globuzma/canaille-globuzma
1
0
Fork 0
forked from Github-Mirrors/canaille
Code Pull requests Activity
2162 commits 5 branches 57 tags 18 MiB
Commit graph

1165 commits

Author SHA1 Message Date
sebastien
d41a4d1063 updates after merge main in branch 2024-11-12 09:41:03 +01:00
sebastien yaal
7b7ec74b9f Merge branch 'main' into '179-check-passwords-on-compromised-password-databases' 
# Conflicts:
#   CHANGES.rst
 2024-11-12 08:34:10 +00:00
sebastien
88986147d3 updates pybabel translations 2024-11-12 09:19:38 +01:00
sebastien
8284a41234 refacto for tests 2024-11-12 09:17:22 +01:00
sebastien
8104bbf03e adds new condition to help with tests and inform correctly the user with sending mail to admins if compromise password check failed 2024-11-08 15:19:11 +01:00
sebastien
f173a66793 adds new tests for compromised_password_check_failure situation. 2024-11-07 15:51:21 +01:00
Éloi Rivard
a012814eca
chore: enable flake8-bugbear ruff rules 2024-11-07 11:44:29 +01:00
sebastien
9844818280 Merge branch '179-check-passwords-on-compromised-password-databases' of gitlab.com:yaal/canaille into 179-check-passwords-on-compromised-password-databases 2024-11-07 10:34:12 +01:00
sebastien
e6a9f2dcc6 Merge branch 'main' of gitlab.com:yaal/canaille into 179-check-passwords-on-compromised-password-databases 2024-11-07 09:15:29 +01:00
Éloi Rivard
6c4ef023cb
fix: disable zxcvbn for Python 3.13 
https://github.com/fief-dev/zxcvbn-rs-py/issues/2
 2024-11-06 19:23:43 +01:00
sebastien
289176a086 replaces 'pwned' by 'compromised' 2024-11-06 15:57:51 +01:00
Éloi Rivard
6a6350e368
fix: with LDAP backend, edition the admin group would fail 
The `match_filter` method evaluate filters, and queries objects from their ids.
The value was stored in the `filter` arg, but being a dict it was
re-used during the following calls of `match_filter`.
After editing the `admin` group (by adding or removing an user), a new page is displayed, and as always it checks the user permissions.
The user permission check would call `match_filter` then compare an
updated version of the admin group (with one less or one new user) with
an unfortunate *cached* version in the `match_filter` `filter` arg.
With the SQL or the memory backend the comparision would be successful,
but it is not with the LDAP backend.
This resulted in permission loss for users after editing the `admin`
group. Being a method default value edited, it would remain until the
Canaille service was reloaded.

Related to https://stackoverflow.com/questions/1132941/least-astonishment-and-the-mutable-default-argument
 2024-11-06 15:00:57 +01:00
sebastien
56f0c9b51b hotfix api url following manual failed request tests 2024-11-06 13:51:50 +01:00
sebastien
025da08fd3 adds flash message for user when password compromise investigation failed. 2024-11-06 13:05:32 +01:00
sebastien
fa3a5f6616 gets the emails of each admin to send them the compromised_password_check_failure_mail 2024-11-06 12:56:35 +01:00
Éloi Rivard
fe8e1160ab
refactor: move session related methods in a dedicated file 2024-11-06 09:10:43 +01:00
sebastien
9708809714 updates file names, variable names to be clearer. 2024-11-05 16:18:45 +01:00
sebastien
ca7f718353 adds mail sending to admin if failure of api HIBP request to check if password is compromised 2024-11-05 15:43:15 +01:00
sebastien
093397256b fix url typo 2024-11-04 11:15:32 +01:00
sebastien
0acbb40ecd consumes haveibeenpwned API directly 2024-11-04 08:55:55 +01:00
sebastien yaal
f4e222a24c
Translated using Weblate (French) 
Currently translated at 100.0% (380 of 380 strings)

Translation: Canaille/Canaille
Translate-URL: https://hosted.weblate.org/projects/canaille/canaille/fr/
 2024-11-01 10:00:27 +01:00
gallegonovato
8af6263b2f
Translated using Weblate (Spanish) 
Currently translated at 100.0% (380 of 380 strings)

