globuzma/canaille-globuzma
1
0
Fork 0
forked from Github-Mirrors/canaille
Code Pull requests Activity
canaille-globuzma/doc/locales/ta/LC_MESSAGES/doc.po
Hosted Weblate 92e6cf3cb6
Update translation files 
Updated by "Update PO files to match POT (msgmerge)" add-on in Weblate.

Translation: Canaille/Documentation
Translate-URL: https://hosted.weblate.org/projects/canaille/documentation/
2025-01-08 16:05:07 +00:00

6872 lines
232 KiB
Text
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# SOME DESCRIPTIVE TITLE.
# Copyright (C) 2024, Yaal Coop
# This file is distributed under the same license as the canaille package.
# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
#
msgid ""
msgstr ""
"Project-Id-Version: canaille 0.0.56\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2025-01-08 17:04+0100\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: Automatically generated\n"
"Language-Team: none\n"
"Language: ta\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
#: ../development/changelog.rst:2 3fb33c37ddc0459280f3c58be943008e
msgid "Release notes"
msgstr ""
#: ../development/changelog.rst:4 67e645fac3b646bba12959afa71710cc
msgid "All notable changes to this project will be documented in there."
msgstr ""
#: ../development/changelog.rst:6 6c5d0b8435cf4001afa1fe74104daf7a
msgid ""
"The format is based on `Keep a Changelog <https://keepachangelog.com/"
"en/1.0.0/>`_, and this project adheres to `Semantic Versioning <https://"
"semver.org/spec/v2.0.0.html>`_."
msgstr ""
#: ../../CHANGES.rst:2 c415689d242946298da972c97d5bb0c4
msgid "[0.0.58] - Unreleased"
msgstr ""
#: ../../CHANGES.rst:5 ../../CHANGES.rst:22 ../../CHANGES.rst:56
#: ../../CHANGES.rst:84 ../../CHANGES.rst:103 ../../CHANGES.rst:110
#: ../../CHANGES.rst:129 ../../CHANGES.rst:189 ../../CHANGES.rst:215
#: ../../CHANGES.rst:230 ../../CHANGES.rst:279 ../../CHANGES.rst:305
#: ../../CHANGES.rst:324 ../../CHANGES.rst:332 ../../CHANGES.rst:341
#: ../../CHANGES.rst:367 ../../CHANGES.rst:402 ../../CHANGES.rst:428
#: ../../CHANGES.rst:477 ../../CHANGES.rst:505 ../../CHANGES.rst:535
#: ../../CHANGES.rst:591 ../../CHANGES.rst:624 ../../CHANGES.rst:645
#: ../../CHANGES.rst:655 ../../CHANGES.rst:678 ../../CHANGES.rst:745
#: ../../CHANGES.rst:783 ../../CHANGES.rst:800 ../../CHANGES.rst:836
#: 91a8054efa234209906812cdd41bd586 2e9453d4722144fd9ad7f53b28a7cb37
msgid "Added"
msgstr ""
#: ../../CHANGES.rst:6 8593aca44439457296e5591823f56739
msgid "``--version`` option to the CLI. :pr:`209`"
msgstr ""
#: ../../CHANGES.rst:7 efa1fc20329f42918fe6a530617cf102
msgid ""
":attr:`~canaille.backends.sql.configuration.SQLSettings.PASSWORD_SCHEMES` :"
"issue:`175`"
msgstr ""
#: ../../CHANGES.rst:8 0f7d8f6a51e545499fcff7acd93586e3
msgid "`canaille get --all` command option to perform full database dumps"
msgstr ""
#: ../../CHANGES.rst:11 ../../CHANGES.rst:15 ../../CHANGES.rst:44
#: ../../CHANGES.rst:64 ../../CHANGES.rst:77 ../../CHANGES.rst:89
#: ../../CHANGES.rst:114 ../../CHANGES.rst:122 ../../CHANGES.rst:170
#: ../../CHANGES.rst:196 ../../CHANGES.rst:248 ../../CHANGES.rst:285
#: ../../CHANGES.rst:354 ../../CHANGES.rst:372 ../../CHANGES.rst:410
#: ../../CHANGES.rst:449 ../../CHANGES.rst:484 ../../CHANGES.rst:527
#: ../../CHANGES.rst:631 ../../CHANGES.rst:685 ../../CHANGES.rst:717
#: ../../CHANGES.rst:731 254357b217fe4a309d66a400497a104a
msgid "Changed"
msgstr ""
#: ../../CHANGES.rst:12 ../../CHANGES.rst:16 d1eb743e584f441d9b1dbf0669995b45
#: c15803fd37484051a8f92213756c4d22
msgid "fixed a bug on updating user's settings :issue:`206`"
msgstr ""
#: ../../CHANGES.rst:19 9d53638e5933499baafec12390f02e23
msgid "[0.0.57] - 2024-12-31"
msgstr ""
#: ../../CHANGES.rst:23 5b4f3aa107a74df3ba845920503dfdc5
msgid "Intruder lockout :issue:`173`"
msgstr ""
#: ../../CHANGES.rst:24 efa1fc20329f42918fe6a530617cf102
msgid ""
":attr:`~canaille.core.configuration.CoreSettings.ENABLE_INTRUDER_LOCKOUT` :"
"issue:`173`"
msgstr ""
#: ../../CHANGES.rst:26 cdab69b7537c452caa3eadb572993a40
msgid "Multi-factor authentication :issue:`47`"
msgstr ""
#: ../../CHANGES.rst:27 a90b270f7e144a4b81babbac96f5ff22
msgid ""
":attr:`~canaille.core.configuration.CoreSettings.OTP_METHOD` and :attr:"
"`~canaille.core.configuration.CoreSettings.EMAIL_OTP` and :attr:`~canaille."
"core.configuration.CoreSettings.SMS_OTP` and :attr:`~canaille.core."
"configuration.CoreSettings.SMPP` :issue:`47`"
msgstr ""
#: ../../CHANGES.rst:32 05060126fea740ef82fba8246132aa6e
msgid "Password compromission check :issue:`179`"
msgstr ""
#: ../../CHANGES.rst:33 a90b270f7e144a4b81babbac96f5ff22
msgid ""
":attr:`~canaille.core.configuration.CoreSettings.ADMIN_EMAIL` and :attr:"
"`~canaille.core.configuration.CoreSettings."
"ENABLE_PASSWORD_COMPROMISSION_CHECK` and :attr:`~canaille.core.configuration."
"CoreSettings.PASSWORD_COMPROMISSION_CHECK_API_URL` :issue:`179`"
msgstr ""
#: ../../CHANGES.rst:37 2cfcbdba2e9541dbab610bc724a2683a
msgid "Implement OIDC client_credentials flow. :issue:`207`"
msgstr ""
#: ../../CHANGES.rst:38 1e36a8464f6045708cf07b39bcdfea1c
msgid "Button in the client admin page to create client tokens."
msgstr ""
#: ../../CHANGES.rst:39 c69d8b01e4194d5b9268b84ab81849d6
msgid "Basic SCIM implementation. :issue:`116` :pr:`197`"
msgstr ""
#: ../../CHANGES.rst:40 c777083179094cd994619adcfc8499d9
msgid "Password expiry policy :issue:`176`"
msgstr ""
#: ../../CHANGES.rst:41 efa1fc20329f42918fe6a530617cf102
msgid ":attr:`~canaille.core.configuration.CoreSettings.PASSWORD_LIFETIME`"
msgstr ""
#: ../../CHANGES.rst:45 bb196cd8528b48628628ab53c5288b49
msgid ""
"PostgreSQL and MySQL extras does not rely on libraries that need to be "
"compiled."
msgstr ""
#: ../../CHANGES.rst:46 c36865875c264bb4a34d614ea2be23cf
msgid ""
"``.env`` files are not loaded by default. The ``ENV_FILE`` env var must be "
"passed so ``.env`` files are loaded."
msgstr ""
#: ../../CHANGES.rst:49 045b041136be49de8d54674ad57fea87
msgid "[0.0.56] - 2024-11-07"
msgstr ""
#: ../../CHANGES.rst:52 ../../CHANGES.rst:94 ../../CHANGES.rst:133
#: ../../CHANGES.rst:141 ../../CHANGES.rst:149 ../../CHANGES.rst:156
#: ../../CHANGES.rst:163 ../../CHANGES.rst:177 ../../CHANGES.rst:207
#: ../../CHANGES.rst:220 ../../CHANGES.rst:238 ../../CHANGES.rst:257
#: ../../CHANGES.rst:265 ../../CHANGES.rst:291 ../../CHANGES.rst:299
#: ../../CHANGES.rst:319 ../../CHANGES.rst:349 ../../CHANGES.rst:381
#: ../../CHANGES.rst:389 ../../CHANGES.rst:415 ../../CHANGES.rst:435
#: ../../CHANGES.rst:459 ../../CHANGES.rst:469 ../../CHANGES.rst:490
#: ../../CHANGES.rst:498 ../../CHANGES.rst:521 ../../CHANGES.rst:544
#: ../../CHANGES.rst:556 ../../CHANGES.rst:565 ../../CHANGES.rst:574
#: ../../CHANGES.rst:583 ../../CHANGES.rst:603 ../../CHANGES.rst:610
#: ../../CHANGES.rst:660 ../../CHANGES.rst:668 ../../CHANGES.rst:693
#: ../../CHANGES.rst:701 ../../CHANGES.rst:709 ../../CHANGES.rst:722
#: ../../CHANGES.rst:736 ../../CHANGES.rst:768 ../../CHANGES.rst:791
#: ../../CHANGES.rst:822 13ee0de3f7db4046b8399917e8d52e0b
msgid "Fixed"
msgstr ""
#: ../../CHANGES.rst:53 10c707b06b884b168b2dd26bffd7bf76
msgid ""
"With LDAP backend, updating another user groups could result in a permission "
"lost for the editor. :issue:`202`"
msgstr ""
#: ../../CHANGES.rst:57 efa1fc20329f42918fe6a530617cf102
msgid ""
":attr:`~canaille.core.configuration.CoreSettings.MAX_PASSWORD_LENGTH` and :"
"attr:`~canaille.core.configuration.CoreSettings.MIN_PASSWORD_LENGTH` "
"configuration options :issue:`174`"
msgstr ""
#: ../../CHANGES.rst:59 cdab69b7537c452caa3eadb572993a40
msgid "Password strength visual indicator. :issue:`174`"
msgstr ""
#: ../../CHANGES.rst:60 2ae6bad543d64621886630d3db7832e6
msgid "Security events logs. :issue:`177`"
msgstr ""
#: ../../CHANGES.rst:61 40ab5f1ed3bc406fb662d0025e5b3212
msgid "Support for Python 3.13. :pr:`186`"
msgstr ""
#: ../../CHANGES.rst:65 c7940e351aac4939b964ccb80cebd616
msgid "Update to `HTMX` 2.0.3. :pr:`184`"
msgstr ""
#: ../../CHANGES.rst:66 dfc1569ae0ec412d86503a0695522fa5
msgid "Migrate the Python project management tool from poetry to uv. :pr:`187`"
msgstr ""
#: ../../CHANGES.rst:67 40c97bec2553487fa62efc486d3ee444
msgid ""
"The ``sql`` package extra is now split between ``sqlite``, ``postgresql`` "
"and ``mysql``."
msgstr ""
#: ../../CHANGES.rst:70 ../../CHANGES.rst:420 ../../CHANGES.rst:828
#: bc1a20b5783a4fe38fa201438a8075e5
msgid "Removed"
msgstr ""
#: ../../CHANGES.rst:71 3f97d00692d047dbbecb5c18a2d45b07
msgid "End support for Python 3.9. :pr:`179`"
msgstr ""
#: ../../CHANGES.rst:74 4a57056601f148969254d2f049e0f460
msgid "[0.0.55] - 2024-08-30"
msgstr ""
#: ../../CHANGES.rst:78 a037ad5da20049ad82e9f9b0d766cfbb
msgid "Use poetry-core build backend. :pr:`178`"
msgstr ""
#: ../../CHANGES.rst:81 d6bf96b8e5cc4a6f8e099b48c1951a6a
msgid "[0.0.54] - 2024-07-25"
msgstr ""
#: ../../CHANGES.rst:85 062bcc176aac499384187fcb06e2a00b
msgid ""
"Group member removal can be achieved from the group edition page. :issue:"
"`192`"
msgstr ""
#: ../../CHANGES.rst:86 8680469549c74d37a52b1c6252c74d57
msgid "Model management commands. :issue:`117` :issue:`54`"
msgstr ""
#: ../../CHANGES.rst:90 c19428c67d8f4d198d0ab97defe14fb3
msgid "Model `identifier_attributes` are fixed."
msgstr ""
#: ../../CHANGES.rst:91 571f38b1484b43e2beed6f33eb675700
msgid "Bump to `HTMX` 1.9.12. :pr:`172`"
msgstr ""
#: ../../CHANGES.rst:96 9e54da898699471194477836791f08a6
msgid "Dark theme colors for better readability."
msgstr ""
#: ../../CHANGES.rst:97 4e0f2a8e03a447e59cb0a2b0e6d208f1
msgid ""
"Crash for passwordless users at login when no SMTP server was configured."
msgstr ""
#: ../../CHANGES.rst:100 a9273241db7e4137bac5973b20e3ec5d
msgid "[0.0.53] - 2024-04-22"
msgstr ""
#: ../../CHANGES.rst:104 17fbf739a68a4e59b5cc6da8befa1c6f
msgid ""
"`env_prefix` `create_app`` variable can select the environment var prefix."
msgstr ""
#: ../../CHANGES.rst:107 7bdc8f732053463b95353cdf5c994838
msgid "[0.0.52] - 2024-04-22"
msgstr ""
#: ../../CHANGES.rst:111 bc7d1037cdfd40a69044f465467f6834
msgid "`env_file` create_app variable can customize/disable the .env file."
msgstr ""
#: ../../CHANGES.rst:115 9685a5e5a13147f093ac57e2039fe11b
msgid "Locked users cannot be impersonated anymore."
msgstr ""
#: ../../CHANGES.rst:116 1b83a24a97384c2faab67e915701e6b2
msgid "Minimum Python requirement is 3.9."
msgstr ""
#: ../../CHANGES.rst:119 e88f01e3f89f45f2a63b456f8e304d3d
msgid "[0.0.51] - 2024-04-09"
msgstr ""
#: ../../CHANGES.rst:123 aae3d126989840578ec2b08058aad688
msgid "Display the menu bar on error pages."
msgstr ""
#: ../../CHANGES.rst:126 22b11dc18595450fa5e7fe5f35824ebe
msgid "[0.0.50] - 2024-04-09"
msgstr ""
#: ../../CHANGES.rst:130 fc1bc503759c4beb943e9dcbf0c4a9cf
msgid "Sign in/out events are logged in. :issue:`177`"
msgstr ""
#: ../../CHANGES.rst:134 cfe0182123c94bcc9ee847739bd2e114
msgid "`HTMX` and `JAVASCRIPT` configuration settings."
msgstr ""
#: ../../CHANGES.rst:135 3bc7c83763d34549bac91df86a22b3a0
msgid "Compatibility with old sessions IDs."
msgstr ""
#: ../../CHANGES.rst:138 cdee0bee34024d21bace2d77ff637ed9
msgid "[0.0.49] - 2024-04-08"
msgstr ""
#: ../../CHANGES.rst:142 f9c9585c305d47628adffcae287229d2
msgid "LDAP user group removal."
msgstr ""
#: ../../CHANGES.rst:143 c25c5c6a9cca4061be6502cae5e86ba2
msgid ""
"Display an error message when trying to remove the last user from a group."
msgstr ""
#: ../../CHANGES.rst:146 5e0c66b55801444497954839297b97eb
msgid "[0.0.48] - 2024-04-08"
msgstr ""
#: ../../CHANGES.rst:150 bd9920a130844ee897863a6b649484e2
msgid "LDAP ``objectClass`` guessing exception."
msgstr ""
#: ../../CHANGES.rst:153 93cf829932204311ba399ae713aff29f
msgid "[0.0.47] - 2024-04-08"
msgstr ""
#: ../../CHANGES.rst:157 b7a5d3351a334b0592b12373e1c7afa6
msgid "Lazy permission loading exception."
msgstr ""
#: ../../CHANGES.rst:160 c6000ae4f0fc4d488ab180c3aa9eb144
msgid "[0.0.46] - 2024-04-08"
msgstr ""
#: ../../CHANGES.rst:164 db4476f22ad049f49833696323eb1b33
msgid ""
"Saving an object with the LDAP backend keeps the ``objectClass`` un-managed "
"by Canaille. :pr:`171`"
msgstr ""
#: ../../CHANGES.rst:167 d7117b0322b549ff87b73b8e4c839915
msgid "[0.0.45] - 2024-04-04"
msgstr ""
#: ../../CHANGES.rst:171 9690ab893eef4290a52b1137f24b9be8
msgid "Internal indexation mechanism of ``MemoryModel``."
msgstr ""
#: ../../CHANGES.rst:174 be79650410904879b53da2c62ac092d5
msgid "[0.0.44] - 2024-03-29"
msgstr ""
#: ../../CHANGES.rst:178 1c2533bc36b548c59361d7b3e304cce6
msgid "Fix the default LDAP ``USER_FILTER`` value."
msgstr ""
#: ../../CHANGES.rst:179 c429e79bd5aa46edb7b4cd1bd87c3ad8
msgid "Fix the OIDC feature detection."
msgstr ""
#: ../../CHANGES.rst:182 51a43a574cc943b5912effdaa67f8690
msgid "[0.0.43] - 2024-03-29"
msgstr ""
#: ../../CHANGES.rst:186 ../../CHANGES.rst:445 02e8eccba3b74e889a68c78dc51e0a24
msgid "Configuration files must be updated."
msgstr ""
#: ../../CHANGES.rst:191 a39fba5f25754fdc9f0f339142ff0320
msgid "Add ``created`` and ``last_modified`` datetime for all models."
msgstr ""
#: ../../CHANGES.rst:192 b1e37ddf62994798a70a23cff76ed4d6
msgid "Sitemap to the documentation. :pr:`169`"
msgstr ""
#: ../../CHANGES.rst:193 54cf20bc59af4634af6b3f2d0e10c5e9
msgid ""
"Configuration management with `pydantic-settings`. :issue:`138` :pr:`170`"
msgstr ""
#: ../../CHANGES.rst:198 689b4f88ba4b43db8c8b1a7bff0aebe6
msgid "Use default Python logging configuration format. :issue:`188` :pr:`165`"
msgstr ""
#: ../../CHANGES.rst:199 7d18c66450654e25a65749ea273b859d
msgid "Bump to `HTMX` 1.99.11. :pr:`166`"
msgstr ""
#: ../../CHANGES.rst:200 9d053f12577548bc8cff1add00376bae
msgid ""
"Use the standard tomllib Python module instead of `toml` starting from "
"Python 3.11. :pr:`167`"
msgstr ""
#: ../../CHANGES.rst:201 fd8c1c0314b2465c9cacb4ba593eae77
msgid "Use shibuya as the documentation theme :pr:`168`"
msgstr ""
#: ../../CHANGES.rst:204 abc0b3ba739e4f99866d02027d8128d2
msgid "[0.0.42] - 2023-12-29"
msgstr ""
#: ../../CHANGES.rst:209 74e8932123b744b2809d370b36980326
msgid "Avoid to fail on imports if ``cryptography`` is missing."
msgstr ""
#: ../../CHANGES.rst:212 41f209b7a9054599b7b71d4fab3afe8f
msgid "[0.0.41] - 2023-12-25"
msgstr ""
#: ../../CHANGES.rst:217 77ff8fdeadf94e2f8696b2f5b9bd9349
msgid ""
"OIDC support for the ``create`` value of the ``prompt`` parameter. :issue:"
"`185` :pr:`164`"
msgstr ""
#: ../../CHANGES.rst:222 8940d9836a9f46a09613c3646e1d55f8
msgid ""
"Correctly set up :attr:`~canaille.oidc.basemodels.Client.audience` during "
"OIDC dynamic registration."
msgstr ""
#: ../../CHANGES.rst:223 bb9a9230771445b6a7c93f042fb289ee
msgid ""
"``post_logout_redirect_uris`` was ignored during OIDC dynamic registration."
