52e8a5c6a6
new: [enumerations] added enumerations system
...
- for string entry fields, simply add lists of values to convert the text entry for values
- helps with maintaining accurate lists
- currently the fields that are valid targets are organisations.nationality, organisations.sector, organisations.type
2023-05-26 16:13:52 +02:00
41749ae5a8
fix: [users] added the country information to the index / view
2023-05-25 16:22:49 +02:00
7a8eb6ba50
chg: [CRUD] allow for sorting on related model fields
...
- some hacks to resolve issues with sorting on related fields
2023-05-25 16:11:21 +02:00
5f1c99cd53
fix: [security] blind SQL injection in searchAll
...
- As reported by Zigrin Security
2023-03-25 09:23:45 +01:00
c2e9fd3b75
chg: [meta-template:index] Added link to metaTemplateNameDirectory
2023-03-13 11:38:32 +01:00
47bebe5b68
chg: [metaTemplate:update] Gracefully handle case when template on disk is not readable
2023-03-13 11:37:58 +01:00
acb66ac4a0
fix: [individuals:delete] Gracefully catches deletion of individuals associated to a user
2023-03-13 08:05:32 +01:00
3ca6b68429
fix: [acl:metaTemplate] Added missing entry
2023-02-27 12:17:04 +01:00
6fc568e80e
new: [metaTemplateNameDirectory] Added index to see the known template and their associated saved meta-templates
2023-02-27 12:16:36 +01:00
ce8a7ba1be
fix: [individuals:canEdit] Changed function from public to private
2023-02-27 12:14:13 +01:00
59f8608d50
new: [user:permissionLimitation] Added current permission status while in `add` or `edit` context
...
Also moved the notification key from meta-fields to meta-template-fields
2023-02-24 15:22:18 +01:00
aead79a4c3
chg: [component:CRUD] Added `afterFind` support in add
2023-02-24 15:20:29 +01:00
fda8aa5866
chg: [component:CRUD] Include meta-template before calling `afterFind`
2023-02-24 14:57:40 +01:00
af8f1e9e74
chg: [tags:org/individual] Relaxed ACL on tagging
...
- Before only `site_admin` could add tags.
- Now `org_admins` can add tags for their orgs and individuals
- Regular users can self manage their own individual tag
2023-02-24 11:17:55 +01:00
c148b0993a
chg: [encryptionKeys:beforeSave] Updated ACL to disable management of keys for regular orgs
2023-02-24 10:35:25 +01:00
1620fd3e59
chg: [encryptionKey] Made key searchable with substring strategy
2023-02-24 10:31:33 +01:00
487670e522
chg: [authkeys:add] Select logged-in user by default
2023-02-23 14:57:58 +01:00
7ccf925247
security: [authkey:add] Restrict creation of API keys for users in the same org and for other org_admins
2023-02-23 14:57:42 +01:00
e9056a7b4c
chg: [audit:filter] Made request_action a multiple search
2023-02-23 13:04:33 +01:00
4d4642770f
new: [crud:filter] Added support of IN searches using dropdown
2023-02-23 12:55:18 +01:00
fdd876b1b2
new: [component:CRUD] Added support of IN condition when filtering index
2023-02-23 11:40:07 +01:00
0b2f7c31b2
Merge branch 'develop-unstable' into develop
2023-02-21 13:54:13 +01:00
e375e24a6d
chg: [component:CRUD] Added validation of order fields
2023-02-20 10:17:20 +01:00
e4c132374e
fix: [crud:renderInVariable] Fixed deprecation notice
2023-02-16 15:13:52 +01:00
0850c92e89
chg: [users:index] Added setting to allow the deletion of users
...
Fix #119
2023-02-16 15:07:06 +01:00
88abecfe8f
fix: [sharingGroups:addOrg] Use correct index to add to the group
2023-02-16 14:55:43 +01:00
62b2a1b264
new: [crud:auditlog] Added auditlogs for entity being viewed
2023-02-16 14:52:05 +01:00
97a151aff5
new: [metaTemplate:metaFieldMigration] Added support of force migrate
...
Remove conflicting meta-fields and migrate non-conflicting ones
2023-02-16 13:35:38 +01:00
27673b54c9
chg: [metaTemplate:migrateMetaField] Ignore metafield with empty value
2023-02-16 09:32:27 +01:00
20eebd097d
new: [meta-template] Improvement of the update system
...
- Changed default update strategy from `create_new` to `update_existing`
- Added mechanism to automatically migrate meta-fields to newest template
- Improved validation and conflict detection strategies
- Fixed various UI bugs and improved QoL
2023-02-14 14:42:35 +01:00
3fcb58c081
chg: [brood:queryIndex] Added support of pagination and filtering
2023-02-13 15:39:25 +01:00
b9292473de
fix: [crud:index] Only include requested metafields for non-API queries
2023-02-13 15:38:12 +01:00
fce564f798
chg: [crud:index] Added better support of pagination for API
2023-02-13 15:36:21 +01:00
72932c582d
chg: [users:index] Includes metafields by default when API query
2023-02-13 15:32:40 +01:00
d7a530924f
fix: [navigation:metaTemplates] Allow toggling template enabled state
2023-02-13 15:32:00 +01:00
2915ced971
chg: [organisations:index] Always include metafields for API requests
2023-02-13 15:12:54 +01:00
f1de7fbf49
chg: [broods:testConnection] Prematurely close session to allow concurrent requests
2023-02-13 15:08:57 +01:00
7cda322223
fix: [users:view] Temporary measure to gracefully catch connection issue with keycloak
2023-01-18 15:47:59 +01:00
79a97efa70
Merge branch 'chg-sync-improvements' into develop-unstable
2023-01-18 15:40:54 +01:00
fc31ce8b08
fix: [alignments:add] Index individuals and orgs by ID instead of array index
2023-01-17 09:25:11 +01:00
715ba1d75b
chg: [ui:generic_index] Only show enabled meta-templates in table options
2023-01-17 09:17:49 +01:00
9506142de5
fix: [broods:add] Correctly index organisations by their ID
2023-01-11 09:56:56 +01:00
6da27dd2a4
fix: [security] destroy session on logout
...
- As reported by Matúš Mikuláš, Adam Gajdošík, Milan Pikula of SK-CERT
2023-01-03 15:45:42 +01:00
da2f904554
fix: [security] reworked the Individual handling of user creations / modifications
...
- creating a new user with the e-mail address of an already existing individual should NOT overwrite the first/last name fields
- it merely connects the individual to the new user
- disallow changing the individual behind an existing user altogether
- allow capturing individuals without updates
- As reported by Matúš Mikuláš, Adam Gajdošík, Milan Pikula of SK-CERT
2022-12-23 16:47:44 +01:00
5edf477c2f
fix: [security] fixed ACL for the user view endpoint
...
- arbitrary resource access fixed
- As reported by Matúš Mikuláš, Adam Gajdošík, Milan Pikula of SK-CERT
2022-12-14 10:42:46 +01:00
0b052aaebf
fix: [users:view] Gracefully handle the case where user exist in cerebrate but not in keycloak
2022-12-13 15:44:37 +01:00
e13dc152e7
fix: [users:registration] Fixed and improved user registration
2022-12-12 16:02:41 +01:00
7526f8364f
chg: [users:index] Added comment
2022-12-09 12:19:29 +01:00
a3fd138b4d
fix: [crud:edit] Always specify the table alias when fetching by id
2022-12-09 11:56:03 +01:00
af622dd19b
new: [users:view] Added keycloak status showing the potential differences between Cerebrate and Keycloak
2022-12-09 11:54:34 +01:00
iglocska