Translation: Canaille/Canaille
Translate-URL: https://hosted.weblate.org/projects/canaille/canaille/es/
 2024-10-29 23:11:51 +01:00
Hosted Weblate
161293bf53
Update translation files 
Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: Canaille/Canaille
Translate-URL: https://hosted.weblate.org/projects/canaille/canaille/
 2024-10-28 22:17:56 +01:00
sebastien yaal
a4bd03f71c feat: password strength indicator 2024-10-28 21:17:47 +00:00
Éloi Rivard
6b5e3e1a8e
fix: py310 unit tests 
For some reasons, list["Client"] does not resolve the ForwardRef in
python 3.10 as it does with typing.List["Client"], which in the end
breaks the memory backend model accessors.
 2024-10-28 21:41:55 +01:00
Éloi Rivard
0b51b01031
refactor: apply ruff migrations for python 3.10+ 2024-10-28 09:13:00 +01:00
Éloi Rivard
3a3cd304b8
tests: refactor logging tests 
add restaure 100% coverage
 2024-10-27 21:46:47 +01:00
Éloi Rivard
52031dd2c4
refactor: move logging machinery in its own dedicated file 2024-10-27 13:54:14 +01:00
Félix Rohrlich
603eab0b3c refactor : added proper security logging level and refactored change email logging 2024-10-21 11:17:55 +02:00
Félix Rohrlich
038e6c094e feat: Added security logs for email update, forgotten password mail, token emission/refresh/revokation, new consent, consent revokation #177 2024-10-14 14:04:39 +02:00
Félix Rohrlich
545fb2d342 feat: change password events are logged in #177 2024-10-09 15:55:01 +02:00
Éloi Rivard
3c0c2e53db
chore: update to htmx 2.0.3 2024-10-07 14:18:30 +02:00
Éloi Rivard
86623f6690
refactor: remove useless de-indexation code in MemoryBackend 
de-indexation was already achieved with the previous loop
 2024-09-19 17:39:24 +02:00
Éloi Rivard
b14cc2b5ad
refactor: separate the loading of User permissions 2024-09-18 10:00:58 +02:00
Éloi Rivard
813640fef9
refactor: User.can_read do not call private vars 
so they get a chance to be loaded if needed
 2024-09-17 19:58:07 +02:00
Éloi Rivard
c28a1e9351
fix: display a 500 error when SMTP configuration is defined but null 
this improves tests coverage
 2024-09-15 17:58:03 +02:00
Éloi Rivard
001d635295
tests: missing client_id on OIDC authorization page 2024-09-13 15:08:23 +02:00
Éloi Rivard
5149b96731
Translated using Weblate (French) 
Currently translated at 100.0% (377 of 377 strings)

Translation: Canaille/Canaille
Translate-URL: https://hosted.weblate.org/projects/canaille/canaille/fr/
 2024-09-13 08:47:36 +00:00
gallegonovato
b9be62b0cf
Translated using Weblate (Spanish) 
Currently translated at 100.0% (377 of 377 strings)

Translation: Canaille/Canaille
Translate-URL: https://hosted.weblate.org/projects/canaille/canaille/es/
 2024-09-13 08:47:36 +00:00
Hosted Weblate
20a7a7d1c9
Update translation files 
Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: Canaille/Canaille
Translate-URL: https://hosted.weblate.org/projects/canaille/canaille/
 2024-09-13 08:47:35 +00:00
Éloi Rivard
37ecb7a2ba
chore: use pyproject.toml with babel to extract strings 2024-09-12 19:29:59 +02:00
Éloi Rivard
cfabcc485c
chore: automitaclly fix typos 2024-09-11 09:33:42 +02:00
Moha684
269d238a28
Translated using Weblate (Breton) 
Currently translated at 10.8% (41 of 377 strings)

Translation: Canaille/Canaille
Translate-URL: https://hosted.weblate.org/projects/canaille/canaille/br/
 2024-08-08 21:09:20 +02:00
Moha684
67ce98b84b
Translated using Weblate (Spanish) 
Currently translated at 100.0% (377 of 377 strings)

Translation: Canaille/Canaille
Translate-URL: https://hosted.weblate.org/projects/canaille/canaille/es/
 2024-08-08 21:09:19 +02:00
Moha684
5efef5c74b
Added translation using Weblate (Breton) 2024-08-07 21:02:48 +02:00
Éloi Rivard
35fab7d321
fix: LDAP backend rdn_value could try to strip a None value 2024-07-25 17:39:40 +02:00
Éloi Rivard
e5328837fd
chore: pre-commit upgrade 2024-07-25 16:47:45 +02:00
Sascha
9e1b5e2a58
Translated using Weblate (German) 
Currently translated at 100.0% (377 of 377 strings)

