Returning an error in case the user tries to get all users.#472
Merged
Conversation
mohanarpit
approved these changes
Sep 2, 2020
Member
|
Ideally, we should query the DB and return only the list of users to which this particular user has access to. For now, this solution works. |
Nikhil-Nandagopal
added a commit
that referenced
this pull request
Sep 3, 2020
* added deploy environment for sentry * added capture message * fixed sentry performance monitoring * Feature - Column type displayed in column options of table widget filters (#411) * Table widget filter type attribute displayed in column options * minor fix * removed initialised event * Updated sentry sdk (#461) Integrated react router for better performance reporting Added Sentry Profiler for editor, appviewer and widgets Co-authored-by: Nikhil Nandagopal <nikhil@appsmith.com> * Members and org settings page (#424) * Members and org settings page. * Adding link back to applications * Making UI look better. * Fixing some more css * Table dropdown onBlur, UI transparency, Popover issue fixed. Added sort arrow (#413) * table dropdown ui issue and onblur click fixed * position props value fixed * tabs tripple click fixed * Position props in table dropdown made optional * tabs background color bug removed * General settings page is bug free. * Getting the manage users page to work. * Moving general settings into its own file. * Removing some unwanted URLs * User cant change their role or remove themselves * Changing onClick prop for Icon. * Fixing tests * Added loading states to text inputs. * Added validators for text input * Fixed border of skeleton for text input * Adding a loader for Members screen * Adding Noop to icon button * Removing console.log * Fixing imports. * Moving org reducer to immer. * Using utils email validator. * Removing placeholder from text input props. Co-authored-by: devrk96 <rohit.kumawat@primathon.in> * Feature-Icon enum added and size updated. (#463) * appIcon color, icon enums and size fixed * icon import updated * Show validation errors if any for keyvalue fields (#445) * Update host field with validation properties * Performance:entity explorer (#395) * Entity explorer performance enhancements * Feature: Text component props and enum values in stories updated (#468) * text component props updated * case prop updated * className added in text component and used enum values as array in stories * Add duplicate application option (#465) * Feature: Icon component icon names, props and className updated (#471) * className added in icon component and used icon names as an array in stories * button component semicolon fixed * fill prop added in button component * name prop and iconName import updated. * Remove `@appsmith` alias that causes build errors (#479) * Add API for uploading logo images for organizations (#376) * Start with new controller for assets * Progress on uploading logo image * Saving and loading organization logo assets now works * Remove existing logo asset before saving a new one * Fix 500 when uploading logo for the first time * Fix URL in response for uploading logo image * Add test for uploading logo for ogranization * Mild refactoring in tests * Add validation for host values in DB datasources (#444) * Add validation for host values in DB datasources * Mild refactoring, for a dummy commit * Add test for host name validation in datasources * Fix: Datasource name not getting updated from the entity explorer (#478) * Fix: Other page widget props are not shown on the entity explorer (#480) * Feature: Add widgets from explorer (#464) * Deprecate Navbar. Sidebar becomes a panelStack. It now has two panels, WidgetSidebar and Explorer Co-authored-by: Nandan <nandan@thinkify.io> * Feature: Dropdown component (#477) * dropdown with text and icon implemented * dropdown with lable implemented and story updated * Icon import and storyWrapper import updated * onclick cleaned * button height