04b640c8b6
fix: [diagnostics] allow for certain settings to be empty, fixes #176
...
- via the empty => true key
2024-11-28 18:00:13 +01:00
cce4115418
fix: [error handling] better error handling for bookmarks, fixes #188
...
- show why something failed
- actually fail if a field is missing for bookmarks
2024-11-28 17:47:43 +01:00
d799214a41
fix: [error] when deleting a role that had users attached to it was cryptic, fixes #180
2024-11-28 17:13:32 +01:00
1c8bcc045e
fix: [security] Group admin ACL
...
- group admin can inject user into organisation not managed by themselves
- as reported by Jeroen Pinoy (@wachizungu)
2024-11-28 16:56:51 +01:00
da4bd943b7
fix: [typo] in the authkeyscontroller
...
- lead to users not being able to generate authkeys
2024-11-28 16:46:45 +01:00
467ec29f54
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2024-11-28 09:37:30 +01:00
07f67fe9ea
fix: [cleanup] ACL component
...
- duplicate check removed
2024-11-28 09:37:06 +01:00
8e87dd8b28
Merge pull request #190 from Wachizungu/add-new-roles-to-default-admin-role
...
fix: default admin role doesn't have group admin and meta field edito…
2024-11-28 09:35:36 +01:00
39e9fb4a76
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2024-11-28 09:25:47 +01:00
0131422ab8
fix: [security] Tightening of the role assignment permissions
...
- If a decoupled perm_admin role was configured on the system, this could be assigned by low privilege administrators, leading to privilege escalation
- This fix moves the responsibility of the check to the ACL component rather than the controller
- As reported by Jeroen Pinoy (@wachizungu)
2024-11-28 09:17:24 +01:00
ed592c57c7
fix: default admin role doesn't have group admin and meta field editor permissions
2024-11-23 20:08:41 +01:00
f7f9392cfe
Merge pull request #184 from Wachizungu/fix-proxy-diagnostics-severity-level
...
fix: Set proxy settings diagonistics severity level to info. fix #176
2024-11-23 09:54:13 +01:00
b8ff31a906
Merge pull request #187 from Wachizungu/fix-security-allowed-bookmark-domains-read-config
...
fix: typo in read security allowed bookmark domains config
2024-11-23 09:53:57 +01:00
1702b84fe8
Merge pull request #189 from Wachizungu/chg-load-current-user-settings-view-in-case-id-unset
...
fix: users settings view throws internal server error when accessed w…
2024-11-23 09:53:24 +01:00
a1020bc42b
fix: users settings view throws internal server error when accessed without user id
2024-11-22 23:48:52 +01:00
850d559cef
fix: typo in read security allowed bookmark domains config
2024-11-22 22:40:25 +01:00
55cac2e2e6
new: [security] added functionality to tighten bookmark creation rules
...
- site admins can now limit the baseurls of the provided bookmark URLs to a list of values via the server settings
2024-11-22 12:48:37 +01:00
ab331dcfb9
fix: [crud] fixed the broken non ajax messages just introduced in the previous commit
...
- can't have my cake and eat it too
2024-11-22 12:47:16 +01:00
ac33e90f0c
fix: [message handling] of error messages
...
- correctly handle beforeSave / afterSave failures in ajax contexts
- until now it was just silently failing giving cryptic messages to the user
2024-11-22 12:40:21 +01:00
b45cc8ae22
fix: Set proxy settings diagonistics severity level to info. fix #176
2024-11-16 15:27:10 +01:00
5d0b7715db
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2024-10-16 10:51:26 +02:00
2eb6b1ae77
fix: [pgp] key status check fixed for certain edge cases
2024-10-16 10:50:50 +02:00
55ded175a9
chg: [docker:readme] Updated PHP version
2024-09-25 15:19:50 +02:00
0c78028c6a
new: [ui] Added country flag in some places
...
- Currently in:
- /organisations/[index/view]
- /users/[index/view]
2024-09-25 10:59:09 +02:00
aae584f0b7
chg: [users:add] Update the permission limitation for org permission on /users/add
2024-09-24 16:03:35 +02:00
888661a172
fix: [permissionLimitiation:getListOfLimitations] Correctly show the correct amount of limitation
...
