zcdsj
/
Recruitment_site
5
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Recruitment_site/offer_backend
History
TianyangZhang 619ca19f87 fix: prevent IDOR in application status update endpoint 
Replace class-level queryset attribute with get_queryset() method that
scopes Application objects to the requesting admin's organization,
preventing regular admins from modifying applications belonging to
other organizations via pk enumeration.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 		2026-03-25 08:31:31 +08:00
..
apps fix: prevent IDOR in application status update endpoint 2026-03-25 08:31:31 +08:00
config fix: correct settings module references and code quality issues 2026-03-24 17:05:36 +08:00
.gitignore feat: initialize Django backend project structure 2026-03-24 17:01:28 +08:00
conftest.py chore: add pytest configuration for Django tests 2026-03-24 17:06:18 +08:00
manage.py fix: set default DJANGO_SETTINGS_MODULE to development 2026-03-24 17:03:11 +08:00
pytest.ini chore: add pytest configuration for Django tests 2026-03-24 17:06:18 +08:00
requirements.txt chore: add pytest configuration for Django tests 2026-03-24 17:06:18 +08:00