Project

General

Profile

Bug #22384

Updated by Fran├žois ARMAND 7 months ago

Currently, if a custom-role is defined and it reference unknown permission, then it is ignored.  
 We want to allow that (and just ignore the unknown permissions) so that, for ex if a role refers perm related to other plugins, the role remains OK even if one of the plugin is not loaded (and so its permission are unknown from Rudder). 

 This does not create a security risk since our permission are only additive (union based), and there is no "exclude".

Back