fix single type
fix query
sanitize pagination count params
add comments
Cleanup the params/filters sanitize helpers
sanitize association resolver
Sanitize sort
fix graphql single type
fix graphql types
fix addFindQuery
Sanitize fields
Update sanitize sort to handle all the different formats
Update fields sanitize to handle regular strings & wildcard
Fix non scalar recursion
Add a traverse factory
Add visitor to remove dz & morph relations
Replace the old traverse utils (sort, filters) by one created using the traverse factory
add sanitize populate
await args
fix async and duplicate sanitization
sanitize u&p params
Add traverse fields
Fix traverse & sanitize fields
add traverse fields to nested populate
sanitize admin api filter queries
Co-authored-by: Jean-Sébastien Herbaux <Convly@users.noreply.github.com>
sanitize sort params in admin API
todo
make token fields unsearchable with _q
sanitize delete mutation
Update packages/core/admin/server/services/permission/permissions-manager/sanitize.js
Co-authored-by: Jamie Howard <48524071+jhoward1994@users.noreply.github.com>
fix errors on queries without ctx
rename findParams to sanitizedParams
Sanitize queries everywhere in the content manager admin controllers
sanitize single type update and delete
Ignore non attribute keys in the sanitize sort
Fix the sanitize query sort for nested string sort
Fix permission check for the admin
typo
sanitize upload
sanitize admin media library
sanitize admin users
Add missing await
Co-authored-by: Jean-Sébastien Herbaux <Convly@users.noreply.github.com>
set U&P users fields to searchable:false
add token support to createContentAPIRequest
add searchable:false to getstarted U&P schema
remove comment
sanitize component resolver
remove await
add searchable false to the file's folder path
Fix admin query when the permission query is set to null
add basic tests for filtering private params
add tests for fields
add pagination tests
Fix admin user fields not being sanitized
Fix convert query params for the morph fragment on undefined value
Traverse dynamic zone on nested populate
Handle nested sort, filters & fields in populate queries + handle populate fragment for morphTo relations
Sanitize 'on' subpopulate
Co-authored-by: Jean-Sébastien Herbaux <Convly@users.noreply.github.com>
don't throw error on invalid attributes
check models for snake case column name instead of assuming they are operators
Add first batch of api tests for params sanitize
Fix sort traversal: handle object arrays
Put back removePassword for fields,sort,filters
Add schemas and fixtures for sanitize api tests
Add tests for relations (sanitize api tests)
Move constant to domain scope
Rename sanitize params to sanitize query
Fix typo
Cleanup fixtures file
Fix variable name conflict
Update packages/core/admin/server/services/permission/permissions-manager/sanitize.js
Co-authored-by: Alexandre BODIN <alexandrebodin@users.noreply.github.com>
Update comment for array filters
Rename sanitize test
Test implicit & explicit array operator for filter
Remove unused code
* Fix formatFileInfo
Keep original file name including extension
* Fix file name for generated media
File name was not set for all generated media: thumbnail and resized pictures.
* Generate hash based on file name without extension
* cleanup PR
Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com>
* Fix unit tests
Exclude temporarily unit test 'Replaces reserved and unsafe characters for URLs and files in hash' because it did not work properly ever.
* Remove path delimiter from filename because it is correct character for file path
* Fix e2e
* Continue fixes for e2e
* Fix createRequest content type
* Correct thumbnail name in e2e test
Co-authored-by: Alexandre BODIN <alexandrebodin@users.noreply.github.com>
Co-authored-by: Alexandre Bodin <bodin.alex@gmail.com>
Co-authored-by: Andrey Hohutkin <none@none>