msgstr ""
#: ../../CHANGES.rst:224 b5d0341447ef443b969d2a48457442f2
msgid "Group field error prevented the registration form validation."
msgstr ""
#: ../../CHANGES.rst:227 7bcad6150cbc4883817538eb23bed3bd
msgid "[0.0.40] - 2023-12-22"
msgstr ""
#: ../../CHANGES.rst:232 aae4204166c443f99e04d84842dd6dd9
msgid "The ``THEME`` setting can be a relative path."
msgstr ""
#: ../../CHANGES.rst:235 26224cfa5ee647a2b15239a78065f5f7
msgid "[0.0.39] - 2023-12-15"
msgstr ""
#: ../../CHANGES.rst:240 14b2b67c379045d681ee712797f44328
msgid "Crash when no ACL were defined."
msgstr ""
#: ../../CHANGES.rst:241 38649598ac954d29843b54b15343dd15
msgid "OIDC Userinfo endpoint is also available in POST."
msgstr ""
#: ../../CHANGES.rst:242 ed1da2958a1646fd82c70171a5c04317
msgid "Fix redirection after password reset. :issue:`159`"
msgstr ""
#: ../../CHANGES.rst:245 8f2bc47f69554f539aa2836958029d59
msgid "[0.0.38] - 2023-12-15"
msgstr ""
#: ../../CHANGES.rst:250 24f252671c9a4a3590e94e5e563e4d19
msgid "Convert all the `PNG` pictures in `Webp`. :pr:`162`"
msgstr ""
#: ../../CHANGES.rst:251 8a1d423f79f749868c06a775e9c21bd2
msgid "Update to Flask 3. :issue:`161` :pr:`163`"
msgstr ""
#: ../../CHANGES.rst:254 9d53638e5933499baafec12390f02e23
msgid "[0.0.37] - 2023-12-01"
msgstr ""
#: ../../CHANGES.rst:259 5ed255dd094a4a3aae1b75edf54001ad
msgid "Handle 4xx and 5xx error codes with HTMX. :issue:`171` :pr:`161`"
msgstr ""
#: ../../CHANGES.rst:262 26d16685ada341a29bf6ee6e98997128
msgid "[0.0.36] - 2023-12-01"
msgstr ""
#: ../../CHANGES.rst:267 2cfddfd6843e4cbfb1b645c84bc70322
msgid "Avoid crashing when LDAP groups references unexisting users."
msgstr ""
#: ../../CHANGES.rst:268 f5714a32e81841e29f2619f6ee5464e8
msgid ""
"Password reset and initialization mails were only sent to the preferred user "
"email address."
msgstr ""
#: ../../CHANGES.rst:270 4e121ada1cc24b7b8051d085b0ce464b
msgid ""
"Password reset and initialization mails were not sent at all the user "
"addresses if one email address could not be reached."
msgstr ""
#: ../../CHANGES.rst:272 c5fc8c86d3df4732b3a06f70dd89af18
msgid "Password comparison was too permissive on login."
msgstr ""
#: ../../CHANGES.rst:273 36f936a6dd8c41c5bc833d928f347321
msgid "Encrypt passwords in the SQL backend."
msgstr ""
#: ../../CHANGES.rst:276 76befacfb135435fbee6ee0fe07f40e5
msgid "[0.0.35] - 2023-11-25"
msgstr ""
#: ../../CHANGES.rst:281 14d361d80e4c429f929b943d3321e895
msgid ""
"Refresh token grant supports other client authentication methods. :pr:`157`"
msgstr ""
#: ../../CHANGES.rst:282 c52cda2685214bcab533db539acee007
msgid "Implement a SQLAlchemy backend. :issue:`30` :pr:`158`"
msgstr ""
#: ../../CHANGES.rst:287 57670f55b7644a0888ab65cd2da2fd8c
msgid "Model attributes cardinality is closer to SCIM model. :pr:`155`"
msgstr ""
#: ../../CHANGES.rst:288 f4ef25b7b38b42a48fb2a32c5cd8888f
msgid "Bump to `HTMX` 1.9.9. :pr:`159`"
msgstr ""
#: ../../CHANGES.rst:293 49b0b7da40204fdeaf40c5281235c2a6
msgid "Disable `HTMX` boosting during the OIDC dance. :pr:`160`"
msgstr ""
#: ../../CHANGES.rst:296 db372dee122e4b4fb18c2c99dd056ce2
msgid "[0.0.34] - 2023-10-02"
msgstr ""
#: ../../CHANGES.rst:301 a4b5211e96894c5d9d51b2630d6aea17
msgid ""
"Canaille installations without account lockabilty could not delete users. :"
"pr:`153`"
msgstr ""
#: ../../CHANGES.rst:307 4f4ca04b08a04dcb8f6a2eb6605f0e13
msgid ""
"If users register or authenticate during a OAuth Authorization phase, they "
"get redirected back to that page afterwards. :issue:`168` :pr:`151`"
msgstr ""
#: ../../CHANGES.rst:310 298ffe26093441918be8b38d13f0cc58
msgid ""
"The `flask-babel` and `pytz` libraries are now part of the `front` packaging "
"extras."
msgstr ""
#: ../../CHANGES.rst:311 ccb502180d634f11ad173619af1b68d8
msgid "Bump to `fomantic-ui` 2.9.3. :pr:`152`"
msgstr ""
#: ../../CHANGES.rst:312 7413676f512d4473972484920ff5f060
msgid "Bump to `HTMX` 1.9.6. :pr:`154`"
msgstr ""
#: ../../CHANGES.rst:313 7905327465c44c09b2a10854abe79960
msgid "Support for Python 3.12. :pr:`155`"
msgstr ""
#: ../../CHANGES.rst:316 808e57e560f74a25b60029fbd6531d2e
msgid "[0.0.33] - 2023-08-26"
msgstr ""
#: ../../CHANGES.rst:321 1179dc27648248188fdecf5696fd5045
msgid "OIDC jwks endpoint do not return empty `kid` claim."
msgstr ""
#: ../../CHANGES.rst:326 b8b2caca239b4b609143ffd267522a16
msgid "Documentation details on the Canaille models."
msgstr ""
#: ../../CHANGES.rst:329 dd35ed0e27664b6b954e9b39881f14bc
msgid "[0.0.32] - 2023-08-17"
msgstr ""
#: ../../CHANGES.rst:334 bdcae061315a4e92a6bc1a48475cb351
msgid "Additional inmemory backend. :issue:`30` :pr:`149`"
msgstr ""
#: ../../CHANGES.rst:335 c39cbed721254ce5ad9c250de1e7ea41
msgid "Installation extras. :issue:`167` :pr:`150`"
msgstr ""
#: ../../CHANGES.rst:338 5311648e4c714ed29e89e9644167f963
msgid "[0.0.31] - 2023-08-15"
msgstr ""
#: ../../CHANGES.rst:343 a6a4b510a0ac4b4ebeb9160510f72d77
msgid ""
"Configuration option to disable the forced usage of OIDC `nonce` parameter. :"
"pr:`143`"
msgstr ""
#: ../../CHANGES.rst:344 37eb24ef005e44da8ae0f4c48bda766c
msgid "Validate phone numbers with a regex. :pr:`146`"
msgstr ""
#: ../../CHANGES.rst:345 2be2120a0500430a8d854d1b8f19a0bf
msgid "Email verification. :issue:`41` :pr:`147`"
msgstr ""
#: ../../CHANGES.rst:346 d3be95492ef348efa77976515d4ffca9
msgid "Account registration. :issue:`55` :pr:`133` :pr:`148`"
msgstr ""
#: ../../CHANGES.rst:351 1a3da0153c2b451d99665d2b61c512f2
msgid "The `check` command uses the default configuration values."
msgstr ""
#: ../../CHANGES.rst:356 15f35fa96af04e508b1a6448d866cb5f
msgid "Modals do not need use Javascript at the moment. :issue:`158` :pr:`144`"
msgstr ""
#: ../../CHANGES.rst:359 add3188842de44b691dfbe3152546f7b
msgid "[0.0.30] - 2023-07-06"
msgstr ""
#: ../../CHANGES.rst:363 b96e981450334eee84128d7dffb40d8f
msgid ""
"Configuration files must be updated. Check the new format with ``git diff "
"0.0.29 0.0.30 canaille/conf/config.sample.toml``"
msgstr ""
#: ../../CHANGES.rst:369 ab83051dda0b48d185846e49011f2429
msgid "Configuration option to disable Javascript. :pr:`141`"
msgstr ""
#: ../../CHANGES.rst:374 85fb804c891f444c9de116e6e4771526
msgid "The configuration parameter ``USER_FILTER`` is parsed with Jinja."
msgstr ""
#: ../../CHANGES.rst:375 42d91f7cf5a3438a8bcb0bd5c193f1ea
msgid ""
"Configuration use ``PRIVATE_KEY_FILE`` instead of ``PRIVATE_KEY`` and "
"``PUBLIC_KEY_FILE`` instead of ``PUBLIC_KEY``."
msgstr ""
#: ../../CHANGES.rst:378 30736e0e4b854b46940e80c38023946a
msgid "[0.0.29] - 2023-06-30"
msgstr ""
#: ../../CHANGES.rst:383 89d319fb81e148cb8f82f4b1a5a5390c
msgid "Disabled `HTMX` boosting on OIDC forms to avoid errors."
msgstr ""
#: ../../CHANGES.rst:386 68d32ee84fa642dfbf358ef907193eb8
msgid "[0.0.28] - 2023-06-30"
msgstr ""
#: ../../CHANGES.rst:391 5490daf53fd144c0b6b360e90bf5667b
msgid "A template variable was misnamed."
msgstr ""
#: ../../CHANGES.rst:394 c65a251ed68a49beaff42740c12ce76a
msgid "[0.0.27] - 2023-06-29"
msgstr ""
#: ../../CHANGES.rst:398 ccf84fb0d4cd47058c3849498bd92259
msgid ""
"Configuration files must be updated. Check the new format with ``git diff "
"0.0.26 0.0.27 canaille/conf/config.sample.toml``"
msgstr ""
#: ../../CHANGES.rst:404 0856562aad23492aa6efc7f6e4bf8f90
msgid ""
"Configuration entries can be loaded from files if the entry key has a "
"*_FILE* suffix and the entry value is the path to the file. :issue:`134` :pr:"
"`134`"
msgstr ""
#: ../../CHANGES.rst:406 24fa209262e04bcbb46c2ab7c881fbaa
msgid "Field list support. :issue:`115` :pr:`136`"
msgstr ""
#: ../../CHANGES.rst:407 eaff808f9ce745c59a1b373ab0ef90ab
msgid "Pages are boosted with `HTMX`. :issue:`144` :issue:`145` :pr:`137`"
msgstr ""
#: ../../CHANGES.rst:412 8afcdb0ddd8f4e6c9941315ff1b06538
msgid "Bump to jquery 3.7.0. :pr:`138`"
msgstr ""
#: ../../CHANGES.rst:417 a6e1f4b8a72f4500ab437a86f6e98d06
msgid ""
"Profile edition when the user RDN was not ``uid``. :issue:`148` :pr:`139`"
msgstr ""
#: ../../CHANGES.rst:422 cfcf7ee77bb84df1bcd780df223e9044
msgid "Stop support for Python 3.7. :pr:`131`"
msgstr ""
#: ../../CHANGES.rst:425 42eab7328c604747ad6bde0067cb6603
msgid "[0.0.26] - 2023-06-03"
msgstr ""
#: ../../CHANGES.rst:430 b621a029c6ec420d8708f0ddd4b49c85
msgid ""
"Implemented account expiration based on OpenLDAP ppolicy overlay. Needs "
"OpenLDAP 2.5+. :issue:`13` :pr:`118`"
msgstr ""
#: ../../CHANGES.rst:432 05f5b0808e74429b92bf61fa570014cf
msgid "Timezone configuration entry. :issue:`137` :pr:`130`"
msgstr ""
#: ../../CHANGES.rst:437 d7e71d1ce6704911b7e5094538cc1084
msgid "Avoid setting ``None`` in JWT claims when they have no value."
msgstr ""
#: ../../CHANGES.rst:438 e16dcca3b764486d874401ba65e22f78
msgid "Display password recovery button on OIDC login page. :pr:`129`"
msgstr ""
#: ../../CHANGES.rst:441 dcbd97e0bc4f44babcdc9ad9a503c162
msgid "[0.0.25] - 2023-05-05"
msgstr ""
#: ../../CHANGES.rst:446 4109765130284304994ae405858bdd3c
msgid ""
"Check the new format with ``git diff 0.0.25 0.0.24 canaille/conf/config."
"sample.toml``"
msgstr ""
#: ../../CHANGES.rst:451 c4645c08f789400bba029897871bb828
msgid ""
"Renamed user model attributes to match SCIM naming convention. :pr:`123`"
msgstr ""
#: ../../CHANGES.rst:452 3c58d21fdc81418e8ee43179c2d6384f
msgid "Moved OIDC related configuration entries in ``OIDC``."
msgstr ""
#: ../../CHANGES.rst:453 5b002906414e41448a3fadea87d71e45
msgid "Moved ``LDAP`` configuration entry to ``BACKENDS.LDAP``."
msgstr ""
#: ../../CHANGES.rst:454 d58c113094474cf3b82e8a3303202bb6
msgid "Bumped to `HTMX` 1.9.0. :pr:`124`"
msgstr ""
#: ../../CHANGES.rst:455 3bbdffb495f74fccbdb9eeb78a8eaf81
msgid ""
"ACL filters are no more LDAP filters but user attribute mappings. :pr:`125`"
msgstr ""
#: ../../CHANGES.rst:456 0d3ea4f8df2542e0a7da5029159f31e0
msgid "Bumped to `HTMX` 1.9.2. :pr:`127`"
msgstr ""
#: ../../CHANGES.rst:461 71139e5ab6e34c2a87d51d3d04c0dbc0
msgid "``OIDC.JWT.MAPPING`` configuration entry is really optional now."
msgstr ""
#: ../../CHANGES.rst:462 e34b111a3a8b4e2da966a36107a682b5
msgid "Fixed empty model attributes registration. :pr:`125`"
msgstr ""
#: ../../CHANGES.rst:463 566d49eca850419cbb39c3a78a4160aa
msgid "Password initialization mails were not correctly sent. :pr:`128`"
msgstr ""
#: ../../CHANGES.rst:466 f461dc48e9c846628f7ddb99b18252c6
msgid "[0.0.24] - 2023-04-07"
msgstr ""
#: ../../CHANGES.rst:471 007393d26d6e4375a0e05cbbf6c41d65
msgid "Fixed avatar update. :pr:`122`"
msgstr ""
#: ../../CHANGES.rst:474 0ddfaf5df815484f9eb469a884e5f667
msgid "[0.0.23] - 2023-04-05"
msgstr ""
#: ../../CHANGES.rst:479 2e7346baddf44a7f9f5b9a05ae826913
msgid "Organization field. :pr:`116`"
msgstr ""
#: ../../CHANGES.rst:480 1c68c43ae90f4e2e944dab12514f06d1
msgid "ETag and Last-Modified headers on user photos. :pr:`116`"
msgstr ""
#: ../../CHANGES.rst:481 bcaf8fe7d8e940f191ed6ea5178566c1
msgid "Dynamic form validation. :pr:`120`"
msgstr ""
#: ../../CHANGES.rst:486 2b077ff5215a4b20b8438e82f4366ada
msgid "UX rework. Submenu addition. :pr:`114`"
msgstr ""
#: ../../CHANGES.rst:487 166152fdbf6248e8a4af29f4f3bf5b6e
msgid "Properly handle LDAP date timezones. :pr:`117`"
msgstr ""
#: ../../CHANGES.rst:492 343c4102b6d648018544f151f97540e1
msgid "CSRF protection on every forms. :pr:`119`"
msgstr ""
#: ../../CHANGES.rst:495 7140973831594dacad0bd205ca9b60e5
msgid "[0.0.22] - 2023-03-13"
msgstr ""
#: ../../CHANGES.rst:499 67dc897fec2946598dbb4fe82db8a94f
msgid ""
"The `Faker` library is not imported anymore when the `clean` command is "
"called."
msgstr ""
#: ../../CHANGES.rst:502 58e3c0af1ce74125bf42a5ea16b88fbf
msgid "[0.0.21] - 2023-03-12"
msgstr ""
#: ../../CHANGES.rst:507 a25f75d9086a4499aa1088e537f21bc3
msgid "Display TOS and policy URI on the consent list page. :pr:`102`"
msgstr ""
#: ../../CHANGES.rst:508 e848a4f5372b44249423579a7e2cdc3d
msgid "Admin token deletion. :pr:`100` :pr:`101`"
msgstr ""
#: ../../CHANGES.rst:509 61b841de5b89407d9912c8c73309111a
msgid "Revoked consents can be restored. :pr:`103`"
msgstr ""
#: ../../CHANGES.rst:510 656acd80913242a4820a20bc76d797e8
msgid ""
"Pre-consented clients are displayed in the user consent list, and their "
"consents can be revoked. :issue:`69` :pr:`103`"
msgstr ""
#: ../../CHANGES.rst:512 e08c1586240745fa9537dd7501475c0d
msgid ""
"A ``populate`` command can be used to fill the database with random users "
"generated with faker. :pr:`105`"
msgstr ""
#: ../../CHANGES.rst:514 dc653adfdbc441589c385b956ae9739e
msgid "SMTP SSL support. :pr:`108`"
msgstr ""
#: ../../CHANGES.rst:515 c69d8b01e4194d5b9268b84ab81849d6
msgid "Server side pagination. :issue:`114` :pr:`111`"
msgstr ""
#: ../../CHANGES.rst:516 5b4f3aa107a74df3ba845920503dfdc5
msgid "Department number support. :issue:`129`"
msgstr ""
#: ../../CHANGES.rst:517 d219e1ac8fa148d5b6e4babc678fbeb2
msgid "Address edition support (but not in the OIDC claims yet). :pr:`112`"
msgstr ""
#: ../../CHANGES.rst:518 52d2ceda28ab430a984dee19f8766b2a
msgid "Title edition support. :pr:`113`"
msgstr ""
#: ../../CHANGES.rst:523 c4aca25daa3b491f9208d71f7715800f
msgid ""
"Client deletion also deletes related :class:`~canaille.oidc.basemodels."
"Consent`, :class:`~canaille.oidc.basemodels.Token` and :class:`~canaille."