issue fixed in all sizes (#483) * Menu item disabled UI fixed (#484) * Add watchtower for auto updates to Appsmith containers (#456) * Trying to move horizontal rules into separate function * Delete install_dir if exists already, after confirmation * Add confirm function to take user conformations * Resolve warnings on read command without -r option * Use temporary directory for downloaded templates * Fix inverted calls to confirm * nginx template doesn't use global variables now * docker compose template doesn't depend on global vars now * Fix port checking for CentOS * Fix encryption.env to not use global variables * Fix mongo-init to not use global variables * Fix docker.env file to not use any global variables * Fix letsencrypt script to not use any global variables * Set mongo_database in the docker-compose file Spotted this after global variables were reduced. The `mongo_database` was not being used anywhere. * Move password generation into a function * Attempt to add watchtower * Fix port checking in install script for CentOS * Don't offer to delete install dir if it already exists * Remove vagrant source for templates (it's a dev-time thing only) * Add a node.js script to dump examples organization (#448) * Add a node.js script to dump examples organization This dump file is used to setup initial examples organization in a self-hosted setup. * Remove unused variable * Add npm run shortcut for dump script * Returning an error in case the user tries to get all users. (#472) * Fix column alias names in MySQL actions (#466) * Fix aliases not showing up for MySQL actions * Fix date column display for MySQL actions * Fix datetime columns for MySQL actions * Add support for timestamp and year data types for MySQL actions * Fix column label for MySQL plugin * Add tests for MySQL temporal data types * Add tests for alias columns in MySQL and Postgres * query and datasource related tests (#423) * query and datasource related tests * review comment incorporated * Adding multiple widgets test * Table widget related search/filter/compact mode tests * Added tests related to visiblity funvtionality in table widget * Validate action type in explorer * updated test * Test updated in accordance with new UI * removed sentrycli and release from webpack plugin * re-added sentry cli * removed sentry cli again increased redux depth * re-added release to webpack plugin * moved sentry plugin to the end so sourcemaps are generated correctly * hide edit icon issue fixed (#494) * Fixing Storybook deploy (#493) * fixed nginx template for mac added error boundary for sentry * icon size prop fixed (#485) * Fix Let's Encrypt certificate generation for self-hosted (#491) * Creating SSL certificates now works * Work with single domain * Move certificate generation into install script * Download templates from master branch, not release Co-authored-by: Nikhil Nandagopal <nikhil@appsmith.com> Co-authored-by: vicky-primathon <67091118+vicky-primathon@users.noreply.github.com> Co-authored-by: satbir121 <39981226+satbir121@users.noreply.github.com> Co-authored-by: devrk96 <rohit.kumawat@primathon.in> Co-authored-by: akash-codemonk <67054171+akash-codemonk@users.noreply.github.com> Co-authored-by: Abhinav Jha <abhinav@appsmith.com> Co-authored-by: Hetu Nandu <hetunandu@gmail.com> Co-authored-by: Shrikant Sharat Kandula <shrikant@appsmith.com> Co-authored-by: Nandan <nandan@thinkify.io> Co-authored-by: Trisha Anand <trisha@appsmith.com> Co-authored-by: NandanAnantharamu <67676905+NandanAnantharamu@users.noreply.github.com>
subrata71
added a commit
that referenced
this pull request
Jun 2, 2026