Translation: Canaille/Canaille
Translate-URL: https://hosted.weblate.org/projects/canaille/canaille/de/
 2024-06-26 13:09:23 +02:00
Éloi Rivard
0cbaa3b3bc
feat: more blocks for theming firstlogin, forgotten-password and 
reset-password pages
 2024-05-21 18:08:44 +02:00
Éloi Rivard
61da0683bd
feat: more blocks for theming login and password pages 2024-05-21 17:17:48 +02:00
Éloi Rivard
18a711ef7d
doc: features and use cases documentation 2024-05-21 11:07:07 +02:00
Éloi Rivard
b46102bb75
fix: crash for passwordless users at login when no SMTP server was configured 2024-05-14 23:15:41 +02:00
Éloi Rivard
3fb5d0149d
fix: SMTP feature can be disabled again 2024-05-14 23:04:32 +02:00
Éloi Rivard
43f9f328a5
refactor: factorize features definition 2024-05-14 22:53:47 +02:00
Brunelie Lauret
069d23d262 Fix colors in dark theme for better readability 2024-05-14 10:15:18 +02:00
Éloi Rivard
194147d84e
doc: actually, document enums without any dependency 2024-05-14 09:32:32 +02:00
Éloi Rivard
345177f519
doc: user enum_tools instead of sphinx-auto-enum 2024-05-14 09:05:46 +02:00
Éloi Rivard
25f2b6dedd
feat: model management commands 2024-05-13 14:16:14 +02:00
Éloi Rivard
5beee67a61
fix: User group deletion without reading User.groups with LDAP backend 2024-05-12 22:28:32 +02:00
Éloi Rivard
4791d27569
doc: CLI documentation improvements 2024-05-12 11:33:22 +02:00
Éloi Rivard
b16630063b
fix: check command when SMTP configuration is not defined 2024-05-12 10:42:41 +02:00
Éloi Rivard
98e5849a65
fix: remove useless Flask CLI options 2024-05-08 10:31:34 +02:00
Éloi Rivard
3df1b9d7c7
doc: fix doc building 2024-05-08 10:08:46 +02:00
Éloi Rivard
17a994bd9f
doc: fix doc warnings 2024-05-08 09:33:52 +02:00
Éloi Rivard
4e99eaecea
tests: remove SQLAlchemy warnings on double deletions 2024-05-07 16:19:50 +02:00
Éloi Rivard
e44b2bf469
tests: fix CI 2024-05-03 22:35:57 +02:00
Éloi Rivard
851b383117
refactor: move listify from MemoryBackend to MemoryBackend 2024-05-03 22:25:21 +02:00
Éloi Rivard
cc9ed335cc
refactor: move MemoryBackend indexation logic into MemoryBackend 2024-05-03 22:25:21 +02:00
Éloi Rivard
16c3021a8f
refactor: Rename BaseBackend in Backend 2024-05-03 22:25:20 +02:00
Éloi Rivard
6ff591b91c
refactor: Move __html__ from BackendModel to Model 2024-05-03 22:25:20 +02:00
Éloi Rivard
b2d5f8d3a1
refactor: move BackendModel.update to Backend.update 2024-05-03 22:25:20 +02:00
Éloi Rivard
473a262ea2
refactor: move BackendModel.reload to Backend.reload 2024-05-03 22:25:20 +02:00
Éloi Rivard
2ccdaeadf6
refactor: move BackendModel.delete to Backend.delete 2024-05-03 22:22:08 +02:00
Éloi Rivard
09588e0f48
refactor: move BackendModel.save to Backend.save 2024-05-03 22:22:06 +02:00
Éloi Rivard
44573713ed
refactor: move BackendModel.get to Backend.get 2024-05-03 21:54:03 +02:00
Éloi Rivard
ccde88b1bf
refactor: BackendModel.get() is now Backend.instance 2024-05-03 21:46:28 +02:00
Éloi Rivard
fa6488bcd1
refactor: move BackendModel.fuzzy to Backend.fuzzy 2024-05-03 21:42:55 +02:00
Éloi Rivard
8425b2a3b8
refactor: move BackendModel.query to Backend.query 2024-05-03 21:42:54 +02:00
Éloi Rivard
93fa708b1c
refactor: move LDAPObjectQuery in its own file 2024-05-03 21:36:15 +02:00
Éloi Rivard
222d7676ca
Translated using Weblate (French) 
Currently translated at 100.0% (377 of 377 strings)

