globuzma/canaille-globuzma
1
0
Fork 0
forked from Github-Mirrors/canaille
Code Pull requests Activity
2385 commits 5 branches 57 tags 18 MiB
Commit graph

649 commits

Author SHA1 Message Date
Éloi Rivard
b6659f47e7
tests: refactor test_refresh_token 2024-04-17 12:42:26 +02:00
Éloi Rivard
ba394af338
tests: refactor test_cannot_refresh_token_for_locked_users 2024-04-17 12:23:54 +02:00
Éloi Rivard
fc8c0da912
fix: locked users cannot use refresh tokens 2024-04-17 12:07:11 +02:00
Éloi Rivard
31423cde1a
refactor: split oidc.authorize endpoint in several smaller functions 2024-04-17 11:56:44 +02:00
Éloi Rivard
ce890ca0ad
tests: use pytest-lazy-fixtureS instead of pytest-lazy-fixture 2024-04-16 18:33:58 +02:00
Éloi Rivard
1080952a75
tests: speed up unit tests by caching the jinja bytecode between tests 2024-04-16 12:46:53 +02:00
Éloi Rivard
f9989a960b
feat: locked users cannot be impersonated 2024-04-12 12:12:08 +02:00
Éloi Rivard
565d57a887
tests: split test_account.py 2024-04-12 11:23:51 +02:00
Éloi Rivard
6e26656cc4
tests: move test_model_references_set_unsaved_object to the ldap tests directory 2024-04-12 10:49:56 +02:00
Éloi Rivard
4037c296cf
fix: JAVASCRIPT and HTMX configuration settings were ignored 2024-04-09 12:07:00 +02:00
Éloi Rivard
920395c27f
feat: sign in/out events are logged in #177 2024-04-09 10:04:26 +02:00
Éloi Rivard
053156ec18
feat: additional messages on password endpoint errors 
when attempt_login is not found on the session, add a warning to be
displayed on the login page after redirection
 2024-04-09 09:20:38 +02:00
Éloi Rivard
5aaccca4cf
fix: display an error message when trying to remove the last user from a group 2024-04-08 14:44:15 +02:00
Éloi Rivard
fe2665ae32
fix: LDAP user group removal 2024-04-08 14:15:28 +02:00
Éloi Rivard
fbbcd2fe78
fix: saving an object with the LDAP backend keeps the objectClass un-managed by Canaille 2024-04-08 10:29:47 +02:00
Éloi Rivard
88832b5b3b
refactor: move User.check_password and User.set_password methods to Backend 2024-04-07 20:17:15 +02:00
Éloi Rivard
5a6ce24074
refactor: move User.get_from_login method to Backend 2024-04-07 20:17:15 +02:00
Éloi Rivard
e9c4f4c1c9
refactor: differenciate between login and username in forms 2024-04-07 19:50:26 +02:00
Éloi Rivard
2cab4bfa66
refactor: use User.get instead of User.get_from_login when this is pertinent 2024-04-07 18:46:08 +02:00
Éloi Rivard
e339d1169d
refactor: User.has_password factorization 2024-04-07 18:33:43 +02:00
Éloi Rivard
1fbb074cc5
refactor: user permissions lazy loading 2024-04-07 15:21:32 +02:00
Éloi Rivard
30bd71c5b5
tests: fix coverage 2024-04-07 09:33:56 +02:00
Éloi Rivard
f113188368
refactor: factorize match_filter in the main User class 2024-04-07 01:25:44 +02:00
Éloi Rivard
75837fa207
refactor: model attributes are walked from the top to the bottom 2024-04-06 22:46:11 +02:00
Éloi Rivard
ec7a721336
refactor: ldap objects id attribute is based on entryUUID instead of dn 2024-04-05 15:35:49 +02:00
Éloi Rivard
7b054bb571
refactor: ldap backend use a server control to re-read objects after update 2024-04-05 14:34:48 +02:00
