[IMPROVE] Add option to require authentication on user's shield endpoint #16845
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sampaiodiego
requested changes
Mar 12, 2020
app/api/server/v1/misc.js
Outdated
| @@ -88,6 +88,10 @@ API.v1.addRoute('shield.svg', { authRequired: false, rateLimiterOptions: { numRe | |||
| text = `#${ channel }`; | |||
| break; | |||
| case 'user': | |||
| const loggedUser = this.getLoggedInUser(); | |||
| if (settings.get('API_Shield_Require_Login_To_Search_For_Users') && !loggedUser) { | |||
There was a problem hiding this comment.
Suggested change
| if (settings.get('API_Shield_Require_Login_To_Search_For_Users') && !loggedUser) { | |
| if (settings.get('API_Shield_user_require_auth') && !loggedUser) { |
| @@ -335,6 +335,7 @@ | |||
| "API_Personal_Access_Tokens_Regenerate_It": "Regenerate token", | |||
| "API_Shield_Types": "Shield Types", | |||
| "API_Shield_Types_Description": "Types of shields to enable as a comma separated list, choose from `online`, `channel` or `*` for all", | |||
| "API_Shield_Require_Login_To_Search_For_Users": "Require login to search for users", | |||
There was a problem hiding this comment.
Suggested change
| "API_Shield_Require_Login_To_Search_For_Users": "Require login to search for users", | |
| "API_Shield_user_require_auth": "Require authentication for user shields", |
| @@ -325,6 +325,7 @@ | |||
| "API_Personal_Access_Tokens_Regenerate_It": "Renovar código", | |||
| "API_Shield_Types": "Tipos de escudo", | |||
| "API_Shield_Types_Description": "Tipos de escudos para habilitar como uma lista separada por vírgulas, escolha entre \"on-line\", \"canal\" ou \"*\" para todos", | |||
| "API_Shield_Require_Login_To_Search_For_Users": "Exigir Login para pesquisar por usuários", | |||
There was a problem hiding this comment.
Suggested change
| "API_Shield_Require_Login_To_Search_For_Users": "Exigir Login para pesquisar por usuários", | |
| "API_Shield_user_require_auth": "Exigir autenticação para escudos de usuários", |
sampaiodiego
requested changes
Mar 12, 2020
Co-Authored-By: Diego Sampaio <chinello@gmail.com>
sampaiodiego
approved these changes
Mar 12, 2020
sampaiodiego
changed the title
gabriellsh
added a commit
that referenced
this pull request
Mar 13, 2020
…exact_search * 'develop' of github.com:RocketChat/Rocket.Chat: (178 commits) [IMPROVE] Add option to require authentication on user's shield endpoint (#16845) [FIX] Custom OAuth Bug (#16811) [FIX] Integrations page pagination (#16838) fix: livechat/facebook missing visitor data after registerGuest (#16810) [FIX] Invite links counting users already joined (#16591) [FIX] No settings to be displayed if search not found (#16255) [FIX] Removed some hardcoded texts (#16304) [FIX] Cannot unfollow message from thread's panel (#16560) Add Enterprise Edition license (#16801) [FIX] Fallback content-type as application/octet-stream for FileSystem uploads (#16776) [IMPROVE] Apps-engine E2E tests (#16781) [FIX] Remove spaces from i18n placeholders to show Personal access token (#16724) [NEW] SAML config to allow clock drift (#16751) [FIX] Slash command preview: Wrong item being selected, Horizontal scroll (#16750) [FIX] Cannot pin on direct messages (#16759) [FIX] Get all channels from Slack via REST API (#16767) LingoHub Update 🚀 (#16837) [FIX] Flextab information is not working when clicking on visitor or agent username in Omnichannel messages (#16797) Update Node to 12.16.1 [NEW] Update Meteor to 1.9.2 (#16718) ...
ggazzo
added a commit
to wreiske/Rocket.Chat
that referenced
this pull request
Mar 19, 2020
…4892-wreiske-user-status-bubbles * 'develop' of github.com:RocketChat/Rocket.Chat: (540 commits) [FIX] Show error message if password and confirm password not equal (RocketChat#16247) [FIX] Message quote button inside threads (RocketChat#16925) Fix wrong imported library meteor/tap:i18n lint [IMPROVE] User gets feedback when a message has been starred or unstarred (RocketChat#13860) [FIX] admin can sort users by email in directory view (RocketChat#15796) [FIX] Pinned messages wouldn't collapse (RocketChat#16188) [IMPROVE] Added border to page header. (RocketChat#16792) [FIX] Correct thread messages display in context bar. (RocketChat#16835) [FIX] Public channel cannot be acessed via URL when 'Allow Anonymous Read' is active (RocketChat#16914) Fixed Line break incorrectly being called apostrophe (RocketChat#16918) [IMPROVE] Context menu autofocus (RocketChat#16915) Improve room types usage (RocketChat#16753) [NEW] API `users.deactivateIdle` for mass-disabling of idle users (RocketChat#16849) [NEW] API to logout from other locations (RocketChat#16193) [IMPROVE] Add option to require authentication on user's shield endpoint (RocketChat#16845) [FIX] Custom OAuth Bug (RocketChat#16811) [FIX] Integrations page pagination (RocketChat#16838) reset package-lock to upstream Apply suggestions from code review ...
ggazzo
added a commit
that referenced
this pull request
Mar 20, 2020
…ultiple-users* 'develop' of github.com:RocketChat/Rocket.Chat: (53 commits) [FIX] Show error message if password and confirm password not equal (#16247) [FIX] Message quote button inside threads (#16925) Fix wrong imported library meteor/tap:i18n lint [IMPROVE] User gets feedback when a message has been starred or unstarred (#13860) [FIX] admin can sort users by email in directory view (#15796) [FIX] Pinned messages wouldn't collapse (#16188) [IMPROVE] Added border to page header. (#16792) [FIX] Correct thread messages display in context bar. (#16835) [FIX] Public channel cannot be acessed via URL when 'Allow Anonymous Read' is active (#16914) Fixed Line break incorrectly being called apostrophe (#16918) [IMPROVE] Context menu autofocus (#16915) Improve room types usage (#16753) [NEW] API `users.deactivateIdle` for mass-disabling of idle users (#16849) [NEW] API to logout from other locations (#16193) [IMPROVE] Add option to require authentication on user's shield endpoint (#16845) [FIX] Custom OAuth Bug (#16811) [FIX] Integrations page pagination (#16838) reset package-lock to upstream Apply suggestions from code review ...
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.