Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feature: full IDs obfuscation (friendly_id/hashids/prefixed_ids) #2564

Merged
merged 88 commits into from
Aug 5, 2024
Merged

feature: full IDs obfuscation (friendly_id/hashids/prefixed_ids) #2564

merged 88 commits into from
Aug 5, 2024

Conversation

gabrielgiroe1
Copy link
Contributor

@gabrielgiroe1 gabrielgiroe1 commented Mar 6, 2024
edited by Paul-Bob
Loading

Description

Fixes #2563

This PR ensures that Avo does not expose records' private ID when using any gem that manipulates the record's ID.

Checklist:

  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have added tests that prove my fix is effective or that my feature works

@gabrielgiroe1 gabrielgiroe1 marked this pull request as draft March 6, 2024 14:28
github-actions[bot]
github-actions bot reviewed Mar 6, 2024
View reviewed changes
Gemfile Outdated Show resolved Hide resolved
Gemfile Outdated Show resolved Hide resolved
Gemfile Outdated Show resolved Hide resolved
@codeclimate CodeClimate
Copy link

codeclimate bot commented Mar 6, 2024
edited
Loading

Code Climate has analyzed commit 1aa46cc and detected 0 issues on this pull request.

View more on Code Climate.

@gabrielgiroe1 gabrielgiroe1 marked this pull request as ready for review March 7, 2024 10:19
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Apr 3, 2024

This PR has been marked as stale because there was no activity for the past 15 days.

@github-actions github-actions bot added the Stale label Apr 3, 2024
@Paul-Bob Paul-Bob removed the Stale label Apr 3, 2024
@adrianthedev
Copy link
Collaborator

What is the status on this one?

@Paul-Bob Paul-Bob marked this pull request as draft April 18, 2024 09:34
@adrianthedev
Copy link
Collaborator

@gabrielgiroe1 what is the status on this one?

@gabrielgiroe1 gabrielgiroe1 marked this pull request as ready for review April 18, 2024 20:36
@Paul-Bob
Copy link
Contributor

The real ID is leaking on attach request params, let's try to find out more spots like this one and fix them.

@github-actions github-actions bot closed this Aug 5, 2024
@Paul-Bob Paul-Bob reopened this Aug 5, 2024
github-actions[bot]
github-actions bot reviewed Aug 5, 2024
View reviewed changes
lib/avo/resources/base.rb Outdated Show resolved Hide resolved
@Paul-Bob Paul-Bob changed the title Full obfuscation of IDs in Avo(friendly_id/hashids/prefixed_ids) feature: full IDs obfuscation (friendly_id/hashids/prefixed_ids) Aug 5, 2024
Paul-Bob
Paul-Bob approved these changes Aug 5, 2024
View reviewed changes
Copy link
Contributor

@Paul-Bob Paul-Bob left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for all the effort on this one @gabrielgiroe1!

@Paul-Bob Paul-Bob merged commit e26f62d into main Aug 5, 2024
21 of 22 checks passed
@Paul-Bob Paul-Bob deleted the feature/support-alternative-ids branch August 5, 2024 11:23
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Aug 5, 2024

This PR has been merged into main. The functionality will be available in the next release.

Please check the release guide for more information.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-actions GitHub Actions GitHub Actions left review comments

@Paul-Bob Paul-Bob Paul-Bob approved these changes

@adrianthedev adrianthedev Awaiting requested review from adrianthedev

Assignees

@Paul-Bob Paul-Bob

Labels
Feature Stale
Projects
Issues
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Support for Alternative IDs (e.g., Hashid)
3 participants
@gabrielgiroe1 @adrianthedev @Paul-Bob