Merge pull request #261 from paviliondev/fix_submissions_data_export_content
SECURITY: remove sensitive user content from submissions export
Dieser Commit ist enthalten in:
Commit
fee56c2d43
2 geänderte Dateien mit 7 neuen und 2 gelöschten Zeilen
|
@ -22,7 +22,12 @@ class CustomWizard::AdminSubmissionsController < CustomWizard::AdminController
|
|||
end
|
||||
|
||||
def download
|
||||
send_data submission_list.submissions.to_json,
|
||||
content = ActiveModel::ArraySerializer.new(
|
||||
submission_list.submissions,
|
||||
each_serializer: CustomWizard::SubmissionSerializer
|
||||
)
|
||||
|
||||
send_data content.to_json,
|
||||
filename: "#{Discourse.current_hostname}-wizard-submissions-#{@wizard.name}.json",
|
||||
content_type: "application/json",
|
||||
disposition: "attachment"
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
# frozen_string_literal: true
|
||||
# name: discourse-custom-wizard
|
||||
# about: Forms for Discourse. Better onboarding, structured posting, data enrichment, automated actions and much more.
|
||||
# version: 2.4.17
|
||||
# version: 2.4.18
|
||||
# authors: Angus McLeod, Faizaan Gagan, Robert Barrow, Keegan George, Kaitlin Maddever, Juan Marcos Gutierrez Ramos
|
||||
# url: https://github.com/paviliondev/discourse-custom-wizard
|
||||
# contact_emails: development@pavilion.tech
|
||||
|
|
Laden …
In neuem Issue referenzieren