Commit Graph

1499 Commits (62b2a1b2647e7651bc7f8486311e232686ae8804)

Author SHA1 Message Date
iglocska 7678fe1b9b
Merge branch 'develop' 2023-01-03 15:47:59 +01:00
iglocska 81ae16e4ec
chg: [version] bump 2023-01-03 15:47:36 +01:00
iglocska 6da27dd2a4
fix: [security] destroy session on logout
- As reported by Matúš Mikuláš, Adam Gajdošík, Milan Pikula of SK-CERT
2023-01-03 15:45:42 +01:00
iglocska 13bb031167
fix: [keycloak status] - handle gracefully if user not found in KC
- As reported by Matúš Mikuláš, Adam Gajdošík, Milan Pikula of SK-CERT
2023-01-03 15:41:09 +01:00
iglocska a5eb016fc4
fix: [security] disallow multiple individuals with the same e-mail address
- As reported by Matúš Mikuláš, Adam Gajdošík, Milan Pikula of SK-CERT
2023-01-03 15:30:26 +01:00
iglocska e0f92aa8e0
fix: [validation] Tightened the validation rules for users to avoid 500 errors when the requirements are not met
- ensure that username is unique
- (optional) ensure that individual->user assignment is unique
- (optional) ensure that usernames are e-mail addresses

- As reported by Matúš Mikuláš, Adam Gajdošík, Milan Pikula of SK-CERT
2023-01-03 15:03:06 +01:00
iglocska da2f904554
fix: [security] reworked the Individual handling of user creations / modifications
- creating a new user with the e-mail address of an already existing individual should NOT overwrite the first/last name fields
- it merely connects the individual to the new user

- disallow changing the individual behind an existing user altogether
- allow capturing individuals without updates

- As reported by Matúš Mikuláš, Adam Gajdošík, Milan Pikula of SK-CERT
2022-12-23 16:47:44 +01:00
Alexandre Dulaunoy ef4030161c
new: [doc] gitchangelog.rc added 2022-12-22 13:24:43 +01:00
Andras Iklody bb77ee4e14
Merge pull request #122 from DavidCruciani/main
chg: [INSTALL] 20.04
2022-12-16 16:58:37 +01:00
David Cruciani 102263821d chg: [INSTALL] 20.04 2022-12-16 16:56:29 +01:00
iglocska 7afcc3977f
Merge branch 'main' into develop 2022-12-16 16:46:09 +01:00
iglocska f121027660
chg: [skeleton module] added extra explanations 2022-12-16 16:45:28 +01:00
iglocska c08b56b1fd
Merge branch 'main' of github.com:cerebrate-project/cerebrate 2022-12-16 15:33:37 +01:00
iglocska 256bfa8702
fix: [users] handle saving of a user without KC 2022-12-16 15:32:29 +01:00
Andras Iklody 4d2b257808
Update INSTALL.md 2022-12-16 08:08:17 +01:00
iglocska 5edf477c2f
fix: [security] fixed ACL for the user view endpoint
- arbitrary resource access fixed

