You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Merge Notes: * Lemmy server does not compile. It took several hours to go through the merge process, so I want to commit the project in its current state and have a place to revert to if anything goes wrong. ** API structs need to be double checked for correctness. They were all moved to a submodule, and Git did not catch the diffs. On the bright side, this provides us a great opportunity to mark all of our API changes as we update the vanilla upstream API structs. * Two new migrations were added upstream. I don't think these clobber any of our changes, but they modify existing records. In particular, the fake activitypub records get replaced with newly generated unique entries. We're going to want to make sure these migrations work correctly. * Endpoints need to be reviewed for security and correctness This is not an exaustive list. ** Comment *** GetComments Looks like it can leak comments from private communities. We don't have any private communities, but we're going to want to fix this. ** Community *** EditCommunity The permissions logic could be more concise. *** BanFromCommunity Admins cannot ban mods from communities. This should be changed. ** User *** Register Review Register endpoint and make sure there are no security regressions. The recent changes apparently make it impossible to bootstrap the website. * Other TODOs ** Add a site_mod helper function Site-mod permissions are broken. A helper function should make an easy drop-in replacement for many of the current admin checks, but it would be inappropriate to simply change the definition of the is_admin function. That said, is_mod_or_admin should be fair game.
|1 year ago|
|src||1 year ago|
|Cargo.toml||1 year ago|