wbrawner/mealie
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
mealie/tests
History
sephrat 6320ba7ec5
API security hardening (#571) 
* Enhance security and safety around user update API

- Prevent a regular user from promoting themself to admin
- Prevent an admin from demoting themself
- Refactor token fixture to admin + regular user tokens

* Restrict user CRUD API to admins

* Secure admin API routes

* Refactor APIrouter into Admin/UserAPIRouter

* Secure theme routes

* Make 'all recipes' routes public

* Secure favorite routes

* Remove redundant checks

* Fix public routes mistakenly flagged user routes

* Make webhooks changeable only by admin

* Allow users to create categories and tags

* Address lint issues
2021-06-22 10:22:15 -08:00
..
data feature/additional-db (#371) 2021-05-01 13:35:57 -08:00
integration_tests API security hardening (#571) 2021-06-22 10:22:15 -08:00
unit_tests Improve Test Coverage (#511) 2021-06-13 13:09:44 -08:00
utils Improve Test Coverage (#511) 2021-06-13 13:09:44 -08:00
__init__.py v0.4.0 (#236) 2021-03-31 07:20:35 -08:00
app_routes.py feature/profile-cards (#391) 2021-05-06 21:08:27 -08:00
conftest.py API security hardening (#571) 2021-06-22 10:22:15 -08:00
pre_test.py feature/additional-db (#371) 2021-05-01 13:35:57 -08:00
test_config.py v0.4.0 (#236) 2021-03-31 07:20:35 -08:00