cerebrate-project
/
cerebrate
mirror of https://github.com/cerebrate-project/cerebrate
1
0
Fork 0
Code Issues Releases Wiki Activity
943 Commits
12 Branches
31 Tags
21 MiB
Commit Graph

83 Commits (15190b930ebada9e8d294db57c96832799d9d93e)

Author SHA1 Message Date
iglocska 15190b930e
fix: [security] Sharing group ACL fixes 
- added indirect object reference protection
- added correct ACL functionalities to delete, addOrg, removeOrg

- as reported by Dawid Czarnecki from Zigrin Security
 2022-02-04 00:16:24 +01:00
Sami Mokaddem 2e7aabf704
fix: [users:toggle] Prevent users to disable admins 2022-01-26 16:10:33 +01:00
iglocska 95ecc2bc80
fix: [security] fields not adhered to in CRUD components edit 
- users can circumvent restrictions on editable fields
- can lead to privilege escalation when users edit themselves
 2022-01-26 15:28:10 +01:00
iglocska acc9c94baa
Merge branch 'main' into develop 2022-01-25 15:59:31 +01:00
Sami Mokaddem dc2bfcb6b2
fix: [components:CRUD] Support of controller's paginate public variable 2022-01-25 15:02:16 +01:00
iglocska 932a28288d
new: [CRUD] added some new useful features 
- afterFind for the edit functions to make last minute decisions on the modification after already having loaded the data to be modified
- moved the field restrictions to be able to pass it to the view
- try/catch for bulk deletions. A single failure in the beforeSave call will no longer block the entire saving process
 2022-01-21 13:41:29 +01:00
iglocska eae8e62e5e
fix: [CRUD] delete post message fix 
- correct order of execution for the beforesave command
 2022-01-18 16:24:24 +01:00
iglocska 8cb24baf5f
fix: [ACL] tightening for delete functions 
- implemented beforeSave() function in the CRUD::delete() functionality
- added correct handling for the organisation level encryption keys in the beforeSave constructor
 2022-01-18 15:35:55 +01:00
iglocska 6d13d4aba0
fix: [authkeys] tighten requirements to add authkeys for other org admins 
- site admin: can add to all
- org admin: can add to all in org, except site admin
- everyone else: can add to self only
 2022-01-17 17:16:03 +01:00
iglocska 0fe7f4f931
new: [CRUD] added additional features to the CRUD component 
- conditions passable to add/edit/index/delete
- refactored get() requests internally to finds to accomodate for additional parameters
- delete() now takes a params[] array as a second argument
 2021-11-24 01:30:28 +01:00
iglocska cc04373375
new: [crud component] fixes 
- add hidden option
- fix afterfind
 2021-11-17 15:47:32 +01:00
Sami Mokaddem d21bad721a
fix: [genericTemplate:filters] Correctly takes filter fields and simplified UI 2021-10-21 10:20:07 +02:00
Sami Mokaddem 39fdb8ec0d
new: [user-settings] Added user settings feature 2021-10-08 10:27:40 +02:00
Sami Mokaddem 9685406d99
Merge branch 'develop-unstable' of github.com:cerebrate-project/cerebrate into develop-unstable 2021-10-01 15:13:54 +02:00
Sami Mokaddem 85ee7c69a5 fix: [plugins:tags] Use correct namespace and variable name 2021-10-01 15:13:18 +02:00
iglocska 99a89977c8
Merge branch 'keycloak' into develop-unstable 2021-10-01 13:53:14 +02:00
iglocska f60e411af1
new [keycloak]: WiP user enrollment added 
- also moved the keycloak specific functionalities to a behaviour
- added new role permission (org admin)
 2021-10-01 13:19:26 +02:00
mokaddem 0d8841a3bf Merge branch 'ui-navigation' into develop-unstable 2021-09-17 17:12:33 +02:00
