Commit Graph

15 Commits

Author SHA1 Message Date
Mike Dalessio e0aa1d257e Drop User.system and replace with Account#system_user 2025-11-24 13:23:57 -05:00
Stanko K.R. e85c5736c9 Render system user avatars using redirects 2025-11-24 12:05:32 +01:00
Jorge Manrubia 9903a37243 Fix tests 2025-11-12 11:37:06 +01:00
Jorge Manrubia dba3b2d65d Remove nil param 2025-11-12 11:25:51 +01:00
Jorge Manrubia 3b34703db3 Make sure that only admins or card creators can delete cards 2025-11-05 16:37:43 +01:00
Jorge Manrubia 193cc26a98 Make sure only admins or collection creators can toggle the all access setting 2025-11-05 15:51:19 +01:00
Stanko K.R. 25b2daad93 Limit access to webhooks to admins 2025-09-16 20:04:20 +02:00
David Heinemeier Hansson 8e479dddba Clearer still 2025-04-15 16:04:11 +02:00
David Heinemeier Hansson 5d22809e29 No public use of this concept, so inline it 2025-04-15 16:03:14 +02:00
David Heinemeier Hansson 680611503d Distinguish between administering and just changing 2025-04-15 16:00:29 +02:00
David Heinemeier Hansson af0a42080b Allow users to edit themselves 2025-04-15 15:35:39 +02:00
David Heinemeier Hansson 6bbf68a4f9 The tenanted db is the account scope 2025-04-12 20:06:34 +02:00
Jorge Manrubia cfe91c25c9 Add admin role, make sure only admins can remove and promote other users 2025-04-03 17:43:29 +02:00
Kevin McConnell d925b53b01 Prevent calling system without scoping to account 2025-02-12 15:19:51 +00:00
Kevin McConnell 485a056ba2 Add a "system" role & specific user 2025-02-12 13:19:53 +00:00