Éloi Rivard
18e3f8cde5
refactor: split the base model class in two 2024-04-01 18:55:05 +02:00
Éloi Rivard
c1b901261f
tests: uncomment some assertions 2024-04-01 18:38:12 +02:00
Éloi Rivard
efe3a3c4c4
refactor: assume ACL have default values 2024-03-30 17:21:40 +01:00
Éloi Rivard
dd7768e0d2
tests: no OIDC test outside the OIDC zone 2024-03-29 17:34:08 +01:00
Éloi Rivard
ea220e8a93
fix: pytest skip decorator 2024-03-29 17:17:59 +01:00
Éloi Rivard
bfae3fbe18
doc: pydantic-settings nested secret directories are not ready yet 
https://github.com/pydantic/pydantic-settings/issues/154
 2024-03-29 13:57:03 +01:00
Éloi Rivard
8625318341
feat: use pydantic to validate the configuration 2024-03-28 17:44:26 +01:00
Éloi Rivard
ffa12b0f71
feat: created and last_modified model attributes 2024-03-27 13:57:38 +01:00
Éloi Rivard
dc81832159
feat: usedefault python logging configuration format 2024-03-15 20:12:07 +01:00
Éloi Rivard
4edffcaa9f
chore: use isort instead of reoder-python-imports 2024-03-15 19:58:37 +01:00
Éloi Rivard
bd57d69765
chore: pre-commit update 2024-03-07 18:52:23 +01:00
Éloi Rivard
395b6ab4f3
chore: add docformatter pre-commit 2023-12-28 18:31:57 +01:00
Éloi Rivard
e8b620588e
refactor: LDAP backend initialization 2023-12-27 10:57:22 +01:00
Éloi Rivard
a237fa0198
chore: pre-commit update 2023-12-26 01:13:11 +01:00
Éloi Rivard
a4a381d088
refactor: gather endpoints in a 'endpoints' directory 2023-12-26 00:30:19 +01:00
Éloi Rivard
38038d8db9
refactor: use 'url_for' in templates instead of static urls 2023-12-25 20:15:21 +01:00
Éloi Rivard
5c11ebf0d3
feat: ldap connection is lazilly opened 2023-12-25 14:26:08 +01:00
Éloi Rivard
d0dbaa588c
refactor: no more explicit conn argument in the LDAP backend 2023-12-25 14:03:47 +01:00
Éloi Rivard
95882c737b
fix: LDAP backend connection error display 2023-12-25 13:56:57 +01:00
Éloi Rivard
772a364128
fix: group field error prevented the registration form validation 2023-12-24 12:05:29 +01:00
Éloi Rivard
06b60e1747
fix: post_logout_redirect_uris was ignored during OIDC dynamic registration 2023-12-23 21:32:31 +01:00
Éloi Rivard
c847ef9284
feat: OIDC prompt=create implementation 2023-12-23 19:37:48 +01:00
Éloi Rivard
577bca360e
tests: renamed other_client fixture in trusted_client 2023-12-23 19:37:27 +01:00
Éloi Rivard
521ed75f18
fix: correctly set up Client audience during OIDC dynamic registration 2023-12-23 19:37:14 +01:00
Éloi Rivard
0d4174de43
tests: fix OIDC well-known tests 2023-12-23 17:24:03 +01:00
Éloi Rivard
9ff0411e9e
tests: extracted the prompt tests in a dedicated file 2023-12-22 21:18:02 +01:00
Éloi Rivard
97394823bf
fix: return a 403 error when users are missing permissions for OIDC authentication 2023-12-22 16:39:20 +01:00
Éloi Rivard
cccbafeb0e
tests: fix a wrong default permission 2023-12-21 19:04:05 +01:00
Éloi Rivard
52fc93a481
refactor: avoid to directly use the 'configuration' fixture in tests 2023-12-19 18:28:04 +01:00
Éloi Rivard
7fed235437
fix: redirection after password reset 2023-12-15 16:12:33 +01:00
Éloi Rivard
7a2d7ca1db
