entrouvert
/
authentic
16
0
Fork 0
Code Issues Pull Requests 32 Releases Activity
5,498 Commits 187 Branches 448 Tags 29 MiB
Commit Graph

5498 Commits

Author SHA1 Message Date
Frédéric Péters 898105f7ed translation update 2021-03-04 21:29:42 +01:00
Frédéric Péters 902c862c6f trivial: fix typo in error message 2021-03-04 21:28:59 +01:00
Valentin Deniaud 4484b7cea8 tests: fix faulty email validator test (#51624) 2021-03-04 14:58:39 +01:00
Loïc Dachary 2048d0d004 ldap: redirect /password/change if it is about to expire (#51268) 
Fixes: #51268

License: MIT
 2021-03-04 12:12:15 +01:00
Loïc Dachary 409305831c ldap: fix misleading variable /timeBeforeExpiration/expiration_date/ (#51274) 
The timeBeforeExpiration obtained from ppolicy is the number of
seconds left until the password expires. Before it is inserted in the
error message it is translated into a date because it is easier to
internationalize. The variable name should be changed to reflect this
modification otherwise it will be misleading to translators.

Fixes: #51274

License: MIT
 2021-03-04 11:22:20 +01:00
Valentin Deniaud 2c6c03a9c8 misc: send password reset email even if disabled account (#20830) 2021-03-04 10:57:10 +01:00
Valentin Deniaud 1ae7ac6df7 misc: send password reset email even if no account (#47469) 2021-03-04 10:56:48 +01:00
Frédéric Péters 1192ec0901 translation update 2021-03-04 09:00:25 +01:00
Benjamin Dauvergne 5a534ec62a tests: simplify idp_oidc tests 2021-03-03 19:26:13 +01:00
Valentin Deniaud e2fa4ca689 journal: empty references qs should return no statistics (#49670) 2021-03-03 09:28:17 +01:00
Valentin Deniaud 2d803b4a91 api_views: only show filtering by OUs if relevant (#49670) 2021-03-03 09:28:17 +01:00
Valentin Deniaud dd3ed19adf statistics: allow filtering by users OU (#49670) 2021-03-03 09:28:17 +01:00
Valentin Deniaud c27792ecbe api_views: factorize code for stat decorator (#49670) 2021-03-03 09:28:17 +01:00
Valentin Deniaud 2f42606265 app_settings: enable login rate limiting by default (#50771) 2021-03-02 15:19:27 +01:00
Benjamin Dauvergne 8a543226bf custom_user: remove User's deleted field (#51452) 2021-03-01 18:17:22 +01:00
Benjamin Dauvergne 8e0f6d3cb7 misc: delete users synchronously (#51452) 2021-03-01 16:30:39 +01:00
Nicolas Roche 2bdd088d43 manager: add a column to display role is synced from ldap (#51120) 2021-03-01 10:27:55 +01:00
Valentin Deniaud 0225be797c saml: add missing **kwargs to method (#50747) 2021-03-01 09:52:37 +01:00
Valentin Deniaud 2089b889da utils: mention expression on condition validation error (#50016) 2021-03-01 09:51:54 +01:00
Valentin Deniaud 9a4ab69f22 ldap: differentiate errors during bind (#51353) 2021-03-01 09:51:20 +01:00
Valentin Deniaud 8df0d97988 custom_user: forbid special characters in names (#51194) 2021-03-01 09:49:33 +01:00
Valentin Deniaud 926aad5f72 manager: show missing role recap in csv import (#50166) 2021-03-01 09:48:15 +01:00
Valentin Deniaud e895bb0142 csv_import: add auto key column detection (#50157) 2021-03-01 09:46:58 +01:00
Valentin Deniaud 229582db81 csv_import: ignore empty role values (#50158) 2021-03-01 09:44:49 +01:00
Benjamin Dauvergne 143decb1ef auth_saml: user default user's queryset (#51454) 2021-03-01 09:30:01 +01:00
Serghei Mihai 3cdd9e7d29 ldap: log missing group dn when mapped to a role (#50928) 2021-03-01 09:05:46 +01:00
Benjamin Dauvergne ebd152fe86 api: ignore deleted users when using update/get_or_create (#51368) 2021-02-26 16:03:48 +01:00
Benjamin Dauvergne 49233873d4 api: do not mix get_queryset() and filter_queryset() (#51368) 2021-02-26 16:03:48 +01:00
Benjamin Dauvergne 562cb43476 misc: use non-autoescaping template render for email text bodies and subjects (#51374) 2021-02-24 22:57:33 +01:00
Benjamin Dauvergne 7b500fc32c auth_oidc: use SameSite=Lax (#51252) 2021-02-18 14:28:51 +01:00
Benjamin Dauvergne 06461f1be0 Jenkinsfile: test with django 2.2 on regular runs 2021-02-18 11:34:38 +01:00
Benjamin Dauvergne 8a01e56dc4 tox.ini: test with django 2.2 on regular runs 2021-02-18 10:52:04 +01:00
Benjamin Dauvergne 5a335bc526 translation update 2021-02-18 10:50:58 +01:00
Loïc Dachary 814e0192f3 ldap: optionally collects messages from ppolicy 
Enable PasswordPolicyControl[0] in authenticate() and log the
information it returns, on success or error. In the context of a
request, this information is also set as a message[1] to be displayed
to the user.

