eeaa071024
Removal of the remains of the old authorization / adding new ones where
...
needed
2013-04-26 14:43:44 +02:00
4396cec8ea
Integrated ownership, ACL and minor fixes
...
- Orgs can propose new attributes or changes to existing attributes for
events that they do not own
- publishing users of the owner organisation can see, accept or discard
them
- Reworked the access control
- minor fixes
2013-04-25 14:04:08 +02:00
d11422831e
fix sanitization in Users #96
2013-04-24 13:06:35 +02:00
e7a7ea8824
Small error
2013-03-25 17:12:10 +01:00
745581d38e
Small bug
...
- Messages left empty for all but the first user in a mass custom e-mail
- fixed.
2013-03-25 17:07:56 +01:00
4aa2bf748b
Small message notifying the admin that the e-mail was sent
...
- flash message after e-mail sent
2013-03-25 16:52:59 +01:00
b28e884eb0
Debug exception left in
...
- removed
2013-03-25 16:50:26 +01:00
0a06ceed3b
E-mailing system for site-admins
...
- site admins able to contact users by e-mail from within the system
- PGP encrypted where available
- Password reset with automatic temporary key generation
- all of the above options have a mass-email version where every user is
contacted at once
- Potential new users can be contacted too (GPG key can be supplied)
2013-03-25 16:38:56 +01:00
afed0f2046
Changes to link validation and minor fixes
...
- Links get validated now to filter malicios code
- removed a double edit button in the case of an admin editing himself
- fixed an error with adding new attributes
2013-02-11 11:26:34 +01:00
e88a3a9cf7
Updates to security
...
- perm_auth new toggle, can disable auth key usage for a role
- prevents sync / rest with a perm_auth == false key
- some changes to sync to provide better feedback on why it failed
- rewording of distribution options
2013-02-06 17:45:43 +01:00
6ef3ea7050
Missing file from the last commit
...
Missed a file from the package
2013-02-05 09:21:29 +01:00
66b9969d29
Security for UsersController
...
org admins could edit users of other orgs by accessing the edit page
through the URL. Fixed.
2013-01-29 10:51:18 +01:00
97f56a2275
Further changes to org admins
...
org admins can manage their own server connections
org admins cannot see other orgs' users in the users list
2013-01-29 08:56:38 +01:00
4c83ad3cfe
coding standards
...
Coding Standards.
2013-01-28 08:42:20 +00:00
a6371f5ad8
coding standards
...
Coding Standards.
2013-01-28 08:32:01 +00:00
9739cd1e35
Fix for the org admin privileges
...
Editing / creating users and the organisation permissions for org admins
2013-01-25 12:22:55 +01:00
d6adb11f52
RBAC
...
only create users within own organisation.
2013-01-25 07:52:32 +00:00
b1b47bc56f
Better fix to Sanitize::clean() problem
...
'escape' option was removed.
2013-01-24 10:38:51 +01:00
f8b9d85c62
Sanitize
...
Sanitize can not be used in PGP key.
2013-01-24 08:19:47 +00:00
48ad60eb61
GPG
...
start of check/correct.
2013-01-23 15:22:21 +00:00
8bf8ef17ca
RBAC
...
so role is editable.
(i will not commit/push during after hours ;) )
2013-01-22 18:37:30 +00:00
7e5c34770e
RBAC
...
role editable on user page (by admin).
2013-01-22 15:25:08 +00:00
d89ab91dee
coding standards
...
Coding Standards.
2012-12-18 16:44:07 +00:00
8864ee78f7
generateAllFor<FieldName>
...
so we can use an URL like:
http://localhost/ <TableName>/generateAllFor<FieldName>/newValue/oldValue
for example:
http://localhost/events/generateAllForAnalysis/0/null
http://localhost/users/generateAllForInvitedBy/1/0
http://localhost/users/generateAllForRoleId/1/0
2012-12-18 03:50:52 +00:00
1ceadab700
Added features from branch analysis_levels
...
-Analaysis levels setable for events as per milestone item 94
-Password change forced as per milestone item 109
-Added feedback on entered search terms for search attributes
-fixed the authentication issue
-some minor fixes
2012-12-17 15:51:30 +01:00
26c8ad57ee
Role
...
renamed everything group to role (i.s.o. renaming just the visable).
2012-12-12 16:15:01 +01:00
52a7625a9d
Source Code Review
...
sanitize everything displayed from the db.
