SECURITY FIX: Submission actions not restricted to pool
Certain actions, such as looking into the editorial page, were possible to do by (possible) authors. All submission views related to the EdCol are now filtered by the get_pool filter in the SubmissionManager to exclude objects with the requesting user being a (possible) author.
Loading
Please register or sign in to comment