[0] https://github.com/python-ldap/python-ldap/blob/python-ldap-3.3.1/Lib/ldap/controls/ppolicy.py
[1] https://docs.djangoproject.com/en/3.1/ref/contrib/messages/

Fixes: #50959

License: MIT
 2021-02-16 18:37:44 +01:00
Valentin Deniaud 8efb3ee192 journal: ignore event referencing deleted service in statistics (#50987) 2021-02-16 17:39:59 +01:00
Loïc Dachary cc02a30b14 ldap: additional tests for the keep_password function (#50931) 
License: MIT
 2021-02-16 17:39:16 +01:00
Loïc Dachary 882ce5d930 doc: explain how to run all the tests (#50921) 
License: MIT
 2021-02-16 17:38:32 +01:00
Loïc Dachary 0e2117c0aa doc: run tests with code coverage (#50921) 
License: MIT
 2021-02-16 17:38:32 +01:00
Loïc Dachary 27c3efc615 doc: note about tests/test_ldap.py failing because of apparmor (#50921) 
License: MIT
 2021-02-16 17:38:32 +01:00
Loïc Dachary a2ccc2ca89 doc: instructions to setup a development environment (#50921) 
License: MIT
 2021-02-16 17:38:32 +01:00
Loïc Dachary 5b4cf3e75f doc: sphinx.ext.pngmath is now sphinx.ext.imgmath (#50921) 
License: MIT
 2021-02-16 17:38:32 +01:00
Serghei Mihai 4aa751a710 manager: display user deactivation date (#51112) 2021-02-16 11:12:52 +01:00
Serghei Mihai 3b12836e8b manager: use dedicated method to deactivate user (#51112) 2021-02-15 11:15:21 +01:00
Valentin Deniaud d412424788 utils: do not record login if simulated (#50975) 2021-02-15 09:44:19 +01:00
Serghei Mihai 46c977d498 custom_user: add field to store user deactivation time (#50966) 2021-02-09 19:38:05 +01:00
Benjamin Dauvergne 09d8a676f9 api: do not clobber HTTP verb methods in viewsets (#50919) 2021-02-08 16:12:07 +01:00
Benjamin Dauvergne 7514632fe6 auth_oidc: enforce SameSite=Lax on the state cookie (#48347) 
SameSite=Lax is needed for the cookie to be sent by the browser during
redirection chain from the provider. We could just depend on the fact
that cookie without SameSite are Lax by default, but it's better to be
explicit.
 2021-02-08 16:00:04 +01:00
Benjamin Dauvergne 2eeb1c6067 ldap: removed unused setting group_dn_template (#50922) 2021-02-08 15:59:19 +01:00
Benjamin Dauvergne 8e0f0b69b0 ldap: add group_basedn to _DEFAULTS (#50922) 2021-02-08 15:59:19 +01:00
Benjamin Dauvergne 69254370cb ldap: transition to lowercase dn from case mixed in sessions (#50908) 2021-02-05 18:48:42 +01:00