"oidc.basemodels.AuthorizationCode` objects. :issue:`126` :pr:`98`"
msgstr ""
#: ../../CHANGES.rst:529 a1c057df21a9436a9b149fb91fdb28d0
msgid "Removed the `DataTables` Javascript library."
msgstr ""
#: ../../CHANGES.rst:532 74a0312b6fff499fa609d0adbe73dfac
msgid "[0.0.20] - 2023-01-28"
msgstr ""
#: ../../CHANGES.rst:537 c443970df56e4203b8ee3fd9e4fa2395
msgid "Spanish translation. :pr:`85` :pr:`88`"
msgstr ""
#: ../../CHANGES.rst:538 9e42a95e59a74c5584d1144c249a57c1
msgid "Dedicated connectivity test email. :pr:`89`"
msgstr ""
#: ../../CHANGES.rst:539 e06855259b6f463897acd0f8a23cd05e
msgid "Update to jquery 3.6.3. :pr:`90`"
msgstr ""
#: ../../CHANGES.rst:540 96cb7430946248108d8c97973a4799d5
msgid "Update to fomantic-ui 2.9.1. :pr:`90`"
msgstr ""
#: ../../CHANGES.rst:541 5b5784d9aedb4949bac1591395fc7eb9
msgid "Update to DataTables 1.13.1. :pr:`90`"
msgstr ""
#: ../../CHANGES.rst:546 e88b90b5e0eb418f99ea2839c1e79943
msgid "Fix typos and grammar errors. :pr:`84`"
msgstr ""
#: ../../CHANGES.rst:547 d333115d646f4ccf9a5bb2dc4d23eba0
msgid "Fix wording and punctuations. :pr:`86`"
msgstr ""
#: ../../CHANGES.rst:548 cfc153afa2ec4bee9c2dd589a234716c
msgid "Fix HTML lang tag. :issue:`122` :pr:`87`"
msgstr ""
#: ../../CHANGES.rst:549 a2dc7b3677d040c7a43bde721f766029
msgid "Automatically trims the HTML translated strings. :pr:`91`"
msgstr ""
#: ../../CHANGES.rst:550 9a91064adb7f414fab73518fbc77b01d
msgid "Fixed dynamic registration scope management. :issue:`123` :pr:`93`"
msgstr ""
#: ../../CHANGES.rst:553 d7a2cda6d8e24cc484f13ee4df40c1ea
msgid "[0.0.19] - 2023-01-14"
msgstr ""
#: ../../CHANGES.rst:558 f7c94b5e7545458e8375ef8a8e3dc21c
msgid ""
"Ensures the token `expires_in` claim and the `access_token` `exp` claim have "
"the same value. :pr:`83`"
msgstr ""
#: ../../CHANGES.rst:562 9291df232e4b4a7eb97fb87504f9b8d4
msgid "[0.0.18] - 2022-12-28"
msgstr ""
#: ../../CHANGES.rst:567 c896b9996ab24cfeb217e9ebfdbed090
msgid ""
"OIDC end_session was not returning the ``state`` parameter in the "
"``post_logout_redirect_uri``. :pr:`82`"
msgstr ""
#: ../../CHANGES.rst:571 2fa2e9a70b8d4ab4bed4d7f0d8d68f37
msgid "[0.0.17] - 2022-12-26"
msgstr ""
#: ../../CHANGES.rst:576 cff81f4ef5254cfdb1e6ba76c2c3b9f6
msgid "Fixed group deletion button. :pr:`80`"
msgstr ""
#: ../../CHANGES.rst:577 552d92ac7c364f198201b60a3abebae2
msgid "Fixed post requests in oidc clients views. :pr:`81`"
msgstr ""
#: ../../CHANGES.rst:580 f7c78b950b184117855277070cb4e548
msgid "[0.0.16] - 2022-12-15"
msgstr ""
#: ../../CHANGES.rst:585 3e522208e81740fba479a43b017311fd
msgid "Fixed LDAP operational attributes handling."
msgstr ""
#: ../../CHANGES.rst:588 53e83abb15b24cc0a3d589011cf7c2a3
msgid "[0.0.15] - 2022-12-15"
msgstr ""
#: ../../CHANGES.rst:593 7194a505926740e3b52b81708d2818de
msgid "User can chose their display name. :pr:`77`"
msgstr ""
#: ../../CHANGES.rst:594 5c5a59a03bd5497aa7474ae59e88f6bf
msgid "Bumped to Authlib 1.2. :pr:`78`"
msgstr ""
#: ../../CHANGES.rst:595 0a3d037fae66464b8c2dfeea28dd3eaf
msgid ""
"Implemented :rfc:`RFC7592 <7592>` OAuth 2.0 Dynamic Client Registration "
"Management Protocol. :pr:`79`"
msgstr ""
#: ../../CHANGES.rst:597 0670727ea1074acf968c49e71dc4062b
msgid ""
"Add the ``nonce`` parameter to the ``claims_supported`` server metadata list."
msgstr ""
#: ../../CHANGES.rst:600 eb86b7335b7b4971812f25c9a2d37d1e
msgid "[0.0.14] - 2022-11-29"
msgstr ""
#: ../../CHANGES.rst:604 9903a64c05994256813debf83e9a6b21
msgid "Fixed translation catalogs packaging."
msgstr ""
#: ../../CHANGES.rst:607 eb1e508e7d2c46bdb471cffecbe4d897
msgid "[0.0.13] - 2022-11-21"
msgstr ""
#: ../../CHANGES.rst:612 6e71d21752234824bc42897b8a434bb3
msgid ""
"Fixed a bug on the contacts field in the admin client form following the "
"LDAP schema update of 0.0.12."
msgstr ""
#: ../../CHANGES.rst:614 374bd3f105af42bc8ea5c0de35e7437f
msgid ""
"Fixed a bug happening during RP initiated logout on clients without "
"`post_logout_redirect_uri` defined."
msgstr ""
#: ../../CHANGES.rst:616 6244294cde9d429dbab852b0f7721160
msgid "Gitlab CI fix. :pr:`64`"
msgstr ""
#: ../../CHANGES.rst:617 8dc7de6abbd447f4a78272f33cbcb6cf
msgid ""
"Fixed `client_secret` display on the client administration page. :pr:`65`"
msgstr ""
#: ../../CHANGES.rst:618 be276c6c0aed433987b562fa51a9af06
msgid "Fixed non-square logo CSS. :pr:`67`"
msgstr ""
#: ../../CHANGES.rst:619 45c4b643c08f4e98b8eb1994cca78051
msgid "Fixed schema path on installation. :pr:`68`"
msgstr ""
#: ../../CHANGES.rst:620 490ff7e15c244e1c80522169f52be22c
msgid "Fixed RFC7591 ``software_statement`` claim support. :pr:`70`"
msgstr ""
#: ../../CHANGES.rst:621 13d139a4ca6b420eb0780952acd8582c
msgid "Fixed client preconsent disabling. :pr:`72`"
msgstr ""
#: ../../CHANGES.rst:626 f863beea190c4605afc13c35d7828c7e
msgid "Python 3.11 support. :pr:`61`"
msgstr ""
#: ../../CHANGES.rst:627 dfa820f752f64485950bd9f2f4f2f798
msgid ""
"``apparmor`` slapd configuration instructions in the documentation page for "
"contributions. :pr:`66`"
msgstr ""
#: ../../CHANGES.rst:628 33f4b497e723467fb7cca94de105b331
msgid "``preferredLanguage`` attribute support. :pr:`75`"
msgstr ""
#: ../../CHANGES.rst:633 80931cb05ba54eb0bdd13af0e69ae5c4
msgid ""
"Replaced the use of the deprecated `FLASK_ENV` environment variable by "
"`FLASK_DEBUG`."
msgstr ""
#: ../../CHANGES.rst:635 74c0ecca84cb4195b047360a2a12b281
msgid ""
"Dynamically generate the server metadata. Users won't have to copy and "
"manually edit ``oauth-authorizationserver.json`` and ``openid-configuration."
"json``. :pr:`71`"
msgstr ""
#: ../../CHANGES.rst:638 b56f59b2dd124c91a6268830cf4ddecc
msgid "The `FROM_ADDR` configuration option is not mandatory anymore. :pr:`73`"
msgstr ""
#: ../../CHANGES.rst:639 d701256eb4764f81827acd7b0a0dbda3
msgid "The `JWT.ISS` configuration option is not mandatory anymore. :pr:`74`"
msgstr ""
#: ../../CHANGES.rst:642 45607852e443428199051f1ecba9ba24
msgid "[0.0.12] - 2022-10-24"
msgstr ""
#: ../../CHANGES.rst:647 9997d515babd44b4841ef0218885f1f1
msgid "Basic WebFinger endpoint. :pr:`59`"
msgstr ""
#: ../../CHANGES.rst:648 509a601f77664756bc01064f20359cf6
msgid "Bumped to FomanticUI 2.9.0."
msgstr ""
#: ../../CHANGES.rst:649 2cfcbdba2e9541dbab610bc724a2683a
msgid "Implemented Dynamic Client Registration. :pr:`60`"
msgstr ""
#: ../../CHANGES.rst:652 4acb242ffb5440d1a468e2d3c3856fe8
msgid "[0.0.11] - 2022-08-11"
msgstr ""
#: ../../CHANGES.rst:657 0c4bd2691ba9453b88a686a22ede18ef
msgid "Default theme has a dark variant. :pr:`57`"
msgstr ""
#: ../../CHANGES.rst:662 d3cabac68def4f77a693a6159bf2f5c0
msgid "Fixed missing ``canaille`` binary. :pr:`58`"
msgstr ""
#: ../../CHANGES.rst:665 735459f4aeea42c6b0f7be4a2b06802f
msgid "[0.0.10] - 2022-07-07"
msgstr ""
#: ../../CHANGES.rst:670 f9dfd87d0fa145579e2297b27b61a11b
msgid "Online demo. :pr:`55`"
msgstr ""
#: ../../CHANGES.rst:671 5e5eef7b53ce470ab0a0137617552a9c
msgid ""
"The consent page was displaying scopes not supported by clients. :pr:`56`"
msgstr ""
#: ../../CHANGES.rst:672 f7b8675a05b64bafb3efbbad603537ce
msgid "Fixed end session when user are already disconnected."
msgstr ""
#: ../../CHANGES.rst:675 a14c8084a27d463f82c1573d946a6676
msgid "[0.0.9] - 2022-06-05"
msgstr ""
#: ../../CHANGES.rst:680 d04e2396209641cc84fa39d8bb397eaa
msgid ""
"``DISABLE_PASSWORD_RESET`` configuration option to disable password "
"recovery. :pr:`46`"
msgstr ""
#: ../../CHANGES.rst:681 01acc147a456445eb3858de7b0586dca
msgid "``edit_self`` ACL permission to control user self edition. :pr:`47`"
msgstr ""
#: ../../CHANGES.rst:682 dafb92303cb147909db73fdc619f1267
msgid "`RP-initiated logout` implementation. :pr:`54`"
msgstr ""
#: ../../CHANGES.rst:687 f672b1443aa9498994204b20952103e4
msgid "Bumped to Authlib 1. :pr:`48`"
msgstr ""
#: ../../CHANGES.rst:688 18c1456a82f748cd9ee0d6abcb40801f
msgid "Various documentation improvements. :pr:`50`"
msgstr ""
#: ../../CHANGES.rst:689 77c7a3b3242647718a3a94a1fc4d05a1
msgid "Use poetry instead of setuptools as project management tool. :pr:`51`"
msgstr ""
#: ../../CHANGES.rst:690 3b65181a80b64d0d8a474a5e643d3f80
msgid "Additional tests for the OIDC ``nonce`` parameter. :pr:`52`"
msgstr ""
#: ../../CHANGES.rst:694 35eef6ab06b940e8ad49bf31b7620404
msgid "``HIDE_INVALID_LOGIN`` behavior and default value."
msgstr ""
#: ../../CHANGES.rst:695 2792732f7d154df2b11a35b13114939b
msgid ""
"Compiled translation catalogs are not versioned anymore. :pr:`49` :pr:`53`"
msgstr ""
#: ../../CHANGES.rst:698 8766634316d146ab8929259434391f34
msgid "[0.0.8] - 2022-03-15"
msgstr ""
#: ../../CHANGES.rst:703 f053b2fe7153473a81cb24bfc2b90c7d
msgid "Fixed dependencies."
msgstr ""
#: ../../CHANGES.rst:706 6fe1289ea759485b9c3c7658461a409d
msgid "[0.0.7] - 2022-03-15"
msgstr ""
#: ../../CHANGES.rst:711 f40f5e320ea4412fadc8f1bc1d99198c
msgid ""
"Fixed spaces and escaped special char in LDAP ``cn/dn`` attributes. :pr:`43`"
msgstr ""
#: ../../CHANGES.rst:714 ac9b3059b303486a9b31536f1726d873
msgid "[0.0.6] - 2022-03-08"
msgstr ""
#: ../../CHANGES.rst:719 357a41c66f054b9b830d9ae20551690d
msgid "Access token are JWT. :pr:`38`"
msgstr ""
#: ../../CHANGES.rst:724 20b619f456934ab09712d95d37ef12cd
msgid "Default groups on invitations. :pr:`41`"
msgstr ""
#: ../../CHANGES.rst:725 74f8d8568cd1405bbef739de7b92f380
msgid "LDAP schemas are shipped within the Canaille package. :pr:`42`"
msgstr ""
#: ../../CHANGES.rst:728 936cdbdb780241beb677c1a3c5d21735
msgid "[0.0.5] - 2022-02-17"
msgstr ""
#: ../../CHANGES.rst:733 b49925c79428413ca8c31eff4f42a588
msgid "LDAP model objects have new identifiers. :pr:`37`"
msgstr ""
#: ../../CHANGES.rst:738 21e3bd1145ce480ea8a82394722cef34
msgid "Admin menu dropdown display. :pr:`39`"
msgstr ""
#: ../../CHANGES.rst:739 b50bd877e6fa4055a450f65d4e0e6951
msgid "``GROUP_ID_ATTRIBUTE`` configuration typo. :pr:`40`"
msgstr ""
#: ../../CHANGES.rst:742 93523c049fd2438b9f8dbb942b657b7c
msgid "[0.0.4] - 2022-02-16"
msgstr ""
#: ../../CHANGES.rst:747 9cc5e4c0be3e43f98a84d076d254a7a8
msgid "Client pre-authorization. :pr:`11`"
msgstr ""
#: ../../CHANGES.rst:748 b1444e5514e3495f8f05b00bfb31e54b
msgid "LDAP permissions check with the check command. :pr:`12`"
msgstr ""
#: ../../CHANGES.rst:749 81badbb21dfe4dd0bd990037947c24cf
msgid ""
"Update consents when a scope required is larger than the scope of an already "
"given consent. :pr:`13`"
msgstr ""
#: ../../CHANGES.rst:751 5f6092f6103d401e9fe4554e04ad12cb
msgid "Theme customization. :pr:`15`"
msgstr ""
#: ../../CHANGES.rst:752 7e99d3a9c9134144a8e18989e6d0d633
msgid "Logging configuration. :pr:`16`"
msgstr ""
#: ../../CHANGES.rst:753 abd6618054b443efbb5101e9c32f0c90
msgid "Installation command. :pr:`17`"
msgstr ""
#: ../../CHANGES.rst:754 18c69372e28c42c4b0ac0cae51fcd8aa
msgid "Invitation links. :pr:`18`"
msgstr ""
#: ../../CHANGES.rst:755 2e35dc7cf246485c97650451d1f41d93
msgid "Advanced permissions. :pr:`20`"
msgstr ""
#: ../../CHANGES.rst:756 ef3b8ab7e89448089a9d09363832c7cc
msgid "An option to not use OIDC. :pr:`23`"
msgstr ""
#: ../../CHANGES.rst:757 4d5d5581283a4eaabab00c6df18077a0
msgid "Disable some features when no SMTP server is configured. :pr:`24`"
msgstr ""
#: ../../CHANGES.rst:758 a54b117ff68e47eabb66aa0a741790b1
msgid ""
"Login placeholder dynamically generated according to the configuration. :pr:"
"`25`"
msgstr ""
#: ../../CHANGES.rst:759 8593aca44439457296e5591823f56739
msgid "Added an option to tune object IDs. :pr:`26`"
msgstr ""
#: ../../CHANGES.rst:760 548d5d09a1da4104aed49324dd3d96b6
msgid "Avatar support. :pr:`27`"
msgstr ""
#: ../../CHANGES.rst:761 e6275bae918547beab8caabaf64f57db
msgid "Dynamical and configurable JWT claims. :pr:`28`"
msgstr ""
#: ../../CHANGES.rst:762 82bbcaaa7973438696de021fbff14354
msgid "UI improvements. :pr:`29`"
msgstr ""
#: ../../CHANGES.rst:763 70cd1dd3d81d4288b1c6bca674492944
msgid "Invitation links expiration. :pr:`30`"
msgstr ""
#: ../../CHANGES.rst:764 af865fef102c44bc801e8aec157c2835
msgid "Invitees can choose their IDs. :pr:`31`"
msgstr ""
#: ../../CHANGES.rst:765 d194b87cfbd94dd398f1c58bec6e4c37
msgid "LDAP backend refactoring. :pr:`35`"
msgstr ""
#: ../../CHANGES.rst:770 2409763cd25243c9a80678c470fa336d
msgid "Fixed ghost members in a group. :pr:`14`"
msgstr ""
#: ../../CHANGES.rst:771 ae04a8fa1896467792d8aaaf161fed29
msgid "Fixed email sender names. :pr:`19`"
msgstr ""
#: ../../CHANGES.rst:772 596c5956ebc6442984251ca5c558834e
msgid "Fixed filter being not escaped. :pr:`21`"
msgstr ""
#: ../../CHANGES.rst:773 bbf97ea202404efd8708cfbed4bbfe74
msgid "Demo script good practices. :pr:`32`"
msgstr ""
#: ../../CHANGES.rst:774 8d176b7d4da5419d8768430eeb01036c
msgid "Binary path for Debian. :pr:`33`"
msgstr ""
#: ../../CHANGES.rst:775 004ecd0e934049ef823bbf0d63f75c14
msgid ""
"Last name was not mandatory in the forms while this was mandatory in the "
"LDAP server. :pr:`34`"
msgstr ""
#: ../../CHANGES.rst:777 c6de3dbeeb5f40ff85c60e062271bfdb
msgid "Spelling typos. :pr:`36`"
msgstr ""
#: ../../CHANGES.rst:780 d49aed2f00e346cc8adaa26aa54f470a
msgid "[0.0.3] - 2021-10-13"
msgstr ""
#: ../../CHANGES.rst:785 0b32a6319c044bba95b3a00f245c6956
msgid "Two-steps sign-in. :issue:`49`"
msgstr ""
#: ../../CHANGES.rst:786 4cf53569893c4b0ba8eab17b44a4a15b
msgid "Tokens can have several audiences. :issue:`62` :pr:`9`"
msgstr ""
#: ../../CHANGES.rst:787 2956507b8bba47839fef6f9a63d5321a
msgid "Configuration check command. :issue:`66` :pr:`8`"
msgstr ""
#: ../../CHANGES.rst:788 0415c157cb414913b3d7748afba41cda
msgid "Groups management. :issue:`12` :pr:`6`"
msgstr ""
#: ../../CHANGES.rst:793 e08a9eafc49f45cbb361ed3bd89d4649
msgid "Introspection access bugfix. :issue:`63` :pr:`10`"
msgstr ""
#: ../../CHANGES.rst:794 48e63a4a411d4aab8259f74b1d257a37
msgid "Introspection sub claim. :issue:`64` :pr:`7`"
msgstr ""
#: ../../CHANGES.rst:797 2a9047b937be481f811eb403d6bf7fd9
msgid "[0.0.2] - 2021-01-06"
msgstr ""
#: ../../CHANGES.rst:802 9f74458dacff435998774594822a1506
msgid "Login page is responsive. :issue:`1`"
msgstr ""
#: ../../CHANGES.rst:803 8a87683d8d524cd482264473256b3777
msgid "Adapt mobile keyboards to login page fields. :issue:`2`"
msgstr ""
#: ../../CHANGES.rst:804 c777083179094cd994619adcfc8499d9
msgid "Password recovery interface. :issue:`3`"
msgstr ""
#: ../../CHANGES.rst:805 c7393dc1bb6a4290bfdb2d59a3fef0c9
msgid "User profile interface. :issue:`4`"
msgstr ""
#: ../../CHANGES.rst:806 e874e0e97cae4310ba62553c3d31cd16
msgid "Renamed the project *Canaille*. :issue:`5`"
msgstr ""
#: ../../CHANGES.rst:807 27a300eabaaf4644989d134ccca22dd8
msgid "Command to remove old tokens. :issue:`17`"
msgstr ""
#: ../../CHANGES.rst:808 8e168b1583984a71848678112365d1c7
msgid "Improved password recovery email. :issue:`14` :issue:`26`"
msgstr ""
#: ../../CHANGES.rst:809 901de9a21dd94541b3c23946ada4cd88
msgid ""
"Use Flask `SERVER_NAME` configuration variable instead of `URL`. :issue:`24`"
msgstr ""
#: ../../CHANGES.rst:810 62c1e3da0a87437aaa529dcc936c7dbc
msgid "Improved consents page. :issue:`27`"
msgstr ""
#: ../../CHANGES.rst:811 f816ffeb73244ae0b1171b8c156d1e12
msgid "Admin user page. :issue:`8`"
msgstr ""
#: ../../CHANGES.rst:812 2241f2b45f1e426f99f68ccc516c6b60
msgid "Project logo. :pr:`29`"
msgstr ""
#: ../../CHANGES.rst:813 dd802cef3e384fdc928fc43178ab119a
msgid ""
"User account self-deletion can be enabled in the configuration with "
"`SELF_DELETION`. :issue:`35`"
msgstr ""
#: ../../CHANGES.rst:814 75d6d908a827424284ea63478783cbf9
msgid "Admins can impersonate users. :issue:`39`"
msgstr ""
#: ../../CHANGES.rst:815 b4eee6e748f94ba9b6e62e2e7fd4d86b
msgid "Forgotten page UX improvement. :pr:`43`"
msgstr ""
#: ../../CHANGES.rst:816 44489482b8d54ae78c70959758d6f825
msgid "Admins can remove clients. :pr:`45`"
msgstr ""
#: ../../CHANGES.rst:817 be6e5371ee2a48efa0d9d276e9caa9a0
msgid ""
"Option `HIDE_INVALID_LOGIN` that can be unactivated to let the user know if "
"the login he attempt to sign in with exists or not. :pr:`48`"
msgstr ""
#: ../../CHANGES.rst:819 b1df16b2411a440d8d2a0745c972f368
msgid "Password initialization mail. :pr:`51`"
msgstr ""
#: ../../CHANGES.rst:824 ba317999584d46d7b5bfda36157bc111
msgid "Form translations. :issue:`19` :issue:`23`"
msgstr ""
#: ../../CHANGES.rst:825 e0d773fd3f814a438321528df1c4d67d
msgid "Avoid to use Google Fonts. :issue:`21`"
msgstr ""
#: ../../CHANGES.rst:830 d7c5d0509cfe422ab95beb9c1929e413
msgid "'My tokens' page. :issue:`22`"
msgstr ""
#: ../../CHANGES.rst:833 35ab727ebe564ff2a2aa3e28f9392f5b
msgid "[0.0.1] - 2020-10-21"
msgstr ""
#: ../../CHANGES.rst:838 487e834d3b154f69991d042f97ce3734
msgid "Initial release."
