plugins-nextcloud-mirror/libresign
1
0
Fork 0
mirror of https://github.com/LibreSign/libresign.git synced 2025-12-17 21:12:16 +01:00
Code Projects Releases Activity
No description
10420 commits 18 branches 184 tags 130 MiB
Find a file
Vitor Mattos ca7339e078
fix: prevent signers from seeing files with DRAFT sign_request status 
Filter out sign_requests with status DRAFT (0) in the file list endpoint
when the user is not the file owner. This ensures that signers do not
see documents where their sign_request is in DRAFT status, unless they
are the requester (owner) of the document.

The filter is applied in the getFilesAssociatedFilesWithMeQueryBuilder
method by adding conditions to exclude:
- Files with status DRAFT (0)
- Sign requests with status DRAFT (0)

Only when the user is not the file owner (not matching f.user_id).

This change affects only the /api/v1/file/list endpoint and does not
impact other file access methods or signature flows.

Ref: Security improvement to prevent premature document visibility
Signed-off-by: Vitor Mattos <1079143+vitormattos@users.noreply.github.com>
2025-12-11 17:04:58 -03:00
.devcontainer chore: make Nginx acessible outside of localhost 2025-04-11 10:44:05 -03:00
.github chore(deps): Bump peter-evans/create-pull-request from 7.0.11 to 8.0.0 2025-12-10 16:22:56 +00:00
.patches fix: psalm issues 2025-11-24 15:31:59 -03:00
.tx [tx-robot] Update transifex configuration 2022-10-01 03:16:28 +00:00
3rdparty@e9a3446cfb fix: 3rdparty version 2025-11-21 13:12:12 -03:00
appinfo chore: change types property position on info.xml 2025-12-03 00:40:11 -03:00
composer chore: Add SPDX header 2024-05-14 12:32:04 -03:00
img chore: replace string svg by a real file 2025-10-01 20:29:59 -03:00
l10n fix(l10n): Update translations from Transifex 2025-12-11 02:14:51 +00:00
lib fix: prevent signers from seeing files with DRAFT sign_request status 2025-12-11 17:04:58 -03:00
LICENSES chore: move license file 2024-10-31 22:35:47 -03:00
src refactor: Replace Bullet component with NcChip and fix signer reactivity 2025-12-11 16:20:12 -03:00
templates chore: bump dependencies 2024-11-25 17:33:57 -03:00
tests test: add status and statusText fields to expected test output 2025-12-11 15:27:22 -03:00
vendor-bin chore(deps-dev): Bump vimeo/psalm in /vendor-bin/psalm 2025-12-11 16:15:33 +00:00
.editorconfig feat: add spdx 2024-10-26 16:41:27 -03:00
.eslintignore feat: add spdx 2024-10-26 16:41:27 -03:00
.gitattributes feat: add spdx 2024-10-26 16:41:27 -03:00
.gitignore chore: add phpactor config file to .gitignore 2025-12-03 00:40:11 -03:00
.gitmodules fix: reuse 2025-10-07 16:23:49 -03:00
.l10nignore fix: ignore vendor bin at transifex sync 2025-06-23 13:46:16 -03:00
.npmignore feat: add spdx 2024-10-26 16:41:27 -03:00
.php-cs-fixer.dist.php chore: remove referencies to Vendor folder 2025-10-07 16:01:53 -03:00
.prettierrc Merge branch 'signature-validate' into main 2021-04-26 12:33:03 -03:00
AUTHORS feat: add spdx headers 2024-10-26 14:57:54 -03:00
babel.config.js feat: add spdx headers 2024-10-26 14:57:54 -03:00
CHANGELOG.md chore(release): Changelog for 12.1.0 and 11.6.0 2025-10-28 12:20:24 -03:00
CODE_OF_CONDUCT.md feat: add spdx 2024-10-26 16:41:27 -03:00
composer.json fix: psalm issues 2025-11-24 15:31:59 -03:00
composer.lock chore: bump dependencies 2025-12-08 18:15:19 -03:00
CONTRIBUTING.md chore: update contributing 2025-09-01 14:45:10 -03:00
COPYING fix: main license file 2025-04-16 14:54:15 -03:00
eslint.config.mjs fix: update to newest version of eslint 2025-10-14 13:43:53 -03:00
jsconfig.json 🧑‍💻 add missing prop 2022-08-04 20:36:33 -03:00
Makefile chore: update Makefile to be compatible with 3rdparty 2025-10-07 17:26:57 -03:00
openapi-administration.json chore: update OpenAPI specs for signature flow endpoint 2025-12-09 21:56:51 -03:00
openapi-full.json chore: update openapi documentation 2025-12-11 14:38:56 -03:00
openapi.json chore: update openapi documentation 2025-12-11 14:38:56 -03:00
package-lock.json feat: add vuedraggable for drag-and-drop reordering 2025-12-10 11:49:16 -03:00
package.json feat: add vuedraggable for drag-and-drop reordering 2025-12-10 11:49:16 -03:00
patches.json fix: psalm issues 2025-11-24 15:31:59 -03:00
patches.lock.json fix: psalm issues 2025-11-24 15:31:59 -03:00
psalm.xml fix: bump PHP version at psalm to 8.2 2025-10-07 18:35:05 -03:00
README.md chore: update README.md - add Contributors section 2025-08-24 18:47:30 +05:30
rector.php fix: isolate PHP-pdftk dependency 2025-09-03 09:55:55 -03:00
redocly.yaml feat: add spdx headers 2024-10-26 14:57:54 -03:00
REUSE.toml chore: add real_jsignpdf_level1.pdf to REUSE.toml 2025-12-08 16:53:50 -03:00
scoper.inc.php chore: changes after code review 2025-10-01 22:09:47 -03:00
SECURITY.md feat: add spdx 2024-10-26 16:41:27 -03:00
stylelint.config.js feat: add spdx headers 2024-10-26 14:57:54 -03:00
tsconfig.json feat: rewrite file list 2024-11-05 16:20:22 -03:00
webpack.config.js chore: remove chunk all 2025-01-16 06:06:05 -03:00

README.md

Test Status Total Downloads Coverage Status REUSE status Start contributing

Nextcloud app to sign PDF documents.

Request a feature Report a BUG

Star History

Star History Chart

Contributing

There are many ways to contribute, including writing code, filing issues on GitHub, helping people Overflow, helping to triage, reproduce, or fix bugs that people have filed, adding to our documentation. To get more details go to our contributing guide.

Integrations

  • GLPI: Plugin to sign GLPI tickets
  • Approval: Approve/reject files based on workflows defined by admins

API Documentation

API Documentation

Contributors

Thanks go to these wonderful people: