Commit Graph

5 Commits

Author SHA1 Message Date
Guilherme Rauen d656857509 extend sid validation to all routes (#138)
Co-authored-by: Guilherme Rauen <g.rauen@cognigy.com>
2023-03-31 07:46:33 -04:00
Guilherme Rauen 789a0ba3ff Fix SQL Injection Vulnerabilities (#134)
* avoid sql injections

* linter

* fix test using random sid

* add some test cases

* remove tests that don't use the new validation

* add test

* linter

* fix tests

* add test

---------

Co-authored-by: Guilherme Rauen <g.rauen@cognigy.com>
2023-03-29 12:36:51 -04:00
EgleH dd2176bf89 feature/user-api-calls (#80)
* initial changes for jwt auth

* return permissions as an array of string

* basic GET, POST, DELETE user api calls

* add permission checks

* hide hashed_password

* cleanup

* add check if admin user is active

* return account and serviceProvider sid un user object

* add more values to user PUT

* logout user after self delete, fix scope assignment

* add admin scope user tests

* fix test case and align jwt and api key data model in req.user

* fixes for ibm speech

* add limits license_count and voice_call_minutes

* update limits enum again

* rebase to main

* allow predefined carriers and speech credentials for Account user

* reverse the hasAccountPermissions changes

* SpeechCredentials permissions

* fix /Users/me api non-saas jambonz

Co-authored-by: Dave Horton <daveh@beachdognet.com>
Co-authored-by: eglehelms <e.helms@cognigy.com>
2022-12-10 09:12:05 -05:00
Dave Horton 05c46c5f39 Feature/sp call limits (#63)
* add api for setting/querying call limits by account and sp

* update an account or sp limit if one exists rather than creating a new one
2022-09-20 22:55:28 +02:00
Dave Horton 052a19cfdc Feature/sp call limits (#63)
* add api for setting/querying call limits by account and sp

* update an account or sp limit if one exists rather than creating a new one
2022-09-20 13:12:28 +02:00