cerebrate-project
/
cerebrate
mirror of https://github.com/cerebrate-project/cerebrate
1
0
Fork 0
Code Issues Releases Wiki Activity
1,719 Commits
10 Branches
25 Tags
20 MiB
Commit Graph

86 Commits (main)

Author SHA1 Message Date
iglocska b233241e87
fix: [group admin] be able to add users for the administered orgs 2024-05-15 11:11:44 +02:00
Sami Mokaddem 96d53f4b6a
chg: [users:filtering] Added dropdown for users filtering 2024-04-02 14:06:25 +02:00
Sami Mokaddem dd4ce865bf
chg: [users:index] Added support of table filtering 2023-11-02 08:09:42 +01:00
Sami Mokaddem b987444da2
fix: [users:settings] Take into consideration perm-org-group-admin when editing users settings 2023-10-30 09:47:57 +01:00
Sami Mokaddem 1c6c7f346a
fix: [users:edit] Correctly take into consideration perm-org-group-admin 2023-10-30 09:46:09 +01:00
Sami Mokaddem 672847b214
chg: [users:acl] Improved waterfall model for CRUD operation and updated UI to reflect them 2023-09-13 09:15:16 +02:00
iglocska b0ebe774b6
fix: [ACL] group admins can view users in their group 2023-09-13 07:18:29 +02:00
iglocska c124ebc0d8
fix: [ACL] fixes 2023-09-12 11:08:46 +02:00
iglocska 69b653dd59
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop 2023-09-12 09:27:57 +02:00
iglocska 16a4a1cde5
new: [org Groups] added 
- Org Groups allow user co-management of sub communities
  - Create an org group with a set of organisations
  - assign administrators to an org group
  - org group admins can modify users of the group
 2023-09-12 09:26:07 +02:00
Sami Mokaddem 5aefc37837
chg: [users:edit] Allow users to self edit 2023-09-07 16:11:47 +02:00
iglocska d7bf8af5b1
fix: [internal] user add fix attempt #2 2023-06-28 15:01:26 +02:00
iglocska 82bf3a74c1
chg: [internal] fetch first role if no default is set 2023-06-28 14:59:31 +02:00
iglocska 41749ae5a8
fix: [users] added the country information to the index / view 2023-05-25 16:22:49 +02:00
Sami Mokaddem 59f8608d50
new: [user:permissionLimitation] Added current permission status while in `add` or `edit` context 
Also moved the notification key from meta-fields to meta-template-fields
 2023-02-24 15:22:18 +01:00
Sami Mokaddem 0850c92e89
chg: [users:index] Added setting to allow the deletion of users 
Fix #119
 2023-02-16 15:07:06 +01:00
Sami Mokaddem 72932c582d
chg: [users:index] Includes metafields by default when API query 2023-02-13 15:32:40 +01:00
Sami Mokaddem 7cda322223
fix: [users:view] Temporary measure to gracefully catch connection issue with keycloak 2023-01-18 15:47:59 +01:00
iglocska 6da27dd2a4
fix: [security] destroy session on logout 
- As reported by Matúš Mikuláš, Adam Gajdošík, Milan Pikula of SK-CERT
 2023-01-03 15:45:42 +01:00
iglocska da2f904554
fix: [security] reworked the Individual handling of user creations / modifications 
- creating a new user with the e-mail address of an already existing individual should NOT overwrite the first/last name fields
- it merely connects the individual to the new user

- disallow changing the individual behind an existing user altogether
- allow capturing individuals without updates

- As reported by Matúš Mikuláš, Adam Gajdošík, Milan Pikula of SK-CERT
 2022-12-23 16:47:44 +01:00
iglocska 5edf477c2f
fix: [security] fixed ACL for the user view endpoint 
- arbitrary resource access fixed

