)