BookStack/app/Users/Controllers
Dan Brown 817581aa0c
Watching: Prevent issues when watchable or user is deleted
- Adds filtering to the watched items list in notification preferences
  so that deleted (recycle bin) items are removed via query.
- Adds relations and logic to properly remove watches upon user and
  entity delete events, to old watches in database do not linger.
- Adds testing to cover the above.

Did not add migration for existing data, since patch will be close to
introduction, and lingering DB entries don't open a security concern,
just some potential confusion in specific potential scenarios.
Probably not work extra migration risk, although could add in future if
concerns/issues are found.

Related to #4499
2023-09-03 14:19:43 +01:00
..
RoleApiController.php Cleaned up namespacing in routes 2023-05-18 20:57:05 +01:00
RoleController.php Notifications: Added role receive-notifications permission 2023-07-25 17:59:04 +01:00
UserApiController.php Users API: Fixed incorrect created_at date on index endpoint 2023-06-17 18:18:17 +01:00
UserController.php Guests: Prevented access to profile routes 2023-08-26 14:07:48 +01:00
UserPreferencesController.php Watching: Prevent issues when watchable or user is deleted 2023-09-03 14:19:43 +01:00
UserProfileController.php Cleaned up namespacing in routes 2023-05-18 20:57:05 +01:00
UserSearchController.php Cleaned up namespacing in routes 2023-05-18 20:57:05 +01:00