cerebrate-project
/
cerebrate
mirror of https://github.com/cerebrate-project/cerebrate
1
0
Fork 0
Code Issues Releases Wiki Activity
1,286 Commits
11 Branches
25 Tags
20 MiB
Commit Graph

55 Commits (b1f09dc97ee4dc270980cfa970b445b1eba7b833)

Author SHA1 Message Date
iglocska b1f09dc97e
new: [permission limitations] subsystem added 
- add limitations for users with given meta fields
  - x number / org and y number / globally
- add comments to the limitations
- enforced on user creation/modification
 2022-11-09 14:09:27 +01:00
iglocska 2a31e39762
new: [keycloak] automatically set mappings 2022-10-31 13:26:12 +01:00
iglocska 2f4b6ed2ff
chg: [keycloak] integration rework 
- switch to the use of attributes
- several minor fixes
 2022-10-31 11:31:38 +01:00
iglocska 9c41fd548f
fix: [auth] added keycloak logout 2022-10-25 15:08:41 +02:00
iglocska af1e2fd632
new: [security] Bruteforce protection added 
- logins allow for 5 attempts every 5 minutes
- Code ported and updated from MISP

- As reported by SK-CERT
 2022-09-19 00:25:15 +02:00
iglocska 254fdc3b84
chg: [security] keycloak enabled - disallow multiple users from being created for the same individual 
- as reported by SK-CERT
 2022-09-18 19:26:24 +02:00
iglocska be064bb0c9
new: [KC] profile link added 2022-05-17 10:42:44 +02:00
iglocska 4575406b33
fix: [users] edit 
- various issues fixed with the edit function
- re-added the chance to change organisations of a user as a site admin
- tighter checks on the options for the drop downs
 2022-05-17 04:02:06 +02:00
Sami Mokaddem 0fb03aae91
fix: [Component:CRUD] Removed confusing `get` parameter 
- It was confusing and using it could lead to unwanted consequences
- It's clearer to implement the desired logic on controller's side
 2022-03-01 14:02:26 +01:00
Sami Mokaddem 3ef64911f9
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable 2022-02-28 09:51:51 +01:00
Sami Mokaddem 4089623eaa
chg: [users] Removed useless imports 2022-02-28 09:37:29 +01:00
iglocska 9d04533e14
chg: [users] restrict org admins from creating other org admins 
- temporary solution for a single community, make this optional in the future
 2022-02-25 10:20:25 +01:00
iglocska 79459838eb
chg: [user add] if no password was set, set a random one 
- can't be used so far as we have no emailing in place
- it allows user creation when username/password mode is disabled
 2022-02-25 00:31:19 +01:00
iglocska 828946a97f
new: [users] several changes 
- make usernames immutable
- restrict user creation to aligned individuals (org admin only)
- optionally create individual while creating a user
 2022-02-24 13:45:10 +01:00
iglocska 283299bf36
fix: [security] flood protection control enabled by default 
- as reported by Dawid Czarnecki from Zigrin Security
 2022-02-19 01:34:07 +01:00
iglocska b41b0dd712
fix: [security] privilege escalation via user edit fixed 
- org admins could circumvent the role restrictions and elevate themselves to a site admin

