18a680a85b
groups: only the local groups of a user can be set
2024-02-28 15:56:03 +01:00
d7dda61775
profile: unify password verification check
2024-01-22 14:03:23 +01:00
13b9bed48b
externalldap: when using cloudron source, disable local 2fa setup
2024-01-20 12:44:19 +01:00
c99c24b3bd
users: cannot update profile fields of external user
2024-01-20 11:23:35 +01:00
8bdcdd7810
groups: members cannot be set for external groups
2024-01-19 23:23:25 +01:00
2ca94f3159
user: remove make local feature
...
we discussed a bit on what this does and it's confusing as it stands:
* Use case of this is lost in the realms of time
* Possible guess by is that it was to move users of different Cloudron to a central cloudron
* Currently, the design is a bit flawed because the make user local button doesn’t pin the user. The state is lost in next synchronization.
* Maybe, one should use export/import user for this use case
* Let’s disable this button for now, feature is not complete.
2024-01-13 11:02:25 +01:00
053f81a53e
externalldap: add tests
2024-01-07 22:04:22 +01:00
d12e6ee2b3
settings: make user_directory setting route
2023-08-03 08:29:12 +05:30
53e9eccf72
unify totp check
...
the totp check is done in several places causing errors like 3552232e99
2023-03-12 16:01:12 +01:00
5b075e3918
transfer ownership is not used anymore
2022-05-26 14:30:32 -07:00
4c3b81d29c
Add make user local tests and fixup route
2022-04-24 22:49:12 +02:00
032218c0fd
Add route to make user local
2022-04-24 22:22:25 +02:00
71dac64c4c
Only allow impersonation for equal or less powerful roles
2022-02-28 20:42:33 +01:00
26a8738b21
make user listing return non-private fields
...
this was from a time when normal users could install apps
2022-02-16 21:22:38 -08:00
d5481342ed
Add ability to filter users by state
2022-02-07 17:18:13 +01:00
4513b6de70
add a way for admins to set username when profiles are locked
2022-01-12 16:21:00 -08:00
4356d673bc
Fix wrong assert and minor typos
2021-10-27 22:31:54 +02:00
475795a107
Invite is now also separate
2021-10-27 19:58:06 +02:00
9a80049d36
Add two distinct password reset routes
2021-10-27 19:12:18 +02:00
daf212468f
fallbackEmail is now independent from email
2021-10-26 22:50:02 +02:00
445c83c8b9
make auditsource a class
...
this allows us to use AuditSource for the class and auditSource for
the instances!
2021-09-30 10:13:36 -07:00
0cfc3e03bb
Use concrete resource name instead of generic "resource"
2021-09-20 22:42:34 -07:00
2ea5786fcc
Fix setGhost api usage
2021-09-17 15:52:52 +02:00
f75b0ebff9
Add set ghost route
2021-09-17 12:52:41 +02:00
6785253377
Invitation is now also just a single route like password reset
2021-09-16 15:03:48 +02:00
ecd35bd08d
Fixup 2fa reset route
2021-09-16 13:18:22 +02:00
d3d22f0878
Directly use users.verify() instead of another db lookup
2021-09-09 22:50:35 +02:00
7ba3203625
users: getAll -> list
2021-08-20 11:31:10 -07:00
79997d5529
users.add and users.createOwner only returns id now
2021-08-10 13:50:52 -07:00
a1c61facdc
merge userdb.js into users.js
2021-07-16 22:33:22 -07:00
ea430b255b
make the tests work
2021-06-29 11:01:46 -07:00
31498afe39
async'ify the groups code
2021-06-29 09:08:45 -07:00
e7d9af5aed
users: asyncify and merge userdb.del
2021-06-26 10:13:21 -07:00
b8ea9de439
move profile icons into the database
2021-04-29 13:57:24 -07:00
f15714182b
users: add route to disable 2fa
2021-04-14 20:45:35 -07:00
b6473bc8f0
Add route to transfer ownership
2021-01-15 14:28:41 +01:00
a5cdd6087a
Revert "To allow transfer ownership, a user has to be able to update its role if permissions are granted by current role"
...
This reverts commit c2f8da5507
2021-01-15 14:16:55 +01:00
c2f8da5507
To allow transfer ownership, a user has to be able to update its role if permissions are granted by current role
2021-01-14 21:15:54 +01:00
8c7eff4e24
user: add routes to set/clear avatar
2020-07-10 07:23:38 -07:00
7e0ef60305
Fix incorrect role comparison
2020-03-15 16:19:22 -07:00
890b46836b
Do not allow lower level roles to edit higher level ones
2020-03-07 13:53:01 -08:00
afa2fe8177
Improve role add/edit error message
2020-03-06 13:16:50 -08:00
de23d1aa03
Do not allow to set active flag for the operating user
2020-03-05 21:00:59 -08:00
0e156b9376
migrate permissions and admin flag to user.role
2020-02-21 16:49:20 -08:00
c537dfabb2
add manage user permission
2020-02-13 22:49:58 -08:00
d1911be28c
user: load the resource with middleware
2020-02-13 20:59:17 -08:00
1fbbaa82ab
Generate the user invite link only in one location
2020-02-05 15:53:05 +01:00
3427db3983
Add app passwords feature
2020-01-31 22:03:19 -08:00
9151965cd6
Keep user objects in REST api responses more coherent
2020-01-06 11:54:00 +01:00
5c920fd200
never skip password verification
2019-11-07 13:10:12 -08:00
Girish Ramakrishnan