Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: session delete action #1793

Merged
merged 1 commit into from
Oct 17, 2024
Merged

fix: session delete action #1793

merged 1 commit into from
Oct 17, 2024

Conversation

lfleischmann
Copy link
Member

Description

  1. The delete session action is available/present in a response even if there is only one active session and it is equal to the current session.
  2. The input is not properly validated so deleting other user's sessions is possible.

Implementation

  1. Suspend the action during initialization if there is no other session than the current one.
  2. Validate the input (and hence its allowed values) during execution.

How to test

  1. Log in to establish a session. The action should not be present in the response. Then establish one or more sessions, the action should be present again.
  2. Login with users A and B, establish one more session for user A (or else the action would not be present, see 1.). As user A, try to delete the session from user B. The input should now be validated and an error should be returned (because User B's session is not in the allowed values).

@lfleischmann
fix: session delete action
4c45b11 
Suspends the action if there is only one session and it is the same
as the current. Also now validates the allowed input values during
execution.
@lfleischmann lfleischmann merged commit 42b1c94 into main Oct 17, 2024
8 checks passed
@lfleischmann lfleischmann deleted the fix-session-delete-action branch October 17, 2024 15:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@FreddyDevelop FreddyDevelop FreddyDevelop approved these changes

Assignees
No one assigned
Labels
None yet
Projects
Hanko
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@lfleischmann @FreddyDevelop