|
|
6fbb98cf2f
|
test(invites): return 404 for invalid join token
CI / test (push) Has started running
|
2026-03-08 20:19:53 +03:00 |
|
|
|
58e85d0a64
|
test(invites): cover join-by-token and invite-link permissions
CI / test (push) Has started running
|
2026-03-08 20:19:16 +03:00 |
|
|
|
ee43d13ba4
|
test(roles): enforce owner-only member role management
CI / test (push) Has started running
|
2026-03-08 20:17:30 +03:00 |
|
|
|
80bda6e537
|
test(channels): enforce delete-for-all permissions on messages
CI / test (push) Has started running
|
2026-03-08 20:15:25 +03:00 |
|
|
|
ace8c79051
|
test(auth): cover single-session revoke behavior
CI / test (push) Has started running
|
2026-03-08 20:10:30 +03:00 |
|
|
|
9f03aafd18
|
test(privacy): enforce nobody private message policy
CI / test (push) Has started running
|
2026-03-08 20:09:14 +03:00 |
|
|
|
1a3a54cfb9
|
test(moderation): enforce group profile edit permissions by role
CI / test (push) Has started running
|
2026-03-08 20:04:55 +03:00 |
|
|
|
57b687a036
|
test(channels): validate admin global delete permissions
CI / test (push) Failing after 51s
|
2026-03-08 20:03:15 +03:00 |
|
|
|
9bc695ca58
|
test(privacy): verify contacts-only avatar and presence visibility
CI / test (push) Has started running
|
2026-03-08 20:01:36 +03:00 |
|
|
|
6930e73b9f
|
test(channels): enforce member read-only posting permissions
CI / test (push) Successful in 50s
|
2026-03-08 19:58:10 +03:00 |
|
|
|
f03fcb2bb7
|
test(privacy): cover hidden avatar and last-seen in private chat list
CI / test (push) Has started running
|
2026-03-08 19:57:42 +03:00 |
|
|
|
1d250f0420
|
test(realtime): cover recording activity event schema
CI / test (push) Successful in 46s
|
2026-03-08 19:54:19 +03:00 |
|
|
|
1ef0cdf29d
|
test(channel): forbid member delete with for_all
CI / test (push) Successful in 42s
|
2026-03-08 19:45:37 +03:00 |
|
|
|
101f39771e
|
fix(channel): member delete acts as leave; add coverage and docs
CI / test (push) Successful in 42s
|
2026-03-08 19:44:42 +03:00 |
|
|
|
fb812c9a39
|
auth(2fa): add one-time recovery codes with regenerate/status APIs
CI / test (push) Successful in 40s
|
2026-03-08 19:16:15 +03:00 |
|
|
|
d069ff1121
|
auth(2fa): block setup after enable to avoid secret reissue
CI / test (push) Successful in 43s
|
2026-03-08 19:07:20 +03:00 |
|
|
|
af1ce20640
|
tests(privacy): cover group-invite and avatar visibility policies
CI / test (push) Successful in 31s
|
2026-03-08 19:05:43 +03:00 |
|
|
|
1c9855b34c
|
auth: force disconnect realtime on revoke-all sessions
CI / test (push) Successful in 26s
|
2026-03-08 19:04:23 +03:00 |
|
|
|
db700bcbcd
|
moderation: add chat bans for groups/channels with web actions
CI / test (push) Successful in 26s
|
2026-03-08 14:29:21 +03:00 |
|
|
|
76cc5e0f12
|
privacy/security: add PM privacy levels and improve session visibility
CI / test (push) Successful in 24s
|
2026-03-08 14:26:19 +03:00 |
|
|
|
fc7a9cc3a6
|
test+web: fix test suite and remove redundant privacy checkbox
CI / test (push) Successful in 25s
|
2026-03-08 12:16:21 +03:00 |
|
|
|
85631b566a
|
Implement security hardening, notification pipeline, and CI test suite
CI / test (push) Successful in 9m2s
Security hardening:
- Added IP/user rate limiting with Redis-backed counters and fail-open behavior.
- Added message anti-spam controls (per-chat rate + duplicate cooldown).
- Implemented refresh token rotation with JTI tracking and revoke support.
Notification pipeline:
- Added Celery app and async notification tasks for mention/offline delivery.
- Added Redis-based presence tracking and integrated it into realtime connect/disconnect.
- Added notification dispatch from message flow and notifications listing endpoint.
Quality gates and CI:
- Added pytest async integration tests for auth and chat/message lifecycle.
- Added pytest config, test fixtures, and GitHub Actions CI workflow.
- Fixed bcrypt/passlib compatibility by pinning bcrypt version.
- Documented worker and quality-gate commands in README.
|
2026-03-07 21:46:30 +03:00 |
|
