binwiederhier
c873064cad
Date / time format
2026-06-29 22:24:04 -04:00
binwiederhier
5e32f05302
Read /account from primary
2026-06-25 20:24:50 -04:00
binwiederhier
74240328dc
Changelog, constant time compare
2026-06-22 21:21:48 -04:00
Philipp C. Heckel
3bfb9f334b
Merge pull request #1795 from lmorchard/fix/sync-topic-deny-all
...
Grant users access to their own sync topic under deny-all (fixes #733 )
2026-06-22 21:17:37 -04:00
binwiederhier
9b3ab5a302
Remove migration test
2026-06-22 17:02:47 -04:00
binwiederhier
4313b02fc6
Allow primary email for provisioend users
2026-06-22 12:59:50 -04:00
binwiederhier
5808c4d4c0
Rename variable
2026-06-21 11:53:25 -04:00
binwiederhier
954fae44dc
Make more readable
2026-06-21 11:47:14 -04:00
binwiederhier
d7dea6d250
Review
2026-06-21 11:19:49 -04:00
binwiederhier
2ee8717e0c
Don't use consts in queries
2026-06-20 13:58:23 -04:00
Les Orchard
cac3b2986a
Grant users access to their own sync topic under deny-all
...
Manager.Authorize had no special case for a user's own sync topic, so with
auth-default-access=deny-all the per-account sync topic (st_...) fell through
to the default access and was denied. This broke web app account sync for
non-admin users: wss://.../st_<id>/ws returned 403. Admin-role users were
unaffected via the existing role bypass.
Allow a user full access to their own SyncTopic in Authorize. This fixes
existing users without a migration, since it needs no ACL row.
Fixes #733
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-17 11:58:29 -07:00
binwiederhier
99bc803271
Code review
2026-06-16 21:18:58 -04:00
binwiederhier
d8c87d04e7
Update privacy policy, code review
2026-06-16 20:56:22 -04:00
binwiederhier
eff808d0f8
Lint
2026-06-13 09:35:09 -04:00
binwiederhier
f558935c1e
Re-wording, chips
2026-06-12 22:33:09 -04:00
binwiederhier
4516adea36
Lots of refinement
2026-06-12 17:36:40 -04:00
binwiederhier
33ae31055c
Phase 3+4
2026-06-12 14:23:32 -04:00
binwiederhier
30dd4840a2
Phase 2, email verification rework, ui stuff
2026-06-12 11:40:59 -04:00
binwiederhier
fd716e4807
Phase 1
2026-06-12 11:07:48 -04:00
binwiederhier
ddb878d985
Fix ACL case sensitivity issues in sqlite
2026-06-04 10:28:33 -04:00
binwiederhier
b4cb1bb7fb
Fix race and a small issue with the access cache
2026-06-03 21:01:52 -04:00
binwiederhier
3e81620dac
Bump
2026-06-03 20:38:19 -04:00
binwiederhier
869f005136
Review
2026-06-01 21:15:43 -04:00
binwiederhier
d2507dbeed
Again: Manual review
2026-06-01 21:09:56 -04:00
binwiederhier
ae27172f8d
Add trace logs
2026-06-01 20:30:05 -04:00
binwiederhier
e18329a17e
Log changes
2026-06-01 14:08:33 -04:00
binwiederhier
104182a8be
Log reload
2026-06-01 12:47:21 -04:00
binwiederhier
4196e6444c
Stringbuilder
2026-05-31 21:31:23 -04:00
binwiederhier
a2dc290f31
Review
2026-05-31 21:25:53 -04:00
binwiederhier
0e2c459d6b
Further review
2026-05-31 15:42:12 -04:00
binwiederhier
2f4afbdae5
Manual refinements
2026-05-31 15:26:28 -04:00
binwiederhier
204723f3c0
Make opt-in flag
2026-05-31 14:28:04 -04:00
binwiederhier
301be79f0a
Per-user reload
2026-05-31 14:11:55 -04:00
binwiederhier
03d405ed80
Rename acl cahce
2026-05-31 11:42:54 -04:00
binwiederhier
4b87a27326
Docblock, more tests
2026-05-31 11:22:30 -04:00
binwiederhier
d987796243
Rename
2026-05-31 11:08:30 -04:00
binwiederhier
c841caa3b3
Review, rename to pattern
2026-05-31 11:05:27 -04:00
binwiederhier
6310e3a96f
Replace atomic.Pointer for readbility
2026-05-31 10:45:10 -04:00
binwiederhier
25520c4505
WIP: Access cache
2026-05-28 17:13:14 -04:00
binwiederhier
51da5e0f77
Review
2026-03-30 16:33:19 -04:00
binwiederhier
63ec73a319
Tests
2026-03-30 12:21:19 -04:00
binwiederhier
61dd788dac
WIP: Email verification
2026-03-29 22:47:38 -04:00
binwiederhier
3d9ce69042
PG races
2026-03-16 15:48:36 -04:00
binwiederhier
59ce581ba2
Fix postgres primary/replica races
2026-03-16 11:21:21 -04:00
binwiederhier
6b38acb23a
Route authorization query to read-only database replica to reduce primary database load
2026-03-15 22:01:19 -04:00
binwiederhier
8a34dfe3f8
Move things, rename things
2026-03-12 21:17:30 -04:00
binwiederhier
85bdfc61ce
Refine, log unhealthy replica
2026-03-11 21:07:58 -04:00
binwiederhier
ac65df1e83
Move auth queries to primary, redo health check loop
2026-03-11 20:26:29 -04:00
binwiederhier
ab33ac7ae5
Refine
2026-03-11 11:58:40 -04:00
binwiederhier
f1865749d7
WIP: Postgres read-only replica
2026-03-10 22:17:40 -04:00