Cutlery/mealie
1
0
Fork 0
mirror of https://github.com/mealie-recipes/mealie.git synced 2025-06-23 15:31:37 -04:00
Code Issues Packages Projects Releases Wiki Activity
489 Commits 12 Branches 6 Tags
Commit Graph

2 Commits

Author SHA1 Message Date
sephrat
6320ba7ec5
API security hardening (#571) 
* Enhance security and safety around user update API

- Prevent a regular user from promoting themself to admin
- Prevent an admin from demoting themself
- Refactor token fixture to admin + regular user tokens

* Restrict user CRUD API to admins

* Secure admin API routes

* Refactor APIrouter into Admin/UserAPIRouter

* Secure theme routes

* Make 'all recipes' routes public

* Secure favorite routes

* Remove redundant checks

* Fix public routes mistakenly flagged user routes

* Make webhooks changeable only by admin

* Allow users to create categories and tags

* Address lint issues
 2021-06-22 10:22:15 -08:00
Hayden
2dc9c8e843
Improve Test Coverage (#511) 
* add recipe scaling notes

* test theme rename

* fix coverage call to use poetry

* remove print

* remove async

* consolidate test case data

* fix mealplan tests

* remove redundant else

Co-authored-by: hay-kot <hay-kot@pm.me>
 2021-06-13 13:09:44 -08:00