msgstr ""
#: ../../CONTRIBUTING.rst:2 77d0a023f5f34e7c804011fd50b75bc3
msgid "Contributions"
msgstr ""
#: ../../CONTRIBUTING.rst:4 9955ba6bbfb54c74930043f9d86335dc
msgid "Contributions are welcome!"
msgstr ""
#: ../../CONTRIBUTING.rst:6 dd58980e1983404d8bc93b9e0866785d
msgid ""
"The repository is hosted at `gitlab.com/yaal/canaille <https://gitlab.com/"
"yaal/canaille>`_."
msgstr ""
#: ../../CONTRIBUTING.rst:9 880fd4b263fa4f5aa77f826cf6d7a13e
msgid "Discuss"
msgstr ""
#: ../../CONTRIBUTING.rst:11 0e5a0bf82cd4444ebc3ff1dd43a4362c
msgid ""
"If you want to implement a feature or a bugfix, please start by discussing "
"it with us on the `bugtracker <https://gitlab.com/yaal/canaille/-/issues>`_ "
"or the `matrix room <https://matrix.to/#/#canaille-discuss:yaal.coop>`_."
msgstr ""
#: ../../CONTRIBUTING.rst:16 032421a7ce0548e38943bb37b9e46f90
msgid "Development environment"
msgstr ""
#: ../../CONTRIBUTING.rst:18 464b7af189da4cf2ba346183c47e6264
msgid "You can either run the demo locally or with Docker."
msgstr ""
#: ../../CONTRIBUTING.rst:20 b918844970c545a3826d0b39a79cb08c
msgid ""
"The only tool required for local development is `uv`. Make sure to have uv "
"`installed on your computer <https://docs.astral.sh/uv/getting-started/"
"installation/>`_ to be able to hack Canaille."
msgstr ""
#: ../../CONTRIBUTING.rst:24 56f217cf35444c72b1bc1a1cb3ee9e53
msgid "Initialize your development environment with:"
msgstr ""
#: ../../CONTRIBUTING.rst:26 9cf0a292c2bb408fa660e14ab61f0e43
msgid ""
"``uv sync --extra front --extra oidc`` to have a minimal working development "
"environment. This will allow you to run the tests with ``uv pytest --backend "
"memory``."
msgstr ""
#: ../../CONTRIBUTING.rst:27 8d29fc6ad3bd43c5b232963f5137c91a
msgid ""
"``uv sync --extra front --extra oidc --extra sqlite`` to have a minimal "
"working development environment with SQLite backend support. This will allow "
"you to run the tests with ``uv pytest --backend sql``."
msgstr ""
#: ../../CONTRIBUTING.rst:28 928d535d56314259b20055eea3a4ceb4
msgid ""
"``uv sync --extra front --extra oidc --extra ldap`` to have a minimal "
"working development environment with LDAP backend support. This will allow "
"you to run the tests with ``uv pytest --backend ldap``."
msgstr ""
#: ../../CONTRIBUTING.rst:29 56b8780399064aec89d3099841d1b017
msgid ""
"``uv sync --all-extras`` if you want to have everything at your fingertips. "
"Note that it may compile some Python dependencies that would expect things "
"to be installed on your system; Some dependencies of Canaille might need to "
"be compiled, so you probably want to check that `GCC` and `cargo` are "
"available on your computer."
msgstr ""
#: ../../CONTRIBUTING.rst:32 1a514a3605f243979b2d04e1a329368a
msgid "After having launched the demo you have access to several services:"
msgstr ""
#: ../../CONTRIBUTING.rst:34 bbde54dc79ba4241bd97323b5152b50b
msgid "A canaille server at `localhost:5000 <http://localhost:5000>`_"
msgstr ""
#: ../../CONTRIBUTING.rst:35 d028b9cbae714b2d945ba4d70a75fb99
msgid "A dummy client at `localhost:5001 <http://localhost:5001>`_"
msgstr ""
#: ../../CONTRIBUTING.rst:36 dbd0340fc974432798237b9b3efe01ea
msgid "Another dummy client at `localhost:5002 <http://localhost:5002>`_"
msgstr ""
#: ../../CONTRIBUTING.rst:38 9ff28ddd679b42f4a5bf288242e8c827
msgid "The canaille server has some default users:"
msgstr ""
#: ../../CONTRIBUTING.rst:40 324e9f4f1d744fa49a0c3e7fe60cf46b
msgid "A regular user which login and password are **user**;"
msgstr ""
#: ../../CONTRIBUTING.rst:41 30a3f2679a4b456791471ac6d4c15e2b
msgid "A moderator user which login and password are **moderator**;"
msgstr ""
#: ../../CONTRIBUTING.rst:42 d5e4f771a0854678af55e11ae4c8fc3d
msgid "An admin user which admin and password are **admin**;"
msgstr ""
#: ../../CONTRIBUTING.rst:43 325a060f0844402d80a7267a46291010
msgid ""
"A new user which login is **james**. This user has no password yet, and his "
"first attempt to log-in would result in sending a password initialization "
"email (if a smtp server is configured)."
msgstr ""
#: ../development/specifications.rst:106 ../../CONTRIBUTING.rst:48
#: c01f125a22914f369ef28ef090a728b1 01a043d4a4364011b8a22a53549b20da
msgid "Backends"
msgstr ""
#: ../../CONTRIBUTING.rst:50 12c4afcb316c448797ed9784ef9fbaa1
msgid "Canaille comes with several backends:"
msgstr ""
#: ../../CONTRIBUTING.rst:52 853d2b906b80415db33c707e29640f4c
msgid "a lightweight test purpose `memory` backend"
msgstr ""
#: ../../CONTRIBUTING.rst:53 b280dce615cb48ec8456abf65fec4a9e
msgid "a `sql` backend, based on sqlalchemy"
msgstr ""
#: ../../CONTRIBUTING.rst:54 ad6d07459c274a9e8282e290875d5bfb
msgid "a production-ready `LDAP` backend"
msgstr ""
#: ../../CONTRIBUTING.rst:57 7db1494e281b4b89949e18e1ece1cb6c
msgid "Docker environment"
msgstr ""
#: ../../CONTRIBUTING.rst:59 c8e61bddd24e4af0ab8ee2bd2709652d
msgid ""
"If you want to develop with docker, your browser needs to be able to reach "
"the `canaille` container. The docker-compose file exposes the right ports, "
"but front requests are from outside the docker network: the `canaille` url "
"that makes sense for docker, points nowhere from your browser. As exposed "
"ports are on `localhost`, you need to tell your computer that `canaille` url "
"means `localhost`."
msgstr ""
#: ../../CONTRIBUTING.rst:64 0e3e6469d25f43998fce20bcb1291b86
msgid "To do that, you can add the following line to your `/etc/hosts`:"
msgstr ""
#: ../../CONTRIBUTING.rst:70 c0dce613d6384dd18a1d6abce742bf55
msgid "To launch containers, use:"
msgstr ""
#: ../development/specifications.rst:108 ../tutorial/databases.rst:16
#: ../../CONTRIBUTING.rst:73 ../../CONTRIBUTING.rst:108
#: 32e05154931e4a6fadcba3b0720e0655 f1b0c988daa54dd4a0c5b30a062cf012
#: 94f958ac7cab437580604c64cdfa27be 528aa40e3cd04297b5ebf44fc955e9a9
msgid "SQL"
msgstr ""
#: ../../CONTRIBUTING.rst:74 ../../CONTRIBUTING.rst:109
#: c66d8a018f064cb3ba36abf12473b5f4 15c287c63f7f441f991033e23cbb9f95
msgid ""
"With the SQL backend, the demo instance will load and save data in a local "
"sqlite database."
msgstr ""
#: ../../CONTRIBUTING.rst:76 ../../CONTRIBUTING.rst:111
#: 6ddf226447fa4bb89cbf73cc8376c371 c72bd69b5ad94f5992bfe2d30f5b0e8d
msgid "Run the demo instance with the SQL backend"
msgstr ""
#: ../tutorial/databases.rst:8 ../../CONTRIBUTING.rst:83
#: ../../CONTRIBUTING.rst:117 e5f82f8945b747ac81b31a20cc241e5d
#: 9a11f967d4c74ad8b9dff673e77d2315 84a192a56d404fb1baf97b065f6ceaa8
msgid "Memory"
msgstr ""
#: ../../CONTRIBUTING.rst:84 ../../CONTRIBUTING.rst:118
#: 9c56b31ca9724e62a5aee62e28196764 22784d30d5a748d2b73ebe7c423c64bc
msgid "With the memory backend, all data is lost when Canaille stops."
msgstr ""
#: ../../CONTRIBUTING.rst:86 ../../CONTRIBUTING.rst:120
#: da0af4f3bc5147ae8130399630381126 c1436f14bd2049479ac16384a47f2d38
msgid "Run the demo instance with the memory backend"
msgstr ""
#: ../development/specifications.rst:108 ../tutorial/databases.rst:32
#: ../../CONTRIBUTING.rst:93 ../../CONTRIBUTING.rst:126
#: 6f4008249f544ff4afa4e2a7ccebfab2 ce4afa36ab774346b11322758b51325e
#: f9a9bf9c1c6d49b99edee201000ea0a0 2e130a461dc64b989f22d4f932976a65
msgid "LDAP"
msgstr ""
#: ../../CONTRIBUTING.rst:94 ../../CONTRIBUTING.rst:127
#: 4f3a2e440337421f95f937952e7dc9be db5ad48ecaa94207ab2b7d84bbebf569
msgid "With the LDAP backend, all data is lost when Canaille stops."
msgstr ""
#: ../../CONTRIBUTING.rst:96 ../../CONTRIBUTING.rst:129
#: 50095289006e499588719acc50eb5a56 80a55900cfc34f4e8b34b5e653a7fdfb
msgid "Run the demo instance with the LDAP backend"
msgstr ""
#: ../../CONTRIBUTING.rst:105 9e2c9acef9184e34b00d62c97980467d
msgid "Local environment"
msgstr ""
#: ../../CONTRIBUTING.rst:135 5fffaf4bff884b5a839078ad5a889fc9
msgid ""
"If you want to run the demo locally with the LDAP backend, you need to have "
"`OpenLDAP <https://www.openldap.org/>`_ installed on your system. It is "
"generally shipped under the ``slapd`` or ``openldap`` package name."
msgstr ""
#: ../../CONTRIBUTING.rst:140 aa9aab912ff04dd68c3b59bf1e36575a
msgid ""
"On Debian or Ubuntu systems, the OpenLDAP `slapd` binary usage might be "
"restricted by apparmor, and thus makes the tests and the demo fail. This can "
"be mitigated by removing apparmor restrictions on `slapd`."
msgstr ""
#: ../../CONTRIBUTING.rst:150 3d21757ba34c4721af043c150330c2e4
msgid "Populate the database"
msgstr ""
#: ../../CONTRIBUTING.rst:152 a412d39e98cf44f6b911566e1ebcdbde
msgid ""
"The demo database comes populated with some random users and groups. If you "
"need more, you can generate users and groups with the ``populate`` command:"
msgstr ""
#: ../../CONTRIBUTING.rst:163 cdf90f875bcc44d5b41197a7cdbb275c
msgid ""
"Adapt to use either the `ldap` or the `sql` configuration file. Note that "
"this will not work with the memory backend."
msgstr ""
#: ../../CONTRIBUTING.rst:166 2db32f774df8429fa4c9e83d00616a96
msgid "Unit tests"
msgstr ""
#: ../../CONTRIBUTING.rst:168 5d6a9b57b35d49c48e2b615f8128ebcc
msgid ""
"To run the tests, you just can run `uv run pytest` and/or `uv run tox` to "
"test all the supported python environments. Everything must be green before "
"patches get merged."
msgstr ""
#: ../../CONTRIBUTING.rst:171 e1e6e475ff78404f930bb453f1f26e3b
msgid ""
"To test a specific backend you can pass ``--backend memory``, ``--backend "
"sql`` or ``--backend ldap`` to pytest and tox."
msgstr ""
#: ../../CONTRIBUTING.rst:173 2cb85029b4274de388878da3d3285369
msgid ""
"The test coverage is 100%, patches won't be accepted if not entirely "
"covered. You can check the test coverage with ``uv run pytest --cov --cov-"
"report=html`` or ``uv run tox -e coverage -- --cov-report=html``. You can "
"check the HTML coverage report in the newly created `htmlcov` directory."
msgstr ""
#: ../../CONTRIBUTING.rst:178 4408d499056c480f86f450a781d2ca0d
msgid "Code style"
msgstr ""
#: ../../CONTRIBUTING.rst:180 93e483f2a66a4d8f82feb8ca9a739818
msgid ""
"We use `ruff <https://docs.astral.sh/ruff/>`_ along with other tools to "
"format our code. Please run ``uv run tox -e style`` on your patches before "
"submitting them. In order to perform a style check and correction at each "
"commit you can use our `pre-commit <https://pre-commit.com/>`_ configuration "
"with ``uv run pre-commit install``."
msgstr ""
#: ../../CONTRIBUTING.rst:186 0dca6207e6734ab487cb3fe72c3e90e8
msgid "Front"
msgstr ""
#: ../../CONTRIBUTING.rst:188 930e01d770324dc68f73095cd5456a8e
msgid ""
"The interface is built upon the `Fomantic UI <https://fomantic-ui.com/>`_ "
"CSS framework. The dynamical parts of the interface use `htmx <https://htmx."
"org/>`_."
msgstr ""
#: ../../CONTRIBUTING.rst:191 fc0da8a2736e461dab5a7d242c1cfa9a
msgid ""
"Using Javascript in the interface is tolerated, but the whole website MUST "
"be accessible for browsers without Javascript support, and without any "
"feature loss."
msgstr ""
#: ../../CONTRIBUTING.rst:193 a13b055a65244362a025440451de998d
msgid ""
"Because of Fomantic UI we have a dependency to jQuery, however new "
"contributions should not depend on jQuery at all. See the `related issue "
"<https://gitlab.com/yaal/canaille/-/issues/130>`_."
msgstr ""
#: ../index.rst:71 ../../CONTRIBUTING.rst:198 e3ff6afa466e4e61aa4f677cd58d3ed2
#: a08d8d5331494e7d93508eaf25f41a07
msgid "Documentation"
msgstr ""
#: ../../CONTRIBUTING.rst:200 2e1fdcae75de46a6b50db7e4155758af
msgid "The documentation is generated when the tests run:"
msgstr ""
#: ../../CONTRIBUTING.rst:206 94405109592b47c09c8726c305fa5edc
msgid ""
"You can also run sphinx by hand, that should be faster since it avoids the "
"tox environment initialization:"
msgstr ""
#: ../../CONTRIBUTING.rst:212 fe4610d142474897ae4f97d321448fac
msgid "The generated documentation is located at ``build/sphinx/html/en``."
msgstr ""
#: ../../CONTRIBUTING.rst:215 bf09dd8ed31742bca2fa80175ae85bb3
msgid "Code translation"
msgstr ""
#: ../../canaille/translations/README.rst:1 35fff9d115334ec6aa6a99ec5da8a27f
msgid ""
"Translations are done with `Weblate <https://hosted.weblate.org/projects/"
"canaille/canaille>`__."
msgstr ""
#: ../../canaille/translations/README.rst:3 b72ee2174a9b42c493780415e3d3fcfd
msgid ""
"The following commands are there as documentation, only the message "
"extraction is needed for contributors. All the other steps are automatically "
"done with Weblate."
msgstr ""
#: readme.rst:6 ../../canaille/translations/README.rst:8
#: ea5bd05b09984bcaa643efa7a1a7618c 33490a8ff4a3465fb8648393ff65eb75
msgid "Message extraction"
msgstr ""
#: readme.rst:8 ../../canaille/translations/README.rst:10
#: 210e9ff98db74777830a5a1f4746df44 16b22e2bc3cf495bbef529f5732887e3
msgid ""
"After you have edited translatable strings, you should extract the messages "
"with:"
msgstr ""
#: readme.rst:15 ../../canaille/translations/README.rst:17
#: 54ecd51acf494402964ae281c6cd639b 02fa7225075346f89ad702cba8aabdeb
msgid "Language addition"
msgstr ""
#: readme.rst:17 ../../canaille/translations/README.rst:19
#: 5429b47768e2472ea597ed48140a5621 015d6a437f7e4d099c8cad60986c0b68
msgid ""
"You can add a new language manually with the following command, however this "
"should not be needed as Weblate takes car of this:"
msgstr ""
#: ../../canaille/translations/README.rst:26 bdfbb4ef60c54b26abf457ba930b7fcf
msgid "Catalog update"
msgstr ""
#: ../../canaille/translations/README.rst:28 94b8fc10d3aa4e05b54d619c4b1aaa25
msgid ""
"You can update the catalogs with the following command, however this should "
"not be needed as Weblate automatically update language catalogs when it "
"detects new strings or when someone translate some existing strings. Weblate "
"pushes happen every 24h."
msgstr ""
#: ../../canaille/translations/README.rst:36 f232cbfdd201463ab74fe71353c8e23b
msgid "Catalog compilation"
msgstr ""
#: ../../canaille/translations/README.rst:38 3c756dd105564866a8d74e994e65f2b6
msgid ""
"You can compile the catalogs with the following command, however this should "
"not be needed as catalogs are automatically compiled before running the unit "
"tests, before launching the demo and before compiling the Canaille python "
"package:"
msgstr ""
#: ../../CONTRIBUTING.rst:221 4ff341d941384c029ed9c0b49d1062f9
msgid "Documentation translation"
msgstr ""
#: readme.rst:1 35fff9d115334ec6aa6a99ec5da8a27f
#: 7abe83f2eeb54b3f9f3d1a8542696765
msgid ""
"Translations are done with `Weblate <https://hosted.weblate.org/projects/"
"canaille/documentation>`__."
msgstr ""
#: readme.rst:3 de92a131ecf44614963dd89770f593ae
#: 0ca00925251d48668c7673ddece41d66
msgid ""
"The following commands are there as documentation, only the message "
"extraction and the language addition is needed for contributors."
