jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
15,105 Commits 33 Branches 583 Tags
9d3fa94960df17a7e608faaf4fe3848d41de36c5
Commit Graph

165 Commits

Author SHA1 Message Date
Johannes Zellner
6745221e0f Password reset does not need an email 2020-02-04 17:05:08 +01:00
Girish Ramakrishnan
57e3180737 typo 2020-02-01 18:12:33 -08:00
Girish Ramakrishnan
3427db3983 Add app passwords feature 2020-01-31 22:03:19 -08:00
Johannes Zellner
c53b54bda3 Only create external ldap users for oauth logins 2019-11-20 20:05:22 +01:00
Johannes Zellner
e3cee37527 Move autocreation logic into external ldap 2019-11-20 18:18:21 +01:00
Johannes Zellner
8fd0461c62 Auto create users on login if present in external ldap source 2019-11-20 18:18:21 +01:00
Girish Ramakrishnan
7a25187bee Disable invite & password reset route for external users 2019-10-29 11:03:28 -07:00
Girish Ramakrishnan
2404e79928 ldap: do the secret key dance 2019-10-25 16:46:49 -07:00
Girish Ramakrishnan
4793eb9ef5 Finish UsersError removal 2019-10-24 15:19:07 -07:00
Girish Ramakrishnan
bc3169deb3 Move UsersError to BoxError 2019-10-24 15:06:41 -07:00
Girish Ramakrishnan
d2c12297dc Move ExternalLdapError to BoxError 2019-10-24 14:32:27 -07:00
Girish Ramakrishnan
2d115d3d0f Move GroupsError to BoxError 2019-10-22 16:34:17 -07:00
Johannes Zellner
d385c80882 Use external ldap bind for users from ldap source 2019-08-30 10:20:04 +02:00
Johannes Zellner
b823213c94 Create and update users from external ldap 2019-08-30 10:20:04 +02:00
Girish Ramakrishnan
94b4bf94c0 Merge active flag into update route 2019-08-08 08:17:08 -07:00
Girish Ramakrishnan
d5de05b633 Send user active flag 2019-08-08 07:19:50 -07:00
Girish Ramakrishnan
0ab6cad048 Add user enable/disable flag 2019-08-08 06:31:46 -07:00
Girish Ramakrishnan
9b74bb73aa config.js is dead, long live config.js 
we use settings now
 2019-07-26 14:51:51 -07:00
Girish Ramakrishnan
9a0d5b918f totp: set window to 2 
see https://github.com/speakeasyjs/speakeasy#specifying-a-window-for-verifying-hotp-and-totp

A TOTP is incremented every step time-step seconds. By default, the time-step is
30 seconds. Window of 2 means, +- 2 steps.

Fixes #633
 2019-07-23 14:45:54 -07:00
Girish Ramakrishnan
e7127df30d remove app ownerId 
this is unused
 2019-07-02 21:23:51 -07:00
Girish Ramakrishnan
81b721be2b Fix buffer warnings 2019-03-21 20:06:14 -07:00
Johannes Zellner
044b27967e Make initial sftp connection work 2019-03-19 15:24:09 -07:00
Girish Ramakrishnan
950a6d4c5d Add restriction on max password length 2019-02-08 09:57:07 -08:00
Johannes Zellner
7612e38695 We do not send out invites on user creation 2019-01-23 17:18:37 +01:00
Johannes Zellner
6e925f6b99 assert if auditSource is null on user apis 2019-01-23 11:18:31 +01:00
Johannes Zellner
3617432113 Fix broken invite sending on user creation 2019-01-23 10:45:13 +01:00
Johannes Zellner
dae52089e3 Patch auditSource if owner is creating himself an account 2019-01-19 14:34:49 +01:00
Johannes Zellner
c73b30556f Remove unused require 2019-01-19 12:36:46 +01:00
Johannes Zellner
b9c3e85f89 Trigger user notifications through eventlog api only 2019-01-17 13:12:26 +01:00
Johannes Zellner
13fac3072d Support username search in user listing api 2019-01-15 17:21:40 +01:00
Johannes Zellner
3470252768 Add user pagination to rest api 2019-01-14 16:39:20 +01:00
Johannes Zellner
cc81a10dd2 Add more notification/mailer wrapper 2019-01-10 12:00:04 +01:00
Johannes Zellner
5680fc839b Send new user notification via notifications api 2018-12-17 17:35:19 +01:00
Girish Ramakrishnan
bd2b03876b Add users.isActivated 
it's easier to see where we do activation checks
 2018-11-10 18:09:00 -08:00
Girish Ramakrishnan
7c733ae150 Fix error handling 2018-10-29 20:19:48 -07:00
Johannes Zellner
f05df7cfef Allow set admin flag on user creation 2018-08-21 17:12:46 +02:00
Girish Ramakrishnan
6a1a697820 Split the invite route into two 2018-08-17 16:27:29 -07:00
Girish Ramakrishnan
78a2176d1d Make admin simply a boolean instead of group 
This simplifies a lot of logic. Keeping an admin group has no benefit
 2018-07-26 22:29:57 -07:00
Girish Ramakrishnan
b4d5def56d Revert role support 2018-07-26 13:23:06 -07:00
Girish Ramakrishnan
6810c61e58 Add audit event for ownership transfer 2018-07-05 13:51:22 -07:00
Girish Ramakrishnan
9978dff627 Add API to set and transfer ownership 2018-06-28 16:48:04 -07:00
Girish Ramakrishnan
f932f8b3d3 Add user management scope 
This splits the user and groups API into those who have just 'read' access
and those who have 'manage' access.
 2018-06-25 16:10:00 -07:00
Girish Ramakrishnan
6cd0601629 Map group roles to scopes 2018-06-18 14:52:39 -07:00
Girish Ramakrishnan
7f3114e67d Rename to get/setMembership (to indicate IDs and not group objects 2018-06-18 13:57:17 -07:00
Girish Ramakrishnan
f24a099e79 Remove user.admin property 
The UI will now base itself entirely off the scopes of the token
 2018-06-17 16:49:56 -07:00
Girish Ramakrishnan
156ffb40c9 Remove scope from users.get 2018-06-17 16:07:20 -07:00
Girish Ramakrishnan
491d1c1273 getByResetToken already has the user object 2018-06-15 16:22:28 -07:00
Girish Ramakrishnan
a77d45f5de Add rolesJson to groups table 
This will contain the roles ('role definition') of a group of
users. We will internally map these to our API scopes.
 2018-06-14 22:54:52 -07:00
Girish Ramakrishnan
32e6b9024c Add email query param to reset code path 
This reduces any attack surface
 2018-06-12 17:56:41 -07:00
Girish Ramakrishnan
4369b3046e Make options non-optional 2018-06-11 15:14:59 -07:00