jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
16,066 Commits 33 Branches 583 Tags
36887abf884dfc8ca037f9766ec6a5c25f0ec09f
Commit Graph

182 Commits

Author SHA1 Message Date
Girish Ramakrishnan
126587ba82 lint: constness 2024-04-26 20:09:36 +02:00
Girish Ramakrishnan
6525504923 profile: store preferred language in the database 2024-02-26 13:30:35 +01:00
Girish Ramakrishnan
8a63f0368e Fix parsing of displayName 
Currently, we only have one field for the name. The first part is
first name. The rest is last name. Obviously, this won't work in all
cases but is the best we can do for the moment.
 2024-02-06 16:53:03 +01:00
Johannes Zellner
c8b997f732 Always send an image as avatar 2024-01-29 13:21:19 +01:00
Girish Ramakrishnan
4f0bbcc73b externaldap: 2fa validation for supported sources 
a request to verify password to externaldap.js logic can come from
* cloudron app (via ldapserver.js)
* dashboard (via oidc.js) or proxy auth (proxyauth.js) or CLI (accesscontrol.js)

the only supported source is the 'cloudron' provider at this point
 2024-01-22 21:35:19 +01:00
Girish Ramakrishnan
13b9bed48b externalldap: when using cloudron source, disable local 2fa setup 2024-01-20 12:44:19 +01:00
Girish Ramakrishnan
c99c24b3bd users: cannot update profile fields of external user 2024-01-20 11:23:35 +01:00
Girish Ramakrishnan
63766dd10f do not send email reset for external users 2024-01-13 21:37:02 +01:00
Girish Ramakrishnan
46a589f794 Use BAD_STATE consistently for demo mode 2024-01-13 21:15:41 +01:00
Girish Ramakrishnan
40c82b3e48 external directory: reset auth source when disabled 
this allows existing users to login (including the owner itself)

The alternative is to have some system where we have unique superadmin users across cloudrons which don’t get trampled upon by a sync. This is a bit unrealistic. For the future, we could also design this such that ldap auth is asked for in the initial step i.e at superadmin creation time.

If LDAP connection is lost/down, user can always use 'cloudron-support —owner-login'
 2024-01-13 11:51:12 +01:00
Girish Ramakrishnan
5b7667fa4d external ldap: ensure dashboard login does totp check 2024-01-08 11:55:35 +01:00
Girish Ramakrishnan
053f81a53e externalldap: add tests 2024-01-07 22:04:22 +01:00
Girish Ramakrishnan
eee49a8291 move dashboard setting into dashboard.js 2023-08-11 21:04:10 +05:30
Girish Ramakrishnan
67ee82abb9 remove settings.dashboardOrigin 2023-08-04 22:10:14 +05:30
Girish Ramakrishnan
6aad89ae6e demo is just a constant, not a setting 2023-08-04 14:13:30 +05:30
Girish Ramakrishnan
bbc6ba1a35 settings: move service setting into services.js 
this also introduces getJson/setJson
 2023-08-03 11:50:00 +05:30
Girish Ramakrishnan
d12e6ee2b3 settings: make user_directory setting route 2023-08-03 08:29:12 +05:30
Johannes Zellner
9d3fa94960 Add separate password reset view 2023-06-15 16:34:58 +02:00
Girish Ramakrishnan
e6ba2a6e7a replace usage of _.extend with Object.assign 2023-05-25 11:45:14 +02:00
Girish Ramakrishnan
c4f4f3e914 logs: use %o to format error 
otherwise, they are printed as multi-line and this messes up tail+date formatting
 2023-04-16 10:49:59 +02:00
Girish Ramakrishnan
53e9eccf72 unify totp check 
the totp check is done in several places causing errors like 3552232e99

* ldap (addon)
* accesscontrol (dashboard)
* proxyauth
* directoryserver (exposed ldap)
* externalldap (the connector)

The code also makes externalldap auto-create work now across all the cases where there is a username
 2023-03-12 16:01:12 +01:00
Girish Ramakrishnan
e9eeab074a Clarify error message further 2022-11-10 13:50:28 +01:00
Girish Ramakrishnan
3477cf474f security: do not password reset mail to cloudron owned mail domain 
https://forum.cloudron.io/topic/7951/privilege-escalation-through-mail-manager-role
 2022-11-10 12:59:03 +01:00
Johannes Zellner
a2a60ff426 Add support for LDAP cn=...+totptoken=.. support 2022-08-02 15:27:34 +02:00
Johannes Zellner
f3c66056b5 Allow to unset background image 2022-05-17 13:17:05 +02:00
Johannes Zellner
6bd478b8b0 Add profile backgroundImage api 2022-05-15 12:08:11 +02:00
Girish Ramakrishnan
a3e097d541 add missing awaits for eventlog.add 2022-02-24 20:04:46 -08:00
Girish Ramakrishnan
ba5c2f623c remove supererror, not really used 2022-02-21 17:34:51 -08:00
Girish Ramakrishnan
26a8738b21 make user listing return non-private fields 
this was from a time when normal users could install apps
 2022-02-16 21:22:38 -08:00
Girish Ramakrishnan
85964676fa Fix location conflict error message 2022-02-07 16:09:43 -08:00
Johannes Zellner
d5481342ed Add ability to filter users by state 2022-02-07 17:18:13 +01:00
Girish Ramakrishnan
97e439f8a3 more profileConfig rename 2022-01-13 16:49:06 -08:00
Girish Ramakrishnan
4513b6de70 add a way for admins to set username when profiles are locked 2022-01-12 16:21:00 -08:00
Johannes Zellner
7117c17777 Add exposed ldap tests 2021-12-23 21:31:48 +01:00
Girish Ramakrishnan
e5fecdaabf Add mail manager role 
part of #807
 2021-12-02 09:24:09 -08:00
Johannes Zellner
37f066f2b0 Fix user signup when profile is locked and add tests 2021-11-22 20:42:51 +01:00
Johannes Zellner
e36d7665fa The profile based password reset does not return a resetLink 2021-11-03 22:03:08 +01:00
Johannes Zellner
63f6f065ba Add and fixup invite link related tests 2021-10-28 11:18:31 +02:00
Johannes Zellner
92f0f56fae do not strictly require fallbackEmail on user creation but provide a fallback 2021-10-28 10:29:02 +02:00
Johannes Zellner
cb8aa15e62 Do not allow setting ghost password for user without username 2021-10-27 23:36:44 +02:00
Johannes Zellner
4356d673bc Fix wrong assert and minor typos 2021-10-27 22:31:54 +02:00
Johannes Zellner
b59776bf9b fail getting invite link or sending invite if invate was already used 2021-10-27 21:25:43 +02:00
Johannes Zellner
475795a107 Invite is now also separate 2021-10-27 19:58:06 +02:00
Johannes Zellner
9a80049d36 Add two distinct password reset routes 2021-10-27 19:12:18 +02:00
Johannes Zellner
daf212468f fallbackEmail is now independent from email 2021-10-26 22:50:02 +02:00
Johannes Zellner
885ea259d7 Set inviteToken on user creation 2021-10-01 14:52:58 +02:00
Johannes Zellner
4ce21f643e send invite status via user rest api 2021-10-01 14:32:37 +02:00
Johannes Zellner
cb31e5ae8b Separate invite and password reset token 2021-10-01 12:27:22 +02:00
Johannes Zellner
c7b668b3a4 remove unused require 2021-10-01 11:55:35 +02:00
Girish Ramakrishnan
54c6f33e5f Fix broken invitation link 2021-09-25 17:36:56 -07:00