msgstr ""
#: readme.rst:24 3d142fe9f633400ea029e949f1e869ee
#: 74cc2740b1584972aa3c0e672dff5f3e
msgid "Build the documentation in another language"
msgstr ""
#: ../../CONTRIBUTING.rst:226 4b1dc3dae99f4c6fbbeec3e54be3e922
msgid "Publish a new release"
msgstr ""
#: ../../CONTRIBUTING.rst:228 975b37a07edc4a42bbef14c2ca80a34f
msgid ""
"Check that dependencies are up to date with ``uv sync --all-extras --"
"upgrade`` and update dependencies accordingly in separated commits;"
msgstr ""
#: ../../CONTRIBUTING.rst:229 e9bd8386c6c64ef99aac12ee831f39d1
msgid ""
"Check that tests are still green for every supported python version, and "
"that coverage is still at 100%, by running ``uv run tox``;"
msgstr ""
#: ../../CONTRIBUTING.rst:230 3e7d5493a8e44c1a9067010115678723
msgid ""
"Check that the demo environments are still working, both the local and the "
"Docker one;"
msgstr ""
#: ../../CONTRIBUTING.rst:231 fe7867ea9416424e81c518f77853958a
msgid ""
"Check that the :ref:`development/changelog:Release notes` section is "
"correctly filled up;"
msgstr ""
#: ../../CONTRIBUTING.rst:232 7d89adc1c3e6478ab9e8faa02f97bf03
msgid "Increase the version number in ``pyproject.toml``;"
msgstr ""
#: ../../CONTRIBUTING.rst:233 a376131776cd4e469611fa3ad6749be9
msgid "Commit with ``git commit``;"
msgstr ""
#: ../../CONTRIBUTING.rst:234 655fd489e5324dc5b6172d438a6b8e3e
msgid "Build with ``uv build``;"
msgstr ""
#: ../../CONTRIBUTING.rst:235 79fc61b7c13647a285a918a0c126ea53
msgid ""
"Publish on test PyPI with ``uv publish --publish-url https://test.pypi.org/"
"legacy/``;"
msgstr ""
#: ../../CONTRIBUTING.rst:236 93540129ce0c440eba4da63ed3ddb769
msgid ""
"Install the test package somewhere with ``pip install --extra-index-url "
"https://test.pypi.org/simple --upgrade canaille``. Check that everything "
"looks fine;"
msgstr ""
#: ../../CONTRIBUTING.rst:237 8a73b31d1fe14fdda15e6c2dea0cafc9
msgid "Publish on production PyPI ``uv publish``;"
msgstr ""
#: ../../CONTRIBUTING.rst:238 93131bb37ccc4207825449d393f92201
msgid "Tag the commit with ``git tag XX.YY.ZZ``;"
msgstr ""
#: ../../CONTRIBUTING.rst:239 a98a5168d5f949ec9e96f16d8ff8b6f5
msgid ""
"Push the release commit and the new tag on the repository with ``git push --"
"tags``."
msgstr ""
#: ../development/index.rst:2 ../tutorial/theming.rst:41
#: c0f14bad2988468fa0700bbd47fe1de0 294492704f9349cba94a11db140b19ab
msgid "Development"
msgstr ""
#: ../development/specifications.rst:2 156d2082306649a89c7c6ff9b0879911
msgid "Specifications"
msgstr ""
#: ../development/specifications.rst:4 2c830d15b604470ca1912e9a07b2deb6
msgid ""
"This page details which specifications are implemented in Canaille, and "
"compares Canaille with other well-known identity providers."
msgstr ""
#: ../development/specifications.rst:7 bfa87dc7f42445fb96172a2ce7643950
msgid "State of the specs in Canaille"
msgstr ""
#: ../development/specifications.rst:10 b57576e6aa1e46c0ab9b0d74e40f7a1c
msgid "OAuth2"
msgstr ""
#: ../development/specifications.rst:12 44156ac1d21c44f89d2090ae27ad397e
msgid ""
"✅ `RFC6749: OAuth 2.0 Framework <https://tools.ietf.org/html/rfc6749>`_"
msgstr ""
#: ../development/specifications.rst:13 3dd5d1bc312e4808b9dfb7e906f9a1b3
msgid ""
"✅ `RFC6750: OAuth 2.0 Bearer Tokens <https://tools.ietf.org/html/rfc6750>`_"
msgstr ""
#: ../development/specifications.rst:14 3f7c67f6ca7049a0a99455d27e7b9278
msgid ""
"✅ `RFC7009: OAuth 2.0 Token Revocation <https://tools.ietf.org/html/"
"rfc7009>`_"
msgstr ""
#: ../development/specifications.rst:15 b11098fcf9e64dfca026aa25e97624cc
msgid ""
"❌ `RFC7523: JWT Profile for OAuth 2.0 Client Authentication and "
"Authorization Grants <https://tools.ietf.org/html/rfc7523>`_"
msgstr ""
#: ../development/specifications.rst:16 0213796d176a4938a10c902cfb737a18
msgid ""
"✅ `RFC7591: OAuth 2.0 Dynamic Client Registration Protocol <https://tools."
"ietf.org/html/rfc7591>`_"
msgstr ""
#: ../development/specifications.rst:17 afdc8def073c495e8bb24a1ec6a0d62a
msgid ""
"✅ `RFC7592: OAuth 2.0 Dynamic Client Registration Management Protocol "
"<https://tools.ietf.org/html/rfc7592>`_"
msgstr ""
#: ../development/specifications.rst:18 f592e7f0f2074289b67beb893604277d
msgid ""
"✅ `RFC7636: Proof Key for Code Exchange by OAuth Public Clients <https://"
"tools.ietf.org/html/rfc7636>`_"
msgstr ""
#: ../development/specifications.rst:19 bc914d1d327d4ce6a638c5245c4cfcc3
msgid ""
"✅ `RFC7662: OAuth 2.0 Token Introspection <https://tools.ietf.org/html/"
"rfc7662>`_"
msgstr ""
#: ../development/specifications.rst:20 08bbaa19162d456899ba99be7b0f9e3d
msgid ""
"✅ `RFC8414: OAuth 2.0 Authorization Server Metadata <https://tools.ietf.org/"
"html/rfc8414>`_"
msgstr ""
#: ../development/specifications.rst:21 abbbc93f57ba4660bafa5396616419d8
msgid ""
"❌ `RFC8428: OAuth 2.0 Device Authorization Grant <https://tools.ietf.org/"
"html/rfc8428>`_"
msgstr ""
#: ../development/specifications.rst:22 a9adf95822164ad9a91366b631a095ab
msgid ""
"❌ `RFC8693: OAuth 2.0 Token Exchange <https://tools.ietf.org/html/rfc8693>`_"
msgstr ""
#: ../development/specifications.rst:23 fac77fd04d2c457cbdda2f46d21a549d
msgid ""
"❌ `RFC8705: OAuth 2.0 Mutual-TLS Client Authentication and Certificate-"
"Bound Access Tokens <https://tools.ietf.org/html/rfc8705>`_"
msgstr ""
#: ../development/specifications.rst:24 772cbe80f8cd44faa3230ee4e690e5f3
msgid ""
"❌ `RFC8707: Resource Indicators for OAuth 2.0 <https://tools.ietf.org/html/"
"rfc8707>`_"
msgstr ""
#: ../development/specifications.rst:25 8b06eb72e70742fc821332a4676ba48e
msgid ""
"❌ `RFC9068: JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens "
"<https://tools.ietf.org/html/rfc9068>`_"
msgstr ""
#: ../development/specifications.rst:26 088615a4afdc48a5b6449df856cb1eb3
msgid ""
"❌ `RFC9101: OAuth 2.0 JWT-Secured Authorization Request (JAR) <https://"
"tools.ietf.org/html/rfc9101>`_"
msgstr ""
#: ../development/specifications.rst:27 4bd307887c6a4dcebb9d5ff9b9c3176a
msgid ""
"❌ `RFC9126: OAuth 2.0 Pushed Authorization Requests <https://tools.ietf.org/"
"html/rfc9126>`_"
msgstr ""
#: ../development/specifications.rst:28 bf777af155ec47bb85265068ff053b85
msgid ""
"❌ `RFC9207: OAuth 2.0 Authorization Server Issuer Identification <https://"
"tools.ietf.org/html/rfc9207>`_"
msgstr ""
#: ../development/specifications.rst:29 06b84e457b3f423099a45450e8be7b96
msgid ""
"❌ `RFC9394: OAuth 2.0 Rich Authorization Requests <https://www.rfc-editor."
"org/rfc/rfc9396.html>`_"
msgstr ""
#: ../development/specifications.rst:30 17a488e183c64a7696ff1f8b3f02e3d8
msgid ""
"❌ `OAuth2 Multiple Response Types <https://openid.net/specs/oauth-v2-"
"multiple-response-types-1_0.html>`_"
msgstr ""
#: ../development/specifications.rst:31 28df30b698994c9ebb429fbe577701ac
msgid ""
"❌ `OAuth2 Form Post Response Mode <https://openid.net/specs/oauth-v2-form-"
"post-response-mode-1_0.html>`_"
msgstr ""
#: ../development/specifications.rst:34 ../features.rst:230
#: 273611a66c514122bd1b8986c81f8464 511272a32c844e4cb9ca0d2c2b0aeb42
msgid "OpenID Connect"
msgstr ""
#: ../development/specifications.rst:36 1b811c589c884281a965b470a69c935c
msgid ""
"✅ `OpenID Connect Core <https://openid.net/specs/openid-connect-core-1_0."
"html>`_"
msgstr ""
#: ../development/specifications.rst:37 8eb4c67d2de84a09ba6681ab0ad1dcf0
msgid ""
"✅ `OpenID Connect Discovery <https://openid.net/specs/openid-connect-"
"discovery-1_0.html>`_"
msgstr ""
#: ../development/specifications.rst:38 3dd0ab1827034c7f8bb58dd56463cb2a
msgid ""
"✅ `OpenID Connect Dynamic Client Registration <https://openid.net/specs/"
"openid-connect-registration-1_0.html>`_"
msgstr ""
#: ../development/specifications.rst:39 5202769d4fed46999e56f7d6a0a03c5d
msgid ""
"✅ `OpenID Connect RP Initiated Logout <https://openid.net/specs/openid-"
"connect-rpinitiated-1_0.html>`_"
msgstr ""
#: ../development/specifications.rst:40 768d7dd2182a418fb9344db3f5cba48a
msgid ""
"❌ `OpenID Connect Session Management <https://openid.net/specs/openid-"
"connect-session-1_0.html>`_"
msgstr ""
#: ../development/specifications.rst:41 bffbc632d9bf4c89b64bb51cdece0844
msgid ""
"❌ `OpenID Connect Front Channel Logout <https://openid.net/specs/openid-"
"connect-frontchannel-1_0.html>`_"
msgstr ""
#: ../development/specifications.rst:42 3001306e82cc4e9b80078a4631c791f9
msgid ""
"❌ `OpenID Connect Back Channel Logout <https://openid.net/specs/openid-"
"connect-backchannel-1_0.html>`_"
msgstr ""
#: ../development/specifications.rst:43 3e1058c4a8154eb58a563e171a03a51b
msgid ""
"❌ `OpenID Connect Back Channel Authentication Flow <https://openid.net/"
"specs/openid-client-initiated-backchannel-authentication-core-1_0.html>`_"
msgstr ""
#: ../development/specifications.rst:44 7d20317b02f54007a0d6e9e79b82b243
msgid ""
"❌ `OpenID Connect Core Error Code unmet_authentication_requirements "
"<https://openid.net/specs/openid-connect-unmet-authentication-"
"requirements-1_0.html>`_"
msgstr ""
#: ../development/specifications.rst:45 cc695337a4a4431c9a62bdc2471f489d
msgid ""
"✅ `Initiating User Registration via OpenID Connect 1.0 <https://openid.net/"
"specs/openid-connect-prompt-create-1_0.html>`_"
msgstr ""
#: ../development/specifications.rst:46 6cfd3e82e2bb4f80a58d8864be2ef301
msgid ""
"❌ `OpenID Connect Profile for SCIM Services <https://openid.net/specs/"
"openid-connect-scim-profile-1_0.html>`_"
msgstr ""
#: ../development/specifications.rst:49 ../development/specifications.rst:108
#: d9278a9cbe784818b57f9fd9d76dda68
msgid "SCIM"
msgstr ""
#: ../development/specifications.rst:51 6599ee73d8ab49579b0e09836d421750
msgid "Canaille provides a basic SCIM server implementation."
msgstr ""
#: ../development/specifications.rst:53 c91f11a0512e4782981c5bb98a8038d7
msgid ""
"🟠 `RFC7642: System for Cross-domain Identity Management: Definitions, "
"Overview, Concepts, and Requirements <https://www.rfc-editor.org/rfc/"
"rfc7642>`_"
msgstr ""
#: ../development/specifications.rst:54 2f4ea31b4c80425a8e3075b8597ae8e5
msgid ""
"🟠 `RFC7643: System for Cross-domain Identity Management: Core Schema "
"<https://www.rfc-editor.org/rfc/rfc7642>`_"
msgstr ""
#: ../development/specifications.rst:55 6ffdb285557144afb301b05c33fecddf
msgid ""
"🟠 `RFC7644: System for Cross-domain Identity Management: Protocol <https://"
"www.rfc-editor.org/rfc/rfc7642>`_"
msgstr ""
#: ../development/specifications.rst:57 0b5af403924542a99c63f28eaab81ca5
msgid ""
"Client-side implementation (i.e. broadcasting changes on users and groups "
"among clients) and advanced features will be implemented in the future."
msgstr ""
#: ../development/specifications.rst:60 f4700ad912314bfc8d66be8471a4c772
msgid "What's implemented"
msgstr ""
#: ../development/specifications.rst:62 ../development/specifications.rst:83
#: a221acec85ca4725b2951cb9b51e20d5 a3820ca28394481b85c5906175c9211b
msgid "Endpoints:"
msgstr ""
#: ../development/specifications.rst:64 fda698ab71304acb81f54cb02fbeea05
msgid "/Users (GET, POST)"
msgstr ""
#: ../development/specifications.rst:65 888be4da4f194f319087de8e766157f2
msgid "/Users/<user_id> (GET, PUT, DELETE)"
msgstr ""
#: ../development/specifications.rst:66 172c39c33a9d4449b9fa08649f7e1db5
msgid "/Groups (GET, POST)"
msgstr ""
#: ../development/specifications.rst:67 351bfa9248414180b3e2e12f3e39a7cc
msgid "/Groups/<user_id> (GET, PUT, DELETE)"
msgstr ""
#: ../development/specifications.rst:68 0b3147e232df4562abe864dcc3c62600
msgid "/ServiceProviderConfig (GET)"
msgstr ""
#: ../development/specifications.rst:69 d12ef72fdb2a4faf91c5f3a6606e09d3
msgid "/Schemas (GET)"
msgstr ""
#: ../development/specifications.rst:70 3a2387dace19496d9539e3adb6b3a634
msgid "/Schemas/<schema_id> (GET)"
msgstr ""
#: ../development/specifications.rst:71 7bd1a03ce13a4a519529ffa633c39dad
msgid "/ResourceTypes (GET)"
msgstr ""
#: ../development/specifications.rst:72 7bc66e9808184fa28e9af54c0a2ca411
msgid "/ResourceTypes/<resource_type_id> (GET)"
msgstr ""
#: ../development/specifications.rst:74 65ccf2057cb044258e738dd9dcfb0582
msgid "Features:"
msgstr ""
#: ../development/specifications.rst:76 ef940c8ad25f4e97a8d4fa1ee9bfd786
msgid ":rfc:`pagination <7644#section-3.4.2.4>`"
msgstr ""
#: ../development/specifications.rst:81 f4700ad912314bfc8d66be8471a4c772
msgid "What is not implemented yet"
msgstr ""
#: ../development/specifications.rst:85 76085a65129e4d1387aa1ccb5b5b2bba
msgid "/Users (PATCH)"
msgstr ""
#: ../development/specifications.rst:86 da3a2dd71b204dd8941958051a0ca269
msgid "/Groups (PATCH)"
msgstr ""
#: ../development/specifications.rst:87 1936b0ba8c5743b397c3dcc914f453fc
msgid ":rfc:`/Me <7644#section-3.11>` (GET, POST, PUT, PATCH, DELETE)"
msgstr ""
#: ../development/specifications.rst:88 d6095a95a820448c8e93c6205907d2c0
msgid ":rfc:`/Bulk <7644#section-3.11>` (POST)"
msgstr ""
#: ../development/specifications.rst:89 8ae6230d4d04470587eabc0e85bfd237
msgid ":rfc:`/.search <7644#section-3.4.3>` (POST)"
msgstr ""
#: ../development/specifications.rst:91 ../features.rst:9
#: 8b8d299ade65429ab2a1739bbeca65b0 61a68141a485477a9fb49921e7b8aa3a
msgid "Features"
msgstr ""
#: ../development/specifications.rst:93 f85742cf16c0404a99264064c75cebbd
msgid ":rfc:`filtering <7644#section-3.4.2.2>`"
msgstr ""
#: ../development/specifications.rst:94 e20e4adefa5947319005523f6b6a9377
msgid ":rfc:`sorting <7644#section-3.4.2.3>`"
msgstr ""
#: ../development/specifications.rst:95 02742549d8f54bc18893ecb9c419809c
msgid ":rfc:`attributes selection <7644#section-3.4.2.5>`"
msgstr ""
#: ../development/specifications.rst:96 9e10ed15bc1b477ea12326a749bf64b8
msgid ":rfc:`ETags <7644#section-3.14>`"
msgstr ""
#: ../development/specifications.rst:99 ac600b38603f4fb999aebf5ffbe33cc7
msgid "Comparison with other providers"
msgstr ""
#: ../development/specifications.rst:101 2ef9567e17694a669ed5071c882661ad
msgid "Here is a feature comparison with other OpenID Connect server software."
msgstr ""
#: ../development/specifications.rst:103 d6d241980d3e46e192dd54a5082b0197
msgid ""
"Canaille voluntarily only implements the OpenID Connect protocol to keep its "
"codebase simple."
