eb95c44528
Merge pull request #151 from righel/fix-test-action
...
fix: fix test workflow action
2023-09-14 16:16:55 +02:00
672847b214
chg: [users:acl] Improved waterfall model for CRUD operation and updated UI to reflect them
2023-09-13 09:15:16 +02:00
b0ebe774b6
fix: [ACL] group admins can view users in their group
2023-09-13 07:18:29 +02:00
e64f4c341f
fix: [acl:canEditUser] Typo in table name
2023-09-12 15:01:22 +02:00
b2df8192f7
fix: [OrgGroups:checkIfGroupAdmin] Consider site_admins as group admin
2023-09-12 14:31:03 +02:00
d2cb072ce6
chg: [ui] Improved reflection of ACL logic in the UI for OrgGroups, Organisations and individuals.
2023-09-12 14:11:15 +02:00
c124ebc0d8
fix: [ACL] fixes
2023-09-12 11:08:46 +02:00
e3f8c38dcd
fix: [org admins] should be able to edit the org
2023-09-12 10:54:06 +02:00
69b653dd59
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2023-09-12 09:27:57 +02:00
16a4a1cde5
new: [org Groups] added
...
- Org Groups allow user co-management of sub communities
- Create an org group with a set of organisations
- assign administrators to an org group
- org group admins can modify users of the group
2023-09-12 09:26:07 +02:00
8b4b47775c
chg: [alignments:acl] Reflected ACL logic from individuals to alignments
2023-09-08 09:11:52 +02:00
5aefc37837
chg: [users:edit] Allow users to self edit
2023-09-07 16:11:47 +02:00
08d2e193dd
chg: [user-settings:edit] Prevent assigning a setting to another user
2023-09-07 15:14:26 +02:00
01356824a2
chg: [navigation:tags] Updated UI to reflect users' permissions
2023-09-06 10:42:08 +02:00
bde01882d9
fix: [navigation:CRUDAction-auditlogs] Make ordering by created field unambigous and hide audit button to non-admin users
2023-09-06 10:17:06 +02:00
7377e77204
chg: [navigation:individuals] Only show edit and deletion buttons if users are allowed to do it
2023-09-06 09:48:16 +02:00
e7e5c0aebd
chg: [ACL:tags] Relaxed ACL on tags for index and view pages.
...
FIXME: Adapt changes in the UI to hide add/edit buttons and add link to the sidebar
2023-09-05 10:56:48 +02:00
9e18f4f0bb
chg: [ACL:individual/add] Allow `org-admin`s to create new individuals
2023-09-05 10:49:23 +02:00
883f0eb44a
fix: [userSettings:add] Aded check to avoid duplicated setting for the same user
2023-09-05 10:46:25 +02:00
a3c23f46d5
fix: [mailinglist:ACL] Fixed bug in ACL check for access
2023-09-05 10:33:08 +02:00
3e5ae5271e
chg: [misisng] change
2023-09-04 15:23:21 +02:00
78152a884a
Merge branch 'main' into develop
2023-09-04 15:22:42 +02:00
279c69c510
fix: [userSettings:edit] Correctly pre-select user to be edited
2023-09-04 09:34:44 +02:00
1ea7c796ac
chg: [component:CRUD] Include meta-fields in REST queries and clever pagination support for REST queries
2023-08-29 14:57:48 +02:00
8e616180ba
fix: [security] user settings editable by arbitrary user fixed
...
- as reported by Infigo on behalf of ENISA
2023-08-23 15:08:23 +02:00
d7bf8af5b1
fix: [internal] user add fix attempt #2
2023-06-28 15:01:26 +02:00
82bf3a74c1
chg: [internal] fetch first role if no default is set
2023-06-28 14:59:31 +02:00
52e8a5c6a6
new: [enumerations] added enumerations system
...
- for string entry fields, simply add lists of values to convert the text entry for values
- helps with maintaining accurate lists
- currently the fields that are valid targets are organisations.nationality, organisations.sector, organisations.type
2023-05-26 16:13:52 +02:00
41749ae5a8
fix: [users] added the country information to the index / view
2023-05-25 16:22:49 +02:00
7a8eb6ba50
chg: [CRUD] allow for sorting on related model fields
...
- some hacks to resolve issues with sorting on related fields
2023-05-25 16:11:21 +02:00
9b7c693bb9
fix: fix some deprecation notices in 8.2
2023-04-06 17:59:22 +02:00
5f1c99cd53
fix: [security] blind SQL injection in searchAll
...
- As reported by Zigrin Security
2023-03-25 09:23:45 +01:00
c2e9fd3b75
chg: [meta-template:index] Added link to metaTemplateNameDirectory
2023-03-13 11:38:32 +01:00
47bebe5b68
chg: [metaTemplate:update] Gracefully handle case when template on disk is not readable
2023-03-13 11:37:58 +01:00
acb66ac4a0
fix: [individuals:delete] Gracefully catches deletion of individuals associated to a user
2023-03-13 08:05:32 +01:00
3ca6b68429
fix: [acl:metaTemplate] Added missing entry
2023-02-27 12:17:04 +01:00
6fc568e80e
new: [metaTemplateNameDirectory] Added index to see the known template and their associated saved meta-templates
2023-02-27 12:16:36 +01:00
ce8a7ba1be
fix: [individuals:canEdit] Changed function from public to private
2023-02-27 12:14:13 +01:00
59f8608d50
new: [user:permissionLimitation] Added current permission status while in `add` or `edit` context
...
Also moved the notification key from meta-fields to meta-template-fields
2023-02-24 15:22:18 +01:00
aead79a4c3
chg: [component:CRUD] Added `afterFind` support in add
2023-02-24 15:20:29 +01:00
fda8aa5866
chg: [component:CRUD] Include meta-template before calling `afterFind`
2023-02-24 14:57:40 +01:00
af8f1e9e74
chg: [tags:org/individual] Relaxed ACL on tagging
...
- Before only `site_admin` could add tags.
- Now `org_admins` can add tags for their orgs and individuals
- Regular users can self manage their own individual tag
2023-02-24 11:17:55 +01:00
c148b0993a
chg: [encryptionKeys:beforeSave] Updated ACL to disable management of keys for regular orgs
2023-02-24 10:35:25 +01:00
1620fd3e59
chg: [encryptionKey] Made key searchable with substring strategy
2023-02-24 10:31:33 +01:00
487670e522
chg: [authkeys:add] Select logged-in user by default
2023-02-23 14:57:58 +01:00
7ccf925247
security: [authkey:add] Restrict creation of API keys for users in the same org and for other org_admins
2023-02-23 14:57:42 +01:00
e9056a7b4c
chg: [audit:filter] Made request_action a multiple search
2023-02-23 13:04:33 +01:00
4d4642770f
new: [crud:filter] Added support of IN searches using dropdown
2023-02-23 12:55:18 +01:00
fdd876b1b2
new: [component:CRUD] Added support of IN condition when filtering index
2023-02-23 11:40:07 +01:00
0b2f7c31b2
Merge branch 'develop-unstable' into develop
2023-02-21 13:54:13 +01:00
Luciano Righetti