ghost

mirror of https://github.com/TryGhost/Ghost.git synced 2025-02-24 23:48:13 -05:00

History

Simon Backx f732b0181d Fixed `last_seen` updated for suspended users (#14715 ) refs https://github.com/TryGhost/Team/issues/1461 - A suspended user was able to make it through the Express middlewares to the `updateUserLastSeen` middleware, until it was halted when checking the user permissions in the API pipeline. This was only the case for session logins, not for API keys. - For API keys, the user status is checked: `6dc3f1bf56/core/server/services/auth/api-key/admin.js (L178-L181)` - In the session middleware, the `findUserById` in `getUserForSession` didn't filter on the active status of users: `be4146e324/core/server/services/auth/session/middleware.js (L22-L27)` - This has been fixed now by updating the sessionService's `findUserById` method.		2022-05-10 13:34:12 +02:00
..
e2e-api	Deleted `membersActivity` flag	2022-05-10 11:19:58 +01:00
e2e-browser	Added note about installing the E2E browsers	2022-02-22 10:20:40 +01:00
e2e-frontend	Removed res.locals.apiVersion	2022-04-28 15:35:28 +01:00
e2e-server	Added MRR stats service and endpoint (#14427 )	2022-04-08 09:18:04 +02:00
integration	Dropped `temp_member_analytic_events` table	2022-05-10 10:00:19 +01:00
regression	Fixed `last_seen` updated for suspended users (#14715 )	2022-05-10 13:34:12 +02:00
unit	Added internal frontend integration	2022-05-10 11:43:07 +01:00
utils	Enabled Admin integration for newsletters API (#14714 )	2022-05-09 20:46:34 +05:30
.eslintignore	Updated casper test fixture to latest version	2022-01-25 14:10:53 +00:00
.eslintrc.js
.jshintrc