msgstr ""
#: ../development/specifications.rst:106 0b9a4fba353c483692ed6fb04227691e
msgid "Software"
msgstr ""
#: ../development/specifications.rst:106 62c2fe7c97644cfa8e7d297a337bfe36
msgid "Project"
msgstr ""
#: ../development/specifications.rst:106 f4700ad912314bfc8d66be8471a4c772
msgid "Protocols implementations"
msgstr ""
#: ../development/specifications.rst:108 ea237be2a99a4940be67516a1b95d97d
msgid "FLOSS"
msgstr ""
#: ../development/specifications.rst:108 55d5dd9174f94ca9850b999864598259
msgid "Language"
msgstr ""
#: ../development/specifications.rst:108 27002c409c6440d29ae89e91559a6994
msgid "LOC"
msgstr ""
#: ../development/specifications.rst:108 ../references/templates.rst:48
#: 3ba35fd6c6d44150b4b049cf603e4a85 1e5e7225bddd44a4accf8159f4a489c4
msgid "OIDC"
msgstr ""
#: ../development/specifications.rst:108 dc762bcd6eca4fc79dae1ca65c411351
msgid "SAML"
msgstr ""
#: ../development/specifications.rst:108 6ae5803282c4439a9e7b1c1570e4c505
msgid "CAS"
msgstr ""
#: ../development/specifications.rst:110 f4c4ac6fdea74558a74bc9a3cefbb5c7
msgid "Canaille"
msgstr ""
#: ../development/specifications.rst:110 ../development/specifications.rst:112
#: ../development/specifications.rst:114 ../development/specifications.rst:116
#: ../development/specifications.rst:118 ../development/specifications.rst:120
#: ../development/specifications.rst:122 ../development/specifications.rst:124
#: ../development/specifications.rst:126 ../development/specifications.rst:128
#: ../development/specifications.rst:130 ../development/specifications.rst:132
#: 33e7166b401144bcadff959d61e03c4c c2035a448fa9405a92d51c9c90277394
#: 7bba6b8427854a41b99c15b883290007 588ab8a50fca4528b9a471dbddfb7d4a
#: ba65de35554741a48a7eb4a72fc66433 4dd20636352243038f0bdad8d15e8449
#: 5b23071246ab41f1abd1bfa5596a4b46 c1aa2d442f2047f9a1194e38c2b1ddd1
#: ce03d94ab7954c02968bfb44eb0f72fd 9fb4e3e247d846419051f2852ffa3f31
#: f5e5911bcb704af19c073370f437c1b4 e063ffcc58474df4a66b2814eb4c0f61
#: cff48ca4a13545309d9e1b58c3dede80 e55ccef99f4a45be8fb35a1ed8bb1ac4
#: 4b09487097334807804aaba873d4dc7b c9b45500d9d145a8862c978d95329330
#: c34b7940cbbd4218af2cb94e8eb24fc7 8a394726b7b941dfbbd8af3e546782c1
#: f5320617a03e47dea905ac5a70208c70
msgid "✅"
msgstr ""
#: ../development/specifications.rst:110 ../development/specifications.rst:116
#: 86f975b8aaab4af9bfc62ef2df91ba28
msgid "Python"
msgstr ""
#: ../development/specifications.rst:110 3a757539fafc4e3aa92dbdec5227a2df
msgid "10k"
msgstr ""
#: ../development/specifications.rst:110 ../development/specifications.rst:112
#: ../development/specifications.rst:114 ../development/specifications.rst:116
#: ../development/specifications.rst:118 ../development/specifications.rst:120
#: ../development/specifications.rst:122 ../development/specifications.rst:126
#: ../development/specifications.rst:130 ../development/specifications.rst:132
#: 0baee04e46584b46ab2b5bd83dea4c0d 94a1a61f502a42569788cfe93ad6bcf7
msgid "❌"
msgstr ""
#: ../development/specifications.rst:110 c3172c68b79b46e1ac155f9af8f8729f
msgid "🟠"
msgstr ""
#: ../development/specifications.rst:112 41d7747dc9384c6b908b8394168b5b5a
msgid "`Auth0`_"
msgstr ""
#: ../development/specifications.rst:112 ../development/specifications.rst:122
#: ../development/specifications.rst:124 ../development/specifications.rst:132
#: 8f85eeab9d6945af894c55e2a4aa0b9b
msgid "❔"
msgstr ""
#: ../development/specifications.rst:114 47ff7b1213464f85b246c4282f3af933
msgid "`Authelia`_"
msgstr ""
#: ../development/specifications.rst:114 ../development/specifications.rst:118
#: ../development/specifications.rst:126 5db56fd3e64948f5a108d2f74f7070b4
msgid "Go"
msgstr ""
#: ../development/specifications.rst:114 ../development/specifications.rst:126
#: 741e97755b8c4478b7e19ba006898401
msgid "50k"
msgstr ""
#: ../development/specifications.rst:116 7fb71b70103e40eeb178e1281ea81de3
msgid "`Authentic2`_"
msgstr ""
#: ../development/specifications.rst:116 cb26c38797d9416fafe5d1a1b5c5b03b
msgid "65k"
msgstr ""
#: ../development/specifications.rst:118 6f7fc7bbb2694f09a12393a74ffc8013
msgid "`Authentik`_"
msgstr ""
#: ../development/specifications.rst:118 bb964534c0704925b6d856bd54af7c7f
msgid "55k"
msgstr ""
#: ../development/specifications.rst:120 4604cb0778044b63807b2be23ced893c
msgid "`CAS`_"
msgstr ""
#: ../development/specifications.rst:120 ../development/specifications.rst:124
#: ../development/specifications.rst:128 aa3618e441ac413e83acdfe56631d15a
msgid "Java"
msgstr ""
#: ../development/specifications.rst:120 c316893b4f00454a8c5745071e0888b1
msgid "360k"
msgstr ""
#: ../development/specifications.rst:122 c8a158afb8d841209c20b9ef42e563cb
msgid "`Connect2id`_"
msgstr ""
#: ../development/specifications.rst:124 a264cd68201c442faf08474397c550aa
msgid "`Gluu`_"
msgstr ""
#: ../development/specifications.rst:126 e54b53bfeafd4764b01095c1cd0077b7
msgid "`Hydra`_"
msgstr ""
#: ../development/specifications.rst:128 87594578370246d494ef5e63196a3a92
msgid "`Keycloak`_"
msgstr ""
#: ../development/specifications.rst:128 d6304d1f41714ad5af15edb6febbfbc5
msgid "600k"
msgstr ""
#: ../development/specifications.rst:130 2efe7957b848447dacfecb082a95c438
msgid "`LemonLDAP`_"
msgstr ""
#: ../development/specifications.rst:130 cdd25b565e5d4de4b4202f82f4407843
msgid "Perl"
msgstr ""
#: ../development/specifications.rst:130 51b2d4fcc1fc43d2a692826a2b2c62d1
msgid "130k"
msgstr ""
#: ../development/specifications.rst:132 4c2a5d27487345f7bc3c1bbd0c897c47
msgid "`Okta`_"
msgstr ""
#: ../features.rst:11 5dd070084abb440ebf87c36df501f197
msgid ""
"Here are the different features that Canaille provides. You can enable any "
"of those features with the :doc:`configuration <references/configuration>` "
"to fit any :doc:`use cases <usecases>` you may meet. Check our :ref:"
"`roadmap <features:Roadmap>` to see what is coming next."
msgstr ""
#: ../features.rst:15 83eef1f1157b4d37b4627438618f31ab
msgid ""
"Users can interact with Canaille through its :ref:`web interface <features:"
"Web interface>` and administrators can also use its :ref:`command line "
"interface <feature_cli>`. Canaille can handle data stored in different :ref:"
"`database backends <feature_databases>`."
msgstr ""
#: ../features.rst:19 73c7e363c37147fc825deea06ee26975
msgid "User and group management"
msgstr ""
#: ../features.rst:21 e19b2b99a8544219b61bbedc1229e77c
msgid ""
"Canaille web interface can be used either in :doc:`production environments "
"<tutorial/deployment>` or locally for development purposes."
msgstr ""
#: ../features.rst:26 ../index.rst:27 759b0714ba194bc5a5d043350cb4cd14
#: dd79223676e0465293d1499d8929fa26
msgid "Profile management"
msgstr ""
#: ../features.rst:28 ../features.rst:238 53e5483c51ae4df28138ae990c16de07
#: 0a36f2261b84450b98131ff740f7ceb9
msgid "Profile"
msgstr ""
#: ../features.rst:33 864adfa77693422cad803b08d9187a5e
msgid "Canaille provides an interface to manage user profiles."
msgstr ""
#: ../features.rst:35 505ce537381249ec82445d38a4e093df
msgid ""
"The exact list of displayed fields, and whether they are :attr:`writable "
"<canaille.core.configuration.ACLSettings.WRITE>` or :attr:`read-only "
"<canaille.core.configuration.ACLSettings.READ>` depends on the user :class:"
"`Access Control List settings (ACL) <canaille.core.configuration."
"ACLSettings>`."
msgstr ""
#: ../features.rst:37 625c7cea8a034a7ba263a71ce0587a26
msgid ""
"Depending on their ACL :class:`permissions <canaille.core.configuration."
"Permission>`, users can either be allowed to edit their own profile, edit "
"any user profile, or do nothing at all."
msgstr ""
#: ../features.rst:42 530dac22b587444cbd5de9ba2d7a3a90
msgid "Email confirmation"
msgstr ""
#: ../features.rst:44 2c3acd412bb944ab81ff2631784bff71
msgid ""
"If the :attr:`email confirmation feature <canaille.core.configuration."
"CoreSettings.EMAIL_CONFIRMATION>` is enabled, any modification or addition "
"of a profile email will send a confirmation mail to the new address. The "
"mail will contain a link that users will need to click on to confirm their "
"email address."
msgstr ""
#: ../features.rst:46 8d597149b59e45f896eff2baa716fc20
msgid ""
"Users with :attr:`user management permission <canaille.core.configuration."
"Permission.MANAGE_USERS>` can set user emails without confirmation though."
msgstr ""
#: ../features.rst:51 4a6be5a6b71a4a5ea35d7c4a41630e35
msgid "Group management"
msgstr ""
#: ../features.rst:53 ../features.rst:140 4824338c1fbf4fdd8c2e01534219ee98
#: 3d8b9fc086e945d890bf9b3e01c82984
msgid "Group edition"
msgstr ""
#: ../features.rst:58 afc7e192d41148e0a2ef8ec6f8944729
msgid ""
"In a similar fashion than :ref:`profile management "
"<feature_profile_management>` Canaille provides an interface to manage user "
"groups."
msgstr ""
#: ../features.rst:60 b83c6d0af7fe45228496bb2c594cf88c
msgid ""
"The group management is quite simple at the moment and consists in a group "
"name and description, and the list of its members. Group membership can be "
"use as :attr:`ACL Filter <canaille.core.configuration.ACLSettings.FILTER>` "
"to define user permissions."
msgstr ""
#: ../features.rst:63 ../features.rst:83 ../features.rst:149
#: ../tutorial/deployment.rst:13 ../tutorial/provisioning.rst:9
#: 6fdf0a969ccb49e1bf9bfc28f4df9169 4065a0b70a1444058df3bb16f0abc445
#: bc0be7a805e04b5f91b89db28d7dffae 7ab21494d11e4287acffeb771f8f5244
#: 9df6890219304d7dbb04c9b7817147f5
msgid "Todo"
msgstr ""
#: ../features.rst:64 60eafd84b6934482b1ec0831e6aaa3b7
msgid ""
"At the moment adding an user to a group can only be achieved by the user "
"settings page, but we are :issue:`working to improve this <192>`."
msgstr ""
#: ../features.rst:66 6440e19e527d4d5f8abc44d99c8a3dba
msgid ""
"Group management can be enable with a :attr:`dedicated user permission "
"<canaille.core.configuration.Permission.MANAGE_GROUPS>`."
msgstr ""
#: ../features.rst:69 2382414ec97641a4925e741a26ae3148
msgid ""
"Due to limitations in the :ref:`LDAP backend <tutorial/databases:LDAP>`, "
"groups must have at least one member. Thus it is not possible to remove the "
"last user of a group without removing the group."
msgstr ""
#: ../features.rst:75 ../index.rst:34 b136f97d836d4c8dbb63cd671ceebe4e
#: 76d8725ced9e421f98de5fb1e1ee01a2
msgid "User authentication"
msgstr ""
#: ../features.rst:77 022b43e4ff7f4932aa151eaade78aeb6
msgid ""
"Unless their account is :ref:`locked <feature_account_locking>`, users can "
"authenticate with a login and a password."
msgstr ""
#: ../features.rst:81 1a8cb7dc227a452b81768be3758a8fb4
msgid ""
"For security reasons, it won't be told to users if they try to sign in with "
"an unexisting logging, unless explicitly :attr:`set in the configuration "
"<canaille.core.configuration.CoreSettings.HIDE_INVALID_LOGINS>`."
msgstr ""
#: ../features.rst:83 778349cb3c344689bd8cc06184005e10
msgid ""
":ref:`LDAP backend <tutorial/databases:LDAP>` users can define which :class:"
"`user field <canaille.core.models.User>` should be used as the login (such "
"as :attr:`~canaille.core.models.User.user_name` or :attr:`~canaille.core."
"models.User.emails`) using a :attr:`configuration parameter <canaille."
"backends.ldap.configuration.LDAPSettings.USER_FILTER>`, but other backends "
"can only login using :attr:`~canaille.core.models.User.user_name`. We are :"
"issue:`working to improve this <196>`."
msgstr ""
#: ../features.rst:88 aa467ae3118543ed94401a8ca23776f1
msgid "User registration"
msgstr ""
#: ../features.rst:90 c81ba8ba520c4d8bb6c8475fe023404b
msgid ""
"Users can create accounts on Canaille if the :attr:`registration feature "
"<canaille.core.configuration.CoreSettings.ENABLE_REGISTRATION>` is enabled. "
"They will be able to fill a registration form with the fields detailed in "
"the default :class:`ACL settings <canaille.core.configuration.ACLSettings>`."
msgstr ""
#: ../features.rst:92 c1f2442a948d414e9b9983d79aa91ae4
msgid ""
"If :attr:`email confirmation <canaille.core.configuration.CoreSettings."
"EMAIL_CONFIRMATION>` is also enabled, users will be sent a confirmation link "
"to their email address, on which they will need to click in order to "
"finalize their registration."
msgstr ""
#: ../features.rst:97 ../features.rst:99 3d200c871e19420db3ce1885f7414a3c
#: 7bf61d1ad01240f7b1ed2db4ab0fdf77
msgid "User invitation"
msgstr ""
#: ../features.rst:104 134f042cb892434e922c01d62222ed54
msgid ""
"If a :class:`mail server <canaille.core.configuration.SMTPSettings>` is "
"configured, users with :attr:`user management permission <canaille.core."
"configuration.Permission.MANAGE_USERS>` can create an invitation link for "
"one user."
msgstr ""
#: ../features.rst:106 e054dbb49f644364a6aaadcb2f5a0024
msgid ""
"The link goes to a registration form, even if regular :ref:`user "
"registration <feature_user_registration>` is disabled."
msgstr ""
#: ../features.rst:108 536cbb5eff1444dda4ac45998d356fe6
msgid "It can be automatically sent by email to the new user."
msgstr ""
#: ../features.rst:113 c24731829c1949aeb3f54f0167ed8b37
msgid "Account locking"
msgstr ""
#: ../features.rst:115 48e7bf2282b5487f9437be3863edc5ed
msgid ""
"If Canaille is plugged to a :ref:`backend <feature_databases>` that supports "
"it, user accounts can be locked by users with :attr:`user management "
"permission <canaille.core.configuration.Permission.MANAGE_USERS>`. The lock "
"date can be set instantly or at a given date in the future."
msgstr ""
#: ../features.rst:118 31e7e6b90652414ab1b450f98ddb7d53
msgid "At the moment a user account is locked:"
msgstr ""
#: ../features.rst:120 6be8caf7464643e99cb2614ce0138045
msgid "their open sessions will be closed;"
msgstr ""
#: ../features.rst:121 93da628150674abe85e3ff8f27e83c0a
msgid "they won't be able to sign in again;"
msgstr ""
#: ../features.rst:122 e5196d576eb445d9aa83989d6f241c42
msgid "no new OIDC token will be issued;"
msgstr ""
#: ../features.rst:124 c784a99a157b46028eb5c3543da73e38
msgid ""
"User accounts must be manually unlocked by an administrator for the users to "
"regain access to those actions."
msgstr ""
#: ../features.rst:129 da2f0b388508475cbb3fd080de1ff44c
msgid "Account deletion"
msgstr ""
#: ../features.rst:131 5bc09c4f89764a1a950c44dc255b98d2
msgid ""
"Users with the :attr:`account deletion permission <canaille.core."
"configuration.Permission.DELETE_ACCOUNT>` are allowed to delete their own "
"account."
msgstr ""
#: ../features.rst:133 85f4ea778e8f45f7841ddf39f1bc8b41
msgid ""
"Users that also have the :attr:`user management permission <canaille.core."
"configuration.Permission.MANAGE_USERS>` are also allowed to delete other "
"users accounts."
msgstr ""
#: ../features.rst:138 86a66e197de94dcbb90d559730b89318
msgid "Password recovery"
msgstr ""
#: ../features.rst:145 6693db5e96354da69ed660a259c109ce
msgid ""
"If a :class:`mail server <canaille.core.configuration.SMTPSettings>` is "
"configured and the :attr:`password recovery feature <canaille.core."
"configuration.CoreSettings.ENABLE_PASSWORD_RECOVERY>` is enabled, then users "
"can ask for a password reset email if they cannot remember their password."
msgstr ""
#: ../features.rst:147 2f356fab771549f9bdca5fa4f3ca2e5e
msgid ""
"The email will be sent to the email addresses filled in their profile, and "
"will contain a link that will allow them to choose a new password. ."
msgstr ""
#: ../features.rst:151 a603b57c4fc54e67ba04056b0037ae8e
msgid "Check that password recovery is disabled on locked accounts."
msgstr ""
#: ../features.rst:156 1bdb193d14a444a2a823f0dcef03e8ad
msgid "Password reset"
msgstr ""
#: ../features.rst:158 077ee41f3059484dad80b08733aae520
msgid ""
"If a :class:`mail server <canaille.core.configuration.SMTPSettings>` is "
"configured, :attr:`user management permission <canaille.core.configuration."
"Permission.MANAGE_USERS>` can send password reset mails to users. The mails "
"contains a link that allow users to choose a new password without having to "
"retrieve the old one."
msgstr ""
#: ../features.rst:164 c4e7b07761674e608a0e2bfdd50a659a
msgid "Password initialization"
msgstr ""
#: ../features.rst:166 5043df71775449a78e19ce0296f8d9ee
msgid ""
"User :attr:`passwords <canaille.core.models.User.password>` are optional. If "
"a :class:`mail server <canaille.core.configuration.SMTPSettings>` is "
"configured, when users with no password attempt to sign in, they are invited "
"to click a button that will send them a password initialization mail. The "
"mail contains a link that leads to a form that allows users to choose a "
"password."
msgstr ""
#: ../features.rst:173 412b386c0c794b5d8c71ea7b51278da8
msgid "Password compromission check"
msgstr ""
#: ../features.rst:175 35e11da6bbdf4e2da05a3a66c24e1dbe
msgid ""
"If :attr:`password compromission check feature <canaille.core.configuration."
"CoreSettings.ENABLE_PASSWORD_COMPROMISSION_CHECK>` is enabled, Canaille will "
"check for password compromise on HIBP (https://haveibeenpwned.com/) every "
"time a new password is register. You will need to set an :attr:`admin email "
"<canaille.core.configuration.CoreSettings.ADMIN_EMAIL>`."
msgstr ""
#: ../features.rst:180 478b4f7b443f4f728085a2ea686b0248
msgid "Multi-factor authentication"
msgstr ""
#: ../features.rst:182 2e2c9ae9e2e24bce942de98d12d7fb33
msgid ""
"If the :attr:`one-time password feature <canaille.core.configuration."
"CoreSettings.OTP_METHOD>` is set, then users will need to authenticate "
"themselves using a one-time password via an authenticator app. Two options "
"are supported : \"TOTP\" for time one-time password, and \"HOTP\" for HMAC-"
"based one-time password. In case of lost token, TOTP/HOTP authentication can "
"be reset by users with :attr:`user management permission <canaille.core."
"configuration.Permission.MANAGE_USERS>`. If a :class:`mail server <canaille."
"core.configuration.SMTPSettings>` is configured and the :attr:`email one-"
"time password feature <canaille.core.configuration.CoreSettings.EMAIL_OTP>` "
"is enabled, then users will need to authenticate themselves via a one-time "
"password sent to their primary email address. If a :class:`smpp server "
"<canaille.core.configuration.SMPPSettings>` is configured and the :attr:`sms "
"one-time password feature <canaille.core.configuration.CoreSettings."
"SMS_OTP>` is enabled, then users will need to authenticate themselves via a "
"one-time password sent to their primary phone number."
msgstr ""
#: ../features.rst:191 39adf64b80444b27bb6f9f11747a6960
msgid "Intruder lockout"
msgstr ""
#: ../features.rst:193 e884c68544f2480db394e53aeb54a811
msgid ""
"If the :attr:`intruder lockout feature <canaille.core.configuration."
"CoreSettings.ENABLE_INTRUDER_LOCKOUT>` is enabled, then users will have to "
"wait for an increasingly long time between each failed login attempt."
msgstr ""
#: ../features.rst:196 cbba3fccd9f84230b6eb0774cfd7e109
msgid "Web interface"
msgstr ""
#: ../features.rst:201 fab0081b9bd4460098de6df7d8c317b5
msgid "Internationalization"
msgstr ""
#: ../features.rst:203 46cf7a3a3e9047439aa7fa6654b07921
msgid "Translation state"
msgstr ""
#: ../features.rst:208 0a5afedc31de47a28d0bf7842a8558cd
msgid ""
"Canaile will display in your :attr:`preferred language <canaille.core.models."
"User.preferred_language>` if available, or your browser language if "
"available (and if it is not you can :ref:`help us with the translation "
"<development/contributing:Code translation>`). If you prefer, you can also :"
"attr:`force a language <canaille.core.configuration.CoreSettings.FAVICON>` "
"for every users."
msgstr ""
#: ../features.rst:214 2caebf718cab47029a83bb91253e36e5
msgid "Lightweight"
msgstr ""
#: ../features.rst:216 e3cbad3b2af0422287a92a4094559d8b
msgid ""
"The web interface is lightweight, so everything should load quickly. There "
"is a few Javascript here and there to smooth the experience, but no "
"Javascript at all is needed to use Canaille."
msgstr ""
#: ../features.rst:220 a7db848b637a46b1874f04fb542009e2
msgid "Customizable"
msgstr ""
#: ../features.rst:222 0c829a128889493fbc97247a60390954
msgid ""
"The default theme should be good enough for most usages. It has a dark "
"theme, display well on mobile, and let you choose a :attr:`logo <canaille."
