26cbaf0129
chg: [command:summary] Consider perm meta-fields addition/deletion as uesr edit
2023-09-04 14:43:53 +02:00
279c69c510
fix: [userSettings:edit] Correctly pre-select user to be edited
2023-09-04 09:34:44 +02:00
1ea7c796ac
chg: [component:CRUD] Include meta-fields in REST queries and clever pagination support for REST queries
2023-08-29 14:57:48 +02:00
633ae86886
chg: [command:summary] Added support of user MetaFields
...
Allow to show addition and deletion of user metafields such as the ones used for permissions
2023-08-29 14:53:03 +02:00
8e616180ba
fix: [security] user settings editable by arbitrary user fixed
...
- as reported by Infigo on behalf of ENISA
2023-08-23 15:08:23 +02:00
d7bf8af5b1
fix: [internal] user add fix attempt #2
2023-06-28 15:01:26 +02:00
82bf3a74c1
chg: [internal] fetch first role if no default is set
2023-06-28 14:59:31 +02:00
5028b4cf24
chg: [version] bump
2023-05-31 09:42:15 +02:00
52e8a5c6a6
new: [enumerations] added enumerations system
...
- for string entry fields, simply add lists of values to convert the text entry for values
- helps with maintaining accurate lists
- currently the fields that are valid targets are organisations.nationality, organisations.sector, organisations.type
2023-05-26 16:13:52 +02:00
41749ae5a8
fix: [users] added the country information to the index / view
2023-05-25 16:22:49 +02:00
7a8eb6ba50
chg: [CRUD] allow for sorting on related model fields
...
- some hacks to resolve issues with sorting on related fields
2023-05-25 16:11:21 +02:00
9b7c693bb9
fix: fix some deprecation notices in 8.2
2023-04-06 17:59:22 +02:00
abd5dab605
chg: [command:importer] Make sure to use the latest known version of the template
2023-03-31 13:56:06 +02:00
5f1c99cd53
fix: [security] blind SQL injection in searchAll
...
- As reported by Zigrin Security
2023-03-25 09:23:45 +01:00
16a50c08a3
fix: [helper:formFieldMassage] Correctly check for key to avoid debug output
2023-03-21 09:52:28 +01:00
61027e9c1e
chg: [version] bump
2023-03-13 15:50:00 +01:00
c2e9fd3b75
chg: [meta-template:index] Added link to metaTemplateNameDirectory
2023-03-13 11:38:32 +01:00
47bebe5b68
chg: [metaTemplate:update] Gracefully handle case when template on disk is not readable
2023-03-13 11:37:58 +01:00
acb66ac4a0
fix: [individuals:delete] Gracefully catches deletion of individuals associated to a user
2023-03-13 08:05:32 +01:00
3ca6b68429
fix: [acl:metaTemplate] Added missing entry
2023-02-27 12:17:04 +01:00
6fc568e80e
new: [metaTemplateNameDirectory] Added index to see the known template and their associated saved meta-templates
2023-02-27 12:16:36 +01:00
ce8a7ba1be
fix: [individuals:canEdit] Changed function from public to private
2023-02-27 12:14:13 +01:00
c8e5823393
chg: [helper:bootstrap] Make sure to output the value even if it's a `0`
2023-02-27 11:13:40 +01:00
26c038b25b
chg: [settings:cerebrate] Improved check before saving debug level
2023-02-27 11:12:54 +01:00
480e4a65fe
fix: [elements:bootstrapTabs] Removed unused options
2023-02-27 10:43:59 +01:00
59f8608d50
new: [user:permissionLimitation] Added current permission status while in `add` or `edit` context
...
Also moved the notification key from meta-fields to meta-template-fields
2023-02-24 15:22:18 +01:00
aead79a4c3
chg: [component:CRUD] Added `afterFind` support in add
2023-02-24 15:20:29 +01:00
a427686388
chg: [user:permissionRestriction] Move check from beforeSave to ApplicationRule
2023-02-24 15:02:08 +01:00
fda8aa5866
chg: [component:CRUD] Include meta-template before calling `afterFind`
2023-02-24 14:57:40 +01:00
0833a8c0e4
fix: [individual:getValidToEdit] Restricted ACL to prevent one org_admin to edit another from the same org
2023-02-24 11:18:48 +01:00
af8f1e9e74
chg: [tags:org/individual] Relaxed ACL on tagging
...
