jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
10,330 Commits 33 Branches 583 Tags
e4ce1a9ad30f56e2e55dc6e407137985b899cd5a
Commit Graph

116 Commits

Author SHA1 Message Date
Johannes Zellner 8d6eca2349 Fix typos 2020-02-04 18:32:43 +01:00
Johannes Zellner 6745221e0f Password reset does not need an email 2020-02-04 17:05:08 +01:00
Girish Ramakrishnan 57e3180737 typo 2020-02-01 18:12:33 -08:00
Girish Ramakrishnan 3427db3983 Add app passwords feature 2020-01-31 22:03:19 -08:00
Johannes Zellner c53b54bda3 Only create external ldap users for oauth logins 2019-11-20 20:05:22 +01:00
Johannes Zellner e3cee37527 Move autocreation logic into external ldap 2019-11-20 18:18:21 +01:00
Johannes Zellner 8fd0461c62 Auto create users on login if present in external ldap source 2019-11-20 18:18:21 +01:00
Girish Ramakrishnan 7a25187bee Disable invite & password reset route for external users 2019-10-29 11:03:28 -07:00
Girish Ramakrishnan 2404e79928 ldap: do the secret key dance 2019-10-25 16:46:49 -07:00
Girish Ramakrishnan 4793eb9ef5 Finish UsersError removal 2019-10-24 15:19:07 -07:00
Girish Ramakrishnan bc3169deb3 Move UsersError to BoxError 2019-10-24 15:06:41 -07:00
Girish Ramakrishnan d2c12297dc Move ExternalLdapError to BoxError 2019-10-24 14:32:27 -07:00
Girish Ramakrishnan 2d115d3d0f Move GroupsError to BoxError 2019-10-22 16:34:17 -07:00
Johannes Zellner d385c80882 Use external ldap bind for users from ldap source 2019-08-30 10:20:04 +02:00
Johannes Zellner b823213c94 Create and update users from external ldap 2019-08-30 10:20:04 +02:00
Girish Ramakrishnan 94b4bf94c0 Merge active flag into update route 2019-08-08 08:17:08 -07:00
Girish Ramakrishnan d5de05b633 Send user active flag 2019-08-08 07:19:50 -07:00
Girish Ramakrishnan 0ab6cad048 Add user enable/disable flag 2019-08-08 06:31:46 -07:00
Girish Ramakrishnan 9b74bb73aa config.js is dead, long live config.js 
we use settings now
 2019-07-26 14:51:51 -07:00
Girish Ramakrishnan 9a0d5b918f totp: set window to 2 
see https://github.com/speakeasyjs/speakeasy#specifying-a-window-for-verifying-hotp-and-totp

A TOTP is incremented every step time-step seconds. By default, the time-step is
30 seconds. Window of 2 means, +- 2 steps.

Fixes #633
 2019-07-23 14:45:54 -07:00
Girish Ramakrishnan e7127df30d remove app ownerId 
this is unused
 2019-07-02 21:23:51 -07:00
Girish Ramakrishnan 81b721be2b Fix buffer warnings 2019-03-21 20:06:14 -07:00
Johannes Zellner 044b27967e Make initial sftp connection work 2019-03-19 15:24:09 -07:00
Girish Ramakrishnan 950a6d4c5d Add restriction on max password length 2019-02-08 09:57:07 -08:00
Johannes Zellner 7612e38695 We do not send out invites on user creation 2019-01-23 17:18:37 +01:00
Johannes Zellner 6e925f6b99 assert if auditSource is null on user apis 2019-01-23 11:18:31 +01:00
Johannes Zellner 3617432113 Fix broken invite sending on user creation 2019-01-23 10:45:13 +01:00
Johannes Zellner dae52089e3 Patch auditSource if owner is creating himself an account 2019-01-19 14:34:49 +01:00
Johannes Zellner c73b30556f Remove unused require 2019-01-19 12:36:46 +01:00
Johannes Zellner b9c3e85f89 Trigger user notifications through eventlog api only 2019-01-17 13:12:26 +01:00
Johannes Zellner 13fac3072d Support username search in user listing api 2019-01-15 17:21:40 +01:00
Johannes Zellner 3470252768 Add user pagination to rest api 2019-01-14 16:39:20 +01:00
Johannes Zellner cc81a10dd2 Add more notification/mailer wrapper 2019-01-10 12:00:04 +01:00
Johannes Zellner 5680fc839b Send new user notification via notifications api 2018-12-17 17:35:19 +01:00
Girish Ramakrishnan bd2b03876b Add users.isActivated 
it's easier to see where we do activation checks
 2018-11-10 18:09:00 -08:00
Girish Ramakrishnan 7c733ae150 Fix error handling 2018-10-29 20:19:48 -07:00
Johannes Zellner f05df7cfef Allow set admin flag on user creation 2018-08-21 17:12:46 +02:00
Girish Ramakrishnan 6a1a697820 Split the invite route into two 2018-08-17 16:27:29 -07:00
Girish Ramakrishnan 78a2176d1d Make admin simply a boolean instead of group 
This simplifies a lot of logic. Keeping an admin group has no benefit
 2018-07-26 22:29:57 -07:00
Girish Ramakrishnan b4d5def56d Revert role support 2018-07-26 13:23:06 -07:00
Girish Ramakrishnan 6810c61e58 Add audit event for ownership transfer 2018-07-05 13:51:22 -07:00
Girish Ramakrishnan 9978dff627 Add API to set and transfer ownership 2018-06-28 16:48:04 -07:00
Girish Ramakrishnan f932f8b3d3 Add user management scope 
This splits the user and groups API into those who have just 'read' access
and those who have 'manage' access.
 2018-06-25 16:10:00 -07:00
Girish Ramakrishnan 6cd0601629 Map group roles to scopes 2018-06-18 14:52:39 -07:00
Girish Ramakrishnan 7f3114e67d Rename to get/setMembership (to indicate IDs and not group objects 2018-06-18 13:57:17 -07:00
Girish Ramakrishnan f24a099e79 Remove user.admin property 
The UI will now base itself entirely off the scopes of the token
 2018-06-17 16:49:56 -07:00
Girish Ramakrishnan 156ffb40c9 Remove scope from users.get 2018-06-17 16:07:20 -07:00
Girish Ramakrishnan 491d1c1273 getByResetToken already has the user object 2018-06-15 16:22:28 -07:00
Girish Ramakrishnan a77d45f5de Add rolesJson to groups table 
This will contain the roles ('role definition') of a group of
users. We will internally map these to our API scopes.
 2018-06-14 22:54:52 -07:00
Girish Ramakrishnan 32e6b9024c Add email query param to reset code path 
This reduces any attack surface
 2018-06-12 17:56:41 -07:00