- As reported by Matúš Mikuláš, Adam Gajdošík, Milan Pikula of SK-CERT
 2022-12-14 10:42:46 +01:00
Sami Mokaddem 0b052aaebf
fix: [users:view] Gracefully handle the case where user exist in cerebrate but not in keycloak 2022-12-13 15:44:37 +01:00
Sami Mokaddem e13dc152e7
fix: [users:registration] Fixed and improved user registration 2022-12-12 16:02:41 +01:00
Sami Mokaddem 7526f8364f
chg: [users:index] Added comment 2022-12-09 12:19:29 +01:00
Sami Mokaddem af622dd19b
new: [users:view] Added keycloak status showing the potential differences between Cerebrate and Keycloak 2022-12-09 11:54:34 +01:00
Sami Mokaddem d1aa20c5fb
security: [users:edit] Prevent edit of all users with lower privileges by any org_admins 2022-12-08 12:12:10 +01:00
Sami Mokaddem 6945e602b8
chg: [users:edit] Added role associated data for the user to be edited 2022-12-08 11:35:22 +01:00
Sami Mokaddem 1b47b669ff
fix: [users:view] Fallback value if Keycloak was never configured 2022-12-08 11:32:26 +01:00
Sami Mokaddem 561f6d1c77
fix: [user:add/edit] Correctly index orgs by their IDs 2022-12-08 10:54:55 +01:00
iglocska f6f94983e4
fix: [users] several fixes 
- User enrollment in KC moved to the aftersave (we consider cerebrate to be authoritative)
- adhere to restriction parameters in deletion
 2022-11-11 15:08:56 +01:00
iglocska f4b33d1852
fix: [keycloak sync] not needed on user index 
- was a test that was left in
 2022-11-11 10:07:35 +01:00
iglocska b1f09dc97e
new: [permission limitations] subsystem added 
- add limitations for users with given meta fields
  - x number / org and y number / globally
- add comments to the limitations
- enforced on user creation/modification
 2022-11-09 14:09:27 +01:00
iglocska 2a31e39762
new: [keycloak] automatically set mappings 2022-10-31 13:26:12 +01:00
iglocska 2f4b6ed2ff
chg: [keycloak] integration rework 
- switch to the use of attributes
- several minor fixes
 2022-10-31 11:31:38 +01:00
iglocska 9c41fd548f
fix: [auth] added keycloak logout 2022-10-25 15:08:41 +02:00
iglocska af1e2fd632
new: [security] Bruteforce protection added 
- logins allow for 5 attempts every 5 minutes
- Code ported and updated from MISP

- As reported by SK-CERT
 2022-09-19 00:25:15 +02:00
iglocska 254fdc3b84
chg: [security] keycloak enabled - disallow multiple users from being created for the same individual 
- as reported by SK-CERT
 2022-09-18 19:26:24 +02:00
iglocska be064bb0c9
new: [KC] profile link added 2022-05-17 10:42:44 +02:00
iglocska 4575406b33
fix: [users] edit 
- various issues fixed with the edit function
- re-added the chance to change organisations of a user as a site admin
- tighter checks on the options for the drop downs
 2022-05-17 04:02:06 +02:00
Sami Mokaddem 0fb03aae91
fix: [Component:CRUD] Removed confusing `get` parameter 
- It was confusing and using it could lead to unwanted consequences
- It's clearer to implement the desired logic on controller's side
 2022-03-01 14:02:26 +01:00
Sami Mokaddem 3ef64911f9
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable 2022-02-28 09:51:51 +01:00
Sami Mokaddem 4089623eaa
chg: [users] Removed useless imports 2022-02-28 09:37:29 +01:00
iglocska 9d04533e14
chg: [users] restrict org admins from creating other org admins 
- temporary solution for a single community, make this optional in the future
 2022-02-25 10:20:25 +01:00
iglocska 79459838eb
chg: [user add] if no password was set, set a random one 
- can't be used so far as we have no emailing in place
- it allows user creation when username/password mode is disabled
 2022-02-25 00:31:19 +01:00
iglocska 828946a97f
new: [users] several changes 
- make usernames immutable
- restrict user creation to aligned individuals (org admin only)
- optionally create individual while creating a user
 2022-02-24 13:45:10 +01:00
iglocska 283299bf36
fix: [security] flood protection control enabled by default 
- as reported by Dawid Czarnecki from Zigrin Security
 2022-02-19 01:34:07 +01:00
iglocska b41b0dd712
fix: [security] privilege escalation via user edit fixed 
- org admins could circumvent the role restrictions and elevate themselves to a site admin

- as reported by Dawid Czarnecki from Zigrin Security
 2022-02-19 01:02:49 +01:00
iglocska d45a4dc499
new: [registration] added optional registration flood protection 
- As reported by Dawid Czarnecki from Zigrin Security
 2022-02-07 02:03:41 +01:00
iglocska 1ca0f21b86
chg: [user add] form defaults 
- org will default to own org for site admins
- role will default to the default role (if set)
 2022-01-27 21:54:59 +01:00
Sami Mokaddem 2e7aabf704
fix: [users:toggle] Prevent users to disable admins 2022-01-26 16:10:33 +01:00