"core.configuration.CoreSettings.LOGO>` and a :attr:`favicon <canaille.core."
"configuration.CoreSettings.FAVICON>`."
msgstr ""
#: ../features.rst:225 3a69d40c024744af967a1408c054aca0
msgid ""
"If you need more you can also use a :attr:`custom theme <canaille.core."
"configuration.CoreSettings.THEME>`."
msgstr ""
#: ../features.rst:232 003c4e8eee334a9d89486e2c0ae5d106
msgid ""
"Canaille implements a :ref:`subset<development/specifications:State of the "
"specs in Canaille>` of the OAuth2/OpenID Connect specifications . This "
"allows to provide :abbr:`SSO (Single Sign-On)` and :abbr:`SLO (Single Log-"
"On)` to applications plugged to Canaille."
msgstr ""
#: ../features.rst:236 51e9a6e1ddb04b99a6a73135fc8728e7
msgid "Consent management"
msgstr ""
#: ../features.rst:244 a613e3d10f1243f3bc5d4e796b278c89
msgid ""
"Users can give their consent to application requesting access to their "
"personal information, and then revoke those consent at their will."
msgstr ""
#: ../features.rst:248 115bec7ea8944f6ab98641d9bd2540ec
msgid "Application management"
msgstr ""
#: ../features.rst:250 526d36374a8747d6ad6280379bcf664c
msgid ""
"Users with the right :attr:`permission <canaille.core.configuration."
"Permission.MANAGE_OIDC>` can manager OIDC clients through the web interface."
msgstr ""
#: ../features.rst:252 79f0217902dc4b2ca73128ff6c16e7b5
msgid ""
"In some cases, it might be useful to avoid the consent page for some trusted "
"applications, so clients can be pre-consented."
msgstr ""
#: ../features.rst:255 d1f7f85df6404afe91d29e4dee44be1d
msgid "Discovery"
msgstr ""
#: ../features.rst:257 8b306f1c76664574a0f3d85805a46d87
msgid ""
"Canaille implements the :doc:`Discovery specifications <development/"
"specifications>` so most of the applications plugged to Canaille can auto-"
"configure themselves."
msgstr ""
#: ../features.rst:260 d5a2f0c4fa2f4363b5e87c4243376aaa
msgid "Dynamic Client Registration"
msgstr ""
#: ../features.rst:262 800aec57df82487f80fc7da359dc5c34
msgid ""
"Canaille implements the :doc:`Dynamic Client Registration specifications "
"<development/specifications>`, so when the :attr:`feature is enabled "
"<canaille.oidc.configuration.OIDCSettings."
"DYNAMIC_CLIENT_REGISTRATION_OPEN>`, clients can register themselves on "
"Canaille without an administrator intervention."
msgstr ""
#: ../features.rst:265 9cae9e0af58f499dac34354e9c12785d
msgid "System administration"
msgstr ""
#: ../features.rst:270 ../references/commands.rst:2
#: 9b5fcf18f6214856ae377f83005f8309 e2a97a5dfb5844f9a74c78b1a28ed23f
msgid "Command Line Interface"
msgstr ""
#: ../features.rst:272 98ef5f39d74944668dfff8b63d9d6199
msgid ""
"Canaille comes with a :abbr:`CLI (Command Line Interface)` to help "
"administrators in hosting and management."
msgstr ""
#: ../features.rst:274 9a30112ff2eb47c69263e73aa3c4ee15
msgid ""
"There are tools to :ref:`check your configuration <cli_check>` or to :ref:"
"`install missing parts <cli_install>`. You can use the CLI to :ref:`create "
"<cli_create>`, :ref:`read <cli_get>`, :ref:`update <cli_set>` and :ref:"
"`delete <cli_delete>` models such as :class:`users <canaille.core.models."
"User>`, :class:`groups <canaille.core.models.Group>` or :class:`OIDC "
"clients <canaille.oidc.basemodels.Client>`."
msgstr ""
#: ../features.rst:277 02d13c90aa8f41f5b1007cd67fcea510
msgid ""
"There are also tools to :ref:`fill your database <cli_populate>` with random "
"objects, for tests purpose for instance."
msgstr ""
#: ../features.rst:282 ../tutorial/databases.rst:2
#: 0225297b7d884971a952f5ec904a15ac cf1fc0e0abb74b3ca66c1e92a5e773e9
msgid "Databases"
msgstr ""
#: ../features.rst:284 1a7af5dc07fa4f6c9231664737ee46a7
msgid ""
"Canaille can handle data from the most :ref:`common SQL databases <tutorial/"
"databases:SQL>` such as PostgreSQL, MariaDB or SQLite, as well as :ref:"
"`OpenLDAP <tutorial/databases:LDAP>`. It also comes with a no-dependency :"
"ref:`in-memory database <tutorial/databases:Memory>` that can be used in "
"unit tests suites."
msgstr ""
#: ../features.rst:290 a6a6a7334af54051aebed82d83027ea8
msgid "Logging"
msgstr ""
#: ../features.rst:292 9bc7705bd378459abf2f813381aa58a6
msgid ""
"Canaille writes :attr:`logs <canaille.core.configuration.CoreSettings."
"LOGGING>` for every important event happening, to help administrators "
"understand what is going on and debug funky situations."
msgstr ""
#: ../features.rst:294 2aeb5161276a4f048c40a7256c3d7f0e
msgid ""
"The following security events are logged with the log level \"security\" for "
"easy retrieval :"
msgstr ""
#: ../features.rst:296 ed4be0b57afe4ce9976c45f03c249444
msgid "Authentication attempt"
msgstr ""
#: ../features.rst:297 452456f9907e4bbd89439903c2fc9ebc
msgid "Password update"
msgstr ""
#: ../features.rst:298 9ccb4ef2a139403c85223576eb87a182
msgid "Email update"
msgstr ""
#: ../features.rst:299 bd0936deb7994f8fb59f2f0a47115edc
msgid "Forgotten password mail sent to user"
msgstr ""
#: ../features.rst:300 bd0936deb7994f8fb59f2f0a47115edc
msgid "One-time password mail sent to user"
msgstr ""
#: ../features.rst:301 478b4f7b443f4f728085a2ea686b0248
msgid "Multi-factor authentication reset"
msgstr ""
#: ../features.rst:302 02079fe76d2041aaba48a6b2079630f1
msgid "Token emission"
msgstr ""
#: ../features.rst:303 814519684d8c47a5b0b5ae6eaa9aa66e
msgid "Token refresh"
msgstr ""
#: ../features.rst:304 4489f99b64dd40248f28453fb8b4b0df
msgid "Token revokation"
msgstr ""
#: ../features.rst:305 99abcc04f85649c1b184e22e67b36f18
msgid "New consent given for client application"
msgstr ""
#: ../features.rst:306 c64802d623a74d678c4aca29f82c39d7
msgid "Consent revokation"
msgstr ""
#: ../features.rst:311 f9d92f5f76a745ee97ea36afc853c516
msgid "Development and testing tool"
msgstr ""
#: ../features.rst:316 9c0500515a5847c2bec5b1bb743f42fc
msgid "Unit-testing tool"
msgstr ""
#: ../features.rst:318 b1dc62a0c2024ff1bd6682408301766a
msgid ""
"Thanks to its lightweight :ref:`in-memory database <tutorial/databases:"
"Memory>` and its curated :ref:`dependency list <tutorial/install:Get the "
"code>`, Canaille can be used in the unit test suite of your application, so "
"you can check how it behaves against a real world OpenID Connect server. If "
"you work with python you might want to check :doc:`pytest-iam:index`."
msgstr ""
#: ../features.rst:321 ff4f45059bc2485eb5fa0145f5f01f9a
msgid "Development server"
msgstr ""
#: ../features.rst:323 a430530dc1ac42b680a9024e920dad7d
msgid ""
"It can also being launched in your development environment, if you find that "
"launching a Keycloak in a Docker container is too heavy for your little web "
"application."
msgstr ""
#: ../features.rst:328 3594d882079a4c89b28f0d9b25b5a647
msgid "Continuous Integration tools"
msgstr ""
#: ../features.rst:330 f7bb141a215c46df915ce63b47f13cdb
msgid ""
"It also fits well in continuous integration scenarios. Thanks to its :ref:"
"`CLI <feature_cli>`, you can prepare data in Canaille, let your application "
"interact with it, and then check the side effects."
msgstr ""
#: ../features.rst:333 beb39ccb89e040118104ba0c0f41eb71
msgid "Roadmap"
msgstr ""
#: ../features.rst:336 4fee3c311fe844bbb345bd5b562844ad
msgid "Bêta version"
msgstr ""
#: ../features.rst:338 f699343ae7fe4f12a9d12f4692c22827
msgid ""
"To go out of the current Alpha version we want to achieve the following "
"tasks:"
msgstr ""
#: ../features.rst:340 c8aec1fe7d574a789319e75cc64bd2e7
msgid ":issue:`Configuration validation using pydantic <138>`"
msgstr ""
#: ../features.rst:343 706d590389f54c40ba1b219877946bb5
msgid "Stable version"
msgstr ""
#: ../features.rst:345 54c0d4cc60054a5ebe7456575b1b70c3
msgid ""
"Before we push Canaille in stable version we want to achieve the following "
"tasks:"
msgstr ""
#: ../features.rst:348 7807e2d92e264bc78fd5b6a3c63beb3a
msgid "Security"
msgstr ""
#: ../features.rst:350 577ab46503ee45e89daa8c42938635e5
msgid ":issue:`Password hashing configuration <175>`"
msgstr ""
#: ../features.rst:351 a337cb0aac704dbca90dd70f1d68456d
msgid ":issue:`Authentication logging policy <177>`"
msgstr ""
#: ../features.rst:352 39adf64b80444b27bb6f9f11747a6960
msgid ":issue:`Intruder lockout <173>`"
msgstr ""
#: ../features.rst:353 3eeac7b1dec04fe9b990864b8810db50
msgid ":issue:`Password expiry policy <176>`"
msgstr ""
#: ../features.rst:354 4ad4707b7d02481ab507ded2d410eb70
msgid ":issue:`Multi-factor authentication: Email <47>`"
msgstr ""
#: ../features.rst:355 478b4f7b443f4f728085a2ea686b0248
msgid ":issue:`Multi-factor authentication: SMS <47>`"
msgstr ""
#: ../features.rst:356 fd624a7e3d404428830928ee05ec5348
msgid ":issue:`Multi-factor authentication: OTP <47>`"
msgstr ""
#: ../features.rst:359 a6acbc89a16a4fad8658fb33764830ad
msgid "Packaging"
msgstr ""
#: ../features.rst:361 575b556539994d1190e50cbfd0133bd4
msgid ":issue:`Nix package <190>`"
msgstr ""
#: ../features.rst:362 f8facef108bf4d668509e57200f732bb
msgid ":issue:`Docker / OCI package <59>`"
msgstr ""
#: ../features.rst:365 92825d26f07c4b718121c2784a9b6b81
msgid "And beyond"
msgstr ""
#: ../features.rst:367 ac17ddb06c4d400ebc190454535608c2
msgid ":issue:`OpenID Connect certification <182>`"
msgstr ""
#: ../features.rst:368 1b80703b0f434fe6ade3288840b9cf3c
msgid ":issue:`SCIM support <116>`"
msgstr ""
#: ../index.rst:15 2c1f5afe842843a6bbedd65606fde0f5
msgid "Lightweight Identity and Authorization Management"
msgstr ""
#: ../index.rst:19 0fa9dc97ee984c00a9460a07144eba66
msgid ""
"**Canaille** is a French word meaning *rascal*. It is roughly pronounced "
"**Can I?**, as in *Can I access your data?* Canaille is a lightweight "
"identity and authorization management software. It aims to be very light, "
"simple to install and simple to maintain. Its main features are :"
msgstr ""
#: ../index.rst:31 8b56e6fd5b374afbadf70d3371ad8538
msgid "User profile and groups management, Basic permissions"
msgstr ""
#: ../index.rst:38 ae2a113a2f63489ebb6a9696df422ed1
msgid ""
"Authentication, registration, email confirmation, \"I forgot my password\" "
"emails"
msgstr ""
#: ../index.rst:40 c4659885674a4b848e904b352c94b89c
msgid "SSO"
msgstr ""
#: ../index.rst:44 3dabf6a8010d4aff943f07dbf6fe52aa
msgid "OpenID Connect identity provider"
msgstr ""
#: ../index.rst:46 f7caa27d43354246a89db295901976cb
msgid "Multi-database support"
msgstr ""
#: ../index.rst:50 73b988c55cc241eeafe075a55fd037a0
msgid "PostgreSQL, Mariadb and OpenLDAP first-class citizenship"
msgstr ""
#: ../index.rst:52 9caead4464284ccca1a59bff67fbec2d
msgid "Customization"
msgstr ""
#: ../index.rst:56 e2604712b57b4583b53181a9fefcda0e
msgid "Put Canaille at yours colors by choosing a logo or use a custom theme!"
msgstr ""
#: ../index.rst:58 b168d0612c04400e8b259edb581dc6c7
msgid "Developers friendliness"
msgstr ""
#: ../index.rst:62 8b5f849ae22348f19d5d8feca1590032
msgid ""
"Canaille can easily fit in your unit tests suite or in your Continuous "
"Integration."
msgstr ""
#: ../index.rst:66 a4dbd4558bda425cab549061b5952854
msgid ":doc:`Full feature list <features>` :doc:`Common use cases <usecases>`"
msgstr ""
#: ../references/commands.rst:4 574cb073f7584f8599a4cc129a337c4a
msgid ""
"Canaille provide several commands to help administrator manage their data."
msgstr ""
#: ../references/commands.rst:6 aa7436e81d0347aca49e76837769f92b
msgid ""
"Generally, some configuration has to be loaded by `Canaille`. This can be "
"achieved by :ref:`configuration loading method<references/configuration:Load "
"the configuration>` available, but most of the time a ``CONFIG`` environment "
"variable is used. For the sake of readability, it is omitted in the "
"following examples."
msgstr ""
#: ../../canaille check:1 d3880ac07b8641fbb96a657384193437
msgid "Test the configuration file."
msgstr ""
#: ../../canaille check:1 8edd9caa824f4c3aa3298a3e0b28a418
msgid ""
"Attempt to reach the database and the SMTP server with the provided "
"credentials."
msgstr ""
#: ../../canaille clean:1 15fc7dadf416460fb034401cb2298ddc
msgid "Remove expired tokens and authorization codes."
msgstr ""
#: ../../canaille install:1 f58f2f270c9642208409eab2a078aa10
msgid "Installs canaille elements from the configuration."
msgstr ""
#: ../../canaille install:1 ee828128d3684eaea85f63a4d8efb295
msgid ""
"For instance, depending on the configuration, this can generate OIDC keys or "
"install LDAP schemas."
msgstr ""
#: ../../canaille populate:1 df2355b792904bae8c2adfdc44e3abc1
msgid "Populate the database with generated random data."
msgstr ""
#: ../references/commands.rst:0 25c273b3659241e5a58c4ccfc4d1aa62
#: 23e595a7ef3e40738c72964260d647d4 b9df5380bb904ef3b2c158886514b1f4
#: f7857604a6af425d92b5f49a3a571724 979aef4626814c74bd3208394714d692
msgid "Options"
msgstr ""
#: ../../canaille populate:1 757aacf7045343ac87f0d6123fe1e181
msgid "Number of items to create"
msgstr ""
#: ../../canaille populate groups:1 0e4a01018e724dc6a6ca0b638d66852a
msgid "Populate the database with generated random groups."
msgstr ""
#: ../../canaille populate groups:1 b8f050417d3e4d5cb1abef74d5b23fef
msgid "The maximum number of users that will randomly be affected in the group"
msgstr ""
#: ../../canaille populate users:1 27cbff2cac6c4d0ba3a881e593e6d298
msgid "Populate the database with generated random users."
msgstr ""
#: ../../canaille get authorizationcode:1 3b7cec01bf904fbd95a74ecc629450d4
msgid "Search for authorizationcodes and display the matching models as JSON."
msgstr ""
#: ../../canaille get client:1 04713bc174844fbc90ffcd66309a32d7
msgid "Search for clients and display the matching models as JSON."
msgstr ""
#: ../../canaille get consent:1 3d85785b1e954ca48fb3600e102060dc
msgid "Search for consents and display the matching models as JSON."
msgstr ""
#: ../../canaille get group:1 a7f5ed4db7ca4b6e990d3008e3df40dd
msgid "Search for groups and display the matching models as JSON."
msgstr ""
#: ../../canaille get token:1 f28ab88c832f4310ba8fce02409a0471
msgid "Search for tokens and display the matching models as JSON."
msgstr ""
#: ../../canaille get user:1 243977ad7e504fedbd9646f89f934592
msgid "Search for users and display the matching models as JSON."
msgstr ""
#: ../../canaille set authorizationcode:1 0e3e63095aaa4d10827812a9df412418
msgid ""
"Update a authorizationcode and display the edited model in JSON format in "
"the standard output."
msgstr ""
#: ../../canaille delete authorizationcode:1 set
#: 272d0df08f904f519632f9fd2fe65385
msgid "IDENTIFIER should be a authorizationcode id or authorization_code_id"
msgstr ""
#: ../references/commands.rst:0 68201cc09cab43ae872191c5e1e0de51
msgid "Arguments"
msgstr ""
#: ../../canaille delete authorizationcode:1 client:1 consent:1 group:1 token:1
#: user:1 reset-otp:1 set cafe88a3ce2e428eac214691a4cceb5a
msgid "Required argument"
msgstr ""
#: ../../canaille set client:1 8fd29a2556aa4939a91f5dff64f750f9
msgid ""
"Update a client and display the edited model in JSON format in the standard "
"output."
msgstr ""
#: ../../canaille delete client:1 set 1fe7624c6c204327b3dea4672369b25c
msgid "IDENTIFIER should be a client id or client_id"
msgstr ""
#: ../../canaille set consent:1 bc9887077625496493e99ffd14864f21
msgid ""
"Update a consent and display the edited model in JSON format in the standard "
"output."
msgstr ""
#: ../../canaille delete consent:1 set c40a621613bb4a57ae61d0bf635d4be1
msgid "IDENTIFIER should be a consent id or consent_id"
msgstr ""
#: ../../canaille set group:1 24bf72192e064a11ba8f4408dc6cd2f2
msgid ""
"Update a group and display the edited model in JSON format in the standard "
"output."
msgstr ""
#: ../../canaille delete group:1 set f9bb7a0e3cb74e87bd9647b1d854d4c5
msgid "IDENTIFIER should be a group id or display_name"
msgstr ""
#: ../../canaille set token:1 ed64c8271e11430f829f537ac1c9fb03
msgid ""
"Update a token and display the edited model in JSON format in the standard "
"output."
msgstr ""
#: ../../canaille delete token:1 set 5872d15912fa4904bc7429f1e6c4e4e5
msgid "IDENTIFIER should be a token id or token_id"
msgstr ""
#: ../../canaille set user:1 6db0783b2700470888b19c5bc6144406
msgid ""
"Update a user and display the edited model in JSON format in the standard "
"output."
msgstr ""
#: ../../canaille delete user:1 reset-otp:1 set
#: e98462e8df9b4465af9a63c0bbf21546 df12574865ac496e81bfdf5c8218cba0
msgid "IDENTIFIER should be a user id or user_name"
msgstr ""
#: ../../canaille create authorizationcode:1 428bc4494e3f4f6d875f2a701295e030
msgid ""
"Create a new authorizationcode and display the created model in JSON format "
"in the standard output."
msgstr ""
#: ../../canaille create client:1 4f234a94637b44698b95c220d5c3d59e
msgid ""
"Create a new client and display the created model in JSON format in the "
"standard output."
msgstr ""
#: ../../canaille create consent:1 741d27c2f5fb448da39ad4955e77518e
msgid ""
"Create a new consent and display the created model in JSON format in the "
"standard output."
msgstr ""
#: ../../canaille create group:1 973102f969a0499692c7a2416dd0f469
msgid ""
"Create a new group and display the created model in JSON format in the "
"standard output."
msgstr ""
#: ../../canaille create token:1 4f44ca45c9f8454b950534b228e8ef12
msgid ""
"Create a new token and display the created model in JSON format in the "
"standard output."