mokaddem b3c25f0cae new: [instance:search_all] Early work on search all feature 2021-09-10 11:55:54 +02:00
mokaddem eed5b9226a chg: [behavior:tags] Custom finder and small improvements 2021-09-01 16:12:56 +02:00
mokaddem 61255e2837 chg: [tags] Improved UI and added missing files 2021-08-31 15:21:28 +02:00
mokaddem a4535ea42e chg: [tag] Continuation of integrating tagging plugin - WiP 
- Filtering
- CRUD of tags
 2021-08-30 15:11:21 +02:00
mokaddem 29595c6e22 chg: [tag] Continuation of integrating tagging plugin - WiP 
- Can tag/untag any model
 2021-08-26 16:12:55 +02:00
mokaddem 8b659fb6af chg: [tag] Continuation of integrating tagging plugin - WiP 
- Tagging / Untagging
 2021-08-26 12:06:12 +02:00
mokaddem d9bef3dc0c new: [localTools] Setting validation 2021-07-05 17:27:39 +02:00
mokaddem 25ca89a701 chg: [CRUD] Improved validation message feedback 2021-06-30 12:18:58 +02:00
iglocska 0e8a6cbe1c
chg: [view] templates added for new permission role 
- also fixed an issue with the signature of the component import in CRUDcomponent
 2021-06-28 23:27:21 +02:00
mokaddem cf3a8653e1 fix: [app] Prevent some ID overrides 2021-06-28 14:49:38 +02:00
mokaddem 524dd10aae chg: [CRUD:add] Always allow UUID field to be set 2021-06-28 14:02:52 +02:00
mokaddem 7ec0dabd0b chg: [CRUDComponent] Support of bulk delete operations 2021-06-23 11:12:14 +02:00
iglocska 7757bec292
fix: [API] various fixes 2021-06-17 08:54:09 +02:00
iglocska ef94ce147c
Merge branch 'main' into inbox 2021-06-01 14:37:29 +02:00
iglocska 51b4bc811f
chg: [improvements] to a st of controllers and components to support localtools 
- still missing ACL entries!
 2021-06-01 07:47:22 +02:00
iglocska 2d4727770c
wip: initial connectors 2021-04-30 23:59:53 +02:00
mokaddem 77fe4e6505 new: [inbox] First version of Inbox system and requestProcessors - WiP 2021-03-15 22:47:13 +01:00
mokaddem 004bca47e6 new: [CRUD] Advanced filtering capabilities for index 2021-03-10 09:43:36 +01:00
mokaddem 851d9cfee7 fix: [CRUD] Renamed confusing function 2021-03-10 09:38:41 +01:00
mokaddem 697c1ff0a6 fix: [CRUD] Correct usage of the `like` condition operator on the query 2021-03-10 09:37:22 +01:00
mokaddem 9a1b38ff5a chg: [CRUD] Passes active filters to the view 2021-03-10 09:36:45 +01:00
mokaddem 67d6683ed8 chg: [CRUD] Also harvest negated filters from URL 2021-03-10 09:35:26 +01:00
mokaddem d4001fab18 chg: [CRUD] Improved metaFields filtering capabilities 2021-02-26 10:36:06 +01:00
mokaddem 5d1106e82a chg: [CRUDComponent] Improved related filter condition 2021-02-24 11:11:29 +01:00
mokaddem de4ba80e21 fix: [CRUDComponent] Full group by on meta-templates 2021-02-24 11:10:10 +01:00
mokaddem d61c6c930a fix: [componenent:CRUD] Fixed oneToMany contextual filters 2021-01-19 12:28:46 +01:00
mokaddem d974f784b6 fix: [component:CRUD] Support for older PHP versions 2021-01-18 16:21:43 +01:00
mokaddem cfea15ff03 fix: [component:CRUD] Fixed FULL_GROUP_BY issue and simplified contextual filtering 2021-01-18 16:13:10 +01:00
mokaddem 13c8f3f7c5 chg: [element:generic_index] Improved quick filter functionality and UI 2021-01-15 16:58:46 +01:00
mokaddem ff84f87d33 fix: [Component:CRUD] Allow saving metaFields 2021-01-15 14:40:03 +01:00
mokaddem ba65c60838 chg: [component:CRUD] Pass searched value to the view and allow searching by hitting <enter> 2021-01-15 11:49:20 +01:00
mokaddem d4ff912e6a chg: [component:CRUD] Added quick search using LIKE 2021-01-15 11:32:47 +01:00