fix privacy issues in TagList and TagWebappList
webapp lists should never display apps not visible by the request.user (obviously!) TagWebappList did not implement such a filter. I added the query_webapps_for_user() helper and use it for TagWebappList, TagList and WebappList (the list returned by this function is the superset of webapps that these views are allowed to display).
Please register or sign in to comment