rodrigo/iachat
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
0d3b59fd9c
iachat/app/controllers/concerns
History
Pranav 2adc040a8f
fix: Validate blob before attaching it to a record (#13115) 
Previously, attachments relied only on blob_id, which made it possible
to attach blobs across accounts by enumerating IDs. We now require both
blob_id and blob_key, add cross-account validation to prevent blob
reuse, and centralize the logic in a shared BlobOwnershipValidation
concern.

It also fixes a frontend bug where mixed-type action params (number +
string) were incorrectly dropped, causing attachment uploads to fail.
2025-12-19 19:02:21 -08:00
..
.keep Initial Commit 2019-08-14 15:18:44 +05:30
access_token_auth_helper.rb chore: Enforce custom role permissions on conversation access (#12583) 2025-10-22 20:23:37 -07:00
attachment_concern.rb fix: Validate blob before attaching it to a record (#13115) 2025-12-19 19:02:21 -08:00
auth_helper.rb chore: Upgrade rails and ruby versions (#2400) 2021-08-03 20:11:52 +05:30
domain_helper.rb fix: Locale not correct in root url when accessing help center with custom domain (#9110) 2024-03-19 18:48:59 +05:30
ensure_current_account_helper.rb feat: APIs to assign agents_bots as assignee in conversations (#12836) 2025-11-18 18:20:58 -08:00
google_concern.rb refactor: use state-based authentication (#11690) 2025-06-18 17:39:06 +05:30
hmac_concern.rb feat: API to create HMAC verified conversations (#7209) 2023-05-29 21:57:24 +05:30
instagram_concern.rb feat: Instagram Inbox using Instagram Business Login (#11054) 2025-04-08 10:47:41 +05:30
label_concern.rb feat: API to add label to contacts (#1563) 2021-01-03 20:07:57 +05:30
meta_token_verify_concern.rb feat: Support for Whatsapp Cloud API (#4938) 2022-07-06 21:45:03 +02:00
microsoft_concern.rb refactor: use state-based authentication (#11690) 2025-06-18 17:39:06 +05:30
notion_concern.rb feat: notion OAuth setup (#11765) 2025-06-26 19:16:06 +05:30
request_exception_handler.rb chore: Log errors handled by RequestExceptionHandler (#8013) 2023-09-30 19:46:58 -07:00
switch_locale.rb feat: Agent language settings (#11222) 2025-09-09 14:27:36 +05:30
twitter_concern.rb fix: Twitter inbox creation error (#1783) 2021-02-16 19:35:10 +05:30
website_token_helper.rb chore: Allow super admin to suspend an account (#5174) 2022-08-03 11:40:03 +05:30