Benjamin Dauvergne
863ff010d4
update minimum dependencies versions
2015-08-06 09:53:55 +02:00
Benjamin Dauvergne
6e9de8148c
a2_rbac: expose more fields of the OrganizationalUnit model in admin ( fixes #7886 )
2015-08-06 09:53:55 +02:00
Benjamin Dauvergne
0bb88003fb
use a special logger to make DEBUG log activation dynamic ( fixes #8028 )
...
Adds a new logger called DjangoLogger which check if the level is a
SettingsLogLevel object, in this case it checks a Django setting to
known if it should return DEBUG intead of the default log level.
The authentic2.logger module must be imported before using the logging
module so that all created logger use our new class. To achieve that
import is done in authentic2-ctl and wsgi.py which are the entrypoints
for authentic2.
2015-08-06 09:49:04 +02:00
Benjamin Dauvergne
dd35877002
manager: improve test on user creations ( #7861 )
2015-07-19 00:54:31 +02:00
Benjamin Dauvergne
7cd1455acf
manager: remove disabledness of the entity field in user creation form for superusers ( fixes #7861 )
...
It also fixes usability problems for administrator of one or many entities.
2015-07-19 00:53:42 +02:00
Benjamin Dauvergne
1b5a1d28d1
authentic2_idp_cas: accept URL without the trailing slashes to conform to the specification ( fixes #7822 )
2015-07-15 13:16:41 +02:00
Benjamin Dauvergne
8d6b0aacd3
Move check of SAML2 settings in the a2.idp.saml package
2015-07-15 12:39:20 +02:00
Benjamin Dauvergne
a166dc3d8f
make tox run tests of new application authentic2_provisionning_ldap ( #6596 )
2015-07-15 12:39:09 +02:00
Benjamin Dauvergne
1f087fb930
add new application authentic2_provisionning_ldap ( fixes #6596 )
...
Goal is to allow synchronizing users from the authentic2 db to an LDAP
directory. The application also contain helper class to do unittest
against an OpenLDAP server, for this OpenLDAP must be installed on your
computer.
2015-07-15 12:39:03 +02:00
Benjamin Dauvergne
deac10b152
utils: add a helper function to convert a dictionnary of list into a dictionnary of sets ( #6596 )
...
It helps for comparing dictionnaries of values, for example with LDAP.
2015-07-15 12:39:01 +02:00
Benjamin Dauvergne
ea1b2969d2
utils: add helper function to lowercase the keys of a dictionnary ( #6596 )
2015-07-15 12:38:59 +02:00
Benjamin Dauvergne
a0068d2331
utils: add an helper function to cut an iterable as batch iterable of fixed sizes ( #6596 )
2015-07-15 12:38:58 +02:00
Benjamin Dauvergne
9d85cf59b6
attributes_ng: lower level of log to debug when topological sort fails ( #6596 )
...
When a dependency is absent the topological sort cannot succeed.
2015-07-15 12:38:44 +02:00
Benjamin Dauvergne
66629fa7e9
django_rbac: augment timeout for massive role parenting test
2015-07-13 10:57:56 +02:00
Benjamin Dauvergne
3d4e76c5a4
manager: do not clobber the json module with the json decorator
2015-07-08 13:43:43 +02:00
Benjamin Dauvergne
63de63e97b
add missing migrations
2015-07-08 13:38:00 +02:00
Benjamin Dauvergne
0d7af4c8ce
templates: test if add_to_blocks exist in the renderblock templatetag ( fixes #7809 )
...
It makes the renderblock template tag not fail when addtoblock has never been
called.
2015-07-08 12:36:05 +02:00
Benjamin Dauvergne
5ed1397b91
api_views: add a user API endpoint ( fixes #7806 )
...
The endpoint supports JSON with CORS or JSONP with Referer validation.
Browser or proxy not sending Referer headers will be forbidden to access
the view. Cross-origin check are disabled when DEBUG=True. It also means
that just viewing it in you browser is forbidden (as the browser will
not send the Referer or Origin header).
2015-07-08 12:36:05 +02:00
Benjamin Dauvergne
a5a58a1551
manager: use new json decorator on menu_json ( #7805 )
2015-07-08 12:36:05 +02:00
Benjamin Dauvergne
fdbb3eb878
add support for CORS request by JSON or JSONP ( fixes #7805 )
...
JSONP is checked against the Referer header and JSON against the Origin
header.
2015-07-08 12:36:05 +02:00
Benjamin Dauvergne
1fd9f509e7
decorators: add SessionCache decorator to cache function's values in session ( fixes #7808 )
2015-07-08 12:32:27 +02:00
Benjamin Dauvergne
e82c73f8ea
decorators: allow cache decorators to vary the key on a subset of args or kwargs ( fixes #7807 )
2015-07-08 11:56:54 +02:00
Benjamin Dauvergne
6e5d15e354
update translations
2015-07-07 17:28:52 +02:00
Benjamin Dauvergne
9899d2a765
a2_rbac: do not create management roles for the Service content type ( fixes #7803 )
...
The service management does not provide any functionnality not already
provided by the role management views, so we will hide for now.
2015-07-07 17:28:41 +02:00
Benjamin Dauvergne
31a9ac2fca
a2_rbac: move connection of post_migrate_update_rbac in the management module ( fixes #7802 )
...
django.contrib.contenttypes post migrate handler is connected in its
management module, which make it run always after the
post_migrate_update_rbac which need ContentType objects to have been
initialized.