- Correctly get the number of org permission if the user is an org_group_manager
- and one of the org he/she manages doesn't have a user
2024-09-24 16:00:26 +02:00
9ca5af34a3
fix: [users:index_filtering] Added ACL entries for filtering modal
2024-09-24 14:50:57 +02:00
324767868e
fix: [ui:search_all] Fixed dropdown width to avoid screen overflow for large results
...
- This will put an end to @gallypette and @adulau's pestering
2024-09-24 14:42:30 +02:00
ad3a8ee7c5
fix: [users:edit] DatabaseException in group-admin for condition with empty list of values
2024-09-24 14:34:06 +02:00
1c93a71f80
fix: [permissionLimitation:getListOfLimitations] Fixed DatabaseException for condition with empty list of values
2024-09-24 14:17:00 +02:00
1837c4259e
Merge branch 'main' into develop
2024-09-17 07:57:53 +02:00
6f31082a71
fix: [bookmarks] added more error handling for malformed bookmarks
2024-09-17 07:57:25 +02:00
72d821ad05
Merge branch 'main' into develop
2024-09-17 00:10:22 +02:00
4f42d504c5
Merge branch 'main' of github.com:cerebrate-project/cerebrate
2024-09-17 00:10:05 +02:00
8e3e4316fb
chg: [bookmarks] Make the rendering more lenient to malformed content
...
- fail gracefully rather than throwing 500s
2024-09-17 00:08:49 +02:00
60b199854d
Update README.md
2024-09-04 07:43:10 +02:00
eb3f725e5b
Merge branch 'develop'
2024-08-29 07:17:17 +02:00
de39176b6a
new: [version] show the cerebrate version and link to the release notes
2024-08-29 07:13:42 +02:00
dc880b1b39
fix: [VERSION] bump
2024-08-29 06:50:34 +02:00
33c5c8a9d9
fix: [error messages] improved for empty/malformed request bodies
...
- instead of failing on a validation level for empty data, fail immediately on CRUD component level
- send a clear message to the user that the request was malformed / the proper media type headers were not set
2024-08-29 06:49:28 +02:00
52e80af061
Merge branch 'develop'
2024-08-28 16:19:28 +02:00
4906cae0c7
fix: [crud] various minor fixes
2024-08-28 16:19:04 +02:00
d4880e7b56
fix: [users] add load individual correctly and show it to the user
2024-08-28 16:13:32 +02:00
5048c38ed6
fix: [CRUD] run afterfind even if no metatemplates set
2024-08-28 16:13:09 +02:00
e39ece57c5
new: [meta_field] API improved
...
- simple way to add metafields added
- simply pass a list of meta_fields to the object about to be saved
- the only fields required are: template_uuid, template_version, field, value
Example for an individual:
```
{
"first_name": "Andras",
"last_name": "Iklody",
"email": "andras.iklody@circl.lu",
"alignments": {
"organisation": [
{
"uuid": "9d4d7913-2602-4333-8440-c78b7f92eca3",
"name": "Iglocska.eu"
}
]
},
"meta_fields": [
{
"field": "perm_mattermost",
"value": true,
"template_uuid": "447ded8b-314b-41c7-a913-4ce32535b28d",
"template_version": 2
}
]
}
```
2024-08-28 15:39:46 +02:00
ccd4a8c624
new: [individuals] add individual auto-saves an alignment
...
- if a non community admin enrolls an individual, set the alignment by default
- this will prevent them from becoming uneditable
2024-08-28 15:38:53 +02:00
bb47046670
Merge branch 'main' into develop
2024-08-27 14:27:46 +02:00
566405a2a4
chg: [version] bump
2024-08-27 14:26:53 +02:00
9d08af65cb
Merge branch 'main' into develop
2024-08-24 16:27:40 +02:00
6270ae8e18
new: [metafield editor permission] added
...
- users/org admins/group admins/community admins can now only modify metafield data on any object if the permission is set for their role
- Since some communities use this for ACL to secondary tools, this will allow them to restrict who can modify them
2024-08-24 16:25:58 +02:00
iglocska