tests: add a test that sends a mail without SERVER_NAME 2023-12-14 22:39:42 +01:00
Éloi Rivard
49466012e7
chore: bump to flask 2.3 2023-12-14 22:01:08 +01:00
Éloi Rivard
a3908883e3
tests: use canaille.test domain instead of localhost 2023-12-14 20:07:49 +01:00
Éloi Rivard
c563646bfe
tests: dynamic smtp configuration 2023-12-14 20:04:18 +01:00
Éloi Rivard
f08c452a03
tests: mail testing refactoring 2023-12-14 19:27:37 +01:00
Éloi Rivard
3b46d6af61
tests: remove pytest-flask dependency 2023-12-14 16:28:46 +01:00
Éloi Rivard
066aed7735
feat: convert the png in webp 2023-12-01 22:09:54 +01:00
Éloi Rivard
a7e574f754
feat: use sqlalchemy-utils PasswordType to store and hash user passwords 2023-12-01 09:29:59 +01:00
Éloi Rivard
969f3e980c
fix: password comparision was too permissive on login 2023-11-28 18:10:47 +01:00
Éloi Rivard
aa07059357
fix: password and initalization emails were only sent to the preferred user email address 2023-11-28 17:59:50 +01:00
Éloi Rivard
98e8aa9b39
fix: only the first password letter was used 2023-11-28 15:51:14 +01:00
Éloi Rivard
27639081f0
feat: implement sqlalchemy backend 
Co-authored-by: Loan Robert <loan@yaal.coop>
 2023-11-24 13:57:46 +01:00
Éloi Rivard
e6cf6ad7bd
tests: backport tests from sqlachemy branch 2023-11-24 12:10:17 +01:00
Éloi Rivard
02c8f0b177
refactor: Backend.install calls uniformization 2023-11-24 11:13:17 +01:00
Éloi Rivard
ed73916fa7
tests: add missing __init__.py 2023-11-24 10:14:44 +01:00
Éloi Rivard
79533acc4b
tests: fix backend assignation for tests 2023-11-24 10:10:36 +01:00
Éloi Rivard
c19199b7a7
tests: use lists of strings for Token.scope and AuthorizationCode.scope 2023-11-23 22:07:42 +01:00
Éloi Rivard
7494800e57
fix: OIDC client 'client_secret_expires_at' claim must be 0, not None 2023-11-23 09:15:40 +01:00
Éloi Rivard
79e547fc10
refactor: OIDC token scopes are stored as lists 2023-11-22 16:36:42 +01:00
Éloi Rivard
fd77bd5637
refactor: OIDC authorization codes scopes are stored as lists 2023-11-22 16:30:38 +01:00
Éloi Rivard
97546452e9
tests: fix user password cardinality 2023-11-22 14:49:51 +01:00
Éloi Rivard
fd8a5ace74
tests: fix user attribute cardinalities 2023-11-22 14:47:48 +01:00
Éloi Rivard
b6cfa1517c
refactor: form model attributes coercion 2023-11-22 11:30:30 +01:00
Éloi Rivard
e6225671f9
tests: additional assertions on invitation tests 2023-11-21 18:52:53 +01:00
Éloi Rivard
3a39fc191a
refactor: remove models __delattr__ methods 2023-11-21 14:57:28 +01:00
Éloi Rivard
8b3802dc3a
tests: add tests for fuzzy search on multiple model attributes 2023-11-21 14:27:57 +01:00
Éloi Rivard
1fd8af2cf4
refactor: models attributes cardinality is closer to SCIM models 2023-11-17 21:21:25 +01:00
Éloi Rivard
0569950c47
tests: fix end session error message test 2023-11-16 17:49:33 +01:00
Éloi Rivard
09673fdf4d
tests: fix UTCDatetime form field unit tests during light saving 2023-11-16 17:42:04 +01:00
Éloi Rivard
40b868cfee
tests: multiple emails and phone_numbers 2023-10-02 21:58:46 +02:00
Éloi Rivard
88dcf94750
Revert "tests: domain is localhost.local" 
This reverts commit 44aed27719.
