TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-04-26 03:20:51 +00:00
Code Issues Packages Projects Releases Wiki Activity
zitadel/internal
History
Livio Spring 4e1868e9bb
fix: prevent panic when retrieving session by id in internal calls (#9442) 
# Which Problems Are Solved

#9110 introduced more possibilities to search for "own" sessions. Due to
this the permission checks for retrieving a session had to be updated
accordingly. Internal calls, such as retrieving them for sending
notifications do not require a permission, but the code was not properly
adjusted and thus could lead to panics.

# How the Problems Are Solved

- Properly handled (do not require) permission check for internal only
calls when retrieving the session by id.

# Additional Changes

None

# Additional Context

- needs backports to 2.68.x, 2.69.x, 2.70.x
- closes zitadel/devops#117
2025-03-03 11:24:52 +01:00
..
actions
fix: correctly check denied domains and ips for actions (#8810)
2024-10-22 16:16:44 +02:00
activity
feat: trusted (instance) domains (#8369)
2024-07-31 18:00:38 +03:00
admin/repository/eventsourcing
refactor(handler): cache active instances (#9008)
2024-12-06 11:32:53 +00:00
api
fix(permissions): chunked synchronization of role permission events (#9403)
2025-02-26 16:06:50 +00:00
auth/repository
feat: add PKCE option to generic OAuth2 / OIDC identity providers (#9373)
2025-02-26 12:20:47 +00:00
auth_request/repository
fix(login): correctly reload policies on auth request (#7839)
2024-04-24 08:44:55 +00:00
authz
fix(session v2): allow searching for own sessions or user agent (fingerprintID) (#9110)
2025-01-14 14:15:59 +01:00
cache
fix(cache): convert expiry to number (#9143)
2025-01-07 12:51:06 +01:00
command
refactor(notification): use new queue package (#9360)
2025-02-27 11:49:12 +01:00
config
feat(v3alpha): read actions (#8357)
2024-08-12 22:32:01 +02:00
crypto
perf(query): remove transactions for queries (#8614)
2024-11-04 10:06:14 +01:00
database
feat: add task queue (#9321)
2025-02-12 14:51:55 +00:00
domain
feat: add PKCE option to generic OAuth2 / OIDC identity providers (#9373)
2025-02-26 12:20:47 +00:00
eventstore
refactor(notification): use new queue package (#9360)
2025-02-27 11:49:12 +01:00
execution
feat: action v2 signing (#8779)
2024-11-28 10:06:52 +00:00
feature
feat: Use V2 API's in Console (#9312)
2025-02-17 19:25:46 +01:00
form
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
i18n
fix(login): avoid disallowed languages with custom texts (#9094)
2024-12-20 11:31:03 +01:00
iam
refactor: cleanup unused code (#7130)
2024-01-02 14:26:31 +00:00
id
feat(cmd): Added machine ID mode to zitadel start up logs (#8251)
2024-07-16 09:53:57 +00:00
idp
feat: add PKCE option to generic OAuth2 / OIDC identity providers (#9373)
2025-02-26 12:20:47 +00:00
integration
refactor(notification): use new queue package (#9360)
2025-02-27 11:49:12 +01:00
logstore
perf: project quotas and usages (#6441)
2023-09-15 16:58:45 +02:00
migration
fix(setup): improve search query to use index (#8898)
2024-11-13 07:50:23 +00:00
net
perf: project quotas and usages (#6441)
2023-09-15 16:58:45 +02:00
notification
refactor(notification): use new queue package (#9360)
2025-02-27 11:49:12 +01:00
org
refactor: cleanup unused code (#7130)
2024-01-02 14:26:31 +00:00
project
refactor: cleanup unused code (#7130)
2024-01-02 14:26:31 +00:00
protoc
merge main into next
2023-10-19 12:34:00 +02:00
qrcode
query
fix: prevent panic when retrieving session by id in internal calls (#9442)
2025-03-03 11:24:52 +01:00
queue
refactor(notification): use new queue package (#9360)
2025-02-27 11:49:12 +01:00
renderer
fix(login): (re)allow HTML in custom login texts (#7575)
2024-03-15 16:29:10 +01:00
repository
refactor(notification): use new queue package (#9360)
2025-02-27 11:49:12 +01:00
static
feat(api): allow Device Authorization Grant using custom login UI (#9387)
2025-02-25 07:33:13 +01:00
statik
chore: initial version of a devcontainer (#6352)
2023-08-15 10:49:05 +02:00
telemetry
fix(OTEL): reduce high cardinality in traces and metrics (#9286)
2025-02-04 09:55:26 +01:00
test
feat: list users scim v2 endpoint (#9187)
2025-01-21 13:31:54 +01:00
user
feat(users/v2): return prompt information (#9255)
2025-01-29 15:12:31 +00:00
v2
fix(eventstore): revert precise decimal (#8527) (#8679)
2024-09-24 18:43:29 +02:00
view/repository
perf(query): remove transactions for queries (#8614)
2024-11-04 10:06:14 +01:00
webauthn
fix: add domain as attribute to list user auth methods (#8718)
2024-10-10 16:50:53 +00:00
zerrors
feat: create user scim v2 endpoint (#9132)
2025-01-09 12:46:36 +01:00