- As reported by Matúš Mikuláš, Adam Gajdošík, Milan Pikula of SK-CERT
2022-12-14 10:42:46 +01:00
iglocska 05fad73f30
Merge branch 'develop' 2022-12-14 06:47:25 +01:00
iglocska a87208e8fb
Merge branch 'kc_fix' into develop 2022-12-14 06:47:08 +01:00
iglocska d4c827c662
fix: [kc] attribute update fixed 2022-12-14 06:46:42 +01:00
iglocska 675cac8944
new: [custom attribute saving] wip 2022-12-14 06:22:04 +01:00
Sami Mokaddem 35a395c68c
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop 2022-12-13 15:45:44 +01:00
Sami Mokaddem 0b052aaebf
fix: [users:view] Gracefully handle the case where user exist in cerebrate but not in keycloak 2022-12-13 15:44:37 +01:00
iglocska 1db70114c0
Merge branch 'main' into develop 2022-12-13 11:00:56 +01:00
iglocska d9330a1ddc
chg: [param] order changed 2022-12-13 11:00:30 +01:00
Sami Mokaddem 8c94aae994
fix: [behavior:notifyAdmin] Removed required parameter after optional 2022-12-13 10:56:05 +01:00
iglocska c4170c8354
Merge branch 'develop' 2022-12-13 09:47:54 +01:00
iglocska c700800d8c
chg: [version] bump 2022-12-13 09:45:09 +01:00
Sami Mokaddem 5a144d78ab
Merge branch 'main' of github.com:cerebrate-project/cerebrate into develop 2022-12-13 08:15:30 +01:00
Sami Mokaddem d293cb52f8
chg: [behavior:keycloak] Gracefully handle issues while syncing with keycloak 2022-12-12 16:56:51 +01:00
Sami Mokaddem 178a5b658f
chg: [behavior:keycloak] Perform case insensitive comparison
For both cerebrate and keycloak users
2022-12-12 16:49:52 +01:00
Sami Mokaddem e13dc152e7
fix: [users:registration] Fixed and improved user registration 2022-12-12 16:02:41 +01:00
Sami Mokaddem e366da6171
fix: [behavior:keycloak] Trying to lower fever the best I can 2022-12-12 08:45:02 +01:00
Sami Mokaddem ea6d33112f
fix: [genericElement:keycloakStatus] Typo fixed 2022-12-12 08:16:16 +01:00
iglocska b808705049
Merge branch 'develop-unstable' into develop 2022-12-11 19:34:47 +01:00
Sami Mokaddem 7526f8364f
chg: [users:index] Added comment 2022-12-09 12:19:29 +01:00
Sami Mokaddem d00f765adc
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable 2022-12-09 11:56:20 +01:00
Sami Mokaddem a3fd138b4d
fix: [crud:edit] Always specify the table alias when fetching by id 2022-12-09 11:56:03 +01:00
Sami Mokaddem af622dd19b
new: [users:view] Added keycloak status showing the potential differences between Cerebrate and Keycloak 2022-12-09 11:54:34 +01:00
Sami Mokaddem 21c5601c29
chg: [genericElement:fieldScaffold] Let cake's form helper decide the input type if not specified 2022-12-08 15:50:03 +01:00
Sami Mokaddem b121399304
fix: [user:checkPermissionRestriction] Refactor the function to support more edge-cases 2022-12-08 15:39:28 +01:00
Sami Mokaddem 9a2e94989f
fix: [permissionlimitation:getLimitations] Mirror the permission limit if only one scope (global or org) is defined 2022-12-08 15:38:04 +01:00
Sami Mokaddem 31ce0feed8
chg: [permissionslimitations:add] Forced comment type to be textarea 2022-12-08 15:36:13 +01:00
Sami Mokaddem 20730401d7
fix: [permissionlimitations:view] Typo for max_occurence path 2022-12-08 15:35:41 +01:00
Sami Mokaddem 409c116ad7
chg: [permissionlimitation:validation] Added rule for max_occurence 2022-12-08 15:35:02 +01:00
Sami Mokaddem d1aa20c5fb
security: [users:edit] Prevent edit of all users with lower privileges by any org_admins 2022-12-08 12:12:10 +01:00
Sami Mokaddem 6945e602b8
chg: [users:edit] Added role associated data for the user to be edited 2022-12-08 11:35:22 +01:00
Sami Mokaddem 1b47b669ff
fix: [users:view] Fallback value if Keycloak was never configured 2022-12-08 11:32:26 +01:00
Sami Mokaddem 561f6d1c77
fix: [user:add/edit] Correctly index orgs by their IDs 2022-12-08 10:54:55 +01:00
Sami Mokaddem 4ab9761fb5
fix: [behavior:notifyAdmins] Typo resetting a variable 2022-12-08 10:25:13 +01:00
Sami Mokaddem f3ee43ed46
chg: [user:NotifyAdminBehavior] Track modification on meta_fields 2022-12-08 10:24:09 +01:00