jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
6,718 Commits 33 Branches 583 Tags
1a83281e1618d3e0933e7bcff0645c38bec8a04c
Commit Graph

63 Commits

Author SHA1 Message Date
Girish Ramakrishnan 240ee5f563 Ensure we hand out max user.scope 
The token.scope was valid at token creation time. The user's scope
could since have changed (maybe we got kicked out of a group).
 2018-04-30 22:51:57 -07:00
Girish Ramakrishnan 4fd58fb46b Rename user.js to users.js 2018-04-29 11:19:04 -07:00
Girish Ramakrishnan 7549b3e837 enhance user creation API to take a password 2018-04-26 14:13:40 -07:00
Johannes Zellner 87fedb71b7 Use shared function to remove private user fields for api 2018-03-02 11:24:27 +01:00
Girish Ramakrishnan 67eb7a290f Fix mail domain route 2018-01-25 13:40:02 -08:00
Johannes Zellner aab175ea05 Remove alias handling from user logic to mail logic 2018-01-25 18:03:26 +01:00
Johannes Zellner 48d557b242 Replace alternateEmail with fallbackEmail 2018-01-21 14:50:24 +01:00
Johannes Zellner 1e8aa209b1 Add fallbackEmail to user data model 2018-01-21 14:25:39 +01:00
Girish Ramakrishnan 8ae65661dd redact the password so it is never displayed in logs 2017-05-05 15:36:47 -07:00
Girish Ramakrishnan 7efb6d60bc Allow usernames and groupnames of length 1 
Fixes #204
 2017-02-02 01:02:51 -08:00
Girish Ramakrishnan 1c22cb8443 Pass invitor object when reinviting user 2016-10-13 15:57:58 -07:00
Johannes Zellner 58b5613c6b Send alternateEmail with profile and user rest api 2016-09-28 11:08:11 +02:00
Girish Ramakrishnan 49baad349c remove mailbox routes and move it to users 2016-09-23 15:45:40 -07:00
Girish Ramakrishnan 9a000ddaf0 make ADMIN_GROUP_ID a constant 2016-09-20 15:07:11 -07:00
Girish Ramakrishnan 61ef3f3efb disallow certain actions in demo mode 
* Cannot change password
* Cannot delete user
* Cannot migrate domain or change plan

Fixes #20
 2016-08-31 22:39:42 -07:00
Johannes Zellner 3e0006a327 Allow tokens with SCOPE_ROLE_SDK through without a password 2016-06-03 11:10:59 +02:00
Johannes Zellner e335aa5dee Check for sdk token instead of token type DEV 2016-06-03 10:17:52 +02:00
Girish Ramakrishnan 036740f97b filter out correct fields in the route code 2016-06-03 00:04:17 -07:00
Girish Ramakrishnan f4958d936c return groupIds in get user route 2016-06-03 00:00:11 -07:00
Girish Ramakrishnan 80ca69a128 user.update does not need the user object 2016-06-02 23:53:06 -07:00
Girish Ramakrishnan 097d23c412 move logic to model code 2016-06-02 23:29:43 -07:00
Girish Ramakrishnan e9e9d6000d remove token check for user.update to work with dev tokens 2016-06-02 11:29:59 -07:00
Johannes Zellner bdd14022d6 Report user conflict message all the way through the rest routes 2016-06-02 15:41:07 +02:00
Girish Ramakrishnan 82cd215ffa merge bad fields and pass error.message correctly in REST responses 2016-06-02 00:12:21 -07:00
Girish Ramakrishnan 9cc6cb56f7 fix error message 2016-06-01 19:38:42 -07:00
Girish Ramakrishnan f763759008 return empty groupIds 2016-05-31 11:49:59 -07:00
Girish Ramakrishnan 1f31fe6f8f make user.remove and user.update add eventlog 2016-05-01 20:11:11 -07:00
Girish Ramakrishnan 37bdd2672b make user.create take auditSource 2016-05-01 20:01:34 -07:00
Girish Ramakrishnan 3d50a251ee store email in USER_ADD event 2016-04-30 20:25:20 -07:00
Girish Ramakrishnan 71219c6af7 add eventlog hooks 2016-04-30 14:05:19 -07:00
Girish Ramakrishnan c511019d79 remove jslint hint 2016-04-30 11:53:46 -07:00
Johannes Zellner 18f3733d6e Simplify the password change logic 
We now can use verifyPassword and this makes
user.changePassword() route obsolete
 2016-04-17 19:17:03 +02:00
Johannes Zellner 69f3620b22 remove unused user route functions 2016-04-17 18:27:11 +02:00
Girish Ramakrishnan c24d7e7b3c do not crash on duplicate email 2016-04-13 14:47:35 -07:00
Girish Ramakrishnan 275d8c2121 fix user create response 2016-04-06 10:20:32 -07:00
Johannes Zellner b205212bf2 Explicitly verifyWithUsername() and offer a verify() userId based 2016-04-05 16:27:04 +02:00
Johannes Zellner 65c6806109 Send full user information on deletion, not just the uuid 2016-04-05 09:28:41 +02:00
Johannes Zellner e4fabd20c1 Do not require a username to be present when creating a user 2016-04-05 09:27:32 +02:00
Johannes Zellner fcfd1dceac Deliver the resetToken when an invite was sent 2016-04-04 18:41:51 +02:00
Johannes Zellner 160467e199 Do not require password for user profile changes 2016-02-25 14:03:42 +01:00
Johannes Zellner 4f7fd9177c Allow user details only for the same user or admins 2016-02-25 13:44:53 +01:00
Johannes Zellner 63013c7297 Just check for .admin flag in the user object 2016-02-25 11:42:25 +01:00
Johannes Zellner ecf7575dd3 UserError.NOT_ALLOWED is not unused 2016-02-11 11:32:48 +01:00
Johannes Zellner 5fce9c8d1f Do not allow an admin remove itself from admins group 2016-02-11 11:29:04 +01:00
Johannes Zellner 163ceef527 Remove the admin toggle route 2016-02-11 11:26:35 +01:00
Johannes Zellner 7fc37b7c70 Allow admins to edit other users 2016-02-10 14:48:54 +01:00
Johannes Zellner 8c73a7c7c2 Send admin flag with user profile 2016-02-10 13:35:16 +01:00
Girish Ramakrishnan f413bfb3a0 Add route to set the users groups 2016-02-09 16:43:32 -08:00
girish@cloudron.io e752949752 make all tests work after group changes 2016-02-09 11:29:32 -08:00
girish@cloudron.io f6541720c4 pass owner flag in createUser 2016-02-08 21:05:02 -08:00