Kevin McConnell
2e47749739
Don't allow SVG avatar uploads in the first place
2025-12-04 14:27:28 +00:00
Kevin McConnell
6475ad3425
Don't try to resize non-variable avatars
2025-12-04 13:36:21 +00:00
Jorge Manrubia
a0cb25a951
Merge pull request #1881 from basecamp/card-notification-removal-scope
...
Tighten scope on card notification removals
2025-12-04 08:44:52 +01:00
Jeremy Daer
7af93765a8
Security: close narrow window of exposure to DNS rebinding ( #1903 )
2025-12-03 23:12:17 -08:00
Jeremy Daer
cac0ca1656
Scope the single-board case to just the creator's boards ( #1880 )
2025-12-03 15:47:04 -08:00
Jeremy Daer
f440b0243e
Tighten scope on card notification removals
...
* Iterate each association separately to favor db indexing
* Pluck user IDs rather than select to avoid correlated subquery
2025-12-03 15:46:43 -08:00
Jorge Manrubia
38d86fb17b
Merge pull request #1879 from basecamp/scope-tags
...
Scope tags by account
2025-12-03 23:42:04 +01:00
Jorge Manrubia
4a30663df1
Scope tags by account
...
We missed this one when we went to MySQL. This can results in cards tagged with cards
from other accounts. No data leaked though: the symptom is that you see the card
tagged as expected but you don't see the tag in the menu.
2025-12-03 23:39:37 +01:00
Jorge Manrubia
6847c001ea
Merge pull request #1876 from basecamp/column-reordering-auth
...
Fix unauthorized column reordering
2025-12-03 22:18:06 +01:00
Jeremy Daer
9f6a4f1cc6
Fix unauthorized column reordering
...
Users could reorder columns they didn't have access to. Fixed by
limiting ColumnScoped to User::Accessor#accessible_columns.
References https://hackerone.com/reports/3449905
2025-12-03 13:00:49 -08:00
Jorge Manrubia
7fcf660f05
Merge pull request #1854 from MatheusRich/find-by-over-where-first
...
Prefer find_by! over where + first!
2025-12-03 21:51:18 +01:00
Stanko K.R.
7ab06d1dbd
Use cryptographically secure randomness for Magic Link code generation
...
#sample uses PRNG under the hood which is pseudo random, which means that given enough magic link codes you can predict which code would come next. To fix that we have to switch to CSPRNG - SecureRandom.random_number - which isn't easy to predict based on previous results.
2025-12-03 20:15:27 +01:00
Stanko Krtalić
3520f97e33
Merge pull request #1857 from basecamp/friendly-error-message-when-changing-email-with-an-invalid-code
...
Render a friendly error message when using an invalid email change token
2025-12-03 20:06:24 +01:00
Jorge Manrubia
60b1fe26e8
Merge pull request #1847 from javier-valencia-arch/patch-1
...
Refactor with_account and without_account methods
2025-12-03 19:33:31 +01:00
Brian Bailey
30a2149115
Update seeder.rb to fix a few minor things in the onboarding content
2025-12-03 12:20:37 -05:00
Karl Entwistle
59d7229500
Move Eventable concern to app/models/concerns
...
Aligns with Rails conventions for organizing concerns in a dedicated
concerns directory alongside existing concerns like Attachments,
Mentions, Searchable, etc.
2025-12-03 16:36:15 +00:00
Stanko K.R.
84213265e7
Render friendly error message when using an invalid token
2025-12-03 15:37:27 +01:00
Donal McBreen
13db384648
Auto default for UUID primary keys
...
Patch load_schmema! to set the default value for UUID primary keys. This
removes the need to patch ApplicationRecord + Rails models individually.
It also means we no longer need to patch the default in for the integer
primary key in Search::Record::SQLite.
2025-12-03 14:27:52 +00:00
Matheus Richard
7e95322776
Prefer find_by! over where + first!
2025-12-03 11:20:02 -03:00
Stanko K.R.
6e9381abb8
Fix crash in join code redemption race condition
2025-12-03 13:29:20 +01:00
Javier Valencia
0d83e9b90c
Refactor with_account and without_account methods
...
Remove variables name for block, not needed from Ruby >= 3.1
2025-12-03 12:26:39 +01:00
Dave Kimura
337af0a575
Merge branch 'basecamp:main' into main
2025-12-02 16:08:26 -05:00
Dave Kimura
2f740c81c0
(account): encode external_account_id in slug
...
- Use `AccountSlug.encode` to generate slug instead of raw ID
- Fixes where slug is /1 and will be in the proper format of /0000001
2025-12-02 16:07:04 -05:00
Mike Dalessio
a2e024c1b5
Disconnect action cable when user is deactivated
...
ref: https://app.fizzy.do/5986089/cards/2785
2025-12-02 14:26:04 -05:00
Jorge Manrubia
dfe8e7bd5d
Scope general broadcasts by account
...
