Files
webshop/shop/lib
DanielS 7119383139
All checks were successful
Staging Build / build (push) Successful in 2m50s
fix(security): harden licserver config access controls
- Add auth guard to getLicServerConfig() - unauthenticated callers
  now receive null config instead of DB values
- Remove non-existent 'superadmin' role from saveLicServerConfig()
  check (only 'admin' exists per project schema)
- New migration: restrict settings table WRITE to admins only
  (previously any authenticated user could overwrite licserver_api_key)
2026-07-14 17:35:12 +02:00
..