bbefca71e5
profile: add hasAvatar
2025-12-10 18:57:02 +01:00
02fd52e366
Remove any deleted group and user from operators and accessRestriction
...
part of #857
2025-10-20 16:51:23 +02:00
43e426ab9f
Revert "Add no-use-before-define linter rule"
...
This reverts commit fdcc5d68a2
2025-10-08 21:17:52 +02:00
a6355e1945
remove spammy log
2025-10-03 11:49:40 +02:00
5dd5a20fc1
code -> sqlCode
2025-09-29 12:18:26 +02:00
942e595444
Fix profile test
2025-08-14 16:02:54 +05:30
12e073e8cf
use node: prefix for requires
...
mostly because code is being autogenerated by all the AI stuff using
this prefix. it's also used in the stack trace.
2025-08-14 12:55:35 +05:30
3ea9192f79
Validate user account input during account setup
2025-08-08 10:07:14 +02:00
e390a56f05
users: ensure all user objects have groupIds
...
this prevents ldap/sftp code from detecting user groups
and thus fails to detect membership of a user via operator groups.
2025-08-07 12:32:21 +02:00
c184f1e42e
mailer: handle error at the caller instead
...
the send test email logic breaks if we disable throwing error in send
2025-08-06 10:18:09 +02:00
cbc73f5c9a
remove uuid module
...
built into node.js now
2025-07-28 12:54:09 +02:00
622aecfd6d
users: add unset route for avatar
...
also add missing tests for avatar and profile locking
2025-07-15 10:06:26 +02:00
22e23e1e65
auth: add logs when auth fails or succeeds
2025-07-11 18:14:27 +02:00
6ac0cd421a
use the @cloudron/superagent module
2025-07-10 10:56:05 +02:00
1672217dd9
replace mysql module with mysql2
...
mysql is deprecated since years now
2025-06-19 12:41:49 +02:00
f48231e309
oidc: do not notify login of ghost users
2025-06-12 00:25:28 +02:00
d112d6308c
move tokens.ID_ into oidcClients.ID_
2025-06-12 00:25:28 +02:00
8fc9685a1b
test: make it work again
2025-06-11 15:14:15 +02:00
af75060001
Reimplement fallback email dialog
2025-06-11 10:22:09 +02:00
a93c85ebc9
profile: drop gravatar support
...
gravatar is owned by an external entity (Automattic) and we have an
unnecessary dep to this service. users can just upload a profile pic
2025-06-08 18:12:40 +02:00
5342dae5b3
tokens: add ip restriction
2025-03-07 17:50:50 +01:00
f0848e23c7
replace validator module
2025-03-07 12:32:50 +01:00
8e58349bfa
replace with custom superagent based on fetch API
2025-02-15 15:14:09 +01:00
5459a540e7
users: do nothing when nothing to update
2025-02-13 17:28:10 +01:00
dd5e4adc73
replace underscore with our own
...
we only need like 5 simple functions
2025-02-13 14:14:34 +01:00
b43fa38350
username: only ending with .app is reserved
2025-01-25 16:03:19 +01:00
47729e3e43
notifications: add update failure in defaults
2025-01-24 18:51:04 +01:00
701c25d07a
notifications: add back app down and app oom mails
2024-12-11 20:56:15 +01:00
6004cd17bf
notifications: per user email prefs
2024-12-11 19:12:20 +01:00
3b9d617e37
groups: add events to eventlog
2024-12-04 11:30:30 +01:00
61341b8380
boxerror: always pass second error string
2024-10-30 17:32:12 +01:00
bcf497b460
translation.js -> translations.js
...
kept confusing my why i can't find this file! this is in line
with the rest of our code
2024-07-05 12:45:27 +02:00
649c06b641
notification: do not send login notification for external users
2024-06-13 16:55:35 +02:00
b4e7e394c3
split routes and model code into user-directory.js
2024-06-12 10:49:01 +02:00
e1f87161a8
mandatory 2fa: revoke oidc sessions of non-2fa users
2024-06-12 10:16:49 +02:00
9054f30aef
lint
2024-05-25 13:42:44 +02:00
126587ba82
lint: constness
2024-04-26 20:09:36 +02:00
6525504923
profile: store preferred language in the database
2024-02-26 13:30:35 +01:00
8a63f0368e
Fix parsing of displayName
...
Currently, we only have one field for the name. The first part is
first name. The rest is last name. Obviously, this won't work in all
cases but is the best we can do for the moment.
2024-02-06 16:53:03 +01:00
c8b997f732
Always send an image as avatar
2024-01-29 13:21:19 +01:00
4f0bbcc73b
externaldap: 2fa validation for supported sources
...
a request to verify password to externaldap.js logic can come from
* cloudron app (via ldapserver.js)
* dashboard (via oidc.js) or proxy auth (proxyauth.js) or CLI (accesscontrol.js)
the only supported source is the 'cloudron' provider at this point
2024-01-22 21:35:19 +01:00
13b9bed48b
externalldap: when using cloudron source, disable local 2fa setup
2024-01-20 12:44:19 +01:00
c99c24b3bd
users: cannot update profile fields of external user
2024-01-20 11:23:35 +01:00
63766dd10f
do not send email reset for external users
2024-01-13 21:37:02 +01:00
46a589f794
Use BAD_STATE consistently for demo mode
2024-01-13 21:15:41 +01:00
40c82b3e48
external directory: reset auth source when disabled
...
this allows existing users to login (including the owner itself)
The alternative is to have some system where we have unique superadmin users across cloudrons which don’t get trampled upon by a sync. This is a bit unrealistic. For the future, we could also design this such that ldap auth is asked for in the initial step i.e at superadmin creation time.
If LDAP connection is lost/down, user can always use 'cloudron-support —owner-login'
2024-01-13 11:51:12 +01:00
5b7667fa4d
external ldap: ensure dashboard login does totp check
2024-01-08 11:55:35 +01:00
053f81a53e
externalldap: add tests
2024-01-07 22:04:22 +01:00
eee49a8291
move dashboard setting into dashboard.js
2023-08-11 21:04:10 +05:30
67ee82abb9
remove settings.dashboardOrigin
2023-08-04 22:10:14 +05:30
Girish Ramakrishnan