Projekte/web-base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

security.txt + bugfixes

Browse Source
This commit is contained in:
Roman
2023-03-05 15:30:06 +01:00
parent 5acd13b945
commit c8965e209b
32 changed files with 336 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
Core/API/MailAPI.class.php
View File

@@ -227,9 +227,9 @@ namespace Core\API\Mail {
$sql = $this->context->getSQL();
$mailQueueItems = MailQueueItem::findBy(MailQueueItem::createBuilder($sql, false)
->whereGt("retryCount", 0)
->whereGt("retry_count", 0)
->whereEq("status", "waiting")
->where(new Compare("nextTry", $sql->now(), "<=")));
->where(new Compare("next_try", $sql->now(), "<=")));
$this->success = ($mailQueueItems !== false);
$this->lastError = $sql->getLastError();

1
Core/API/Swagger.class.php
View File

@@ -68,6 +68,7 @@ class Swagger extends Request {
foreach (self::getApiEndpoints() as $endpoint => $apiClass) {
$body = null;
$requiredProperties = [];
$endpoint = "/$endpoint";
$apiObject = $apiClass->newInstance($this->context, false);
if (!$this->canView($permissions[strtolower($endpoint)] ?? [], $apiObject)) {
continue;

8
Core/API/UserAPI.class.php
View File

@@ -222,7 +222,7 @@ namespace Core\API\User {
public function __construct(Context $context, $externalCall = false) {
parent::__construct($context, $externalCall,
self::getPaginationParameters(['id', 'name', 'email', 'groups', 'registeredAt'],
self::getPaginationParameters(['id', 'name', 'fullName', 'email', 'groups', 'registeredAt', 'confirmed'],
'id', 'asc')
);
}
@@ -341,7 +341,9 @@ namespace Core\API\User {
$this->result["loggedIn"] = true;
$userGroups = array_keys($currentUser->getGroups());
$this->result["user"] = $currentUser->jsonSerialize();
$this->result["session"] = $this->context->getSession()->jsonSerialize();
$this->result["session"] = $this->context->getSession()->jsonSerialize([
"id", "expires", "stayLoggedIn", "data", "csrfToken"
]);
}
$sql = $this->context->getSQL();
@@ -1022,7 +1024,7 @@ namespace Core\API\User {
$userToken = UserToken::findBy(UserToken::createBuilder($sql, true)
->whereFalse("used")
->whereEq("tokenType", UserToken::TYPE_EMAIL_CONFIRM)
->whereEq("token_type", UserToken::TYPE_EMAIL_CONFIRM)
->whereEq("user_id", $user->getId()));
$validHours = 48;