hi
What is the methodology that you are following for upgrade related security testing? I am planing to create following script
For each enabled user
---> Loop through all user roles.
--------> create a user - menu item lines with least effective access for read/update/create/delete (we don't use entities and our security is only on menu items so don't care about other objects)
Compare the output with previous version and investigate the difference.
Any thoughts? and has anyone already written similar script that they can share? :)
regards