jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
15,779 Commits 33 Branches 583 Tags
aecc16af5d8d9bab4d118657d10934b04ac3a738
Commit Graph

1871 Commits

Author SHA1 Message Date
Girish Ramakrishnan
7ab5d5e50d Add domain management scope 
This splits the domains API into those who have just 'read' access
(i.e without configuration details) and those who have 'manage' access.
 2018-06-25 15:12:22 -07:00
Girish Ramakrishnan
74b1df17c0 Fix groups test and route to make name optional 2018-06-20 09:31:50 -07:00
Girish Ramakrishnan
7880a2f9c3 API returns 403 for incorrect password 2018-06-20 09:27:24 -07:00
Girish Ramakrishnan
8a84872704 Wrong password logs out the user 2018-06-18 18:52:35 -07:00
Girish Ramakrishnan
5d13cc363f Allow group name to be changed 2018-06-18 18:30:40 -07:00
Girish Ramakrishnan
ff73bc121f Make tokenScope plural 2018-06-18 15:10:02 -07:00
Girish Ramakrishnan
6cd0601629 Map group roles to scopes 2018-06-18 14:52:39 -07:00
Girish Ramakrishnan
7f3114e67d Rename to get/setMembership (to indicate IDs and not group objects 2018-06-18 13:57:17 -07:00
Girish Ramakrishnan
1dbcf2a46a Rename to groups.update 2018-06-18 13:41:27 -07:00
Girish Ramakrishnan
898cbd01b3 tokens table always has canonical scope 2018-06-17 23:11:36 -07:00
Girish Ramakrishnan
b6b7d08af3 Rename to accesscontrol.canonicalScopeString 2018-06-17 22:43:42 -07:00
Girish Ramakrishnan
6a2dacb08a Make intersectScopes take an array 2018-06-17 22:39:33 -07:00
Girish Ramakrishnan
ad6bc191f9 Make hasScopes take an array 2018-06-17 21:06:17 -07:00
Girish Ramakrishnan
f24a099e79 Remove user.admin property 
The UI will now base itself entirely off the scopes of the token
 2018-06-17 16:49:56 -07:00
Girish Ramakrishnan
156ffb40c9 Remove scope from users.get 2018-06-17 16:07:20 -07:00
Girish Ramakrishnan
db8b6838bb Move skip password verification logic to accesscontrol.js 2018-06-17 15:20:27 -07:00
Girish Ramakrishnan
c3631350cf We can skip user.scope here since we will intersect at access time anyway 2018-06-17 15:11:10 -07:00
Girish Ramakrishnan
669a1498aa Do not dump token in logs 2018-06-17 15:01:42 -07:00
Girish Ramakrishnan
e8d9597345 Fix various error codes 
401 - bad password/wrong password
403 - authenticated but not authorized
409 - conflict
 2018-06-15 23:15:30 -07:00
Girish Ramakrishnan
24b0a96f07 Move passport logic to routes 2018-06-15 17:32:40 -07:00
Girish Ramakrishnan
858ffcec72 Add note 2018-06-15 17:04:18 -07:00
Girish Ramakrishnan
05a8911cca condense the comments 2018-06-15 16:56:35 -07:00
Girish Ramakrishnan
89b41b11a4 Remove bogus accesscontrol logic 2018-06-15 16:26:14 -07:00
Girish Ramakrishnan
0a0884bf93 lint 2018-06-15 16:10:06 -07:00
Girish Ramakrishnan
2e92172794 Do not dump the entire token 2018-06-15 14:56:52 -07:00
Girish Ramakrishnan
042ea081a0 Typo 2018-06-15 14:35:52 -07:00
Girish Ramakrishnan
02d5d2f808 Add API to add and update the group roles 2018-06-15 00:28:27 -07:00
Girish Ramakrishnan
a77d45f5de Add rolesJson to groups table 
This will contain the roles ('role definition') of a group of
users. We will internally map these to our API scopes.
 2018-06-14 22:54:52 -07:00
Girish Ramakrishnan
dc86b0f319 validateRequestedScopes -> hasScopes 2018-06-14 20:31:48 -07:00
Girish Ramakrishnan
f7089c52ff normalizeScope -> intersectScope 2018-06-14 20:23:56 -07:00
Girish Ramakrishnan
55e5c319fe Fix failing log test 2018-06-14 13:43:44 -07:00
Girish Ramakrishnan
32e6b9024c Add email query param to reset code path 
This reduces any attack surface
 2018-06-12 17:56:41 -07:00
Girish Ramakrishnan
4369b3046e Make options non-optional 2018-06-11 15:14:59 -07:00
Girish Ramakrishnan
d752ef5fad Move password generation logic to model code 2018-06-11 13:06:08 -07:00
Girish Ramakrishnan
6534297a5d Remove hat module 
It's not been updated for 6 years!
 2018-06-11 12:38:29 -07:00
Johannes Zellner
177243b7f2 Support new platform/addon log style 2018-06-11 20:09:45 +02:00
Johannes Zellner
3d57c32853 Explicitly send empty object for successful post to avoid angular warnings 2018-06-07 16:10:47 +02:00
Girish Ramakrishnan
900225957e typo: code should return SetupError 2018-06-05 21:19:47 -07:00
Johannes Zellner
9eb58cdfe5 Check for plan when enabling email 2018-05-29 13:31:43 +02:00
Girish Ramakrishnan
bac3ba101e Add mailboxName to app configure route 
Fixes #558
 2018-05-24 16:26:34 -07:00
Girish Ramakrishnan
c85ca3c6e2 account setup simply redirects to main page now 2018-05-17 09:17:08 -07:00
Girish Ramakrishnan
c3fbead658 Allow zoneName to be changed in domain update route 2018-05-15 15:39:30 -07:00
Girish Ramakrishnan
a45b1449de Allow ghost users to skip 2fa 2018-05-14 15:07:01 -07:00
Girish Ramakrishnan
a1020ec6b8 remove /user from profile route 2018-05-13 21:53:06 -07:00
Girish Ramakrishnan
e5c43e9acd Remove debug 2018-05-02 12:41:22 -07:00
Girish Ramakrishnan
f09e8664d1 Return canonical scope in REST responses 
The '*' scope is purely an implementation detail. It cannot
be requested as such.
 2018-05-02 12:36:41 -07:00
Girish Ramakrishnan
8c4015851a merge auth.js into accesscontrol.js 2018-05-01 14:03:10 -07:00
Girish Ramakrishnan
a545bdd574 merge developer.js into clients.js 2018-05-01 14:02:59 -07:00
Girish Ramakrishnan
d1135accbd lint 2018-05-01 13:58:13 -07:00
Girish Ramakrishnan
d5b594fade return the scope as part of the user profile 
send canonical scope in the profile response
 2018-05-01 13:25:47 -07:00