 2023-10-01 15:42:16 +02:00
Éloi Rivard
44aed27719
tests: domain is localhost.local 2023-09-20 09:54:17 +02:00
Éloi Rivard
a2fb88fb05
tests: fix CI 2023-09-15 18:01:17 +02:00
Éloi Rivard
46c795b3b5
refactor: only load oidc module if OIDC is configured 2023-09-15 17:56:23 +02:00
Éloi Rivard
a7b3d4be88
feat: user login redirections 
if users login during the authorization phase, they
get redirected to the authorization page afterwards
 2023-09-01 09:12:40 +02:00
Éloi Rivard
8be771e41d
tests: fix CI 2023-08-31 22:44:06 +02:00
Éloi Rivard
21ea0238b5
OIDC jwks endpoint do not return empty kid claim 2023-08-26 19:59:44 +02:00
Éloi Rivard
553595c5ed
doc: model documentation 2023-08-17 16:11:24 +02:00
Éloi Rivard
588ec8792e
Implement a dummy inmemory backend 2023-08-17 12:33:45 +02:00
Éloi Rivard
2909357b9c
fix: typo 2023-08-16 17:34:53 +02:00
Éloi Rivard
6ede3b75cb
tests: disable javascript in template rendering 2023-08-16 17:33:59 +02:00
Éloi Rivard
39a5eafd71
tests: fix a variable in ldap tests 2023-08-16 16:55:21 +02:00
Éloi Rivard
ccaba0b9d5
feat: registration email admin debug page 2023-08-15 17:00:38 +02:00
Éloi Rivard
5a9df64f68
feat: implement registration process 2023-08-15 16:31:44 +02:00
Éloi Rivard
e55b56419d
refactor: extract auth.py from account.py 2023-08-14 16:15:41 +02:00
Éloi Rivard
d27aab8651
refactor: the core module has its own main blueprint 2023-08-14 13:52:24 +02:00
Éloi Rivard
c895366684
refactor: store user profile in g.user 2023-08-13 22:08:28 +02:00
Éloi Rivard
1f9d148c0d
chore: bump to python-slapd 0.1.4 2023-08-13 16:06:16 +02:00
Éloi Rivard
fd24c704c0
feat: implement email verification 2023-08-06 11:58:16 +02:00
Éloi Rivard
8fe8494587
feat: validate phone numbers 2023-08-03 19:08:34 +02:00
Éloi Rivard
9940a98188
refactor: profile button action renaming 2023-07-30 23:08:29 +02:00
Éloi Rivard
97c6a3ea38
tests: adds a fixture that automatically compiles babel catalogs 2023-07-25 09:56:23 +02:00
Éloi Rivard
1352752db8
refactor: utilities for form field readonliness 2023-07-24 18:07:35 +02:00
Éloi Rivard
59bc6e18d7 Merge branch 'issue-158-modals' into 'main' 
modals are HTML pages instead of JS elements

See merge request yaal/canaille!144
 2023-07-18 16:39:35 +00:00
Éloi Rivard
b4908d5e57
modals are HTML pages instead of JS elements 
This will help providing the very same user experience for users with
and without javascript. We will still be able to re-enable javascript
modals in the future, but this should be done from the ground up, HTML
first and javascript after.
 2023-07-18 18:34:10 +02:00
Éloi Rivard
a631946cb5
remove unnecessary application context in unit tests 2023-07-18 16:34:32 +02:00
Éloi Rivard
54abdaea3b Dynamic model registration 2023-07-12 12:34:00 +02:00
Éloi Rivard
fd66f86a72 USER_FILTER is parsed with jinja 2023-07-04 18:34:16 +02:00
Éloi Rivard
1a0a8096eb Enable jinja2 strict mode in unit tests 2023-07-01 19:56:13 +02:00
Éloi Rivard
4f42798e39 Refactored keypair management 2023-07-01 19:06:26 +02:00
Éloi Rivard
f686121f0d Wording 2023-06-30 18:12:14 +02:00
Éloi Rivard
021c1b3d11 Pagination pluralization 2023-06-30 18:12:13 +02:00
Éloi Rivard
7ff2360174 send reset emails to all the user emails 2023-06-29 17:47:01 +02:00
Éloi Rivard
7bce9b9a74 ldap backend: make sure to escape special chars in object identifiers 2023-06-29 15:55:39 +02:00
Éloi Rivard
3ecb8b4722 Implements a flask Group converter 2023-06-29 15:55:39 +02:00
Éloi Rivard
f504bb3a66 Implements a flask User converter 2023-06-29 15:55:39 +02:00
Éloi Rivard
e4e49da44a Renamed configuration entries 
- USER_ID_ATTRIBUTE is now USER_RDN
- GROUP_ID_ATTRIBUTE is now GROUP_RDN
 2023-06-29 15:55:39 +02:00
Éloi Rivard
57af18d557 Use a unique identifier to indentify users in URLS 
Previously we used the uid since we supposed this value was always
valid, but some users user the mail attribute as the User RDN in their
OpenLDAP installation, and do not have a uuid.
