Project

General

Profile

Actions

Bug #61

open

Epic #51: Security Points Checking

Story #60: Enforce safe UI behavior

A user must not access restricted pages or actions by directly manipulating the URL,

Added by rashmita rout about 1 month ago.

Status:
New
Priority:
Medium
Target version:
-
Start date:
01/19/2026
Due date:
% Done:

0%

Estimated time:
Work Type:
Bug Fix
Technical Area:
Bug Origin:
Sprint
Customer Impact:
Planned Sprint:
Completed In Sprint:
Spillover Reason:

Description

Link:-https://dev.career.techeela.net/

Steps:-
I v set the role as "Associate" and remove permission of create job there in account.techeela.net application. Now I came to career application and can see create job button is no more showing to me which is fine. Now I am manually tring to access the create job URL and it is allowing me to redirect to the create job page with same user and associate Role.

Expected Result:-
Access denied
Redirect to safe page (Home / Dashboard)
Clear “Not Authorized” message

Actual Result:-
Page is loading with all accessible fields and after filling the form its gets submitted also.
Please find the below link for reference:-
https://thehigherpitch-my.sharepoint.com/:v:/p/rashmita_rout/IQAqRLq6WtYoSpKVVWjzU2wrAYmMAycJBM4EoKwxx1XPGxg?e=sC1BXm

No data to display

Actions

Also available in: Atom PDF