Santtu Pajukanta
Santtu Pajukanta
The initial idea is to have users receiving encrypted values, such as the treasurer of an organization, have an asymmetric cryptography RSA or EC key pair. The public key would...
Applies only to fields that can be represented as choices (eg. checkbox, single select, multi select, number field…?). See `FieldSummaryComponent` for choice representations. When a field is promoted: - A...
Discussion [in Slack](https://con2.slack.com/archives/C3ZGNGY48/p1705562178229519)
https://github.com/con2/kompassi/blob/8e15401d09389603679bf0935443d2e970aebe92/backend/forms/graphql/mutations/create_survey_response.py#L36 https://github.com/con2/kompassi/blob/d7409aeb46c6ca8bd3c66593e29e546a0e3b3c2a/frontend/src/app/%5Blocale%5D/events/%5BeventSlug%5D/surveys/%5BsurveySlug%5D/actions.ts The survey is submitted via a server action, so the network client that performs the mutation is the Next.js backend, not the user's browser. Therefore `Response.ip_address` records the...
There is a valid use case: we may want to put hyperlinks and other markup in the survey description. However, untrusted users will be allowed to create surveys in the...
Separate event budget from yearly closing of the books (#359) so that event budgets may span multiple fiscal years.
Separate event budget from yearly closing of the books (#359) so that event budgets may span multiple fiscal years.
As of 2024-01-12, there is a CSRF possibility in cookie authentication to the GraphQL API. Currently the risk is low as there are very few authenticated resources in the API...
Currently `authLink` in https://github.com/con2/kompassi/blob/8675cc8ba4e38c45f946b98e7a2c3ebbed21b13d/frontend/src/apolloClient.ts#L11 forces dynamic rendering due to use of `getServerSession` which in turn calls `cookies` and `headers`. It would be preferred that high volume pages showing only public...
Use case: Volunteer or program host arrives at the event and doesn't know what they are doing or what name they are under. Instead they can open their Kompassi profile...