jukka/intra.noxus.fi
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
263 Commits 1 Branch 0 Tags
45de863d07d61c3d5ec0ed792712feb1250d1438
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Jukka Lampikoski 45de863d07 Security: defense-in-depth company isolation for all operations 
Critical fixes:
- company_logo_upload: validate user has access to target company
- All delete functions (db.php): accept optional company_id parameter
  for defense-in-depth filtering (customers, devices, ipam, guides,
  leads, tickets, archives, mailboxes, rules, templates, todos)
- All API delete calls now pass company_id to db layer
- ticket_bulk_delete: per-ticket company_id filtering
- todo_comment/time/subtask operations: verify todo belongs to company
- dbGetMailbox: optional company_id scoping, used in smtp_test
- requireCompanyOrParam: no longer mutates session permanently
- Fix _dbFetch typo in zammad_attachment (was runtime error)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-13 18:27:13 +02:00
data
SMTP-palvelin aina näkyvissä + CuituNet → Cuitunet
2026-03-10 23:28:31 +02:00
.gitignore
JSON → MySQL migraatio: tietokantapohjainen datatallennus
2026-03-10 15:00:38 +02:00
.htaccess
Add security hardening, captcha login, and password reset via email
2026-03-10 01:00:19 +02:00
api.php
Security: defense-in-depth company isolation for all operations
2026-03-13 18:27:13 +02:00
db.php
Security: defense-in-depth company isolation for all operations
2026-03-13 18:27:13 +02:00
deploy_data.php
SMTP-palvelin aina näkyvissä + CuituNet → Cuitunet
2026-03-10 23:28:31 +02:00
empor-logo.svg
Integraatiot yritystasolla: kaikki kolme tyyppiä (Zammad, Saatavuus-API, Telegram) latautuvat ja tallentuvat oikein
2026-03-12 19:39:39 +02:00
index.html
Group users by company + allow admins to set user/admin role
2026-03-13 15:16:04 +02:00
migrate.php
Vaihda brändäys: Noxus Intra → Noxus HUB © Empor Oy 2026
2026-03-12 23:49:00 +02:00
noxus-logo.svg
Noxus-logo + API-tabi piiloon ilman integraatioita
2026-03-12 23:14:17 +02:00
PLAN.md
SMTP-palvelin aina näkyvissä + CuituNet → Cuitunet
2026-03-10 23:28:31 +02:00
saatavuus-widget.html
feat: oma profiili -toiminto + placeholder-siivous + poista fix-skriptit
2026-03-10 21:38:32 +02:00
script.js
Group users by company + allow admins to set user/admin role
2026-03-13 15:16:04 +02:00
server.py
SMTP-palvelin aina näkyvissä + CuituNet → Cuitunet
2026-03-10 23:28:31 +02:00
style.css
Poista ticket-threadin max-height scroll — koko sivu scrollaa
2026-03-13 11:29:03 +02:00
Description
No description provided
642 KiB
Languages
PHP 40.1%
JavaScript 36%
HTML 18.3%
CSS 5.6%