## Description Bulk update of Yarn resolution overrides in `app/client/package.json` to resolve **72 open Dependabot security alerts** across **19 npm packages**. This is the single highest-leverage PR for the SOC2 vulnerability remediation effort — it addresses 50% of all open CE alerts by updating version pins in one file. All changes are confined to resolution overrides and the regenerated `yarn.lock`. No application code changes. Fixes https://linear.app/appsmith/issue/APP-15271 ### Updated Existing Resolutions (38 alerts) | Package | Previous | New | Alerts Fixed | |---|---|---|---| | `axios` | `^1.15.0` | `^1.16.1` | 15 | | `protobufjs` | `^7.5.5` | `^7.5.8` | 8 | | `undici` | `6.21.2` | `6.24.0` | 6 | | `minimatch` | `^5.0.0` | `^5.1.8` | 3 | | `fast-xml-parser` | `4.5.4` | `4.5.5` | 2 | | `brace-expansion` | `1.1.12` | `1.1.13` | 1 | | `postcss` | `8.4.31` | `8.5.15` | 1 | | `webpack` | `5.98.0` | `5.104.1` | 2 | ### New Resolutions Added (34 alerts) | Package | Version | Alerts Fixed | |---|---|---| | `lodash` | `4.18.1` | 9 | | `lodash-es` | `4.18.1` | 3 | | `node-forge` | `1.4.0` | 7 | | `@xmldom/xmldom` | `0.8.13` | 5 | | `picomatch` | `2.3.2` | 2 | | `underscore` | `1.13.8` | 1 | | `defu` | `6.1.5` | 1 | | `immutable` | `4.3.8` | 1 | | `js-cookie` | `3.0.7` | 1 | | `simple-git` | `3.36.0` | 1 | | `@protobufjs/utf8` | `1.1.1` | 1 | Also bumps direct dependency `node-forge` from `^1.3.0` to `^1.4.0`. ### Related Dependabot Alerts This PR is expected to resolve the following alerts on merge: **axios** (15): [#602](https://github.com/appsmithorg/appsmith/security/dependabot/602), [#603](https://github.com/appsmithorg/appsmith/security/dependabot/603), [#604](https://github.com/appsmithorg/appsmith/security/dependabot/604), [#605](https://github.com/appsmithorg/appsmith/security/dependabot/605), [#606](https://github.com/appsmithorg/appsmith/security/dependabot/606), [#607](https://github.com/appsmithorg/appsmith/security/dependabot/607), [#608](https://github.com/appsmithorg/appsmith/security/dependabot/608), [#609](https://github.com/appsmithorg/appsmith/security/dependabot/609), [#610](https://github.com/appsmithorg/appsmith/security/dependabot/610), [#611](https://github.com/appsmithorg/appsmith/security/dependabot/611), [#612](https://github.com/appsmithorg/appsmith/security/dependabot/612), [#613](https://github.com/appsmithorg/appsmith/security/dependabot/613), [#614](https://github.com/appsmithorg/appsmith/security/dependabot/614), [#641](https://github.com/appsmithorg/appsmith/security/dependabot/641), [#642](https://github.com/appsmithorg/appsmith/security/dependabot/642) **lodash + lodash-es** (12): [#472](https://github.com/appsmithorg/appsmith/security/dependabot/472), [#473](https://github.com/appsmithorg/appsmith/security/dependabot/473), [#474](https://github.com/appsmithorg/appsmith/security/dependabot/474), [#565](https://github.com/appsmithorg/appsmith/security/dependabot/565), [#566](https://github.com/appsmithorg/appsmith/security/dependabot/566), [#567](https://github.com/appsmithorg/appsmith/security/dependabot/567), [#568](https://github.com/appsmithorg/appsmith/security/dependabot/568), [#569](https://github.com/appsmithorg/appsmith/security/dependabot/569), [#570](https://github.com/appsmithorg/appsmith/security/dependabot/570), [#471](https://github.com/appsmithorg/appsmith/security/dependabot/471), [#562](https://github.com/appsmithorg/appsmith/security/dependabot/562), [#564](https://github.com/appsmithorg/appsmith/security/dependabot/564) **protobufjs + @protobufjs/utf8** (9): [#621](https://github.com/appsmithorg/appsmith/security/dependabot/621), [#622](https://github.com/appsmithorg/appsmith/security/dependabot/622), [#623](https://github.com/appsmithorg/appsmith/security/dependabot/623), [#624](https://github.com/appsmithorg/appsmith/security/dependabot/624), [#625](https://github.com/appsmithorg/appsmith/security/dependabot/625), [#626](https://github.com/appsmithorg/appsmith/security/dependabot/626), [#627](https://github.com/appsmithorg/appsmith/security/dependabot/627), [#628](https://github.com/appsmithorg/appsmith/security/dependabot/628), [#639](https://github.com/appsmithorg/appsmith/security/dependabot/639) **node-forge** (7): [#448](https