Add new Security Analyzer check for permissions on "Activity Feed" and "User Profile" pages #5080
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This pull request adds this new
CheckUserProfilePage
class to check the visibility of the user profile page defined in Site Settings > Site Behavior > Default Pages > User Profile Page, according to the following criteria:Case 1: the selected user profile page is "Activity Feed"
Case 2: the selected user profile page is not "Activity Feed"
Also, a new base class for audit checks is introduced, and some refactoring to the existing
CheckTelerikPresence
class is done in order to avoid redundancy.