- Before only `site_admin` could add tags.
- Now `org_admins` can add tags for their orgs and individuals
- Regular users can self manage their own individual tag
2023-02-24 11:17:55 +01:00
c148b0993a
chg: [encryptionKeys:beforeSave] Updated ACL to disable management of keys for regular orgs
2023-02-24 10:35:25 +01:00
1620fd3e59
chg: [encryptionKey] Made key searchable with substring strategy
2023-02-24 10:31:33 +01:00
73c4baac31
chg: [helper:bootstrap] Added support of ID option
2023-02-24 10:04:18 +01:00
6eb5106153
new: [ui:formInfo] Rafactored formInfo and added support of field description
...
Can be done by using the `tooltip` key on the field configuration
2023-02-24 10:03:45 +01:00
487670e522
chg: [authkeys:add] Select logged-in user by default
2023-02-23 14:57:58 +01:00
7ccf925247
security: [authkey:add] Restrict creation of API keys for users in the same org and for other org_admins
2023-02-23 14:57:42 +01:00
e9056a7b4c
chg: [audit:filter] Made request_action a multiple search
2023-02-23 13:04:33 +01:00
4d4642770f
new: [crud:filter] Added support of IN searches using dropdown
2023-02-23 12:55:18 +01:00
fdd876b1b2
new: [component:CRUD] Added support of IN condition when filtering index
2023-02-23 11:40:07 +01:00
9bc1ba899f
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2023-02-21 13:54:22 +01:00
0b2f7c31b2
Merge branch 'develop-unstable' into develop
2023-02-21 13:54:13 +01:00
ce42bd7726
chg: [version] bump
2023-02-21 13:50:30 +01:00
0ba6310434
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2023-02-21 13:49:55 +01:00
e375e24a6d
chg: [component:CRUD] Added validation of order fields
2023-02-20 10:17:20 +01:00
e4c132374e
fix: [crud:renderInVariable] Fixed deprecation notice
2023-02-16 15:13:52 +01:00
0850c92e89
chg: [users:index] Added setting to allow the deletion of users
...
Fix #119
2023-02-16 15:07:06 +01:00
88abecfe8f
fix: [sharingGroups:addOrg] Use correct index to add to the group
2023-02-16 14:55:43 +01:00
62b2a1b264
new: [crud:auditlog] Added auditlogs for entity being viewed
2023-02-16 14:52:05 +01:00
adad45baf6
chg: [metaTemplate:updateStrategyDelete] Restored strategy to update a template and delete conflicting metafields
2023-02-16 13:51:36 +01:00
97a151aff5
new: [metaTemplate:metaFieldMigration] Added support of force migrate
...
Remove conflicting meta-fields and migrate non-conflicting ones
2023-02-16 13:35:38 +01:00
27673b54c9
chg: [metaTemplate:migrateMetaField] Ignore metafield with empty value
2023-02-16 09:32:27 +01:00
20eebd097d
new: [meta-template] Improvement of the update system
...
