New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(security): validate web form permissions correctly (backport #19088) #19108
Merged
ankush
merged 6 commits into
version-13-hotfix
from
mergify/bp/version-13-hotfix/pr-19088
Dec 5, 2022
Merged
fix(security): validate web form permissions correctly (backport #19088) #19108
ankush
merged 6 commits into
version-13-hotfix
from
mergify/bp/version-13-hotfix/pr-19088
Dec 5, 2022
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
phot0n
reviewed
Dec 5, 2022
frappe-pr-bot
pushed a commit
that referenced
this pull request
Dec 7, 2022
## [13.45.3](v13.45.2...v13.45.3) (2022-12-07) ### Bug Fixes * **db_query:** Disallow usage of certain functions in *_by ([#18981](#18981)) ([#19134](#19134)) ([208d2e3](208d2e3)) * **db_query:** Space resilient sanitization (backport [#18996](#18996)) ([#19044](#19044)) ([a0b9bb4](a0b9bb4)) * disable signups by default (backport [#19114](#19114)) ([#19117](#19117)) ([1a67a41](1a67a41)) * empty search shows `None` ([#19055](#19055)) ([#19056](#19056)) ([7cd4dd4](7cd4dd4)) * ensure correct parenttype when retrieving roles ([59c61a9](59c61a9)) * ignore empty/`None` scripts ([#19111](#19111)) ([#19112](#19112)) ([2f21d24](2f21d24)) * keep actions on right ([86353aa](86353aa)) * LDAP - check each email in list before creating user ([f935383](f935383)) * merge conflict ([adcfdc7](adcfdc7)) * only check for special characters in fieldname (backport [#19061](#19061)) ([#19067](#19067)) ([f68f161](f68f161)), closes [#18965](#18965) [#18909](#18909) * only System Manager can access Google Drive ([dbf7287](dbf7287)) * **security:** validate web form permissions correctly (backport [#19088](#19088)) ([#19108](#19108)) ([553408e](553408e)) * type conversion for read receipt in communication email ([5c55536](5c55536)) * **UX:** freeze on delete (backport [#19094](#19094)) ([#19106](#19106)) ([851a803](851a803)) * **UX:** Make fetch_from read_only if fetch_is_empty is not set ([#19025](#19025)) ([0102b53](0102b53)) * Widget control on dashboard chart breaks on smaller screens ([62ad75c](62ad75c))
🎉 This PR is included in version 13.45.3 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is an automatic backport of pull request #19088 done by Mergify.
Cherry-pick of d7f4540 has failed:
To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/github/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally
Mergify commands and options
More conditions and actions can be found in the documentation.
You can also trigger Mergify actions by commenting on this pull request:
@Mergifyio refresh
will re-evaluate the rules@Mergifyio rebase
will rebase this PR on its base branch@Mergifyio update
will merge the base branch into this PR@Mergifyio backport <destination>
will backport this PR on<destination>
branchAdditionally, on Mergify dashboard you can:
Finally, you can contact us on https://mergify.com