lerkolabs/uptop
1
1
Fork 0
Code Issues 17 Pull Requests Actions Packages Projects 2 Releases 4 Wiki Activity
Files
eff67332aa4e8bc86716f3600ce8ed9bb373efbd
uptop/internal/store
T
History
lerko 4328d25f22 fix(security): API import no longer replaces user accounts 
Cluster-secret holder could POST a backup with their own admin key to
/api/backup/import, replacing all users — privilege escalation from
cluster-auth to admin. Also, Kuma imports produced zero users but
ImportWipe unconditionally deleted the users table — locking out all
accounts until restart reseeded UPTOP_ADMIN_KEY.

- Server handlers strip data.Users (set nil) before calling ImportData
- ImportData only wipes+replaces users when data.Users != nil
- New ImportWipeUsers dialect method separates user wipe from data wipe
- CLI restore (main.go) unchanged — full import still replaces users
2026-06-12 12:45:16 -04:00
..
storetest
refactor(models): split Site into SiteConfig + SiteState
2026-06-11 17:13:09 -04:00
crypto_test.go
fix(security): phase 1 critical fixes for public release
2026-05-25 11:26:47 -04:00
crypto.go
fix(security): phase 1 critical fixes for public release
2026-05-25 11:26:47 -04:00
dialect.go
fix(security): API import no longer replaces user accounts
2026-06-12 12:45:16 -04:00
postgres.go
fix(security): API import no longer replaces user accounts
2026-06-12 12:45:16 -04:00
sqlite.go
fix(security): API import no longer replaces user accounts
2026-06-12 12:45:16 -04:00
sqlstore_test.go
fix(security): API import no longer replaces user accounts
2026-06-12 12:45:16 -04:00
sqlstore.go
fix(security): API import no longer replaces user accounts
2026-06-12 12:45:16 -04:00
store.go
refactor(models): split Site into SiteConfig + SiteState
2026-06-11 17:13:09 -04:00