Salastil/odysseus
1
0
Fork 0
mirror of https://github.com/pewdiepie-archdaemon/odysseus.git synced 2026-06-22 04:35:29 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
160267417e310c6f181c80faac6173eb515cabe2
odysseus/routes
T
History
nopoz 160267417e fix(personal): scope RAG file delete to the caller's own upload dir (#4602) 
The DELETE /api/personal/file disk-delete containment check used the
shared PERSONAL_UPLOADS_DIR root, so one admin could delete another
user's personal upload by passing its path (uploads are partitioned per
owner under <root>/<owner>/). Confine the check to the caller's own
per-owner subdir via _personal_upload_dir_for_owner(owner). RAG removal
and listing exclusion are unchanged (they still serve non-upload indexed
sources). Adds a regression test for the cross-owner case.
2026-06-20 00:50:15 +02:00
..
__init__.py
Odysseus v1.0
2026-05-31 23:58:26 +09:00
_validators.py
fix(hwfit): validate remote SSH detection targets (#3718)
2026-06-11 00:43:49 +02:00
admin_wipe_routes.py
refactor(constants): single source of truth for data dir (#3368)
2026-06-08 09:58:52 +02:00
api_token_routes.py
fix(api): normalize non-object JSON bodies to empty dict in token PATCH (#3976)
2026-06-15 18:05:15 +01:00
assistant_routes.py
fix(auth): centralize password and username validation constants (#4120)
2026-06-16 09:52:15 +02:00
auth_routes.py
fix(auth): tie remember-me cookie lifetime to TOKEN_TTL (#4472)
2026-06-18 21:15:48 +02:00
backup_routes.py
fix: backup import dropping a user's skill on cross-tenant title/id collision (#2057)
2026-06-09 08:04:22 +02:00
calendar_routes.py
Harden CalDAV write-back with retries (#1193)
2026-06-15 15:59:31 +09:00
chat_helpers.py
fix(chat): track chat hot-path background tasks for strong references (#4443) (#4444)
2026-06-18 21:26:11 +02:00
chat_routes.py
fix(api): attribute bearer-token actions to the token owner on owner-scoped routes (#4054)
2026-06-15 23:56:22 +02:00
chatgpt_subscription_routes.py
feat: add ChatGPT Subscription provider (#2876)
2026-06-08 10:19:18 +02:00
cleanup_routes.py
Odysseus v1.0
2026-05-31 23:58:26 +09:00
codex_routes.py
fix(email): enforce MCP owner boundaries (#4335)
2026-06-16 04:31:24 +01:00
compare_routes.py
fix(endpoint): scope secondary endpoint lookups by owner
2026-06-08 11:51:55 +01:00
contacts_routes.py
Fix failing post-merge tests
2026-06-15 22:49:06 +09:00
cookbook_helpers.py
fix(cookbook): avoid launching Ollama during Windows cache scan (#4368)
2026-06-16 01:00:40 +02:00
cookbook_output.py
fix(cookbook): report dead finished downloads as completed instead of stopped (#4025)
2026-06-15 15:26:55 +09:00
cookbook_routes.py
fix(cookbook): harden remote serve host handling (#4345)
2026-06-16 03:46:32 +01:00
copilot_routes.py
feat: add ChatGPT Subscription provider (#2876)
2026-06-08 10:19:18 +02:00
device_flow.py
feat: add ChatGPT Subscription provider (#2876)
2026-06-08 10:19:18 +02:00
diagnostics_routes.py
feat(ui): add real-time diagnostic logs console (#974)
2026-06-15 10:32:51 +02:00
document_helpers.py
fix(auth): clean up rename and null-owner ownership (#4340)
2026-06-16 03:33:02 +01:00
document_routes.py
fix(document): allow render-pdf to be framed and 503 cleanly on missing PyMuPDF (#2103)
2026-06-18 06:25:26 +00:00
editor_draft_routes.py
