Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] Users are able to enter manual mode without adequate permissions, potentially leading to unauthorized actions #120

Closed
mhareznik opened this issue Apr 12, 2024 · 3 comments · Fixed by #143
Closed

[BUG] Users are able to enter manual mode without adequate permissions, potentially leading to unauthorized actions #120

mhareznik opened this issue Apr 12, 2024 · 3 comments · Fixed by #143
Assignees
@peterbarancek
Labels
bug Something isn't working question Further information is requested

Comments

@mhareznik
Copy link
Collaborator

mhareznik commented Apr 12, 2024
edited
Loading

Despite lacking the necessary permissions, users can access the manual mode feature within the TcOpen framework. This presents a safety vulnerability as it allows unauthorized individuals to manipulate the component movements and potentially causing crashes. Urgent action is required to rectify this issue and ensure that only authorized users can utilize manual mode within the TcOpen framework.
@mhareznik mhareznik added bug Something isn't working question Further information is requested labels Apr 12, 2024
@PTKu PTKu assigned peterbarancek and unassigned PTKu Apr 12, 2024
@PTKu
Copy link
Member

PTKu commented Apr 12, 2024

@peterbarancek This is probably in application template.

@PTKu PTKu transferred this issue from TcOpenGroup/TcOpen Apr 12, 2024
@peterbarancek
Copy link
Collaborator

/cib

@github-actions GitHub Actions
Copy link
Contributor

Branch 120-_BUG_Users_are_able_to_enter_manual_mode_without_adequate_permissions_potentially_leading_to_unauthorized_actions created!

github-actions bot added a commit that referenced this issue Jul 11, 2024
@github-actions
Create draft PR for #120
d3c2ab3
@github-actions github-actions bot mentioned this issue Jul 11, 2024
Merged
peterbarancek added a commit that referenced this issue Jul 17, 2024
@github-actions @peterbarancek
[BUG] Users are able to enter manual mode without adequate permission…
192a5d8 
…s, potentially leading to unauthorized actions (#143)

* Create draft PR for #120

* +not possible start any modes if user dont have  a proper rights to do that (also  valid forcontext  menu)

+ReworkInstructor -added as sinbgle project , allow us find best suitable  rework defined in table .

* +sln file

---------

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: peterbarancek <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@peterbarancek peterbarancek

Labels
bug Something isn't working question Further information is requested
Projects
None yet
Milestone
No milestone
3 participants
@PTKu @peterbarancek @mhareznik