mirror of
https://github.com/arsvendg/Stirling-PDF.git
synced 2026-07-14 10:34:06 +02:00
fix(workflow): stop leaking peer share tokens from participant session API (#6241)
This commit is contained in:
@@ -6,7 +6,10 @@ export interface ParticipantResponse {
|
||||
email: string;
|
||||
name: string;
|
||||
status: "PENDING" | "NOTIFIED" | "VIEWED" | "SIGNED" | "DECLINED";
|
||||
shareToken: string;
|
||||
// Null for participant-facing endpoints (`/api/v1/workflow/participant/...`); the owner-facing
|
||||
// `/api/v1/security/cert-sign/sessions/...` endpoints still populate it for share-link
|
||||
// distribution. Never used to look up other participants — see GHSA-qgg6-mxw4-xg62.
|
||||
shareToken: string | null;
|
||||
accessRole: "EDITOR" | "COMMENTER" | "VIEWER";
|
||||
expiresAt?: string;
|
||||
lastUpdated: string;
|
||||
|
||||
Reference in New Issue
Block a user