Techsystech
/
web_techsystech
forked from Techsystech/web
3
0
Fork 0
Code Pull Requests Activity
1,078 Commits
15 Branches
0 Tags
330 MiB
Commit Graph

3 Commits (9.0)

Author SHA1 Message Date
Guewen Baconnier 1b51327bfb Prevent to send web notifications to other users 
Only the admin user (sudo) is allowed to send notifications to other
users. The normal users can only send notifications to themselves.

This is to prevent attackers to craft malicious notifications and send
them to other users using RPC.

Correction based on the idea of @hbrunn
 2018-10-09 08:26:48 +02:00
Pedro M. Baeza 9094d80da0 [FIX] web_notify: Fix tests 2017-07-29 14:08:13 +02:00
Laurent Mignon (ACSONE) 8b2079b3ef Improve logic and add tests 2016-09-21 11:05:31 +02:00