Techsystech
/
web
mirror of https://github.com/OCA/web.git
3
0
Fork 1
Code Issues Packages Projects Releases Wiki Activity
216 Commits
13 Branches
0 Tags
508 MiB
Commit Graph

6 Commits (d62b10c3ee6174e3570c347733e0952f5cf3774c)

Author SHA1 Message Date
Aitor Bouzas 89347e6976 [MIG] web_notify: Migration to 12.0 
Add self-test buttons in demo environment,
Updated readme to show how to test it.
Add buttons to users form
Do not rely on SUPERUSER_ID and avoid getattr usage
 2019-11-14 15:37:03 +01:00
Guewen Baconnier fd06a6b0fd Prevent to send web notifications to other users 
Only the admin user (sudo) is allowed to send notifications to other
users. The normal users can only send notifications to themselves.

This is to prevent attackers to craft malicious notifications and send
them to other users using RPC.

Correction based on the idea of @hbrunn
 2019-11-14 15:37:03 +01:00
Damien Bouvy fa3716990d [MIG] web_notify: Migration to 11.0 
- Use the 'session' class of the JS Framework (session no lounger bound
to web client)
- Test change: compare emitted & received messages based on content, not
order. Using string comparison raises false positives.
 2019-11-14 15:37:03 +01:00
Serpent Consulting Services Pvt Ltd 6f65acb990 Update web_client.js 2019-11-14 15:37:03 +01:00
Jay Vora(SerpentCS) 4e7b1527b0 [MIG] Migration started web_notify 2019-11-14 15:37:03 +01:00
Pedro M. Baeza b0d5889a82 [MIG] Make modules uninstallable 2019-11-14 15:37:03 +01:00