CodeCow/chatwoot
1
0
Fork 0
mirror of https://github.com/chatwoot/chatwoot.git synced 2026-06-13 21:01:16 +08:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity
ce5b7e310e
chatwoot/spec/controllers
History
Pranav 2adc040a8f
fix: Validate blob before attaching it to a record (#13115) 
Previously, attachments relied only on blob_id, which made it possible
to attach blobs across accounts by enumerating IDs. We now require both
blob_id and blob_key, add cross-account validation to prevent blob
reuse, and centralize the logic in a shared BlobOwnershipValidation
concern.

It also fixes a frontend bug where mixed-type action params (number +
string) were incorrectly dropped, causing attachment uploads to fail.
2025-12-19 19:02:21 -08:00
..
api fix: Validate blob before attaching it to a record (#13115) 2025-12-19 19:02:21 -08:00
concerns feat: notion OAuth setup (#11765) 2025-06-26 19:16:06 +05:30
devise feat: move Slack config to installation settings (#11548) 2025-05-23 01:07:35 -07:00
devise_overrides fix: Session controller to not generate auth tokens before mfa verification (#12487) 2025-09-23 19:13:47 +05:30
google refactor: use state-based authentication (#11690) 2025-06-18 17:39:06 +05:30
instagram feat: Instagram Inbox using Instagram Business Login (#11054) 2025-04-08 10:47:41 +05:30
installation chore: Enable the new Rubocop rules (#7122) 2023-05-19 14:37:10 +05:30
linear fix: linear and user association spec (#13056) 2025-12-12 18:53:26 +05:30
microsoft refactor: use state-based authentication (#11690) 2025-06-18 17:39:06 +05:30
notion feat: notion OAuth setup (#11765) 2025-06-26 19:16:06 +05:30
platform/api/v1 feat: Add route to list accounts that belongs to a platform_app (#12140) 2025-08-11 21:23:05 +02:00
public/api/v1 fix: Incorrect contact access in conversations listing (#11797) 2025-09-22 17:05:11 +05:30
service chore: Update dependencies to the latest versions (#5033) 2022-07-15 09:51:59 +07:00
shopify fix: shopify and leadsquared specs in ci (#12926) 2025-11-21 17:01:03 +05:30
super_admin feat: Auto confirm user email when super admin make changes (#12418) 2025-09-23 20:14:02 +05:30
tiktok feat: TikTok channel (#12741) 2025-12-17 07:54:50 -08:00
twilio chore: Move Twilio event processing to background job (#11094) 2025-03-15 13:51:08 -07:00
twitter chore: Enable the new Rubocop rules (#7122) 2023-05-19 14:37:10 +05:30
webhooks feat: TikTok channel (#12741) 2025-12-17 07:54:50 -08:00
.keep Fix url in emails, add frontendURL helper (#19) 2019-08-25 19:59:28 +05:30
android_assetlinks_spec.rb chore: Universal Linking for Android (#2324) 2021-06-02 08:46:45 -07:00
api_controller_spec.rb feat: add chatwoot instance status in superadmin (#6045) 2023-01-30 18:37:51 +05:30
apple_app_spec.rb chore: Configure iOS universal linking (#10651) 2025-01-08 21:25:11 +05:30
dashboard_controller_spec.rb fix: Avoid throwing 406 for non-json requests (#11701) 2025-06-10 15:12:32 -04:00
microsoft_controller_spec.rb fix: Identity JSON response header (#6326) 2023-02-02 11:01:18 +05:30
slack_uploads_controller_spec.rb fix: Set avatar for users(agent/contact) in slack channels (#7960) 2023-09-26 09:38:14 +05:30
swagger_controller_spec.rb Chore: Swagger Docs V1 (#546) 2020-02-23 12:54:29 +05:30
widget_tests_controller_spec.rb [Feature] Email collect message hooks (#331) 2020-01-09 13:06:40 +05:30
widgets_controller_spec.rb chore: Enable the new Rubocop rules (#7122) 2023-05-19 14:37:10 +05:30