github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-01-18 13:32:45 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
de983796e1
discourse/spec
History
Martin Brennan de983796e1
FIX: Introduce Guardian::BasicUser for oneboxing checks (#24681) 
Through internal discussion, it has become clear that
we need a conceptual Guardian user that bridges the
gap between anon users and a logged in forum user with
an absolute baseline level of access to public topics,
which can be used in cases where:

1. Automated systems are running which shouldn't see any
   private data
1. A baseline level of user access is needed

In this case we are fixing the latter; when oneboxing a local
topic, and we are linking to a topic in another category from
the current one, we need to operate off a baseline level of
access, since not all users have access to the same categories,
and we don't want e.g. editing a post with an internal link to
expose sensitive internal information.
2023-12-05 09:25:23 +10:00
..
fabricators DEV: Housekeeping for CleanUpUploads job (#24361) 2023-11-20 09:50:09 +10:00
fixtures DEV: Fix various spec linting issues (#24672) 2023-12-04 13:45:19 +01:00
helpers DEV: Simplify ember-cli proxy strategy (#24242) 2023-11-10 11:16:06 +00:00
import_export DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
initializers DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
integration DEV: Convert approve_unless_trust_level to groups (#24357) 2023-11-21 11:31:42 -07:00
integrity DEV: Modernise highlightjs loading (#24197) 2023-11-10 20:39:48 +00:00
jobs DEV: Fix various spec linting issues (#24672) 2023-12-04 13:45:19 +01:00
lib FIX: Introduce Guardian::BasicUser for oneboxing checks (#24681) 2023-12-05 09:25:23 +10:00
mailers FIX: Add higher read & open timeouts for group SMTP emails (#24593) 2023-11-28 15:32:59 +10:00
migrations DEV: Switch over category settings to new table - Part 3 (#20657) 2023-09-12 09:51:49 +08:00
models DEV: reviewable_user spec should assert on delete_user_block instead of delete_user (#24692) 2023-12-04 12:44:32 -03:00
multisite DEV: Add S3 upload system specs using minio (#22975) 2023-08-23 11:18:33 +10:00
requests DEV: Correct forums_controller success spec (#24690) 2023-12-04 14:26:29 +00:00
script/import_scripts DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
serializers FEATURE: increase tag description limit to 1000 (#24561) 2023-11-28 08:45:40 +11:00
services DEV: Fix various spec linting issues (#24672) 2023-12-04 13:45:19 +01:00
support DEV: Pass the user who requested the summary to the strategy. (#24489) 2023-11-21 13:27:27 -03:00
system FIX: Flaky table builder spec (#24700) 2023-12-04 12:14:07 -08:00
tasks DEV: Remove the transpilation message (#23998) 2023-10-19 01:00:15 +02:00
views FIX: Use subfolder-safe url for category in html view (#24595) 2023-11-28 19:08:14 +08:00
rails_helper.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
regenerate_swagger_docs DEV: Add API docs for uploads and API doc watcher (#15387) 2021-12-23 08:40:15 +10:00
swagger_helper.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00