2015-07-07 17:28:41 +02:00
Benjamin Dauvergne
e3a7b20241
django_rbac: use assertLess to compare timings ( #7747 )
2015-07-07 17:28:41 +02:00
Benjamin Dauvergne
3536904a67
a2_rbac: initialize management roles with their translated name ( fixes #7801 )
...
Currently content type related management roles are not translated (they
used gettext instead of ugettext_lazy in the dictionnary defining
content types and their role names).
2015-07-07 17:28:41 +02:00
Benjamin Dauvergne
37148ef6db
manager: improve stylesheet for dialog boxes ( fixes #7800 )
...
- new rule to set width of input and select widget in dialog boxes
- reset font-family and font-size to pass over jquery-ui theme
2015-07-07 17:28:41 +02:00
Benjamin Dauvergne
ff649b5839
manager: improve user's experience when there is 1 OU ( fixes #7788 )
...
- hide the OU column
- select the first OU (it also improves the case of OU administrators)
- set the OU selector to readonly and disabled
- remove OU selectors from search forms
2015-07-07 17:28:41 +02:00
Benjamin Dauvergne
22dff1dd9f
update translations ( #7787 )
2015-07-07 17:28:41 +02:00
Benjamin Dauvergne
910dfdee41
a2_rbac: do not create OU management roles when there is less than 2 OUs ( fixes #7793 )
2015-07-07 17:28:41 +02:00
Benjamin Dauvergne
553887fd61
a2_rbac: allow limiting permissions of OU managers ( fixes #7787 )
...
A new setting is added named A2_RBAC_MANAGED_CONTENT_TYPES, it
is a list of pairs of (app, model_name) which specify which object
permissions should be created and associated to the super-user role.
A new global super-user role is also added by this patch.
If A2_RBAC_MANAGED_CONTENT_TYPES is None (the default value), roles
sub-roles are created for each registered contents (currently user,
roles, organizational units, and services). If
A2_RBAC_MANAGED_CONTENT_TYPES is the empty tuple, no role is created
at all.
To limit permissionsto users and roles, set:
A2_RBAC_MANAGED_CONTENT_TYPES = (
('custom_user', 'user'),
('a2_rbac', 'role')
)
2015-07-07 17:28:41 +02:00
Benjamin Dauvergne
58c5fec447
manager: override the authorize() method in BaseDeleteView ( fixes #7792 )
2015-07-07 17:28:41 +02:00
Benjamin Dauvergne
c22f34cca4
manager: add permission restriction to all service's roles view and all role members and administrators views ( fixes #7758 )
2015-07-07 17:28:41 +02:00
Benjamin Dauvergne
5b4a23f7c6
a2_rbac: pep8ness
2015-07-07 17:28:41 +02:00
Benjamin Dauvergne
ff6ca45868
a2_rbac: give view user permissions to role administrators ( fixes #7759 )
...
The permission is scoped if the role is scoped.
2015-07-07 17:28:41 +02:00
Benjamin Dauvergne
e7ceeecf89
a2_rbac: allow specifying extra permissions when building an admin role ( #7759 )
2015-07-07 17:28:41 +02:00
Benjamin Dauvergne
113d6457cb
manager: show role's service in the role search field ( fixes #7761 )
...
We could also show the organizational unit, but for now we will just
show the service.
2015-07-07 17:28:41 +02:00
Benjamin Dauvergne
078b4a72b3
Add a warning when using default SAML certificates ( fixes #6976 )
2015-07-07 17:28:41 +02:00
Benjamin Dauvergne
e24e8e1265
a2_rbac: fix missing definition of Permission ( fixes #7791 )
2015-07-07 17:28:41 +02:00
Benjamin Dauvergne
99940156c4
django_rbac: add scope to Permission unicode value ( fixes #7799 )
...
It helps debugging.
2015-07-07 17:28:41 +02:00
Benjamin Dauvergne
f43b75476f
django_rbac: rename Permission.role related manager to .roles ( #7799 )
2015-07-07 17:28:38 +02:00
Benjamin Dauvergne
3617c3b446
django_rbac: add a proper hierarchy between operations ( #7799 )
...
admin imply all other operations, add, change and delete imply view.
2015-07-07 17:28:35 +02:00
Benjamin Dauvergne
c482c50757
django_rbac: fix hiding of exceptions by decorator defer_update_transitive_closure ( fixes #7790 )
2015-07-07 17:16:07 +02:00
Benjamin Dauvergne
0b89a8e609
Fix wrong count in tests update in 918c5d19d
2015-07-03 15:08:28 +02:00
Benjamin Dauvergne
634635d93d
Add missing template ( #7741 )
2015-07-03 15:07:51 +02:00
Benjamin Dauvergne
918c5d19d4
tests: fix to comply with a9233953
and cd6b32295
...
- GlobalCache decorator with vary by hostname is inactive in non request
context
- password reset now show an intermediate page when redirecting to
another domain, with a message for the user
2015-07-03 13:33:05 +02:00
Benjamin Dauvergne
2a59a7b1a0
update translations
2015-07-03 12:01:17 +02:00
Benjamin Dauvergne
5b01578256
update translation ( fixes #7750 )
2015-07-03 11:53:46 +02:00
Benjamin Dauvergne
7db3c07704
utils: in login() store the user last login in session ( #7750 )
...
We have to store it in the session before auth_login() overwrite it if
we want to show it in the template.
2015-07-03 11:53:46 +02:00