 2023-06-29 15:55:39 +02:00
Éloi Rivard
4551dc3f60 Add unit test for user with different RDN 2023-06-29 15:55:39 +02:00
Éloi Rivard
4eda4f6c99 inline validation keep the profile indicator icons 2023-06-28 15:42:35 +02:00
Éloi Rivard
45ec950f5f Fixed FieldList readonly state 2023-06-28 13:26:15 +02:00
Éloi Rivard
7b9e97f5e4 Defer and clean up JS scripts 2023-06-26 18:00:58 +02:00
Éloi Rivard
c091ca19cf Removed html5shiv 2023-06-26 17:48:25 +02:00
Éloi Rivard
0342e30ec0 Fixed strings inadvertently refactored 2023-06-22 18:12:54 +02:00
Éloi Rivard
b7e1590510 User emails and phone numbers are now multiple 2023-06-22 17:55:26 +02:00
Éloi Rivard
8617fc0f2b Implement multiple fields 2023-06-22 16:56:44 +02:00
Éloi Rivard
361fda0386 Renamed User.phone_number in User.phone_numbers 2023-06-22 15:33:03 +02:00
Éloi Rivard
b5bd497d0e Implemented User.preferred_email 2023-06-22 15:24:13 +02:00
Éloi Rivard
371f806695 Renamed User.email in User.emails 2023-06-22 15:15:46 +02:00
Éloi Rivard
0cbac78624 htmx: return a 400 error when a request sends an invalid form 2023-06-21 15:59:28 +02:00
Éloi Rivard
8061042e46 client admin test refactoring 2023-06-20 09:32:43 +02:00
Éloi Rivard
a9d9d43152 Configuration entries can be loaded from files. 
Co-authored-by: Sofi <sofi+git@mailbox.org>
 2023-06-15 18:38:37 +02:00
Éloi Rivard
23e9e7e71a Renamed Backend in BaseBackend 2023-06-05 18:10:37 +02:00
Éloi Rivard
14ccb69762 backend fixture is parametrizable 2023-06-03 23:39:38 +02:00
Éloi Rivard
422af73b89 moved slapd_server in the ldap unit tests module 2023-06-03 23:39:38 +02:00
Éloi Rivard
e3aede6645 Fixed a unit test control value 2023-06-03 23:38:45 +02:00
Éloi Rivard
fa7c68ff5b Moved CustomSlapdObject class into the ldap test module 2023-06-03 18:35:59 +02:00
Éloi Rivard
c7f23e845c datetime-local input fields are transformed in UTC server-side 2023-06-01 13:53:32 +02:00
Éloi Rivard
e20fb23e6f typo 'successfuly' -> 'successfully' 2023-05-30 09:44:11 +02:00
Éloi Rivard
38ee26db83 refactored User locking mechanism 2023-05-26 17:48:50 +02:00
Éloi Rivard
17c2f7a5cd Implemented LDAP ppolicy support. 2023-05-26 15:23:43 +02:00
Éloi Rivard
d8158d6a72 Use ruff linter 2023-05-25 13:37:58 +02:00
Éloi Rivard
8ed10da81e Removed duplicate test 2023-05-24 14:10:45 +02:00
Éloi Rivard
a92542cd81 Moved models specificities in the backend module 2023-05-20 21:24:14 +02:00