Because DoS ourselves is not fun
2025-12-02 18:10:49 +01:00
Jorge Manrubia
32fe4339ee
Remove general broadcast temporarily
2025-12-02 18:03:19 +01:00
Kevin McConnell
f7e2b4e0ba
Don't compress attachments in export
...
Since they are typically images and videos, which are already
compressed.
2025-12-02 10:39:56 +00:00
Kevin McConnell
d24726c1d3
Merge pull request #1768 from basecamp/data-exports
...
Add "data export" feature
2025-12-02 09:56:40 +00:00
Stanko K.R.
78c6751fa0
Prohibit link local addresses
2025-12-02 09:32:15 +01:00
Jason Zimdars
15f4454861
Remove line breaks, update back button copy
...
Lexxy no longer requires two returns between items
2025-12-01 23:52:21 -06:00
Jorge Manrubia
af0113c9ee
After touch should trigger board touch too
...
The change in https://github.com/basecamp/fizzy/commit/c606de7b41f57734c4c859c5fc3d98c952b26d58#diff-1ecde9fb1ee2494e5d94e807f51f861928f77cfcfb0884889911b62a32c2ff4cL4-R23 was preventing marking cards as golden from broadcasting
2025-12-02 05:55:49 +01:00
Kevin McConnell
2c1ab1bb29
Formatting
2025-12-01 17:19:59 +00:00
Kevin McConnell
3eaf9cb350
Put fizzy in the export filename
2025-12-01 16:01:41 +00:00
Kevin McConnell
c492e6c4c4
Make the JSON prettier
2025-12-01 15:54:24 +00:00
Kevin McConnell
45afe494ec
Skip missing files
2025-12-01 15:40:07 +00:00
Kevin McConnell
12f6dbf79f
Handle remote image attachments too
2025-12-01 15:36:35 +00:00
Kevin McConnell
e16cc21b0a
Add "data export" feature
...
- Adds a button in Account Settings where you can request a ZIP export of your
Fizzy data
- Export files are created in the background. When ready, a link to
download them is sent to the requester.
- Exports expire after 24 hours. And are limited to 10 per day.
2025-12-01 15:23:26 +00:00
Jorge Manrubia
29d07e7326
Fix: not detecting mentions when publishing saved drafts
...
The problem was that publishing a card with `#publish` was tracking the event
after updating the status, which was clearing the saved changes and preventing the
code from detecting the mention.
See:
https://app.fizzy.do/5986089/cards/2835
2025-12-01 15:39:45 +01:00
Mike Dalessio
edf6b53469
Introduce an "owner" role, and prevent it from being administered
...
to prevent the owner from being demoted or kicked out.
ref: https://app.fizzy.do/5986089/cards/3213
2025-11-29 14:13:29 -05:00
Stanko K.R.
2311efd03e
Make sign up Magic Links work across devices
...
Previously if someone started signing in on their phone, but finished it on their laptop, they'd end up on the menu screen with no account. Bu tracking the purpose of a Magic Link we can always direct the user to sign up if they requested a magic link through sign up. This also makes the logic for changing the copy in the email more robust.
2025-11-29 12:36:00 +01:00
Mike Dalessio
434a9671cc
Ensure Account::ExternalIdSequenceTest.value is never nil
...
If no record exists, create it. This fixes a test in fizzy-saas in
test/models/signup_test.rb that was not actually testing with a valid
external account id.
2025-11-28 14:27:14 -05:00
Jorge Manrubia
4e09352c09
Bring simple signup flow from the fizzy-saas gem
...
We skip the QB code and we fill external account ids automatically on creation with a sequence
See:
https://github.com/basecamp/fizzy-saas/pull/7
2025-11-28 15:53:58 +01:00
Jorge Manrubia
2061ab4ab2
Use dedicated sequence record instead of deal with issues with ids and uuids when using the previous approach
2025-11-28 15:53:58 +01:00
Jorge Manrubia
07b4c55185
Auto-increment external_account_id automatically by default to allow upcoming simple signups
2025-11-28 15:53:58 +01:00
Mike Dalessio
3f8d10d679
Merge pull request #1747 from basecamp/flavorjones/perf-20251127
...
Address some N+1 query situations
2025-11-27 12:46:56 -05:00
Mike Dalessio
09366fc949
style: rubocop fix
2025-11-27 12:34:31 -05:00
Stanko K.R.
e3d91f4ba2
Fix join codes skipping user setup
...
If someone joined an account with the same identity as they were signed in with the old logic would skip the user setup step
2025-11-27 17:59:17 +01:00
Mike Dalessio
50fe973105
Remove N+1 on the cards board.
2025-11-27 11:30:54 -05:00
Mike Dalessio
0ab3aaca72
Preload Event to avoid N+1s on the timeline
2025-11-27 11:27:10 -05:00
Mike Dalessio
79c9ea2ce1
Remove a bunch of N+1s
...
related to notification and comment rendering
2025-11-27 11:08:45 -05:00