Mirrors/Claper
1
0
Fork 0
mirror of https://github.com/ClaperCo/Claper.git synced 2026-02-24 12:09:59 +01:00
Code Issues Packages Projects Releases Wiki Activity
370 Commits 8 Branches 20 Tags
dev
Commit Graph

168 Commits

Author SHA1 Message Date
Alexandre Lion
910627f4ba Fix form submission crash for anonymous attendees (#210) 
The FormSubmit changeset required user_id, but anonymous attendees only
have attendee_identifier. This caused a CaseClauseError since the error
tuple was unhandled. Now the changeset accepts either user_id or
attendee_identifier, and error cases are properly handled.
 2026-02-09 19:19:05 +01:00
Alexandre Lion
8f46837900 Fix critical security vulnerabilities (#211) 
* Fix critical security vulnerabilities

Address 5 critical findings from security audit:
- Sanitize custom embed HTML to prevent stored XSS (strip all non-iframe content)
- Escape URLs in format_body/1 to prevent reflected XSS via post messages
- Add authorization check to form export endpoint (IDOR fix)
- Replace String.to_atom/1 on user input with explicit whitelists (8 locations)
- Add IP-based rate limiting on authentication endpoints via Hammer

* Start rate limiter before endpoint in supervision tree

* Update CHANGELOG
 2026-02-09 19:18:14 +01:00
Raúl R Pearson
767f0ddfd5 Handle slides for empty presentation (#200) 2026-01-23 12:11:09 +01:00
Raúl R Pearson
c8d87196ba Left join leader in get_managed_event!/2 (#194) 2025-12-06 11:32:41 +01:00
Raúl R Pearson
5cf4759f05 Make S3 service configurable (#190) 2025-12-06 11:31:28 +01:00
Raúl R Pearson
6dc618151a Enable optional form fields (#193) 
* Enable optional form fields

* Suffix optional text and email component labels

* Update gettext files
 2025-12-05 12:31:00 +01:00
Raúl R Pearson
3b511bcc6e Improve event live listing (#185) 
* Expand user events PubSub

* Improve updates in events LiveView
 2025-12-04 15:00:23 +01:00
Raúl R Pearson
10a5392d56 Set PollOpt preload order (#187) 2025-11-20 13:37:18 +01:00
Alexandre Lion
5853bc34d8 Add admin panel and user roles (#189) 2025-11-20 10:44:06 +01:00
Dimitrije Dimitrijevic
16bcce1a60 Fix duplicate key quiz when duplicate (#182) 
* add quiz_responses association to user

* bugfix possible duplicate key entries in multi when adding quiz responses

* remove user_id from casting changeset in QuizResponse

* pass whole user to submit_quiz function

* update test to match changes

* simplify submit_quiz/3 function for inserting quiz response

---------

Co-authored-by: Dimitrije Dimitrijevic <me@dimitrijedimitrijevic.com>
 2025-11-04 18:46:29 +01:00
Raúl R Pearson
fc667bb478 Hideable presenter attendee count (#183) 2025-10-28 18:34:49 +01:00
Raúl R Pearson
03feb9a901 Fix email change confirmation (#172) 
* Update translation files

I run `mix gettext.extract` and `mix gettext.merge priv/gettext`
as it seems that the files were somewhat outdated.

* Fix email change confirmation

Send the confirmation email to the new address

* Tweak email change confirmation email

* Run ./dev.sh format
 2025-09-10 08:16:55 +02:00
Alex Lion
c8bf32542f feat: add hu and lv locales to airpicker and moment 2025-08-24 09:55:09 +02:00
Alex Lion
d3c45533f0 fix: spacing in settings 2025-08-09 19:29:20 +02:00
Chayan Das
137d5f3de1 add scroll to the setting drawer (#168) 
Signed-off-by: Chayan Das <01chayandas@gmail.com>
 2025-08-09 16:33:43 +02:00
Aryel780
9b4cda357b fix: Scrollbar not showing in event manager when no presentation file (#162) 2025-07-16 17:13:00 +02:00
Alex Lion
983552772a feat: add configurable language support via LANGUAGES environment variable 2025-07-11 14:46:33 +01:00
Alex Lion
c92edbb885 chore: refactor toggle interaction modal 2025-07-07 23:17:02 +02:00
Alex Lion
afb989485e fix: avoid quick event empty name 2025-07-07 23:16:22 +02:00
Alex Lion
9c1c3d01c1 deps: upgrade to tailwind 4+ 
commit e5905358dc20cea2fcc41b3580c4985e8ac53217
Author: Alex Lion <dev@alexandrelion.com>
Date:   Mon Jul 7 22:56:14 2025 +0200

    chore: update changelog

commit 2696a29ffdc6deb930b8ffb6f92cae21b176e853
Author: Alex Lion <dev@alexandrelion.com>
Date:   Mon Jul 7 22:52:11 2025 +0200

