lemmy

2086 commits 1009 branches 538 tags 55 MiB

Author	SHA1	Message	Date
ryexandra	29037b4995	Security/fix permission bugs (#966 ) * secure the `EditPost` API endpoint * Check user is moderator in BanFromCommunity * secure the `EditComment` API endpoint * pass orig `read` prob when not explicitly updating it. * Block random users from adding mods. * use cleaner logic from `EditPost` * prevent editing a community by a mod from transfering ownership to them * secure `read` action in `EditPrivateMessage` * Add check in UserMention * only let the indended recipient mark as read * simplify booleans to satisfy clippy * requested changes + cargo +nightly fmt * fix to pass federation tests for deleting comments and posts Co-authored-by: chiminh <chiminh.tutanota.com> Co-authored-by: Hex Bear <buildadangtrain@protonmail.com>	2020-07-14 09:17:25 -04:00
Felix Ableitner	bb3e29e5c4	Make reads from activitypub objects immutable	2020-07-13 15:56:58 +02:00
nutomic	80aef61aed	Split code into cargo workspaces (#67 ) More fixes - fixed docker builds - fixed mentions regex test - fixed DATABASE_URL stuff - change schema path in diesel.toml Address review comments - add jsonb column back into activity table - remove authors field from cargo.toml - adjust LEMMY_DATABASE_URL env var usage - rename all occurences of LEMMY_DATABASE_URL to DATABASE_URL Decouple utils and db Split code into cargo workspaces Co-authored-by: Felix Ableitner <me@nutomic.com> Reviewed-on: https://yerbamate.dev/LemmyNet/lemmy/pulls/67	2020-07-10 18:15:41 +00:00

Author

SHA1

Message

Date

ryexandra

29037b4995

Security/fix permission bugs (#966 )

* secure the `EditPost` API endpoint

* Check user is moderator in BanFromCommunity

* secure the `EditComment` API endpoint

* pass orig `read` prob when not explicitly updating it.

* Block random users from adding mods.

* use cleaner logic from `EditPost`

* prevent editing a community by a mod from transfering ownership to them

* secure `read` action in `EditPrivateMessage`

* Add check in UserMention

* only let the indended recipient mark as read

* simplify booleans to satisfy clippy

* requested changes + cargo +nightly fmt

* fix to pass federation tests for deleting comments and posts

Co-authored-by: chiminh <chiminh.tutanota.com>
Co-authored-by: Hex Bear <buildadangtrain@protonmail.com>

2020-07-14 09:17:25 -04:00

Felix Ableitner

bb3e29e5c4

Make reads from activitypub objects immutable

2020-07-13 15:56:58 +02:00

nutomic

80aef61aed

Split code into cargo workspaces (#67 )

More fixes

- fixed docker builds
- fixed mentions regex test
- fixed DATABASE_URL stuff
- change schema path in diesel.toml

Address review comments

- add jsonb column back into activity table
- remove authors field from cargo.toml
- adjust LEMMY_DATABASE_URL env var usage
- rename all occurences of LEMMY_DATABASE_URL to DATABASE_URL

Decouple utils and db

Split code into cargo workspaces

Co-authored-by: Felix Ableitner <me@nutomic.com>
Reviewed-on: https://yerbamate.dev/LemmyNet/lemmy/pulls/67

2020-07-10 18:15:41 +00:00

Renamed from server/src/db/mod.rs (Browse further)

3 commits