- Changed default update strategy from `create_new` to `update_existing`
- Added mechanism to automatically migrate meta-fields to newest template
- Improved validation and conflict detection strategies
- Fixed various UI bugs and improved QoL
2023-02-14 14:42:35 +01:00
c0636b89ab
fix: [bootstrap:table] Fixed typo and pass field config for indexed arrays
2023-02-14 10:31:23 +01:00
d4ad5f2fb3
chg: [bootstrap:collapse] Allow disabling card formating
2023-02-14 10:30:46 +01:00
3fcb58c081
chg: [brood:queryIndex] Added support of pagination and filtering
2023-02-13 15:39:25 +01:00
b9292473de
fix: [crud:index] Only include requested metafields for non-API queries
2023-02-13 15:38:12 +01:00
fce564f798
chg: [crud:index] Added better support of pagination for API
2023-02-13 15:36:21 +01:00
72932c582d
chg: [users:index] Includes metafields by default when API query
2023-02-13 15:32:40 +01:00
d7a530924f
fix: [navigation:metaTemplates] Allow toggling template enabled state
2023-02-13 15:32:00 +01:00
9013a7ce2b
chg: [boostrapElement:dropdownMenu] Added support of `attrs` parameter for menu entry
2023-02-13 15:18:07 +01:00
aa9225ba90
fix: [metaFields] Fixed typo in function
2023-02-13 15:16:10 +01:00
0ac81af82a
fix: [metaTemplateDirectory:create] Added gracefully handle uniqueness
2023-02-13 15:14:43 +01:00
25e63b710a
fix: [user:rearrangeForAPI] Fixed support of metafields
2023-02-13 15:13:33 +01:00
2915ced971
chg: [organisations:index] Always include metafields for API requests
2023-02-13 15:12:54 +01:00
f1de7fbf49
chg: [broods:testConnection] Prematurely close session to allow concurrent requests
2023-02-13 15:08:57 +01:00
c561fba7ae
fix: [command:fastUserEmrolment] Typo in condition showing the wrong warning for the faulty entity
2023-01-20 10:05:23 +01:00
5caf1659cf
fix: [command:fastEnrolment] Coorrectly display missing organisation instead of throwing an error
2023-01-20 10:05:09 +01:00
d1ff45519b
fix: [command:fastUserEmrolment] Typo in condition showing the wrong warning for the faulty entity
2023-01-19 15:41:17 +01:00
1c4853f8a5
fix: [command:fastEnrolment] Coorrectly display missing organisation instead of throwing an error
2023-01-19 10:27:23 +01:00
5388b4d185
chg: [BootstrapHelper:dropdownMenu] Added support of class for menu entries
2023-01-19 10:25:52 +01:00
fb418ca0b4
chg: [BootstrapHelper:modal] Added support of scrolling in modal body
...
- For the pleasure of @iglocska
2023-01-19 10:24:59 +01:00
7cda322223
fix: [users:view] Temporary measure to gracefully catch connection issue with keycloak
2023-01-18 15:47:59 +01:00
79a97efa70
Merge branch 'chg-sync-improvements' into develop-unstable
2023-01-18 15:40:54 +01:00
5092f3d4f3
chg: [version] bump
2023-01-18 10:10:00 +01:00
ee6913d7f0
fix: [command:fastUserEnrolment] Better parsing of options and removed test instructions
2023-01-18 10:00:55 +01:00
f36f33e7cf
new: [command:fastUserEnrolment] Added script to create alignment and enroll users from a provided CSV
...
- The individual and Organisation must already exist in Cerebrate. They can be created using the ImporterCommand script
2023-01-17 09:29:59 +01:00
433d18c176
fix: [command:importer] FIxed several bug preventing the save to happen
2023-01-17 09:28:27 +01:00
a211aea267
new: [command:metaTemaplate] Added meta-template shell to create and enabled template by UUID
2023-01-17 09:27:31 +01:00
cd9bb838f6
fix: [command:fieldSquasher] Allow persistence of changes
2023-01-17 09:26:47 +01:00
9ae446bb5d
fix: [behavior:authKeycloak] Correctly URLEncode username
2023-01-17 09:25:43 +01:00
fc31ce8b08
fix: [alignments:add] Index individuals and orgs by ID instead of array index
2023-01-17 09:25:11 +01:00
025dcd9054
chg: [alignment] Added validation rule to avoid duplicates
2023-01-17 09:24:36 +01:00
d9df6ed4c3
fix: [permissionLimitations] Prevent error for org without users
2023-01-17 09:23:24 +01:00
715ba1d75b
chg: [ui:generic_index] Only show enabled meta-templates in table options
2023-01-17 09:17:49 +01:00
9506142de5
fix: [broods:add] Correctly index organisations by their ID
2023-01-11 09:56:56 +01:00
81ae16e4ec
chg: [version] bump
2023-01-03 15:47:36 +01:00
6da27dd2a4
fix: [security] destroy session on logout
...
- As reported by Matúš Mikuláš, Adam Gajdošík, Milan Pikula of SK-CERT
2023-01-03 15:45:42 +01:00
13bb031167
fix: [keycloak status] - handle gracefully if user not found in KC
...
- As reported by Matúš Mikuláš, Adam Gajdošík, Milan Pikula of SK-CERT
2023-01-03 15:41:09 +01:00
a5eb016fc4
fix: [security] disallow multiple individuals with the same e-mail address
...
- As reported by Matúš Mikuláš, Adam Gajdošík, Milan Pikula of SK-CERT
2023-01-03 15:30:26 +01:00
e0f92aa8e0
fix: [validation] Tightened the validation rules for users to avoid 500 errors when the requirements are not met
...
