github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-01-19 03:12:46 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
dd495a0e19
discourse/spec
History
Isaac Janzen dd495a0e19
FEATURE: Allow admins to delete reviewables via API (#21174) 
This PR adds the ability to destroy reviewables for a passed user via the API. This was not possible before as this action was reserved for reviewables for you created only.

If a user is an admin and calls the `#destroy` action from the API they are able to destroy a reviewable for a passed user. A user can be targeted by passed either their:
- username
- external_id (for SSO) 

to the request.

In the case you attempt to destroy a non-personal reviewable and
- You are not an admin
- You do not access the `#destroy` action via the API

you will raise a `Discourse::InvalidAccess` (403) and will not succeed in destroying the reviewable.
2023-04-20 09:38:41 -05:00
..
fabricators DEV: Define form template field inputs (#20430) 2023-03-01 11:07:13 -08:00
fixtures DEV: Allow DROP NOT NULL in pre-deploy migrations (#20775) 2023-03-22 14:43:32 +00:00
helpers DEV: Replace #pluck_first freedom patch with AR #pick in core (#19893) 2023-02-13 12:39:45 +08:00
import_export DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
initializers DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
integration DEV: Update the rubocop setup (#20668) 2023-03-14 11:42:11 +01:00
integrity DEV: Colocate wizard component templates (#20309) 2023-02-15 11:29:22 +00:00
jobs FIX: Don’t assume post is available in UserEmail job (#21054) 2023-04-12 12:34:22 +10:00
lib Revert "DEV: Merge package.json files (#21172)" (#21182) 2023-04-20 14:57:40 +02:00
mailers DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
models FIX: 500 error when adding restricted category tags (#21147) 2023-04-18 11:01:11 -06:00
multisite DEV: Add plugin hook for transforming site setting defaults (#20941) 2023-04-05 12:28:16 +01:00
requests FEATURE: Allow admins to delete reviewables via API (#21174) 2023-04-20 09:38:41 -05:00
script/import_scripts DEV: Correct syntax_tree violations 2023-02-02 13:03:11 +00:00
serializers UX: Enable new notifications menu by default (#21060) 2023-04-12 09:45:29 +01:00
services FIX: Hashtag subcategory ref incorrect when not highest-ranked type (#21163) 2023-04-20 09:03:55 +10:00
support FIX: Render links with subfolders properly in Discobot 2023-04-17 16:53:00 +02:00
system FEATURE: Add new don't feed the trolls feature (#21001) 2023-04-20 15:49:35 +08:00
tasks DEV: Capture output in hashtags spec (#20773) 2023-03-23 11:47:14 +10:00
views FEATURE: add category name in articleSection meta tag for schema. (#21004) 2023-04-06 23:30:19 +05:30
rails_helper.rb DEV: Change Bookmarkable registration to DiscoursePluginRegistry (#20556) 2023-03-08 10:39:12 +10:00
regenerate_swagger_docs DEV: Add API docs for uploads and API doc watcher (#15387) 2021-12-23 08:40:15 +10:00
swagger_helper.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00