Tomas Dittmann
a40da29a0e
don't look for project_id for files
...
it is only used for late accessibility checking (it was already checked in middleware).
With this, you can create stable file links (as long as the file exists)
I need this change for my [inline image plugin](https://github.com/Chaosmeister/PITM )
2021-12-03 17:28:48 -08:00
Frédéric Guillot
71123b0f37
Add missing CSRF checks
2021-06-05 14:59:12 -07:00
Andre Nathan
c8a617cfcb
Add per-project and per-swimlane task limits
...
This change allows projects and swimlanes to be configured with task limits that apply to their whole scope (i.e. all active tasks in a project or swimlane, respectively), as opposed to the usual per-column task limits.
2020-02-25 20:26:31 -08:00
Frédéric Guillot
322383b084
Always returns a 404 otherwise people might guess which user exist
2019-01-30 21:07:56 -08:00
Frédéric Guillot
19ea9ed620
Add missing CSRF check in TwoFactorController::deactivate()
2019-01-30 20:21:12 -08:00
kent1
a991758e98
Redirect to original URL after oauth login
2018-03-05 10:43:15 -08:00
Frédéric Guillot
9ddefa979a
Add CSRF check for task and project files upload
2018-01-29 15:56:30 -08:00
Frederic Guillot
7100f6de8a
Make sure people do not access to files of other projects
2017-09-27 21:58:16 -07:00
Frederic Guillot
3e0f14ae2b
Do not expose IDs in forms
2017-09-23 20:56:54 -07:00
Frederic Guillot
074f6c104f
Avoid people to alter other projects by changing form data
2017-09-23 18:48:45 -07:00
Frederic Guillot
5ffdf286e7
Minor fixes
2016-06-05 18:22:19 -04:00
Frederic Guillot
523e0aad7e
Raise exception for webhook token verification
2016-06-01 21:35:22 -04:00
Frederic Guillot
92aba95959
Fix typo after refactoring
2016-05-31 22:42:50 -04:00
Frederic Guillot
14713b0ec7
Rename all models
2016-05-28 19:48:22 -04:00
Frederic Guillot
67b8361649
Refactoring: added controlled middleware and changed response class
2016-05-15 18:31:47 -04:00