Ignore invalid editor draft payloads (#1533)
2026-06-03 14:07:03 +09:00
email_helpers.py
feat(email): add Google OAuth2 for Google Workspace / .edu IMAP & SMTP (#237)
2026-06-15 17:02:58 +01:00
email_pollers.py
fix: quote IMAP mailbox arguments (#2170)
2026-06-05 16:00:20 +02:00
email_routes.py
fix(email): enforce MCP owner boundaries (#4335)
2026-06-16 04:31:24 +01:00
embedding_routes.py
feat(paths): abstract runtime path logic for frozen distribution packages (#969)
2026-06-15 17:44:10 +01:00
emoji_routes.py
refactor(constants): single source of truth for data dir (#3368)
2026-06-08 09:58:52 +02:00
font_routes.py
Keep compact font family names together (#1263)
2026-06-03 14:24:30 +09:00
gallery_helpers.py
fix(gallery): fail closed for null-user owner scope (#3613)
2026-06-09 20:20:21 +02:00
gallery_routes.py
fix(gallery): confine gallery image path resolution (#4352)
2026-06-16 03:28:09 +01:00
history_routes.py
fix(sessions): copy message metadata when forking a session (#3409)
2026-06-08 20:49:15 +02:00
hwfit_routes.py
Merge remote-tracking branch 'origin/dev' into test-main-dev-merge-20260615
2026-06-15 21:20:15 +09:00
mcp_routes.py
fix(mcp): share oauth redirect URI (#4087)
2026-06-15 15:15:53 +09:00
memory_routes.py
fix(routes): normalize session owner fallback helpers (#4313)
2026-06-16 06:07:42 +01:00
model_routes.py
fix(endpoints): normalize URL handling (#4338)
2026-06-16 03:59:18 +01:00
note_routes.py
refactor(auth): centralize the internal-tool pseudo-username into a constant (#4333)
2026-06-16 13:13:00 +02:00
personal_routes.py
fix(personal): scope RAG file delete to the caller's own upload dir (#4602)
2026-06-20 00:50:15 +02:00
prefs_routes.py
refactor(constants): single source of truth for data dir (#3368)
2026-06-08 09:58:52 +02:00
preset_routes.py
fix(presets): scope expand-prompt model resolution to owner (#3477)
2026-06-08 21:12:02 +02:00
research_routes.py
refactor(auth): centralize the internal-tool pseudo-username into a constant (#4333)
2026-06-16 13:13:00 +02:00
search_routes.py
Odysseus v1.0
2026-05-31 23:58:26 +09:00
session_routes.py
fix(auth): clean up rename and null-owner ownership (#4340)
2026-06-16 03:33:02 +01:00
shell_routes.py
refactor(auth): centralize the internal-tool pseudo-username into a constant (#4333)
2026-06-16 13:13:00 +02:00
signature_routes.py
Constrain signature uploads to PNG data (#2844)
2026-06-05 13:17:43 +02:00
skills_routes.py
Skills test: set explicit max_tokens=4096 instead of 0
2026-06-13 23:09:15 +09:00
stt_routes.py
refactor(uploads): centralize upload byte-limits in upload_limits.py (#3364) (#3518)
2026-06-09 01:24:30 +02:00
task_routes.py
refactor(auth): centralize the internal-tool pseudo-username into a constant (#4333)
2026-06-16 13:13:00 +02:00
tts_routes.py
Odysseus v1.0
2026-05-31 23:58:26 +09:00
upload_routes.py
fix(api): attribute bearer-token actions to the token owner on owner-scoped routes (#4054)
2026-06-15 23:56:22 +02:00
vault_routes.py
refactor(constants): single source of truth for data dir (#3368)
2026-06-08 09:58:52 +02:00
webhook_routes.py
fix(webhooks): route public emitters through fire_and_forget (#3964) (#4336)
2026-06-16 00:41:45 +02:00
workspace_routes.py
feat(agent): confine agent file/shell tools to a selectable workspace (#3665)
2026-06-11 18:17:54 +02:00