Fix leaking emails on admin user search controller#9791
Fix leaking emails on admin user search controller#9791ahukkanen merged 3 commits intodecidim:developfrom
Conversation
# Conflicts: # decidim-admin/spec/controllers/organizations_controller_spec.rb
ahukkanen
left a comment
There was a problem hiding this comment.
Great!
Could you fix the linting issue in the spec? After that, LGTM.
|
Corrected @ahukkanen. It's ok to backport to 0.26 and 0.27 this and #9790 ? |
Since this is a violation of privacy, I think it is fine to backport this. Can you please use the backporter script for this. Run Normally we should be very careful with the backports not to add any additional functionality to the old versions. This PR is introducing a new scope to the But as said above, I think this is serious enough that in this particular case we can live with backporting a new "feature" to the old versions (we've done that in some specific cases in the past too). Also just to note here for the record, I wouldn't consider this a major level security issue because the emails are only exposed for people who have access to the admin panel. But this is still serious enough from Decidim's own guidelines perspective. |
|
Thanks @ahukkanen! BTW, lovin' the backporter script! works like a charm! |
* rename test * fix leaking emails on admin user search controller # Conflicts: # decidim-admin/spec/controllers/organizations_controller_spec.rb * lint spec # Conflicts: # decidim-admin/spec/controllers/organizations_contoller_spec.rb
* rename test * fix leaking emails on admin user search controller # Conflicts: # decidim-admin/spec/controllers/organizations_controller_spec.rb * lint spec # Conflicts: # decidim-admin/spec/controllers/organizations_contoller_spec.rb
…#9797) * Fix leaking emails on admin user search controller (#9791) * rename test * fix leaking emails on admin user search controller # Conflicts: # decidim-admin/spec/controllers/organizations_controller_spec.rb * lint spec # Conflicts: # decidim-admin/spec/controllers/organizations_contoller_spec.rb * lint for 2.7
…#9796) * Fix leaking emails on admin user search controller (#9791) * rename test * fix leaking emails on admin user search controller # Conflicts: # decidim-admin/spec/controllers/organizations_controller_spec.rb * lint spec # Conflicts: # decidim-admin/spec/controllers/organizations_contoller_spec.rb * lint for 3.0
* develop: Add missing character on code block (#9798) Fix hidden error messages on the registration form (#9625) Add documentation about configuring ActiveStorage / dynamic file uploads (#9777) Add documentation section about customizing cells (#9622) Fix hashtags not recognized at the beginning of the string (#9616) Fix version pages showing a HTTP 500 error when the version does not exist (#9615) Fix multitenant organizations stats cache (#9605) Prevent the account edit route through Devise (#9611) Fix iframe disabling producing invalid HTML (#9685) Fix import of images on spaces (#9779) Fix order of last activities (#9756) Fix leaking emails on admin user search controller (#9791) Ignore participatory spaces without models in meetings visible_for scope (#9790)
* rename test * fix leaking emails on admin user search controller # Conflicts: # decidim-admin/spec/controllers/organizations_controller_spec.rb * lint spec
🎩 What? Why?
Due to data privacy, emails are kept from administrators.
However, the XHR methods
usersandusers_entitiesin organization controller allows anyone to search and displays email addresses from the entire database, including blocked users, when inviting members to meetings:This PR fixes this by removing the email from the result (although it is possible to search a user using the email) and excludes blocked, managed or deleted users from the result
📌 Related Issues
Link your PR to an issue
Testing
Describe the best way to test or validate your PR.
📷 Screenshots
Please add screenshots of the changes you're proposing