    Change js file to css and migrate css classes

commit 19093360ed2404f956d799c0a9ec1656c9fa1a74
Author: Alex Lion <dev@alexandrelion.com>
Date:   Sat Jul 5 19:28:34 2025 +0200

    chore: upgrade to tailwind 4+

commit 75312e8b3d3c9fd25137189e7020994640a0f901
Author: Alex Lion <dev@alexandrelion.com>
Date:   Thu Jul 3 16:59:58 2025 +0200

    chore: remove useless files
 2025-07-07 23:00:30 +02:00
Alex Lion
b61c82fe55 chore: change gettext backend syntax 2025-07-03 15:38:53 +02:00
Alex Lion
827c6c77da deps: upgrade to live view 1.0 2025-07-03 14:55:23 +02:00
Alex Lion
761e765112 fix: File upload progress when edit event 2025-06-12 19:36:35 +02:00
Alex Lion
b4b5cfb756 add length validation for event name and code fields 2025-05-30 17:20:11 +02:00
Alex Lion
8e648451eb Hide settings on tablet size (#121) 2025-03-23 18:56:07 +01:00
David Anyatonwu
bdddf2c376 feat: add PKCE support to OIDC flow (#134) (#129) 2025-03-23 18:49:13 +01:00
Alex Lion
3f59f52dbf Format 2025-03-08 09:39:17 +01:00
Alex Lion
a3b8c79feb Fix embed deletion bad keys for attendee 2025-03-08 09:28:56 +01:00
Alex Lion
6813db7b5a Fix question counting for quiz component 2025-03-08 09:28:56 +01:00
Alex Lion
89a3eced83 Improve quiz export 2025-01-02 21:27:36 +01:00
Alex Lion
94d9641d96 Fix tour button position 2025-01-02 14:22:55 +01:00
Alex Lion
56ad2c1cf6 Add link to title of event 2024-12-30 21:45:48 -05:00
Alex Lion
dc6d267245 Add hyperlinks in messages 2024-12-30 20:45:12 -05:00
Alex Lion
f6c0a3a6e7 Remove fullscreen text indication on manager 2024-12-30 20:26:38 -05:00
Alex Lion
e66da3192d Improve performance of presentation to load slides faster 2024-12-30 20:20:48 -05:00
Alex Lion
3300bd210d Fix report 2024-12-28 17:44:48 -05:00
Alex Lion
f3a36163b6 Add soft delete user account 2024-12-28 13:13:55 -05:00
Alex Lion
a669d64352 Fix duplicate ids 2024-12-26 12:47:34 -05:00
Alex Lion
13a7ad3531 Fix event creation 2024-12-26 12:40:20 -05:00
Alex Lion
f7dbb13a49 Fix tests 2024-12-25 10:40:03 -05:00
Alex Lion
4e943a17f6 Fix format 2024-12-25 10:30:12 -05:00
Alex Lion
c636439126 Fix quotes format 2024-12-25 10:02:16 -05:00
Alex Lion
5ac1c8aed2 Add quiz created event 2024-12-25 10:02:07 -05:00
Alex Lion
666299525f Fix warning 2024-12-25 03:00:19 -05:00
Alex Lion
d89d95de5a Fix format 2024-12-23 11:10:35 -05:00
Alex Lion
93ade8d49e Fix divide by zero in report 2024-12-23 11:02:52 -05:00
Alex Lion
a2227d0ccf Fix create lti quiz only when needed 2024-12-23 11:02:39 -05:00
Alex Lion
aba07c11b6 Fix create quizz 2024-12-23 10:41:09 -05:00
Alex Lion
5857b85384 Fix format 2024-12-22 09:58:59 -05:00
Alex Lion
aa76c96f59 Add mailer job for invitation 2024-12-22 09:46:14 -05:00