github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-11-24 04:13:22 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
245d29e5a3
discourse/spec
History
Guo Xiang Tan 245d29e5a3
SECURITY: Mod should not see group_users and second_factor_enabled. 
Moderators should not be able to see `UserSerializer#group_users` and `UserSerializer#second_factor_enabled` of other users.

Impact of leaking this is low because the information leaked is not
exploitable.
2020-09-11 10:23:35 +08:00
..
components FIX: Make sure rel attributes are correctly set. (#10645) 2020-09-10 12:59:51 -03:00
fabricators FIX: generate_topic_thumbnails job infinitely running for corrupted images 2020-08-13 17:08:32 -06:00
fixtures FIX: improve Vanilla importing (#10478) 2020-08-24 16:19:57 -04:00
helpers Fix the build. 2020-09-09 15:43:38 +08:00
import_export FEATURE: Rake task to export groups (#9450) 2020-04-17 14:59:54 -07:00
initializers FIX: We need to skip users with associated reviewables when auto-approving (#9080) 2020-03-02 14:33:52 -05:00
integration FIX: Pluralized translation overrides didn't work for en_US 2020-08-29 00:11:46 +02:00
integrity DEV: Check English locale for errors in CI 2020-06-03 21:54:58 +02:00
jobs FEATURE: Add bookmarks to the user export (#10591) 2020-09-11 11:03:22 +10:00
lib FIX: Prevent "uploads are missing in S3" alerts after restoring a backup 2020-09-10 21:37:48 +02:00
mailers FEATURE: Allow email image embed with secure media (#10563) 2020-09-10 09:50:16 +10:00
models Revert "FEATURE: moderators allowed to view groups which members can see." 2020-09-11 10:04:54 +08:00
multisite FIX: invalid urls should not break store.has_been_uploaded? 2020-06-25 15:00:15 +10:00
requests UX: display moderators group name in the group dropdown menu. 2020-09-11 00:06:40 +05:30
script/import_scripts FIX: improve Vanilla importing (#10478) 2020-08-24 16:19:57 -04:00
serializers SECURITY: Mod should not see group_users and second_factor_enabled. 2020-09-11 10:23:35 +08:00
services DEV: add plugin hooks for silence message parameters (#10538) 2020-09-01 17:25:24 -07:00
support DEV: Improve docs for Sidekiq job assertion helpers. 2020-07-24 17:37:22 +08:00
tasks FEATURE: Add uploads:batch_migrate_from_s3 task to limit total posts migrated at once (#9933) 2020-06-04 09:48:11 +10:00
views/omniauth_callbacks FEATURE: Use full page redirection for all external auth methods (#8092) 2019-10-08 12:10:43 +01:00
rails_helper.rb FIX: SiteSettings::LocalProcessProvider didn't work on multisite 2020-08-20 11:15:20 +02:00
swagger_helper.rb DEV: Add rswag to aid in api documention (#9546) 2020-04-27 16:40:07 -06:00