public-offering
/
pad.pub0.org
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
pad.pub0.org/doc
History
pcworld 3c71e8983b Fix read only pad access with authentication 
Before this commit, webaccess.checkAccess saved the authorization in
user.padAuthorizations[padId] with padId being the read-only pad ID,
however later stages, e.g. in PadMessageHandler, use the real pad ID for
access checks. This led to authorization being denied.

This commit fixes it by only storing and comparing the real pad IDs and
not read-only pad IDs.

This fixes test case "authn user readonly pad -> 200, ok" in
src/tests/backend/specs/socketio.js.
 		2021-04-12 22:51:06 -04:00
..
api Fix read only pad access with authentication 2021-04-12 22:51:06 -04:00
assets DOCS: Add basic styles for tables and resources section to Changeset docs - https://github.com/citizenos/citizenos-fe/issues/535 2021-04-06 21:42:01 +02:00
easysync easysync-full-description: regenerate the pdf document 2018-12-09 15:56:17 +01:00
images README.md: losslessly reduce the size of the PNG images 2020-04-23 22:29:58 +02:00
cookies.md docs: also mention the infos we have about sessionID cookie 2020-04-24 03:06:13 +02:00
database.md doc: passwordHash does not contain a bcrypted password, but a salted sha512 sum 2018-11-05 22:45:00 +01:00
docker.md feat(docker): Add build var for optionally installing abiword (#4796) 2021-02-18 04:27:52 -05:00
documentation.md restructure: Prefix `bin/` and `tests/` with `src/` 2021-02-05 21:52:08 +00:00
index.md docs: add cookies section 2020-04-24 03:06:13 +02:00
localization.md docs: fixed typos 2021-02-03 00:30:07 +01:00
plugins.md tests: Pass `--legacy-peer-deps` flag to work around npm v7 bug 2021-02-22 03:36:12 -05:00
skins.md release: prepare for 1.7.5 2019-01-26 00:16:03 +01:00
stats.md docs: direct link to measured.Collection from stats.md 2018-08-14 13:27:31 +02:00
template.html ‘Etherpad Lite’ -> ‘Etherpad’ 2013-09-29 13:57:37 +02:00