://github.com/appsmithorg/appsmith/security/dependabot/448), [#449](https://github.com/appsmithorg/appsmith/security/dependabot/449), [#450](https://github.com/appsmithorg/appsmith/security/dependabot/450), [#543](https://github.com/appsmithorg/appsmith/security/dependabot/543), [#554](https://github.com/appsmithorg/appsmith/security/dependabot/554), [#555](https://github.com/appsmithorg/appsmith/security/dependabot/555), [#556](https://github.com/appsmithorg/appsmith/security/dependabot/556) **undici** (6): [#464](https://github.com/appsmithorg/appsmith/security/dependabot/464), [#526](https://github.com/appsmithorg/appsmith/security/dependabot/526), [#527](https://github.com/appsmithorg/appsmith/security/dependabot/527), [#528](https://github.com/appsmithorg/appsmith/security/dependabot/528), [#529](https://github.com/appsmithorg/appsmith/security/dependabot/529), [#530](https://github.com/appsmithorg/appsmith/security/dependabot/530) **@xmldom/xmldom** (5): [#560](https://github.com/appsmithorg/appsmith/security/dependabot/560), [#586](https://github.com/appsmithorg/appsmith/security/dependabot/586), [#587](https://github.com/appsmithorg/appsmith/security/dependabot/587), [#588](https://github.com/appsmithorg/appsmith/security/dependabot/588), [#589](https://github.com/appsmithorg/appsmith/security/dependabot/589) **minimatch** (3): [#502](https://github.com/appsmithorg/appsmith/security/dependabot/502), [#506](https://github.com/appsmithorg/appsmith/security/dependabot/506), [#508](https://github.com/appsmithorg/appsmith/security/dependabot/508) **picomatch** (3): [#540](https://github.com/appsmithorg/appsmith/security/dependabot/540), [#541](https://github.com/appsmithorg/appsmith/security/dependabot/541), [#542](https://github.com/appsmithorg/appsmith/security/dependabot/542) **fast-xml-parser** (3): [#536](https://github.com/appsmithorg/appsmith/security/dependabot/536), [#576](https://github.com/appsmithorg/appsmith/security/dependabot/576), [#591](https://github.com/appsmithorg/appsmith/security/dependabot/591) **webpack** (2): [#487](https://github.com/appsmithorg/appsmith/security/dependabot/487), [#488](https://github.com/appsmithorg/appsmith/security/dependabot/488) **postcss** (1): [#595](https://github.com/appsmithorg/appsmith/security/dependabot/595) **brace-expansion** (1): [#558](https://github.com/appsmithorg/appsmith/security/dependabot/558) **defu** (1): [#571](https://github.com/appsmithorg/appsmith/security/dependabot/571) **immutable** (1): [#521](https://github.com/appsmithorg/appsmith/security/dependabot/521) **js-cookie** (1): [#634](https://github.com/appsmithorg/appsmith/security/dependabot/634) **simple-git** (1): [#615](https://github.com/appsmithorg/appsmith/security/dependabot/615) **underscore** (1): [#515](https://github.com/appsmithorg/appsmith/security/dependabot/515) ### Slack Thread https://theappsmith.slack.com/archives/C09NG5BJ18S/p1780304878402439 ## Automation /ok-to-test tags="@tag.All" ### 🔍 Cypress test results <!-- This comment will be updated by the CI/CD pipeline --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Chores** * Updated `node-forge` dependency to latest version. * Updated multiple dependency resolutions including `minimatch`, `webpack`, `postcss`, `axios`, `undici`, and others to ensure compatibility and stability. <!-- end of auto-generated comment: release notes by coderabbit.ai --> <!-- This is an auto-generated comment: Cypress test results --> > [!TIP] > 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉 > Workflow run: <https://github.com/appsmithorg/appsmith/actions/runs/26758373297> > Commit: 84dcd36 > <a href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=26758373297&attempt=2" target="_blank">Cypress dashboard</a>. > Tags: `@tag.All` > Spec: > <hr>Mon, 01 Jun 2026 16:17:46 UTC <!-- end of auto-generated comment: Cypress test results -->
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.