rodrigo/iachat
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
86da3f7c06
iachat/app/controllers/api/v1
History
Pranav 86da3f7c06
fix: Remove account_id from params since it is not used (#13116) 
account_id was permitted in strong parameters, allowing authenticated
admins to transfer resources (Portals, Automation Rules, Macros) to
arbitrary accounts.

 Fix: Removed account_id from permitted params in 4 controllers:
  - portals_controller.rb
  - automation_rules_controller.rb
  - macros_controller.rb
  - twilio_channels_controller.rb
2025-12-19 17:07:53 -08:00
..
accounts fix: Remove account_id from params since it is not used (#13116) 2025-12-19 17:07:53 -08:00
integrations feat: Slack link unfurling (#7940) 2023-09-29 19:35:56 +05:30
profile feat: MFA (#12290) 2025-09-18 20:19:24 +05:30
widget feat: allow configuring attachment upload limit (#12835) 2025-11-17 14:03:08 -08:00
accounts_controller.rb feat: Conversation workflow backend changes (#13070) 2025-12-16 14:43:15 +05:30
notification_subscriptions_controller.rb fix: Remove the notification subscription if present (#5510) 2022-09-27 12:36:57 -07:00
profiles_controller.rb feat: Ability to reset api_access_token (#11565) 2025-05-29 14:42:13 +05:30
webhooks_controller.rb chore: Upgrade Exception tracking (#4638) 2022-05-09 14:23:19 +05:30