- ensure that username is unique
- (optional) ensure that individual->user assignment is unique
- (optional) ensure that usernames are e-mail addresses
- As reported by Matúš Mikuláš, Adam Gajdošík, Milan Pikula of SK-CERT
2023-01-03 15:03:06 +01:00
da2f904554
fix: [security] reworked the Individual handling of user creations / modifications
...
- creating a new user with the e-mail address of an already existing individual should NOT overwrite the first/last name fields
- it merely connects the individual to the new user
- disallow changing the individual behind an existing user altogether
- allow capturing individuals without updates
- As reported by Matúš Mikuláš, Adam Gajdošík, Milan Pikula of SK-CERT
2022-12-23 16:47:44 +01:00
7afcc3977f
Merge branch 'main' into develop
2022-12-16 16:46:09 +01:00
f121027660
chg: [skeleton module] added extra explanations
2022-12-16 16:45:28 +01:00
256bfa8702
fix: [users] handle saving of a user without KC
2022-12-16 15:32:29 +01:00
5edf477c2f
fix: [security] fixed ACL for the user view endpoint
...
- arbitrary resource access fixed
- As reported by Matúš Mikuláš, Adam Gajdošík, Milan Pikula of SK-CERT
2022-12-14 10:42:46 +01:00
d4c827c662
fix: [kc] attribute update fixed
2022-12-14 06:46:42 +01:00
675cac8944
new: [custom attribute saving] wip
2022-12-14 06:22:04 +01:00
35a395c68c
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2022-12-13 15:45:44 +01:00
0b052aaebf
fix: [users:view] Gracefully handle the case where user exist in cerebrate but not in keycloak
2022-12-13 15:44:37 +01:00
d9330a1ddc
chg: [param] order changed
2022-12-13 11:00:30 +01:00
8c94aae994
fix: [behavior:notifyAdmin] Removed required parameter after optional
2022-12-13 10:56:05 +01:00
c700800d8c
chg: [version] bump
2022-12-13 09:45:09 +01:00
d293cb52f8
chg: [behavior:keycloak] Gracefully handle issues while syncing with keycloak
2022-12-12 16:56:51 +01:00
178a5b658f
chg: [behavior:keycloak] Perform case insensitive comparison
...
For both cerebrate and keycloak users
2022-12-12 16:49:52 +01:00
e13dc152e7
fix: [users:registration] Fixed and improved user registration
2022-12-12 16:02:41 +01:00
e366da6171
fix: [behavior:keycloak] Trying to lower fever the best I can
2022-12-12 08:45:02 +01:00
7526f8364f
chg: [users:index] Added comment
2022-12-09 12:19:29 +01:00
a3fd138b4d
fix: [crud:edit] Always specify the table alias when fetching by id
2022-12-09 11:56:03 +01:00
af622dd19b
new: [users:view] Added keycloak status showing the potential differences between Cerebrate and Keycloak
2022-12-09 11:54:34 +01:00
b121399304
fix: [user:checkPermissionRestriction] Refactor the function to support more edge-cases
2022-12-08 15:39:28 +01:00
9a2e94989f
fix: [permissionlimitation:getLimitations] Mirror the permission limit if only one scope (global or org) is defined
2022-12-08 15:38:04 +01:00
409c116ad7
chg: [permissionlimitation:validation] Added rule for max_occurence
2022-12-08 15:35:02 +01:00
d1aa20c5fb
security: [users:edit] Prevent edit of all users with lower privileges by any org_admins
2022-12-08 12:12:10 +01:00
6945e602b8
chg: [users:edit] Added role associated data for the user to be edited
2022-12-08 11:35:22 +01:00
1b47b669ff
fix: [users:view] Fallback value if Keycloak was never configured
2022-12-08 11:32:26 +01:00
561f6d1c77
fix: [user:add/edit] Correctly index orgs by their IDs
2022-12-08 10:54:55 +01:00
4ab9761fb5
fix: [behavior:notifyAdmins] Typo resetting a variable
2022-12-08 10:25:13 +01:00
f3ee43ed46
chg: [user:NotifyAdminBehavior] Track modification on meta_fields
2022-12-08 10:24:09 +01:00
c61c16c83c
fix: [user:beforeSave] Make sure variable is initialized
2022-12-08 10:19:28 +01:00
53f669e25c
new: [sync+meta_fields] Initial work on meta_field synchronisation and meta_template_directory - WiP
...
