maciejpi/nordabiz
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
e718d96a7d
nordabiz/templates/admin
History
Maciej Pienczyn e718d96a7d
Some checks are pending
NordaBiz Tests / Unit & Integration Tests (push) Waiting to run
Details
NordaBiz Tests / E2E Tests (Playwright) (push) Blocked by required conditions
Details
NordaBiz Tests / Smoke Tests (Production) (push) Blocked by required conditions
Details
NordaBiz Tests / Send Failure Notification (push) Blocked by required conditions
Details
fix(security): Resolve 1 HIGH and 7 MEDIUM vulnerabilities from code review 
- HIGH: Fix SQL injection in ZOPK knowledge service (3 functions) — replace f-strings with parameterized queries
- MEDIUM: Sanitize tsquery/LIKE input in SearchService to prevent injection
- MEDIUM: Add @login_required + @role_required(ADMIN) to /health/full endpoint
- MEDIUM: Add @role_required(ADMIN) to ZOPK knowledge search API
- MEDIUM: Add bleach HTML sanitization on write for announcements, events, board proceedings (stored XSS via |safe)
- MEDIUM: Remove partial API key from Gemini service logs
- MEDIUM: Remove @csrf.exempt from chat endpoints, add X-CSRFToken headers in JS
- MEDIUM: Add missing CSRF tokens to 3 POST forms (data_request, benefits_form, benefits_list)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-06 05:25:18 +01:00
..
ai_usage_dashboard.html refactor: Move admin_ai_usage routes to admin blueprint 2026-01-31 10:43:28 +01:00
ai_usage_user.html refactor: Move admin_ai_usage routes to admin blueprint 2026-01-31 10:43:28 +01:00
analytics_dashboard.html refactor: Migrate analytics routes to blueprints 2026-01-31 10:36:23 +01:00
announcements_form.html refactor: Migrate announcements routes to blueprints 2026-01-31 09:41:49 +01:00
announcements.html refactor: Migrate announcements routes to blueprints 2026-01-31 09:41:49 +01:00
benefits_clicks.html feat: Add member benefits module with WisprFlow affiliate 2026-02-02 22:26:44 +01:00
benefits_form.html fix(security): Resolve 1 HIGH and 7 MEDIUM vulnerabilities from code review 2026-02-06 05:25:18 +01:00
benefits_list.html fix(security): Resolve 1 HIGH and 7 MEDIUM vulnerabilities from code review 2026-02-06 05:25:18 +01:00
chat_analytics.html refactor: Add ai-learning-status and chat-stats API to blueprints 2026-01-31 10:31:29 +01:00
companies.html refactor(rbac): Migrate legacy is_admin checks to role-based has_role()/set_role() 2026-02-05 21:06:22 +01:00
company_requests.html feat: Add membership application system 2026-02-01 12:38:31 +01:00
debug.html refactor: Rebranding i aktualizacja modelu AI 2026-01-29 14:08:39 +01:00
digital_maturity.html refactor: Rebranding i aktualizacja modelu AI 2026-01-29 14:08:39 +01:00
fees.html refactor: Użycie pełnych nazw blueprintów w szablonach admin 2026-01-31 08:33:25 +01:00
forum_analytics.html feat: Add forum admin tools (analytics, search, move, merge) 2026-01-31 19:29:02 +01:00
forum_deleted.html feat: Add forum modernization with reactions, subscriptions, and moderation 2026-01-31 18:55:40 +01:00
forum_reports.html feat: Add forum modernization with reactions, subscriptions, and moderation 2026-01-31 18:55:40 +01:00
forum.html feat: Add forum admin tools (analytics, search, move, merge) 2026-01-31 19:29:02 +01:00
gbp_audit_dashboard.html fix: Update url_for to use api. blueprint prefix for migrated endpoints 2026-01-31 17:57:18 +01:00
health_dashboard.html refactor: Faza 6.2c - Status, Health, Debug do blueprintu admin 2026-01-31 08:59:15 +01:00
insights.html refactor: Migrate insights routes to blueprints 2026-01-31 10:27:35 +01:00
it_audit_dashboard.html refactor: Migrate access control from is_admin to role-based system 2026-02-01 21:05:22 +01:00
krs_audit_dashboard.html refactor: Migrate KRS API routes to admin blueprint 2026-01-31 17:31:36 +01:00
membership_detail.html fix: Use company_detail_by_slug endpoint for slug-based URL 2026-02-01 19:46:36 +01:00
membership.html feat: Add membership application system 2026-02-01 12:38:31 +01:00
model_comparison.html feat(model-comparison): Przycisk 'Uruchom ponownie' symulację 2026-01-29 09:14:46 +01:00
people.html feat: Add admin modules for Companies and People management 2026-01-31 20:13:51 +01:00
recommendations.html refactor: Rebranding i aktualizacja modelu AI 2026-01-29 14:08:39 +01:00
security_dashboard.html refactor: Migrate security routes to blueprints 2026-01-31 09:39:12 +01:00
social_audit_dashboard.html refactor: Faza 6.2e - Social Media do blueprintu admin 2026-01-31 09:07:51 +01:00
social_media.html refactor: Rebranding i aktualizacja modelu AI 2026-01-29 14:08:39 +01:00
status_dashboard.html fix: SSL card layout - 2 columns + issuer row below 2026-01-31 20:40:31 +01:00
users.html refactor(rbac): Complete RBAC migration - 154/154 admin routes protected 2026-02-05 21:36:14 +01:00
zopk_dashboard.html docs: Aktualizacja dokumentacji do Gemini 3 Flash 2026-01-29 14:19:05 +01:00
zopk_fact_duplicates.html fix(zopk): Poprawka wyświetlania confidence_score w deduplikacji faktów 2026-01-17 11:21:53 +01:00
zopk_knowledge_chunks.html fix(admin): Naprawiono błędne nazwy endpointów w breadcrumbs 2026-01-17 09:03:01 +01:00
zopk_knowledge_dashboard.html feat(zopk): Modal przeglądu wyników uczenia z weryfikacji 2026-01-17 16:33:39 +01:00
zopk_knowledge_duplicates.html fix(zopk): Naprawa NaN w podglądzie faktów przy łączeniu encji 2026-01-17 10:32:41 +01:00
zopk_knowledge_entities.html fix(admin): Naprawiono błędne nazwy endpointów w breadcrumbs 2026-01-17 09:03:01 +01:00
zopk_knowledge_facts.html fix(admin): Naprawiono błędne nazwy endpointów w breadcrumbs 2026-01-17 09:03:01 +01:00
zopk_knowledge_graph.html fix(zopk): Naprawa inicjalizacji grafu relacji 2026-01-17 09:24:33 +01:00
zopk_news.html feat(admin): Konfigurowalne limity dla operacji ZOPK 2026-01-16 20:30:54 +01:00
zopk_timeline.html feat(zopk): Frontend dla sugestii Timeline z bazy wiedzy 2026-01-17 17:37:03 +01:00