globuzma/canaille-globuzma
1
0
Fork 0
forked from Github-Mirrors/canaille
Code Pull requests Activity
2043 commits 5 branches 57 tags 18 MiB
Commit graph

2043 commits

This branch
This branch
All branches
Author SHA1 Message Date
sebastien
1522f05348 updates pybabel translation 2024-11-12 16:53:11 +01:00
sebastien
f67477f5e1 adds tests for ADMIN_EMAIL config variable 2024-11-12 16:50:51 +01:00
sebastien
ea24f96e85 adds new config variable in case there is no default admin group in ACL/ADMIN/FILTER 2024-11-12 16:50:00 +01:00
sebastien
62ceadb64f refacto : isolate function to avoid import loops and clarify the role of the function (not in core because 'utils', not in mail to ovaid loop, not in form because not form) 2024-11-12 16:48:15 +01:00
sebastien
d41a4d1063 updates after merge main in branch 2024-11-12 09:41:03 +01:00
sebastien yaal
7b7ec74b9f Merge branch 'main' into '179-check-passwords-on-compromised-password-databases' 
# Conflicts:
#   CHANGES.rst
 2024-11-12 08:34:10 +00:00
sebastien
6689b128e7 updates CHANGES file 2024-11-12 09:31:39 +01:00
sebastien
88986147d3 updates pybabel translations 2024-11-12 09:19:38 +01:00
sebastien
c13b590cd9 final tests for password compromise investigation failure 2024-11-12 09:18:55 +01:00
sebastien
8284a41234 refacto for tests 2024-11-12 09:17:22 +01:00
sebastien
8104bbf03e adds new condition to help with tests and inform correctly the user with sending mail to admins if compromise password check failed 2024-11-08 15:19:11 +01:00
sebastien
834eaaa2c4 refacto test 2024-11-08 15:16:38 +01:00
sebastien
d951c2e18d new tests on failure of api request with htmx and without SMTP 2024-11-08 15:15:12 +01:00
sebastien
f173a66793 adds new tests for compromised_password_check_failure situation. 2024-11-07 15:51:21 +01:00
Éloi Rivard
619a81c6aa
chore: bump to 0.0.56 2024-11-07 13:53:31 +01:00
Éloi Rivard
39d020171c
doc: release instructions typo 2024-11-07 13:51:30 +01:00
Éloi Rivard
348637664b
doc: release instructions 2024-11-07 13:44:27 +01:00
Éloi Rivard
61c8fa73ae
chore: split the 'sql' package extra 
in 'sqlite', 'postgresql' and 'mysql'.
 2024-11-07 13:23:30 +01:00
Éloi Rivard
216ae58e0a
chore: dependency upgrade 2024-11-07 12:19:40 +01:00
Éloi Rivard
d2c3c99433
doc: additional contribution instructions improvements 2024-11-07 12:02:02 +01:00
Éloi Rivard
3c5ea2e6bb
doc: contribution instructions improvements 2024-11-07 11:59:00 +01:00
Éloi Rivard
d60b798f68
chore: another attempt to fix GHA style step 2024-11-07 11:45:59 +01:00
Éloi Rivard
a012814eca
chore: enable flake8-bugbear ruff rules 2024-11-07 11:44:29 +01:00
Éloi Rivard
64885cfefd
chore: fix GHA linters step 2024-11-07 11:35:54 +01:00
sebastien
9844818280 Merge branch '179-check-passwords-on-compromised-password-databases' of gitlab.com:yaal/canaille into 179-check-passwords-on-compromised-password-databases 2024-11-07 10:34:12 +01:00
sebastien
e6a9f2dcc6 Merge branch 'main' of gitlab.com:yaal/canaille into 179-check-passwords-on-compromised-password-databases 2024-11-07 09:15:29 +01:00
Éloi Rivard
52060266a2
chore: run Gitlab CI coverage step with python 3.12 until zxcvbn supports 3.13 2024-11-06 20:14:52 +01:00
Éloi Rivard
c6c7a8b686
chore: fix uv attributes in GHA 2024-11-06 20:13:16 +01:00
Éloi Rivard
6c4ef023cb
fix: disable zxcvbn for Python 3.13 
https://github.com/fief-dev/zxcvbn-rs-py/issues/2
 2024-11-06 19:23:43 +01:00
Éloi Rivard
a23a9b3ecc
doc: changelog update 2024-11-06 19:20:09 +01:00
Éloi Rivard
4fff9fa5a6 Merge branch 'issue-200-uv' into 'main' 
Migrate from poetry to uv