- as reported by Dawid Czarnecki from Zigrin Security
 2022-02-19 01:02:49 +01:00
iglocska d45a4dc499
new: [registration] added optional registration flood protection 
- As reported by Dawid Czarnecki from Zigrin Security
 2022-02-07 02:03:41 +01:00
iglocska 1ca0f21b86
chg: [user add] form defaults 
- org will default to own org for site admins
- role will default to the default role (if set)
 2022-01-27 21:54:59 +01:00
Sami Mokaddem 2e7aabf704
fix: [users:toggle] Prevent users to disable admins 2022-01-26 16:10:33 +01:00
Sami Mokaddem fcffad6777
fix: [users:delete] Typo copy paste error 2022-01-26 15:45:57 +01:00
Sami Mokaddem d05868106d
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop 2022-01-26 14:59:57 +01:00
iglocska f695744bd7
fix: [user view] ACL fixed 2022-01-26 14:57:01 +01:00
Sami Mokaddem 54ee91ba1a
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop 2022-01-26 12:11:53 +01:00
Sami Mokaddem f53b458103
fix: [userSettings] Allow admin to edit other user's settings 2022-01-26 12:11:44 +01:00
iglocska 55782af52b
fix: [users] add 
- fixed role selection
 2022-01-25 15:58:31 +01:00
Sami Mokaddem 44913c5ed7
fix: [users:settings] Allow admin to see account settings of other users 2022-01-25 15:27:34 +01:00
iglocska 57e2c75352
fix: [users] role based action filtering added 
- to avoid annoying clickable, but blocked actions for og admins
 2022-01-25 11:34:22 +01:00
iglocska f75d0829d1
fix: [user edit] fixed for non admins 2022-01-18 17:52:59 +01:00
iglocska ec994b05ed
chg: [user] edit restricted to password only for self 2022-01-18 00:20:53 +01:00
iglocska caf48c9060
fix: [ACL] proper error messages on user edit 
- don't just silently redirect to the own user editing if the user isn't authorised to modify another user
 2022-01-17 09:19:53 +01:00
iglocska 87723c2100
fix: [ACL] added correct file for previous fix (user edit admin permission check) 2022-01-12 10:32:47 +01:00
iglocska cc5c750de8
chg: [audit log] change field renamed to changed 
- change is a reserved keyword
- this way quoting of field names is no longer needed in the cakePHP settings
 2021-11-25 00:57:31 +01:00
iglocska 22e4a90af0
chg: [ACL] tightened ACL for several controllers 
- org admins now have access to new functionalities, added ACL for them
- Affected controllers:
  - Authkeys, encryptionkeys, users, sharinggroups
- sets defaults/restricts access accordingly
 2021-11-24 01:32:05 +01:00
iglocska 7b52d29320
new: [login] log success/failure 2021-11-17 15:49:28 +01:00
iglocska b6c3aee91f
fix: [settings] invalid path to setting fixed 2021-10-21 13:44:49 +02:00
Sami Mokaddem 370ae3438e
new: [user:registration] Added user self-registration feature 2021-10-20 22:29:23 +02:00
Sami Mokaddem 78180fa90f
new: [userSettings] Added complete support of user settings 
Including support of bookmarks, sidebar behavior and theming
 2021-10-18 13:28:26 +02:00
Sami Mokaddem 0d6e6aa7a4
chg: [userSettings] Initial version of template - WiP 2021-10-12 10:16:36 +02:00
Sami Mokaddem 39fdb8ec0d
new: [user-settings] Added user settings feature 2021-10-08 10:27:40 +02:00
iglocska 99a89977c8
Merge branch 'keycloak' into develop-unstable 2021-10-01 13:53:14 +02:00
iglocska f60e411af1
new [keycloak]: WiP user enrollment added 
- also moved the keycloak specific functionalities to a behaviour
- added new role permission (org admin)
 2021-10-01 13:19:26 +02:00
mokaddem b3c25f0cae new: [instance:search_all] Early work on search all feature 2021-09-10 11:55:54 +02:00
mokaddem 4e74da6163 fix: [controllers] Return data based on the CRUD component response 2021-06-29 16:15:05 +02:00
mokaddem 39c848202a chg: [users:index] Allow quick filters 2021-06-29 11:26:06 +02:00
mokaddem 4080654806 chg: [inboxProcessor] Renamed `RequestProcessors` into `InboxProcessors` 2021-06-18 11:09:19 +02:00
iglocska ef94ce147c
Merge branch 'main' into inbox 2021-06-01 14:37:29 +02:00
iglocska 2d4727770c
wip: initial connectors 2021-04-30 23:59:53 +02:00
mokaddem b52048c760 chg: [requestProcessor] Simplified genHTTPReply 2021-03-19 11:54:43 +01:00
mokaddem f3f73a475b chg: [requestProcessor] UI improvements and simplified creation of 
processors
 2021-03-18 14:01:14 +01:00
mokaddem 414ac9a59f chg: [requestProcessor] Refactoring code organisation 2021-03-18 08:51:11 +01:00