Skip to content

[CLOUD-124] Only the authenticated user can update their properties on dotcom

Warren Gifford requested to merge jc/CLOUD-124-2-user-profile into main

Created by: unknwon

This PR add checks to make sure only the authenticated user can update their properties (Username, Display name and Avatar URL) on Sourcegraph.com, excluding site admins.

Read of these properties is not restricted because these basic info are being used in many places throughout our product, and I do not consider restricting site admin read is useful at this point after all.


Part of CLOUD-124, stack on https://github.com/sourcegraph/sourcegraph/pull/27063

Merge request reports

Loading