globuzma/canaille-globuzma
1
0
Fork 0
forked from Github-Mirrors/canaille
Code Pull requests Activity
2076 commits 5 branches 57 tags 18 MiB
Commit graph

1140 commits

Author SHA1 Message Date
sebastien
e16d7394a9 updates pybabel translation 2024-11-19 15:44:02 +01:00
sebastien
033fd423e5 Merge branch '179-check-passwords-on-compromised-password-databases' of gitlab.com:yaal/canaille into 179-check-passwords-on-compromised-password-databases 2024-11-19 15:43:08 +01:00
sebastien
bcacef8414 updates pybabel translation 2024-11-19 15:40:52 +01:00
sebastien yaal
734f2a85ac Merge branch 'main' into '179-check-passwords-on-compromised-password-databases' 
# Conflicts:
#   canaille/translations/messages.pot
 2024-11-19 14:38:12 +00:00
sebastien
aaa17c2545 hotfix update previous commit 2024-11-19 14:48:56 +01:00
sebastien
bfff1bcdc1 refacto form test: separating htmx request and form submit 2024-11-19 14:46:38 +01:00
sebastien
d9f01fef6e hotfix 2024-11-19 13:56:07 +01:00
sebastien
b49f1df395 Adds configuration variable for hibp api url 2024-11-19 11:20:25 +01:00
sebastien
d18b555204 adds new log when HIBP API call fails 2024-11-19 09:11:02 +01:00
gallegonovato
b7f4d93159
Translated using Weblate (Spanish) 
Currently translated at 100.0% (381 of 381 strings)

Translation: Canaille/Canaille
Translate-URL: https://hosted.weblate.org/projects/canaille/canaille/es/
 2024-11-16 14:00:35 +01:00
sebastien
4487f66e9a updates pybabel translations 2024-11-15 16:28:52 +01:00
sebastien
9b8f8e9cd4 updates configuration and config.sample and demo config files toinclude new parameters. adds new tests for configuration condition. 2024-11-15 16:28:21 +01:00
Hosted Weblate
e0a390bf0a
Update translation files 
Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: Canaille/Canaille
Translate-URL: https://hosted.weblate.org/projects/canaille/canaille/
 2024-11-15 12:51:26 +01:00
sebastien
d10497d3d2 updates pybabel translation 2024-11-15 12:34:42 +01:00
sebastien
d6dfd439f3 adds tests for ENABLE_PASSWORD_COMPROMISSION_CHECK config 2024-11-14 16:10:43 +01:00
sebastien
ec43d9157f avoids api call from tests 2024-11-14 15:32:31 +01:00
sebastien
2787252d81 the only receiver of mail when the request on HIBP api have failed is current_app.config[CANAILLE][ADMIN_EMAIL] defined in config. 2024-11-13 16:24:35 +01:00
sebastien
738ea3a5ac adds description on ENABLE_PASSWORD_COMPROMISSION_CHECK config setting 2024-11-13 16:22:50 +01:00
sebastien
4c146cc970 changes flash message when the password is compromised. 2024-11-13 16:21:52 +01:00
sebastien
ae9c1309b9 adds pre-visualization mail buttons when api request on HIBP have failed in canaille/core/templates/mails/admin.html 2024-11-13 16:20:30 +01:00
sebastien
2a57a05155 adds configuration option set by default False to check password compromise 2024-11-13 16:12:50 +01:00
Éloi Rivard
08e0dd47bd
fix: disable the mail sending test when no SMTP server is configured 2024-11-13 10:58:11 +01:00
sebastien
1522f05348 updates pybabel translation 2024-11-12 16:53:11 +01:00
sebastien
ea24f96e85 adds new config variable in case there is no default admin group in ACL/ADMIN/FILTER 2024-11-12 16:50:00 +01:00
sebastien
62ceadb64f refacto : isolate function to avoid import loops and clarify the role of the function (not in core because 'utils', not in mail to ovaid loop, not in form because not form) 2024-11-12 16:48:15 +01:00
sebastien
d41a4d1063 updates after merge main in branch 2024-11-12 09:41:03 +01:00
sebastien yaal
7b7ec74b9f Merge branch 'main' into '179-check-passwords-on-compromised-password-databases' 
# Conflicts:
#   CHANGES.rst
 2024-11-12 08:34:10 +00:00
sebastien
88986147d3 updates pybabel translations 2024-11-12 09:19:38 +01:00
sebastien
8284a41234 refacto for tests 2024-11-12 09:17:22 +01:00
sebastien
8104bbf03e adds new condition to help with tests and inform correctly the user with sending mail to admins if compromise password check failed 2024-11-08 15:19:11 +01:00
sebastien
f173a66793 adds new tests for compromised_password_check_failure situation. 2024-11-07 15:51:21 +01:00
Éloi Rivard
a012814eca
chore: enable flake8-bugbear ruff rules 2024-11-07 11:44:29 +01:00
sebastien
9844818280 Merge branch '179-check-passwords-on-compromised-password-databases' of gitlab.com:yaal/canaille into 179-check-passwords-on-compromised-password-databases 2024-11-07 10:34:12 +01:00
sebastien
e6a9f2dcc6 Merge branch 'main' of gitlab.com:yaal/canaille into 179-check-passwords-on-compromised-password-databases 2024-11-07 09:15:29 +01:00
Éloi Rivard
6c4ef023cb
fix: disable zxcvbn for Python 3.13 
https://github.com/fief-dev/zxcvbn-rs-py/issues/2
 2024-11-06 19:23:43 +01:00
sebastien
289176a086 replaces 'pwned' by 'compromised' 2024-11-06 15:57:51 +01:00
Éloi Rivard
6a6350e368
fix: with LDAP backend, edition the admin group would fail 
The `match_filter` method evaluate filters, and queries objects from their ids.
The value was stored in the `filter` arg, but being a dict it was
re-used during the following calls of `match_filter`.
After editing the `admin` group (by adding or removing an user), a new page is displayed, and as always it checks the user permissions.
The user permission check would call `match_filter` then compare an
updated version of the admin group (with one less or one new user) with
an unfortunate *cached* version in the `match_filter` `filter` arg.
With the SQL or the memory backend the comparision would be successful,
but it is not with the LDAP backend.
This resulted in permission loss for users after editing the `admin`
group. Being a method default value edited, it would remain until the
Canaille service was reloaded.

