github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-12-05 10:15:47 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
7616e9b540
discourse/spec/requests
History
Daniel Waterworth 7616e9b540
SECURITY: Validate email constraints when trying to redeem an invite (#17182) 
In certain situations, a logged in user can redeem an invite with an email that
either doesn't match the invite's email or does not adhere to the email domain
restriction of an invite link. The impact of this flaw is aggrevated
when the invite has been configured to add the user that accepts the
invite into restricted groups.

Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
2022-06-21 13:25:10 -05:00
..
admin DEV: Fix typo for email encoded (#15577) 2022-01-14 09:33:15 +10:00
api DEV: Add chat_group_mention notification type (#15616) 2022-01-18 08:26:27 -06:00
about_controller_spec.rb
application_controller_spec.rb SECURITY: banner-info (#17071) (#17073) 2022-06-13 11:47:44 -06:00
associate_accounts_controller_spec.rb DEV: Improve robustness of associate_accounts_controller 2021-08-10 15:07:40 +01:00
badges_controller_spec.rb
bookmarks_controller_spec.rb FEATURE: Topic-level bookmarks (#14353) 2021-09-21 08:45:47 +10:00
bootstrap_controller_spec.rb SECURITY: Remove ember-cli specific response from application routes (#15155) 2021-12-01 16:10:40 +00:00
categories_controller_spec.rb SECURITY: Category group permissions leaked to normal users. 2022-04-08 11:04:59 +02:00
clicks_controller_spec.rb
composer_messages_controller_spec.rb
csp_reports_controller_spec.rb
directory_columns_controller_spec.rb DEV: Plugin API to add directory columns (#13440) 2021-06-22 13:00:04 -05:00
directory_items_controller_spec.rb FIX: Include user_field_ids in pagination URL for directory items (#13569) 2021-06-29 14:43:38 -05:00
do_not_disturb_controller_spec.rb DEV: Replace 'processed' column on notifications with new table (#11864) 2021-01-27 10:29:24 -06:00
drafts_controller_spec.rb FEATURE: Cook drafts excerpt in user activity (#14315) 2021-09-14 15:18:01 +03:00
email_controller_spec.rb FIX: Show Uncategorized when unsubscribing (#13832) 2021-07-26 12:19:30 +10:00
embed_controller_spec.rb UX: display correct replies count in embedded comments view. (#14175) 2021-08-30 10:37:53 +05:30
exceptions_controller_spec.rb
export_csv_controller_spec.rb
extra_locales_controller_spec.rb FIX: Translation overrides from fallback locale didn't work on client 2021-12-17 14:03:35 +01:00
finish_installation_controller_spec.rb
forums_controller_spec.rb DEV: Avoid $ globals (#15453) 2022-01-08 23:39:46 +01:00
groups_controller_spec.rb PERF: Make tests faster by prefabricating more things (#15392) 2021-12-22 11:09:43 -06:00
hashtags_controller_spec.rb DEV: Correct typos and spelling mistakes (#12812) 2021-05-21 11:43:47 +10:00
inline_onebox_controller_spec.rb
invites_controller_spec.rb SECURITY: Validate email constraints when trying to redeem an invite (#17182) 2022-06-21 13:25:10 -05:00
list_controller_spec.rb PERF: Make tests faster by prefabricating more things (#15370) 2021-12-20 12:59:10 -06:00
metadata_controller_spec.rb
notifications_controller_spec.rb
offline_controller_spec.rb
omniauth_callbacks_controller_spec.rb FIX: Ensure that login does not fail for users with invite records (#15647) 2022-01-20 10:54:38 +00:00
onebox_controller_spec.rb
permalinks_controller_spec.rb DEV: Correct typos and spelling mistakes (#12812) 2021-05-21 11:43:47 +10:00
post_action_users_controller_spec.rb
post_actions_controller_spec.rb PERF: Speed up the tests by pre-fabricating more things (#15318) 2021-12-15 11:41:14 -06:00
post_readers_controller_spec.rb DEV: Correct typos and spelling mistakes (#12812) 2021-05-21 11:43:47 +10:00
posts_controller_spec.rb FEATURE: Export topics to markdown (#15615) 2022-01-17 18:05:14 -03:00
presence_controller_spec.rb DEV: Various behind-the-scenes improvements to PresenceChannel (#14518) 2021-10-07 15:50:14 +01:00
published_pages_controller_spec.rb
push_notification_controller_spec.rb
qunit_controller_spec.rb DEV: Support for running theme test with Ember CLI (third attempt) 2022-01-13 16:02:07 -05:00
reviewable_claimed_topics_controller_spec.rb
reviewables_controller_spec.rb FEATURE: Blocking is optional when deleting a user from the review queue. (#13375) 2021-06-15 12:35:45 -03:00
robots_txt_controller_spec.rb FEATURE: Replace Crawl-delay directive with proper rate limiting (#15131) 2021-11-30 12:55:25 +03:00
safe_mode_controller_spec.rb Code review comments. 2021-06-21 11:06:58 +08:00
search_controller_spec.rb FEATURE: Log only topic/post search queries in search log (#14994) 2021-11-18 09:21:12 +08:00
session_controller_spec.rb SECURITY: Remove auto approval when redeeming an invite (#16976) 2022-06-02 16:11:04 +02:00
similar_topics_controller_spec.rb FIX: reindex_search job should work on model with no search data (#11819) 2021-01-25 11:23:36 +01:00
site_controller_spec.rb DEV: Include login_required attribute in basic info endpoint (#14064) 2021-08-17 14:05:51 -04:00
static_controller_spec.rb FIX: SiteSetting.title was being polluted in StaticController (#15385) 2021-12-21 20:51:18 +01:00
steps_controller_spec.rb
stylesheets_controller_spec.rb PERF: Eager load Theme associations in Stylesheet Manager. 2021-06-21 11:06:58 +08:00
svg_sprite_controller_spec.rb FIX: Use absolute URL when redirecting SVG sprite path. 2021-06-30 11:25:05 +08:00
tag_groups_controller_spec.rb DEV: Improve tag groups test (#12848) 2021-04-27 14:05:45 +03:00
tags_controller_spec.rb FEATURE: New and Unread messages for user personal messages. (#13603) 2021-08-02 12:41:41 +08:00
theme_javascripts_controller_spec.rb DEV: Correct typos and spelling mistakes (#12812) 2021-05-21 11:43:47 +10:00
topics_controller_spec.rb DEV: Fix a flaky spec (#15529) 2022-01-11 01:51:57 +01:00
uploads_controller_multisite_spec.rb DEV: Isolate multisite specs (#13634) 2021-07-07 18:57:42 +02:00
uploads_controller_spec.rb DEV: Extract shared external upload routes into controller helper (#14984) 2021-11-18 09:17:23 +10:00
user_actions_controller_spec.rb DEV: do not return no_result_help from the server (#15220) 2021-12-08 21:46:54 +04:00
user_api_keys_controller_spec.rb
user_avatars_controller_spec.rb DEV: Remove the remaining Travis code (#13255) 2021-06-02 20:29:47 +02:00
user_badges_controller_spec.rb PERF: Make tests faster by prefabricating more things (#15392) 2021-12-22 11:09:43 -06:00
users_controller_spec.rb Merge diffs from main 2022-01-27 10:12:37 -05:00
users_email_controller_spec.rb DEV: Hash tokens stored from email_tokens (#14493) 2021-11-25 09:34:39 +02:00
webhooks_controller_spec.rb
wizard_controller_spec.rb