Files
jambonz-api-server/lib/routes/api
Dave Horton bff9314622 fix(security): add authorization checks to prevent cross-account access (CWE-639) (#558)
- Add precondition support to decorate.js retrieve function
- Fix google-custom-voices.js typo and add delete precondition
- Check ownership via speech_credential for google-custom-voices
- Add retrieve/delete preconditions to lcr-carrier-set-entries.js
- Add retrieve precondition to sip-gateways.js and smpp-gateways.js
- Add scope check to lcr-routes.js custom GET handler
- Add full authorization to tenants.js for all CRUD operations
- Add scoped query methods to tenant model

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
2026-06-27 15:53:51 -04:00
..
2022-02-01 20:42:10 -05:00
2025-05-08 08:41:50 -04:00
2025-12-19 07:32:20 -05:00
2025-08-13 20:33:40 -04:00
2025-05-08 08:41:50 -04:00
2026-04-14 08:19:42 -04:00
2023-06-29 11:06:59 +01:00
2023-04-18 13:01:38 -04:00
2025-06-27 07:13:14 -04:00
2025-06-26 13:09:42 -04:00
2026-02-09 10:40:59 -05:00