mirrors/wallabag
1
0
Fork 0
mirror of https://github.com/wallabag/wallabag.git synced 2024-06-10 01:09:23 +00:00
Code Issues Projects Releases Wiki Activity
9044 commits 12 branches 99 tags 142 MiB
Commit graph

21 commits

Author SHA1 Message Date
Yassine Guedidi 0a117958c9 Apply PHP-CS-Fixer fixes 2024-01-22 19:15:54 +01:00
Rotzbua 51c68655fb Fix some typos 2023-09-18 11:16:19 +02:00
Jeremy Benoist 4dd380b7dd
Fix test following 2.5 merge into master 2023-04-24 14:46:40 +02:00
Jeremy Benoist 66b7bdd07c
Merge remote-tracking branch 'origin/2.5.x' 2023-04-24 14:36:32 +02:00
Kevin Decherf 3ed7f2b751 AnnotationController: fix improper authorization vulnerability 
This PR is based on 2.5.x branch.

We fix the improper authorization by retrieving the annotation using id
and user id.

We also replace the ParamConverter used to get the requested Annotation
on put and delete actions with an explicit call to AnnotationRepository
in order to prevent a resource enumeration through response discrepancy.

Fixes GHSA-mrqx-mjc4-vfh3

Co-authored-by: Jeremy Benoist <jeremy.benoist@gmail.com>
Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2023-01-27 23:34:14 +01:00
Jeremy Benoist b7dba18cb2
Cleanup 2022-11-23 15:51:33 +01:00
Yassine Guedidi 1bee0eeb29 Make repositories use ServiceEntityRepository 2022-08-31 02:05:30 +02:00
Kevin Decherf 69b563948d AnnotationRepository: rename getBuilderByUser 
We rename getBuilderByUser to getSortedQueryBuilderByUser as long as the
method currently returns a QueryBuilder with an orderBy()

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2018-09-05 18:44:08 +02:00
Nicolas Hart 52b84c11a5 Fix some namespaces and phpdoc 2017-07-29 22:51:50 +02:00
Jeremy Benoist f808b01692
Add a real configuration for CS-Fixer 2017-07-01 09:52:38 +02:00
Nicolas Lœuillet 13a592a128
Renamed methods 2017-03-31 17:03:08 +02:00
Nicolas Lœuillet 9102851f59
Added delete button on Baggy theme 2017-03-31 10:53:23 +02:00
Thomas Citharel 6da1aebc94 Allow to remove all archived entries 
Since we still support fucking SQLite, we need to retrieve all tags & annotations for archived entries before deleting them.

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
 2017-03-31 10:46:05 +02:00
Jeremy Benoist 9313ea9d44 Merge pull request #2401 from wallabag/reset-account 
Reset account
 2016-10-24 11:57:51 +02:00
Jeremy Benoist b0de88f75d
Use statements & update translation 2016-10-22 13:13:07 +02:00
Jeremy Benoist 8c61fd12b1
CS 2016-10-22 13:13:07 +02:00
Jeremy Benoist 191564b7f7
Add custom doctrine subscriber for SQLite 
Since SQLite doesn’t handle cascade remove by default, we need to handle it manually.

Also some refacto
 2016-10-22 13:13:07 +02:00
Jeremy Benoist aa4741091f
Add test on /api/annotations 
Fix controller forward in WallabagRestController.
Update PHPDoc so it is sorted the same way as others one
Duplicate all annotations test to use both api & normal way
Also, make annotation tests independent to each other
 2016-10-22 12:09:20 +02:00
Jeremy Benoist b95ffda2a1 Fix hazardous bug with Postgres 
Instead of retrieving a random annotation, sort them to be sure they are all the same no matter the database used
 2016-03-12 10:45:14 +01:00
Jeremy Benoist 09d8bb6fa2 Improve tests 
- add more tests for coverage
- add a test on annotation deletion
- fix post annontation with ranges
 2016-03-11 17:59:42 +01:00
Nicolas Lœuillet 4dc872238a Rename CommentBundle with AnnotationBundle 2016-02-26 18:14:42 +01:00