Mike/FrenoCorp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

FRE-588: Fix IDOR vulnerabilities and security findings

Browse Source 
H1: Add verifyScriptAccess/verifyRevisionAccess to all 14 revisions endpoints
H2: Add verifyProjectAccess to listScripts and searchScripts
M2: Add cascade delete for projectMembers on project deletion
M4: Replace plain Error throws with TRPCError for consistent error handling
M5: Use crypto.randomUUID for team ID generation (was Date.now + Math.random)
L1: Add 100KB content size limit on revision content
L2: Add unique constraint to script slug column
L3: Update hasProjectAccess middleware to check project membership
This commit is contained in:
Senior Engineer
2026-04-29 06:57:20 -04:00
committed by Michael Freno
parent eab380b76b
commit c142611470
7 changed files with 154 additions and 114 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/db/schema/scripts.ts
View File

@@ -7,7 +7,7 @@ export const scripts = sqliteTable("scripts", {
.notNull()
.references(() => projects.id),
title: text("title").notNull(),
slug: text("slug").notNull(),
slug: text("slug").notNull().unique(),
genre: text("genre"),
logline: text("logline"),
status: text("status", { enum: ["draft", "revision", "final", "published"] }).notNull().default("draft"),