Related to https://stackoverflow.com/questions/1132941/least-astonishment-and-the-mutable-default-argument
 2024-11-06 15:00:57 +01:00
sebastien
56f0c9b51b hotfix api url following manual failed request tests 2024-11-06 13:51:50 +01:00
sebastien
025da08fd3 adds flash message for user when password compromise investigation failed. 2024-11-06 13:05:32 +01:00
sebastien
fa3a5f6616 gets the emails of each admin to send them the compromised_password_check_failure_mail 2024-11-06 12:56:35 +01:00
Éloi Rivard
fe8e1160ab
refactor: move session related methods in a dedicated file 2024-11-06 09:10:43 +01:00
sebastien
9708809714 updates file names, variable names to be clearer. 2024-11-05 16:18:45 +01:00
sebastien
ca7f718353 adds mail sending to admin if failure of api HIBP request to check if password is compromised 2024-11-05 15:43:15 +01:00
sebastien
093397256b fix url typo 2024-11-04 11:15:32 +01:00
sebastien
0acbb40ecd consumes haveibeenpwned API directly 2024-11-04 08:55:55 +01:00
sebastien yaal
f4e222a24c
Translated using Weblate (French) 
Currently translated at 100.0% (380 of 380 strings)

Translation: Canaille/Canaille
Translate-URL: https://hosted.weblate.org/projects/canaille/canaille/fr/
 2024-11-01 10:00:27 +01:00
gallegonovato
8af6263b2f
Translated using Weblate (Spanish) 
Currently translated at 100.0% (380 of 380 strings)

Translation: Canaille/Canaille
Translate-URL: https://hosted.weblate.org/projects/canaille/canaille/es/
 2024-10-29 23:11:51 +01:00
Hosted Weblate
161293bf53
Update translation files 
Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: Canaille/Canaille
Translate-URL: https://hosted.weblate.org/projects/canaille/canaille/
 2024-10-28 22:17:56 +01:00
sebastien yaal
a4bd03f71c feat: password strength indicator 2024-10-28 21:17:47 +00:00
Éloi Rivard
6b5e3e1a8e
fix: py310 unit tests 
For some reasons, list["Client"] does not resolve the ForwardRef in
python 3.10 as it does with typing.List["Client"], which in the end
breaks the memory backend model accessors.
 2024-10-28 21:41:55 +01:00