Hariom Balhara
9c23a8e5ab
Security Fixes ( #224 )
...
Fixes - 2,3,4 security vulnerabilities reported in this message.
https://calendso.slack.com/archives/C03127U5S5Q/p1671922033089329
More Fixes
- Dont't allow a user to add a random attendee to a booking not owned by
him
- Don't allow a user to add a random cal user as an organizer of the
booking.
- Membership deletion should be as per the Privileges of
Owner,Admin,Member
2023-01-04 15:17:47 -07:00
zomars
055699f612
Various import and type fixes
2022-11-25 06:58:21 -07:00
alannnc
c016a4343d
added more endpoints and validations for publish-pay teams ( #209 )
...
## What does the PR do?
- Team billing via API
Just like the web project, we validate that team has stripe metadata
before converting requestedSlug to slug.
Co-authored-by: zomars <zomars@me.com>
2022-11-22 13:24:25 -07:00
zomars
d93fd26a1e
Removed unused methods middleware
2022-10-21 13:30:09 -06:00
zomars
00bd908916
Fixes permission errors
2022-10-14 17:41:28 -06:00
zomars
c03144c343
Fixed major flaw with authMiddleware
...
authMiddleware should not use defaultResponder directly as it will catch thrown error and we need those errors to prevent running the rest of the code.
2022-10-10 20:23:08 -06:00
zomars
d4a2b8e791
Refactors attendees' endpoints
2022-10-07 13:08:25 -06:00
Agusti Fernandez Pardo
6e68671c2a
fix: merge w main
2022-06-18 01:52:37 +02:00
Agusti Fernandez Pardo
8c3774e100
fix: remove comment
2022-06-15 21:14:35 +02:00
Agusti Fernandez Pardo
ed1bc8015a
feat: initial isAdmin work for events and attendees
2022-06-15 20:43:35 +02:00
Agusti Fernandez Pardo
e407a16766
feat: dynamic prisma
2022-06-06 18:17:10 +02:00
Agusti Fernandez Pardo
08eeb36d47
feat: add operationId for autogenerated sdk
2022-05-05 18:18:00 +02:00
Agusti Fernandez Pardo
c8d776aeb7
fix: remove extra comments
2022-04-29 17:36:25 +02:00
Agusti Fernandez Pardo
9bb0f82075
fix: improve comments, no anys
2022-04-29 17:29:57 +02:00
Agusti Fernandez Pardo
d06a9488e4
fix: rename endpoints to be only 2 words max
2022-04-29 02:49:38 +02:00
Agusti Fernandez Pardo
e13ea234b8
fix: improve docs in attendees availabilities and booking references
2022-04-29 02:30:59 +02:00
Agusti Fernandez Pardo
d6c34a8e51
fix: remove empty lines
2022-04-29 01:54:21 +02:00
Agusti Fernandez Pardo
bb28680413
fixes all openapi spect issues, removes json-schema auto-generated moving to manual examples
2022-04-29 01:38:40 +02:00
Agusti Fernandez Pardo
e52af0bbef
fix: post / patch attendees docs w examples
2022-04-27 19:25:36 +02:00
Agusti Fernandez Pardo
6997606a4c
fix: moves to pick and separates availabilities
2022-04-26 22:23:33 +02:00
Agusti Fernandez Pardo
3759eccfca
fix: attendees move to use pick, separate patch/post
2022-04-26 22:12:28 +02:00
Agusti Fernandez Pardo
fa30b52988
remove v1 from specs
2022-04-26 21:56:59 +02:00
Agusti Fernandez Pardo
dad70d5a12
fix users, availabilites, attendees
2022-04-24 02:10:32 +02:00
Agusti Fernandez Pardo
096fd40044
fix: fixess attends:id endpoit
2022-04-23 05:51:26 +02:00
Agusti Fernandez Pardo
9078ee2f3f
fix: build removing extra spaces
2022-04-23 02:40:39 +02:00
Agusti Fernandez Pardo
307eddcbd5
fix: invert 401 to throw early in attendees
2022-04-23 02:06:39 +02:00
zomars
be3bcf2bf0
Refactoring and fixes
2022-04-21 19:42:53 -06:00
Agusti Fernandez Pardo
18c1a2f026
remove unnecessary await on all getCalcomUserId() calls
2022-04-21 00:55:41 +02:00
Agusti Fernandez Pardo
25a2a405da
feat: adds apikeyAuth in swagger ui for all endpoints
2022-04-17 16:39:38 +02:00
Agusti Fernandez Pardo
d987d52dbb
feat: credentials, teams
2022-04-13 02:12:16 +02:00
Agusti Fernandez Pardo
9447bd859d
feat hardened attendees, availabilites, booking-references, and bookings
2022-04-11 16:47:01 +02:00
Agusti Fernandez Pardo
081b511e1e
Make attendees id endpoint return only user owned resources
2022-04-11 15:20:38 +02:00
Agusti Fernandez Pardo
0bda988676
feat: all resources endpoints for get all and new unified
2022-04-11 15:10:16 +02:00
Agusti Fernandez Pardo
963c893727
feat: unify new/index of attendees, availabilities, booking references, bookings, selected calendars, update response types
2022-04-11 12:03:15 +02:00
Agusti Fernandez Pardo
d95325c06c
payments safe, unify endpoints for remindermails schedules
2022-04-10 02:10:34 +02:00
Agusti Fernandez Pardo
9edc1dbd29
some fixes on helpers/middlewares
2022-04-08 18:08:26 +02:00
Agusti Fernandez Pardo
fc3677631f
attendes of users bookings only
2022-04-08 03:16:53 +02:00
Agusti Fernandez Pardo
fc2978a61b
feat: initial work unifying new endpoint and generating api key
2022-04-07 03:29:53 +02:00
Agusti Fernandez Pardo
de8d7f64c3
mvoe to less files
2022-04-04 02:02:11 +02:00
Agusti Fernandez Pardo
61819772bc
fix all swagger docs, dont build templates
2022-04-03 17:47:18 +02:00
Agusti Fernandez Pardo
55f93cded6
feat: update attendees / availabilites / users endpoints and document parameters
2022-04-01 22:05:10 +02:00
Agusti Fernandez Pardo
1de7bc4146
prettier
2022-03-30 14:17:55 +02:00
Agusti Fernandez Pardo
1241ae6cfc
feat: move findAll to return arrays
2022-03-28 16:05:00 +02:00
Agusti Fernandez Pardo
0e3131d866
feat: improve validations
2022-03-27 15:15:46 +02:00
Agusti Fernandez Pardo
396c5b8d8c
chore: refactor all delete endpoints to use if/else instead of .catch() and .error()
2022-03-27 01:08:00 +01:00
Agusti Fernandez Pardo
936572e7e1
feat: adds availabilitesi and attendees endpoints, some cleanup less try/catch more if/else
2022-03-27 00:58:22 +01:00