file.py add permissions check to edit_form
when editing a file, a permissions check was missing after having submitted the form. Meaning if a user were to guess the correct identification string, it was possible to upload files to a sample_set which the user did not have access to.
Please register or sign in to comment