nik/davical
1
0
Fork 0
mirror of https://gitlab.com/davical-project/davical.git synced 2026-04-09 12:30:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
3,960 Commits 11 Branches 61 Tags 14 MiB
Commit Graph

5 Commits

Author SHA1 Message Date
Andrew Ruthven
f69480ce77 Test that deletion of a principal's items are secure 
Test that other users can't delete:
 - collections
 - tickets
 - bindings

No significant change, just return an error message rather than assume that
things worked.
 2024-03-10 00:37:11 +13:00
Andrew Ruthven
cb2e4523f3 Add test for invalidating the CSRF token 2024-02-29 00:43:50 +13:00
Andrew Ruthven
974d7d3924 Check that all UI pages load without PHP warnings or deprecation messages 2024-02-29 00:43:49 +13:00
Andrew Ruthven
a102105f27 Hide many sections unless the user can modify the principal 
There is potential to leak information when viewing the principal
page for another principal. I think it makes more sense to just
not include all of this information unles the user can change the
principal.
 2024-02-29 00:43:49 +13:00
Andrew Ruthven
c2a054d28e Add initial tests for the web UI 
Use Test::WWW::Mechanize to test the UI.

Closes #310
 2024-02-29 00:43:47 +13:00