The new directory allows to ingest meta_fields without knowing their associated meta_template. Improved the way data is re-arranged, how meta-templates are saved and a helper widget showing the difference local objects have with their remote counter-part
2022-12-07 14:54:28 +01:00
89a13a12a0
chg: [organisations:index] Added support of `full` option to include metafields
2022-12-02 09:51:28 +01:00
813ec6f0a5
new: [utility:utils] Added utils file and support of arary_diff_recursive
2022-12-02 09:50:09 +01:00
c49e3ac508
new: [bootstrap-helper:badge] Added support of ID and icon
2022-12-02 09:49:37 +01:00
6e6107dc46
fix: [bootstrap-helper:table] Relax some argument typing
2022-12-02 09:49:03 +01:00
7ce6507e94
fix: [user:login] Added support of `redirect` after login
2022-11-30 10:31:07 +01:00
e5080e6fda
fix: [brood:preview] Restored searching capability on browsing
2022-11-29 11:51:03 +01:00
3dddd96eeb
chg: [element:metafield_panel] Metafield now relying on their index type when being displayed on singleViews
2022-11-28 12:12:01 +01:00
abd9e04a0f
chg: [helper:bootstrap] Added more documentation and typing
2022-11-28 10:01:18 +01:00
b7a446cd56
chg: [helper:bootstrap] Added documentation
2022-11-28 09:06:24 +01:00
ae5a8eef32
Merge branch 'develop-unstable' into chg-bootstrap-elements
2022-11-28 08:44:55 +01:00
f24d6c2cc8
chg: [command:summary] Added support of destination folder
2022-11-28 08:44:30 +01:00
e1115c1f64
chg: [helper:bootstrapModal] Improved doc
2022-11-28 08:43:45 +01:00
71164e5135
chg: [layout:user_profile] Improved UI
2022-11-28 08:37:00 +01:00
2c840c7d4f
chg: [herlper:bootstrap] Major refactor of the BootstrapHelper to make it more modular + added documentation
2022-11-28 08:36:17 +01:00
41e425cfa2
new: [metaTemplateField] Added `index_type` virtual property to use the correct index_table element
2022-11-15 14:54:44 +01:00
a9ef415f9d
fix: [organisation:index] Indentation fix
2022-11-15 14:54:01 +01:00
ae8ecf3955
chg: [organisation:index] Added quickfilter showing all orgs having the same nationality as logged user.org
2022-11-15 11:41:30 +01:00
31750da7c9
chg: [organisation:index] Removed ENISA-specific quick filters
...
But kept them as develop documentation...
2022-11-15 11:40:59 +01:00
6ed9978661
chg: [inbox:filtering] Possibility to filter on severity
2022-11-15 11:22:02 +01:00
d23cf2e2c6
new: [inbox:index] Added support of various context filtering
...
- My notification includes message without user_ids
- User registration
- Inter-connection requests
- Data changed
- severity:*
2022-11-15 11:21:26 +01:00
62c228c44e
chg: [auditLogs:index] Added possibility to view and filter logs base on `created` field
2022-11-14 16:11:18 +01:00
0b26bd629f
fix: [crud:index] requestedEntryAmount doesn't reset the query anymore
2022-11-14 15:55:07 +01:00
84069cfe40
chg: [metaTemplateField] More generic way to specify form type
2022-11-14 15:45:28 +01:00
b6fdf37d54
fix: [metafields:dropdown] Patched saving multiple fields with custom value
2022-11-14 15:38:50 +01:00
b53f2681b4
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into feature-metafield-dropdown
2022-11-14 14:53:02 +01:00
cbe2f7f684
chg: [version] bump
2022-11-14 12:38:45 +01:00
7f92e6401d
Merge remote-tracking branch 'origin/cli-modification-summary' into develop
2022-11-14 12:37:34 +01:00
7940eb065f
new: [command] Summary tool to collect changes done by nationalities
...
Currently supporting individual, organisation and user
2022-11-14 12:36:36 +01:00
f3023eb82c
fix: [individual edit] permission check fix
2022-11-14 11:37:58 +01:00
Sami Mokaddem