Closes #200

See merge request yaal/canaille!187
 2024-11-06 15:07:06 +00:00
sebastien
289176a086 replaces 'pwned' by 'compromised' 2024-11-06 15:57:51 +01:00
Éloi Rivard
c57244b9fa
fix: zxcvbn compilation in demo 
until https://github.com/fief-dev/zxcvbn-rs-py/issues/2 is fixed, it is
needed to manually force the compatibility with Python 3.13
 2024-11-06 15:21:15 +01:00
Éloi Rivard
6a6350e368
fix: with LDAP backend, edition the admin group would fail 
The `match_filter` method evaluate filters, and queries objects from their ids.
The value was stored in the `filter` arg, but being a dict it was
re-used during the following calls of `match_filter`.
After editing the `admin` group (by adding or removing an user), a new page is displayed, and as always it checks the user permissions.
The user permission check would call `match_filter` then compare an
updated version of the admin group (with one less or one new user) with
an unfortunate *cached* version in the `match_filter` `filter` arg.
With the SQL or the memory backend the comparision would be successful,
but it is not with the LDAP backend.
This resulted in permission loss for users after editing the `admin`
group. Being a method default value edited, it would remain until the
Canaille service was reloaded.

Related to https://stackoverflow.com/questions/1132941/least-astonishment-and-the-mutable-default-argument
 2024-11-06 15:00:57 +01:00
sebastien
56f0c9b51b hotfix api url following manual failed request tests 2024-11-06 13:51:50 +01:00
sebastien
025da08fd3 adds flash message for user when password compromise investigation failed. 2024-11-06 13:05:32 +01:00
sebastien
fa3a5f6616 gets the emails of each admin to send them the compromised_password_check_failure_mail 2024-11-06 12:56:35 +01:00
Éloi Rivard
fe8e1160ab
refactor: move session related methods in a dedicated file 2024-11-06 09:10:43 +01:00
sebastien
b47c949239 adds tests for check if password is compromised or not 2024-11-05 16:59:03 +01:00
sebastien
9708809714 updates file names, variable names to be clearer. 2024-11-05 16:18:45 +01:00
sebastien
ff871f1340 updates tests with compromised password check with api HIBP 2024-11-05 15:44:25 +01:00
sebastien
ca7f718353 adds mail sending to admin if failure of api HIBP request to check if password is compromised 2024-11-05 15:43:15 +01:00
Éloi Rivard
fb5c1bac15
chore: minimum authlib version is 1.3.0 2024-11-05 08:59:24 +01:00
Éloi Rivard
6503945f7a
chore: set minimum pycountry dependency to 23.12.7 2024-11-04 23:21:00 +01:00
sebastien
093397256b fix url typo 2024-11-04 11:15:32 +01:00
sebastien
0acbb40ecd consumes haveibeenpwned API directly 2024-11-04 08:55:55 +01:00
Éloi Rivard
f70b71db18
chore: dependency upgrade 2024-11-02 17:17:13 +01:00
Éloi Rivard
6a57a37377
tests: fix tox python versions 2024-11-02 16:57:52 +01:00
Éloi Rivard
f56d715543
doc: use uv in the RTD compilation 2024-11-01 22:25:22 +01:00
Éloi Rivard
adafa43ddc
chore: use 'uv-venv-lock-runner' as the default tox-uv runner 2024-11-01 14:18:10 +01:00