(and some small coding standard whitespaces)
2012-12-12 14:01:00 +01:00
1bd14256e0
coding standards
...
correction conform conding standards.
2012-12-04 09:07:33 +01:00
1bf1e6f2a8
Slight change to the histogram
...
Data for types that had "|" or "-" in the name (such as ip-src)
were omitted - should be fixed now
2012-11-29 16:13:31 +01:00
80571386ad
audit log & terms
...
do not handle a timed out user log.
and
better check on login and termsaccepted.
2012-11-26 10:50:23 +01:00
b3a6a656d4
users
...
show the correct Org during edit.
2012-11-22 11:57:26 +01:00
6495787023
Audit log
...
Following events are now being logged:
1. Adding a new user.
2. Deleting a user.
2012-10-31 15:34:43 +01:00
1c3ca8909b
Users
...
invited by filled.
2012-10-31 10:00:01 +01:00
2b24b36639
(internationalization)
...
setFlash using __(), so transletable lateron.
2012-10-30 09:13:35 +01:00
503d5bcb0e
Audit log.
...
Edit user (now?) needs an extra check on the second password.
2012-09-26 17:13:19 +02:00
8f3d624c1a
Merge branch 'master' into develop
...
Conflicts:
app/Controller/AppController.php
app/Controller/AttributesController.php
app/Controller/EventsController.php
app/Controller/ServersController.php
app/Controller/UsersController.php
app/Model/Attribute.php
app/Model/Event.php
app/Model/Server.php
app/Model/User.php
app/View/Attributes/edit.ctp
app/View/Attributes/index.ctp
app/View/Elements/actions_menu.ctp
app/View/Events/add.ctp
app/View/Events/index.ctp
app/View/Events/view.ctp
app/View/Events/xml/view.ctp
app/View/Servers/index.ctp
app/View/Users/admin_index.ctp
2012-09-24 16:02:01 +02:00
1d04652476
CakePHP Coding Standards
...
changed to camel caps format where needed.
2012-09-19 11:05:10 +02:00
94a367c2f5
CakePHP Coding Standards
...
http://book.cakephp.org/2.0/en/contributing/cakephp-coding-conventions.html
Eclipse:
Window->Preferences
General->Editors->Text Editors
Displayed tab width: 4
Insert spaces for tabs NOT
PHP->Code Style->Formatter
Tab policy: Tabs
File->Convert Line Delimeters To->Unix [default]
http://mark-story.com/posts/view/static-analysis-tools-for-php
for instance:
phpcs --standard=CakePHP app/Model/
Not yet done is all camel caps format.
2012-09-18 15:30:32 +02:00
2459bca386
(Audit) logs.
...
The writing of the log in User was done by me using calls to the PHP db
driver (during my second or third day). Very wrong given that is driver
and db dependant. Now use CakePHPs calls to have abstraction.
2012-08-23 10:25:14 +02:00
cf40a908d4
SysLog.SysLog lib import.
2012-08-22 14:05:39 +02:00
3ff180e898
Merge branch 'develop_0.2.2-0.2.3' into develop
...
Conflicts:
app/Config/Schema/schema_0.2.2.php
app/Config/routes.php
app/Controller/AppController.php
app/Controller/UsersController.php
app/Model/User.php
app/README.txt
2012-07-24 16:09:48 +02:00
bf98f2db3c
Merge branch 'develop_0.2.2_fixes' into develop
...
Conflicts:
app/Model/Attribute.php
2012-07-11 16:15:27 +02:00
e67d9ebdec
Fix to authError getting displayed before login.
2012-07-11 10:19:57 +02:00
a08842e7d4
Fix to New User, some validation error then authkey not defined.
2012-07-10 15:38:10 +02:00
66c5312ea6
DataBase migrate, Audit and Access Control granulation.
2012-06-28 17:24:12 +02:00
b4558887ce
Revert "Audit and ACL first cut."
...
This reverts commit 5818231f48
2012-06-26 09:40:52 +02:00
5818231f48
Audit and ACL first cut.
2012-06-25 15:54:52 +02:00
1f52ab82fe
fixing bug created in commit 957e4f232b
2012-06-13 14:42:42 +02:00
957e4f232b
minor memory usage improvements by referencing in foreach ($array as
...
&$value) loop
2012-06-11 11:40:31 +02:00
2d335f5dbe
cleanup of comments and todos
...
minor memory performance improvement
2012-06-11 11:01:58 +02:00
Andras Iklody