Co-authored-by: Éloi Rivard <eloi.rivard@nubla.fr>
Translate-URL: https://hosted.weblate.org/projects/canaille/canaille/fr/
Translation: Canaille/Canaille
 2024-05-02 19:09:09 +02:00
gallegonovato
95fb442546
Translated using Weblate (Spanish) 
Currently translated at 100.0% (377 of 377 strings)

Co-authored-by: gallegonovato <fran-carro@hotmail.es>
Translate-URL: https://hosted.weblate.org/projects/canaille/canaille/es/
Translation: Canaille/Canaille
 2024-05-02 19:09:07 +02:00
Hosted Weblate
a3a8281ffb
Update translation files 
Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Co-authored-by: Hosted Weblate <hosted@weblate.org>
Translate-URL: https://hosted.weblate.org/projects/canaille/canaille/
Translation: Canaille/Canaille
 2024-05-01 18:40:09 +02:00
Éloi Rivard
98b26ee6f3
fix: translatable f-string 2024-05-01 18:39:59 +02:00
Éloi Rivard
340daa21f8
Translated using Weblate (French) 
Currently translated at 100.0% (375 of 375 strings)

Co-authored-by: Éloi Rivard <eloi.rivard@nubla.fr>
Translate-URL: https://hosted.weblate.org/projects/canaille/canaille/fr/
Translation: Canaille/Canaille
 2024-04-29 20:07:19 +02:00
gallegonovato
82bd37f240
Translated using Weblate (Spanish) 
Currently translated at 100.0% (375 of 375 strings)

Co-authored-by: gallegonovato <fran-carro@hotmail.es>
Translate-URL: https://hosted.weblate.org/projects/canaille/canaille/es/
Translation: Canaille/Canaille
 2024-04-29 20:07:17 +02:00
Hosted Weblate
fec5f58244
Update translation files 
Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: Canaille/Canaille
Translate-URL: https://hosted.weblate.org/projects/canaille/canaille/
 2024-04-28 19:49:26 +02:00
Éloi Rivard
69019763d4
feat: group member removal can be achieved from the group edition page 2024-04-28 19:47:57 +02:00
Éloi Rivard
69b565e1ad
refactor: LDAP backend tolerates double deletions 2024-04-28 16:18:36 +02:00
Éloi Rivard
867de91740
Translated using Weblate (French) 
Currently translated at 100.0% (369 of 369 strings)

Translation: Canaille/Canaille
Translate-URL: https://hosted.weblate.org/projects/canaille/canaille/fr/
 2024-04-28 15:07:27 +02:00
gallegonovato
00269075c4
Translated using Weblate (Spanish) 
Currently translated at 100.0% (369 of 369 strings)

Translation: Canaille/Canaille
Translate-URL: https://hosted.weblate.org/projects/canaille/canaille/es/
 2024-04-28 15:07:25 +02:00
Éloi Rivard
e3ab3e0f7d
chore: bump to htmx 1.9.12 2024-04-28 09:31:39 +02:00
Éloi Rivard
288ad161d3
tests: test mail attachments mimetypes 2024-04-27 14:36:34 +02:00
Hosted Weblate
6ac4aadb02
Update translation files 
Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: Canaille/Canaille
Translate-URL: https://hosted.weblate.org/projects/canaille/canaille/
 2024-04-27 14:08:08 +02:00
Éloi Rivard
22d7c3e336
chore: extract translatable strings 2024-04-27 14:07:55 +02:00
Éloi Rivard
ebcaaeaded
tests: fix GHA 
For some reasons, webp mimetypes failed to be guessed on GHA.
 2024-04-27 14:06:20 +02:00
Éloi Rivard
dc89a20b11
chore: configure ruff 2024-04-23 22:12:04 +02:00
Éloi Rivard
256566df94
refactor: Model identifier_attributes are fixed. 2024-04-22 20:04:24 +02:00
Éloi Rivard
afa0a6ff1e
feat: env_prefix create_app variable can select the environment var prefix 2024-04-22 18:10:49 +02:00
Éloi Rivard
7fc887a492
feat: ENV_FILE configuration variable can customize the .env file 2024-04-22 16:37:31 +02:00
Éloi Rivard
9c86f5e9af
refactor: Use annotations to mark model attributes 2024-04-21 11:48:39 +02:00