Skip to content
This repository was archived by the owner on Sep 3, 2025. It is now read-only.

fix(email_templates): disallow creation for non admins #6089

Merged
whitdog47 merged 2 commits into from
Jun 25, 2025
Merged

fix(email_templates): disallow creation for non admins #6089

whitdog47 merged 2 commits into from
Jun 25, 2025

Conversation

@whitdog47
Copy link
Contributor

@whitdog47 whitdog47 commented Jun 25, 2025
edited
Loading

This PR restricts email template creation to users with the appropriate admin permission and updates the Jinja2 dependency.

  • Enforce SensitiveProjectActionPermission on the create_email_template endpoint
  • Bump Jinja2 from 3.1.5 to 3.1.6

@whitdog47 whitdog47 requested a review from Copilot June 25, 2025 03:36
@whitdog47 whitdog47 self-assigned this Jun 25, 2025
@whitdog47 whitdog47 added the bug Something isn't working label Jun 25, 2025
Copilot AI reviewed Jun 25, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR restricts email template creation to users with the appropriate admin permission and updates the Jinja2 dependency.

  • Enforce SensitiveProjectActionPermission on the create_email_template endpoint
  • Bump Jinja2 from 3.1.5 to 3.1.6

Reviewed Changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File Description
src/dispatch/email_templates/views.py Added a PermissionsDependency to the POST route for creation
requirements-base.txt Upgraded jinja2 from 3.1.5 to 3.1.6
Comments suppressed due to low confidence (1)

src/dispatch/email_templates/views.py:49

  • Add tests to verify that non-admin users are denied access when calling the create_email_template endpoint and that admins can still create templates.
    dependencies=[Depends(PermissionsDependency([SensitiveProjectActionPermission]))],

@whitdog47 whitdog47 merged commit cca6084 into main Jun 25, 2025
9 checks passed
@whitdog47 whitdog47 deleted the fix/restricted-email-template-edits branch June 25, 2025 04:20
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

@whitdog47 whitdog47

Labels

bug Something isn't working

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@whitdog47