elordenador
d0f687f56f
feat: añadir edición y eliminación de valoraciones propias
2026-05-08 14:05:52 +02:00
elordenador
e70a9aeb9c
fix: usar nombre de URL correcto (producto en lugar de product_detail)
2026-05-08 14:04:17 +02:00
elordenador
e0350de530
fix: usar estrellas Unicode en lugar de Bootstrap Icons
2026-05-08 14:03:31 +02:00
elordenador
62bf3fdc08
fix: mostrar mensaje correcto cuando no se puede valorar por no haber compra
2026-05-08 13:58:08 +02:00
elordenador
2b2054ace6
debug: añadir variables de debug al template
2026-05-08 13:57:33 +02:00
elordenador
f129b0462a
fix: permitir valorar si el usuario tiene cualquier OrderItem del producto
2026-05-08 13:53:56 +02:00
elordenador
aa047b3fd8
fix: eliminar campo images del form (widget no soporta multiple)
2026-05-08 13:34:00 +02:00
elordenador
429b531bad
feat: añadir Review al admin para gestionar valoraciones
2026-05-08 13:33:46 +02:00
elordenador
0438a77149
feat: añadir sistema de valoraciones con formulario, vistas y templates
2026-05-08 13:33:37 +02:00
elordenador
40f0ef8ea5
feat: añadir modelo Review para valoraciones de productos
2026-05-08 13:32:33 +02:00
elordenador
bf39724837
Fix security issues: image validation, email masking, quantity limits, min length
...
- #76 : Add file type validation for product images (Media severity)
- #75 : Mask emails in audit logs to prevent information leakage (Media severity)
- #74 : Add max value validator to quantity fields (Low severity)
- #73 : Add min length validation to password fields (Low severity)
2026-05-08 13:24:54 +02:00
Daniel (elordenador)
6f82787022
Merge pull request #89 from dsaub/fix/issue-77-idor-security
...
Fix IDOR vulnerability in cart operations (#77 )
2026-05-08 13:19:58 +02:00
elordenador
46343c1ea8
Refactor error logging in create_paypal_payment function for clarity
2026-05-08 13:18:52 +02:00
elordenador
76c8a277da
Remove unused send_test_email function from views.py
2026-05-08 13:16:43 +02:00
elordenador
32c1e1e6ff
Fix IDOR vulnerability in cart operations (issue #77 )
...
- Add _get_cart_item_owner_filters() helper to validate CartItem ownership
- Update update_cart_item and remove_from_cart to validate ownership
- Prevents users from manipulating item_id to access other users' cart items
2026-05-08 13:09:50 +02:00
elordenador
74b9d3bbc6
Add send_email import
2026-05-08 13:07:06 +02:00
elordenador
a50cadc873
Finish Form Rewrite
2026-05-08 09:43:19 +02:00
elordenador
551057b067
Rewrite all forms to use Django Forms with validation
...
- Add ProductEditForm, EditProfileForm, ChangePasswordForm, ShippingAddressForm
- Add ResetPasswordForm, ResetPasswordPhase2Form
- Update views to use new Django Forms
- Add form validation tests (terms required, password mismatch, etc)
- Update templates to use Django Forms {{ form.as_p }}
2026-05-08 09:42:44 +02:00
elordenador
d6b7cdfe6a
Add error handling for product creation to manage DataError exceptions
2026-05-07 08:37:07 +02:00
elordenador
56286c2fd9
Add limit to briefdesc and description on Product model, for issue #73
2026-05-07 08:01:46 +02:00
elordenador
ba4f6ad65d
Add CSRF protection to payment endpoints
2026-05-07 07:53:38 +02:00
elordenador
ed7041ae40
Add user ban check to login view and log failed attempts
2026-05-06 11:59:59 +02:00
elordenador
fa948a98e2
Add desbanear_usuario_action to UserAdmin actions
2026-05-06 11:45:21 +02:00
elordenador
a0ee6ecd14
Update short description for desbanear_usuario_action in UserAdmin
2026-05-06 11:37:43 +02:00
elordenador
d6c9aa3db3
Implement user unban functionality and enhance ban action with product deletion
2026-05-06 11:37:26 +02:00
elordenador
9751d19401
Add desbanear_usuario task to send unban email notifications
2026-05-06 10:52:32 +02:00
elordenador
cda9adb986
Enhance user ban action to delete products by creator and add success message
2026-05-06 10:37:48 +02:00
elordenador
e7e7fd118d
Refactor user ban action to streamline user deactivation and product deletion
2026-05-06 10:25:13 +02:00
elordenador
132b1e1722
Remove user ban link from admin submit line template
2026-05-06 10:22:34 +02:00
elordenador
7f557a3247
Implement user ban functionality to delete associated products
2026-05-06 09:48:55 +02:00
elordenador
8cf1a55161
Add user ban functionality with email notification
2026-05-06 09:47:47 +02:00
elordenador
61a04e5040
Fix logins int() None
2026-05-06 09:23:33 +02:00
elordenador
e5a0caa8b6
Fix text overflow
2026-05-06 09:23:23 +02:00
elordenador
6be67a9100
Add SKU field to Product model (issue #67 )
2026-05-05 09:01:24 +02:00
elordenador
bee360dfbb
Fix POSTGRES_ENABLED check in ShippingAddress.clean() (issue #66 )
2026-05-05 08:52:02 +02:00
elordenador
a20a61be82
Add postal code validation to ShippingAddress model (issue #66 )
2026-05-05 08:46:34 +02:00
elordenador
b9675385aa
Fix Github issue #69
2026-05-05 07:44:32 +02:00
elordenador
53b4e89347
Fix tasks.py making tests fail
2026-05-04 22:01:12 +02:00
elordenador
df0579dd86
Fix GH Issue #68
2026-05-04 21:59:28 +02:00
elordenador
1022a44f12
Fix GH Issue #65
2026-05-04 19:51:49 +02:00
elordenador
bb697d92c6
Fix GH Issue #64
2026-05-04 19:45:47 +02:00
elordenador
d75165e31a
Arreglar el bug de posiblemente creator y primary_image este en None...
2026-05-04 12:31:49 +02:00
elordenador
6ed4fb1954
Remove punctuation Signs so we generate 'url-safe' codes
2026-05-04 12:30:09 +02:00
elordenador
756f1ad36b
Remove entire api for issue #61
2026-04-30 07:43:18 +02:00
elordenador
033c52a365
Fix issue #60 verification code generation
2026-04-30 07:39:14 +02:00
elordenador
297b319a20
Fix issue #59 duplicate reset_password
2026-04-30 07:38:17 +02:00
elordenador
830966f3ee
Fix issue #58 not deleting verification code.
2026-04-30 07:37:13 +02:00
elordenador
81d3694210
Solving issue #57 Auth 500 bug
2026-04-30 07:35:28 +02:00
Daniel (elordenador)
dce0937511
Merge pull request #56 from dsaub/rama-usabilidad
...
Agregado parche de usabilidad
2026-04-29 17:02:39 +02:00
Daniel (elordenador)
7f8f70bc42
Merge pull request #55 from dsaub/copilot/unify-add-to-cart-post
...
[WIP] Fix inconsistency in add to cart action using POST
2026-04-29 11:18:42 +02:00