- new role permission added for SG editors
- roles reworked, permissions all looked up centrally from the role model instead of code replication across controllers and views
- user filtering now correctly uses organisation objects instead of org strings
- reworked almost all of the side menues to be centralised
- Some fixes for the IOC export not handling two new-ish types correctly
- Some changes to the menues (including a few options that didn't exist before)
- rework of the popovers in some forms
- ADMIN org removed.
- Siteadmins are now identified by the perm_site_admin flag
- Siteadmins can now be of any organisation
- editing the regexp / whitelist rules can now be done by a special user with the perm_regexp_access in his/her role
- Executing a mass replace of attribute values based on the regexp rules cannot be initiated by a regexp/whitelist user, only by a site admin
- If the login page is reached without any users / roles defined they are automatically created (perviously it was only the user that was created)
- Org admins are restricted from assigning perm_site_admin, perm_sync and perm_regexp_access roles to users. This can only be done by a site admin.
- some changes to the access control
- re-renabled regexp and blacklists, will need a closer look though
- editing a role should update ACL
- some other minor things
- perm_auth new toggle, can disable auth key usage for a role
- prevents sync / rest with a perm_auth == false key
- some changes to sync to provide better feedback on why it failed
- rewording of distribution options
- moved and fixed the aros_acos creation on the new role creation
- new method in appController that sets all the aros_acos from scratch
(for example for a new instance, or a changed acos / aros table)
- some minor changes, redirects to the terms page on invalid events
removed, etc.
1. Some errors fixed in the way redirects worked for org admins
2. fixed some double sanitization resulting in incorrect characters
displayed in certain fields
Added restrictions for org admins and regular users to be able to see
regexp/whitelist/blacklist information without being able to edit them.
Org admins can also see the roles but not edit them.
William Robinet