fix(security): block user access policies for non admins EE-5826 (#10244)

pull/10246/head
Dakota Walsh 1 year ago committed by GitHub
parent bbc26682dd
commit 5f50f20a7a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -100,6 +100,7 @@ func FilterEndpoints(endpoints []portainer.Endpoint, groups []portainer.Endpoint
endpointGroup := getAssociatedGroup(&endpoint, groups) endpointGroup := getAssociatedGroup(&endpoint, groups)
if AuthorizedEndpointAccess(&endpoint, endpointGroup, context.UserID, context.UserMemberships) { if AuthorizedEndpointAccess(&endpoint, endpointGroup, context.UserID, context.UserMemberships) {
endpoint.UserAccessPolicies = nil
endpoints[n] = endpoint endpoints[n] = endpoint
n++ n++
} }

Loading…
Cancel
Save