maciejpi/nordabiz
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
e718d96a7d
nordabiz/blueprints/admin
History
Maciej Pienczyn e718d96a7d
Some checks are pending
NordaBiz Tests / Unit & Integration Tests (push) Waiting to run
Details
NordaBiz Tests / E2E Tests (Playwright) (push) Blocked by required conditions
Details
NordaBiz Tests / Smoke Tests (Production) (push) Blocked by required conditions
Details
NordaBiz Tests / Send Failure Notification (push) Blocked by required conditions
Details
fix(security): Resolve 1 HIGH and 7 MEDIUM vulnerabilities from code review 
- HIGH: Fix SQL injection in ZOPK knowledge service (3 functions) — replace f-strings with parameterized queries
- MEDIUM: Sanitize tsquery/LIKE input in SearchService to prevent injection
- MEDIUM: Add @login_required + @role_required(ADMIN) to /health/full endpoint
- MEDIUM: Add @role_required(ADMIN) to ZOPK knowledge search API
- MEDIUM: Add bleach HTML sanitization on write for announcements, events, board proceedings (stored XSS via |safe)
- MEDIUM: Remove partial API key from Gemini service logs
- MEDIUM: Remove @csrf.exempt from chat endpoints, add X-CSRFToken headers in JS
- MEDIUM: Add missing CSRF tokens to 3 POST forms (data_request, benefits_form, benefits_list)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-06 05:25:18 +01:00
..
__init__.py feat: Add member benefits module with WisprFlow affiliate 2026-02-02 22:26:44 +01:00
CLAUDE.md refactor: Migrate access control from is_admin to role-based system 2026-02-01 21:05:22 +01:00
routes_analytics.py refactor: Migrate access control from is_admin to role-based system 2026-02-01 21:05:22 +01:00
routes_announcements.py fix(security): Resolve 1 HIGH and 7 MEDIUM vulnerabilities from code review 2026-02-06 05:25:18 +01:00
routes_audits.py refactor: Migrate access control from is_admin to role-based system 2026-02-01 21:05:22 +01:00
routes_benefits.py feat: Add member benefits module with WisprFlow affiliate 2026-02-02 22:26:44 +01:00
routes_companies.py refactor(rbac): Migrate legacy is_admin checks to role-based has_role()/set_role() 2026-02-05 21:06:22 +01:00
routes_insights.py refactor: Migrate access control from is_admin to role-based system 2026-02-01 21:05:22 +01:00
routes_krs_api.py refactor(rbac): Complete RBAC migration - 154/154 admin routes protected 2026-02-05 21:36:14 +01:00
routes_membership.py refactor: Migrate access control from is_admin to role-based system 2026-02-01 21:05:22 +01:00
routes_model_comparison.py refactor: Migrate access control from is_admin to role-based system 2026-02-01 21:05:22 +01:00
routes_people.py refactor: Migrate access control from is_admin to role-based system 2026-02-01 21:05:22 +01:00
routes_security.py refactor(rbac): Migrate legacy is_admin checks to role-based has_role()/set_role() 2026-02-05 21:06:22 +01:00
routes_social.py refactor: Migrate access control from is_admin to role-based system 2026-02-01 21:05:22 +01:00
routes_status.py refactor(rbac): Migrate legacy is_admin checks to role-based has_role()/set_role() 2026-02-05 21:06:22 +01:00
routes_users_api.py refactor(rbac): Complete RBAC migration - 154/154 admin routes protected 2026-02-05 21:36:14 +01:00
routes_zopk_dashboard.py refactor: Migrate access control from is_admin to role-based system 2026-02-01 21:05:22 +01:00
routes_zopk_knowledge.py fix(security): Resolve 1 HIGH and 7 MEDIUM vulnerabilities from code review 2026-02-06 05:25:18 +01:00
routes_zopk_news.py refactor: Migrate access control from is_admin to role-based system 2026-02-01 21:05:22 +01:00
routes_zopk_timeline.py refactor(rbac): Complete RBAC migration - 154/154 admin routes protected 2026-02-05 21:36:14 +01:00
routes.py fix(security): Resolve 1 HIGH and 7 MEDIUM vulnerabilities from code review 2026-02-06 05:25:18 +01:00