msgstr ""
#: ../../canaille create user:1 35ce000da38042699e6154f107a3e814
msgid ""
"Create a new user and display the created model in JSON format in the "
"standard output."
msgstr ""
#: ../../canaille delete authorizationcode:1 4607eae8cf4c40a3a37bef887f2254a1
msgid "Delete a authorizationcode."
msgstr ""
#: ../../canaille delete client:1 01b65f6e61a848c490034606d1d00095
msgid "Delete a client."
msgstr ""
#: ../../canaille delete consent:1 b1dfdb33eba94dc2a71f9172cff74acb
msgid "Delete a consent."
msgstr ""
#: ../../canaille delete group:1 6c79a439e1f54f4f81194cc8d6fc5944
msgid "Delete a group."
msgstr ""
#: ../../canaille delete token:1 1fb9fa8740c442ff82297d480fbba5ca
msgid "Delete a token."
msgstr ""
#: ../../canaille delete user:1 b0298caa666647268cd204cbd1cccd4d
msgid "Delete a user."
msgstr ""
#: ../../canaille reset-otp:1 541bd186f2b6471d823d13677e2477bb
msgid ""
"Reset one-time password authentication for a user and display the edited "
"user in JSON format in the standard output."
msgstr ""
#: ../references/configuration.rst:2 ../tutorial/provisioning.rst:18
#: 6c3d1ad364a84afb9586b1b62e42dedb 07783d84d6c64841b473c97c38f85937
msgid "Configuration"
msgstr ""
#: ../references/configuration.rst:5 fca2326d4bf84702b7d8d0f5d3a65f20
msgid "Load the configuration"
msgstr ""
#: ../references/configuration.rst:7 51e2253170d4489ab9598217182b6f1d
msgid ""
"Canaille can be configured either by a environment variables, environment "
"file, or by a configuration file."
msgstr ""
#: ../references/configuration.rst:10 1560e71d7b2d42aa8ec0accc06131b3d
msgid "Configuration file"
msgstr ""
#: ../references/configuration.rst:14 0fc2b0bc764345caba3f9402376e279a
msgid ""
"The configuration can be written in `toml` configuration file which path is "
"passed in the :envvar:`CONFIG` environment variable."
msgstr ""
#: ../../canaille/app/configuration.py:docstring of
#: canaille.app.configuration.RootSettings:11
#: ../references/configuration.rst:16 ../references/configuration.rst:98
#: ../tutorial/databases.rst:23 ../tutorial/databases.rst:37
#: ../tutorial/databases.rst:138 3626de52eeca4eecbda8f1d47354a80c
#: f59eab2f20b542f1af3ae7e6e4856266 c1e56e5ab5ba40228c68cd9eb470348d
#: 8acf4c15626e4f6897aa81c2e5e8ef42 830059290ddc4cf1b2249c45fc303b98
msgid "config.toml"
msgstr ""
#: ../references/configuration.rst:28 4b63b3891e1c45788780ea1af554d1db
msgid ""
"You can have a look at the :ref:`example file <references/configuration:"
"Example file>` for inspiration."
msgstr ""
#: ../references/configuration.rst:31 8cbac0cd9e3e4bc3ad5fc60d82180568
msgid "Environment variables"
msgstr ""
#: ../references/configuration.rst:33 b909831b5aed44a4b439b37701feabb7
msgid ""
"In addition, parameters that have not been set in the configuration file can "
"be read from environment variables. The way environment variables are parsed "
"can be read from the `pydantic-settings documentation <https://docs.pydantic."
"dev/latest/concepts/pydantic_settings/#parsing-environment-variable-"
"values>`_."
msgstr ""
#: ../references/configuration.rst:38 fd22a354c18f4733b8b1962cfcbe2139
msgid ""
"For environment vars, the separator between sections and variables is a "
"double underscore: ``__``. For instance, the ``NAME`` var in the "
"``CANAILLE`` section shown above is ``CANAILLE__NAME``."
msgstr ""
#: ../references/configuration.rst:42 f12f0cbb606e4627be2fa3b2a895f162
msgid "Environment file"
msgstr ""
#: ../references/configuration.rst:44 434c11ee0d6a4a118f9b8802d407d447
msgid ""
"Any environment variable can also be written in an environment file, which "
"path should be passed in the ``ENV_FILE`` environment variable. For "
"instance, set ``ENV_FILE=.env`` to load a ``.env`` file."
msgstr ""
#: ../references/configuration.rst:47 ../tutorial/theming.rst:45
#: 83d91b20c3204d09b61a4a6de8c84769 457a1eceffa94e44afeb7c6d55ef5ea8
msgid ".env"
msgstr ""
#: ../references/configuration.rst:65 8fc48610072c4e248c494befe2a4c8f6
msgid "Configuration methods priority"
msgstr ""
#: ../references/configuration.rst:67 d3fdde7c8d9841e49e92bcba763e33d8
msgid ""
"If a same configuration option is defined by different ways, here is how "
"Canaille will choose which one to use:"
msgstr ""
#: ../references/configuration.rst:69 b79bfecad485446b85a8866657222448
msgid ""
"environment vars have priority over the environment file and the "
"configuration file;"
msgstr ""
#: ../references/configuration.rst:70 63800f5a14d44e1fa3ed0266e19f5482
msgid "environment file will have priority over the configuration file."
msgstr ""
#: ../references/configuration.rst:73 ../references/templates.rst:0
#: e8e7a0f78d68479a9586036adf25e183 e618c439d01140e89d1dc5192b332e88
#: f4db2269f8ad4c409d39e94fe1dcaa04 68c66fa321bf4fe2a26894cfb9893ef0
#: d7c47aab465445b8bc425f9441587869 52bdc51455ac48d2bdb9d260bdb350cf
#: 0fb7c750d22647d788376d6343f66caf f92c045d1a5a4d00b038fa12d93eff2e
#: 90d78d2e0fdb420ab3c4d75f9909ebca c86ca15b6d43459db4613bed7711b415
#: 025f6511bb9848d4a1434b34d8af8ed5 5bd3a111c63e47598c6a88827ea19ffe
#: d2ba0706e4954be5b7ae534c589f6aca 9e2f1558bdac4c4eb1f753e347f81def
#: eb3ec759399744d3a0b8340459257502 7a6f904d5199479faf1f9475e8f28ec8
#: aa80eea655004e6aa3ed31b683743446 47e7b3bef2d7471b9b71292a43c594f0
#: d477ef4794834bcd88e238de37086828 af7c4339cf534ca499a21f430a2cfddc
#: c537eb4e5a054b4da0cce51226e90ae8 3e425d243a7e46c4ba306bdc43551133
#: 65568f4bca8a4d9f9a4fcdc05b5e446c 833bc5945dc84c89947a25733c1029dc
#: fa1f3f1eebc5442cb616ba17c22aa22d 5093360aed9a4fd0a361bd81f3310e2c
msgid "Parameters"
msgstr ""
#: ../../canaille/app/configuration.py:docstring of
#: canaille.app.configuration.RootSettings:1 ba32908d458e4689a5d90a46b386fdf3
msgid ""
"The top-level namespace contains the configuration settings unrelated to "
"Canaille."
msgstr ""
#: ../../canaille/app/configuration.py:docstring of
#: canaille.app.configuration.RootSettings:4 fffc30ea67ab47d99472750172be2a29
msgid "The configuration parameters from the following libraries can be used:"
msgstr ""
#: ../../canaille/app/configuration.py:docstring of
#: canaille.app.configuration.RootSettings:6 ae9ceb139bfc47f8b383dec852b507c2
msgid ":doc:`Flask <flask:config>`"
msgstr ""
#: ../../canaille/app/configuration.py:docstring of
#: canaille.app.configuration.RootSettings:7 3d01d0dc9cdc47e59420f5b121370277
msgid ":doc:`Flask-WTF <flask-wtf:config>`"
msgstr ""
#: ../../canaille/app/configuration.py:docstring of
#: canaille.app.configuration.RootSettings:8 d573a04c56154eaf857d49c057690bfd
msgid ":doc:`Flask-Babel <flask-babel:index>`"
msgstr ""
#: ../../canaille/app/configuration.py:docstring of
#: canaille.app.configuration.RootSettings:9 552391e3f12c4385abb3e1a2e3929cfa
msgid ":doc:`Authlib <authlib:flask/2/authorization-server>`"
msgstr ""
#: ../../docstring of canaille.app.configuration.RootSettings.DEBUG:1
#: 4309008dba2c4aa79584299f19987ac4
msgid "The Flask :external:py:data:`DEBUG` configuration setting."
msgstr ""
#: ../../docstring of canaille.app.configuration.RootSettings.DEBUG:3
#: f8cb9ba68ed14b818c2fb2bcfbffb16a
msgid "This enables debug options."
msgstr ""
#: ../../docstring of canaille.app.configuration.RootSettings.DEBUG:7
#: 553b378e895a4b74aa242c08cd29450f
msgid ""
"This is useful for development but should be absolutely avoided in "
"production environments."
msgstr ""
#: ../../docstring of
#: canaille.app.configuration.RootSettings.PREFERRED_URL_SCHEME:1
#: cb2cc7437e4a4d3c90895c4148186b25
msgid ""
"The Flask :external:py:data:`PREFERRED_URL_SCHEME` configuration setting."
msgstr ""
#: ../../docstring of
#: canaille.app.configuration.RootSettings.PREFERRED_URL_SCHEME:4
#: 530f78ce6f4842c983c10b38fe4c4b93
msgid "This sets the url scheme by which canaille will be served."
msgstr ""
#: ../../docstring of canaille.app.configuration.RootSettings.SECRET_KEY:1
#: 42e179fea274407eb26dd67e4a6d14a5
msgid "The Flask :external:py:data:`SECRET_KEY` configuration setting."
msgstr ""
#: ../../docstring of canaille.app.configuration.RootSettings.SECRET_KEY:3
#: b16e239dce5c4f199a2fba1707c82d1a
msgid "You MUST change this."
msgstr ""
#: ../../docstring of canaille.app.configuration.RootSettings.SERVER_NAME:1
#: 0f0f60195f334cf597f67857740b2ace
msgid "The Flask :external:py:data:`SERVER_NAME` configuration setting."
msgstr ""
#: ../../docstring of canaille.app.configuration.RootSettings.SERVER_NAME:3
#: 39edb89e79af4a10a154a5c42d51e86e
msgid "This sets domain name on which canaille will be served."
msgstr ""
#: ../../canaille/core/configuration.py:docstring of
#: canaille.core.configuration.CoreSettings:1 d831c1b108eb4e96bb11a6ddc92ed45e
msgid "The settings from the ``CANAILLE`` namespace."
msgstr ""
#: ../../canaille/core/configuration.py:docstring of
#: canaille.core.configuration.CoreSettings:3 a51801e81d914eb3bfe1fa4e649133c1
msgid ""
"Those are all the configuration parameters that controls the behavior of "
"Canaille."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.ACL:1
#: 89de24471b434051a4a84e39bc47aded
msgid ""
"Mapping of permission groups. See :class:`ACLSettings` for more details."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.ACL:3
#: 1f85af06bed64d9da4417c6e6f7e244e
msgid "The ACL name can be freely chosen. For example:"
msgstr ""
#: ../../docstring of
#: canaille.backends.sql.configuration.SQLSettings.DATABASE_URI:4
#: canaille.core.configuration.ACLSettings.PERMISSIONS:6
#: canaille.core.configuration.CoreSettings.ACL:5
#: canaille.core.configuration.CoreSettings.LOGGING:12
#: 56ce67b55d3b4d8eba9a07b4feed2587 d9b0f4816c2644679233ec3b797c2fc4
msgid "..code-block:: toml"
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.ACL:7
#: dc73b62baf4f465598787ebb33191c7b
msgid ""
"[CANAILLE.ACL.DEFAULT] PERMISSIONS = [\"edit_self\", \"use_oidc\"] READ = "
"[\"user_name\", \"groups\"] WRITE = [\"given_name\", \"family_name\"]"
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.ACL:12
#: 56d15bcfdbcc4556a3848702228b970f
msgid "[CANAILLE.ACL.ADMIN] WRITE = [\"user_name\", \"groups\"]"
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.ADMIN_EMAIL:1
#: e07c109febe5434e95b532da3dadf454
msgid "Administration email contact."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.ADMIN_EMAIL:3
#: 7a5e93e36d434fcb96b85beea8f1adc6
msgid ""
"In certain special cases (example : questioning about password corruption), "
"it is necessary to provide an administration contact email."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.EMAIL_CONFIRMATION:1
#: 478effaaf0da47a1a31b996b06b8c650
msgid ""
"If :py:data:`True`, users will need to click on a confirmation link sent by "
"email when they want to add a new email."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.EMAIL_CONFIRMATION:4
#: b82dc4dc6818409eb5fa256462c4ac19
msgid ""
"By default, this is true if ``SMTP`` is configured, else this is false. If "
"explicitly set to true and ``SMTP`` is disabled, the email field will be "
"read-only."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.EMAIL_OTP:1
#: 8e19d8a485fe456191ab16773f84483e
msgid ""
"If :py:data:`True`, then users will need to authenticate themselves via a "
"one-time password sent to their primary email address."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.ENABLE_INTRUDER_LOCKOUT:1
#: 8e19d8a485fe456191ab16773f84483e
msgid ""
"If :py:data:`True`, then users will have to wait for an increasingly long "
"time between each failed login attempt."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.ENABLE_PASSWORD_COMPROMISSION_CHECK:1
#: cb4478169a09415a9f17e3df16239ecd
msgid ""
"If :py:data:`True`, Canaille will check if passwords appears in "
"compromission databases such as `HIBP <https://haveibeenpwned.com>`_ when "
"users choose a new one."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.ENABLE_PASSWORD_RECOVERY:1
#: b70cf94037df4bd1ae8a74acc370b3a5
msgid ""
"If :py:data:`False`, then users cannot ask for a password recovery link by "
"email."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.ENABLE_REGISTRATION:1
#: 6ee78ec59c21456e8761778153d4f700
msgid ""
"If :py:data:`True`, then users can freely create an account at this instance."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.ENABLE_REGISTRATION:4
#: 979b9444b9c04354add2e781bd324752
msgid ""
"If email verification is available, users must confirm their email before "
"the account is created."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.FAVICON:1
#: 8931d55b0c264be0982765f04f83ae38
msgid "You favicon."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.FAVICON:3
#: 7991e0eec12c457dad401f49b34ad835
msgid "If unset and :attr:`LOGO` is set, then the logo will be used."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.HIDE_INVALID_LOGINS:1
#: 8e19d8a485fe456191ab16773f84483e
msgid ""
"If :py:data:`True`, when users try to sign in with an invalid login, a "
"message is shown indicating that the password is wrong, but does not give a "
"clue whether the login exists or not."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.HIDE_INVALID_LOGINS:5
#: dffe6e218f4f48e981ac5a9fa9a21e37
msgid ""
"If :py:data:`False`, when a user tries to sign in with an invalid login, a "
"message is shown indicating that the login does not exist."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.HTMX:1
#: b200882d189b46f3a83f217ff8b59551
msgid "Accelerates webpages loading with asynchronous requests."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.INVITATION_EXPIRATION:1
#: 2dc15bd9ea8a4386b7202dbdbab5de36
msgid "The validity duration of registration invitations, in seconds."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.INVITATION_EXPIRATION:3
#: c6aaae8719c34838aec54b8fea2d5101
msgid "Defaults to 2 days."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.JAVASCRIPT:1
#: 70d5c7fa2dfa4e6695c84f2b4ab547c9
msgid "Enables Javascript to smooth the user experience."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.LANGUAGE:1
#: 1e1cda3ec4c04a4aaeb2069ccc8f376f
msgid "If a language code is set, it will be used for every user."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.LANGUAGE:3
#: 6818acfcf652444db48e1c61878b6bb6
msgid "If unset, the language is guessed according to the users browser."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.LOGGING:1
#: 63800f5a14d44e1fa3ed0266e19f5482
msgid ""
"Configures the logging output using the python logging configuration format:"
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.LOGGING:3
#: 62d20006362a45ca8ff0f0a8fbb82bf4
msgid ""
"If :data:`None`, everything is logged in the standard error output. The log "
"level is :data:`~logging.DEBUG` if the :attr:`~canaille.app.configuration."
"RootSettings.DEBUG` setting is :py:data:`True`, else this is :py:data:"
"`~logging.INFO`."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.LOGGING:6
#: 44c6ded187ab4e44aac024c2cdb85303
msgid ""
"If this is a :class:`dict`, it is passed to :func:`logging.config."
"dictConfig`:"
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.LOGGING:7
#: 6e269ac8b9144e9699a5856c375d7a37
msgid ""
"If this is a :class:`str`, it is expected to be a file path that will be "
"passed to :func:`logging.config.fileConfig`."
msgstr ""
#: ../../docstring of canaille.core.configuration.ACLSettings.PERMISSIONS:4
#: canaille.core.configuration.CoreSettings.LOGGING:10
#: ba8b9d6794e2459492abfa778736328a
msgid "For example:"
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.LOGGING:14
#: 2eedaa2fba4545698dfd11007a2e0c9c
msgid ""
"[CANAILLE.LOGGING] version = 1 formatters.default.format = \"[%(asctime)s] "
"%(levelname)s in %(module)s: %(message)s\" root = {level = \"INFO\", "
"handlers = [\"canaille\"]}"
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.LOGGING:19
#: 4b44c1c288c3433fb0edba70dd9c1343
msgid ""
"[CANAILLE.LOGGING.handlers.canaille] class = \"logging.handlers."
"WatchedFileHandler\" filename = \"/var/log/canaille.log\" formatter = "
"\"default\""
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.LOGO:1
#: 851b93aeb7b54426872a6b4a2ed973b9
msgid ""
"The logo of your organization, this is useful to make your organization "
"recognizable on login screens."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.MAX_PASSWORD_LENGTH:1
#: 88cd67b65c954dc7a261df77d1823cda
msgid "User password maximum length."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.MAX_PASSWORD_LENGTH:3
#: 435e72d3f33642da9016c521a88f15e6
msgid ""
"There is a technical of 4096 characters with the SQL backend. If the value "
"is 0, :data:`None`, or greater than 4096, then 4096 will be retained."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.MIN_PASSWORD_LENGTH:1
#: b15846ed6b2a4ad49bbb19cde177023a
msgid "User password minimum length."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.MIN_PASSWORD_LENGTH:3
#: 820670101aa7436eb014aa61e1c1a7eb
msgid "If 0 or :data:`None`, password won't have a minimum length."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.NAME:1
#: a41944f564f5438fb8572449b5d13995
msgid "Your organization name."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.NAME:3
#: d61df1326c344b45b6d1c7b24e12b207
msgid "Used for display purpose."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.OTP_METHOD:1
#: 622f83bdd580459cad5b3b328fb2de3b
msgid ""
"If OTP_METHOD is defined, then users will need to authenticate themselves "
"using a one-time password (OTP) via an authenticator app. If set to "
"``TOTP``, the application will use time one-time passwords, If set to "
"``HOTP``, the application will use HMAC-based one-time passwords."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.PASSWORD_COMPROMISSION_CHECK_API_URL:1
#: 4501d236ecc142e2ad045599ee19ac19
msgid "Have i been pwned api url for compromission checks."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.PASSWORD_LIFETIME:1
#: 1072c369689f4922997715eb5337795a
msgid "Password validity duration."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.PASSWORD_LIFETIME:3
#: 4262b875a3a148dab5e94595cb2a981f
msgid ""
"If set, user passwords expire after this delay. Users are forced to change "
"their password when the lifetime of the password is over. The duration value "
"is expressed in `ISO8601 format <https://en.wikipedia.org/wiki/"
"ISO_8601#Durations>`_. For example, delay of 60 days is written \"P60D\"."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.SENTRY_DSN:1
#: 0b234cbe21824f31b27a3b3c893fd37b
msgid "A `Sentry <https://sentry.io>`_ DSN to collect the exceptions."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.SENTRY_DSN:3
#: 2eab9799f4c0478aa5479f62e826b170
msgid "This is useful for tracking errors in test and production environments."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.SMPP:1
#: 79d66e38b7d94974a21563fac9a58149
msgid "The settings related to SMPP configuration."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.SMPP:3
#: 41d396512e7d40b28223841b21f8ed09
msgid ""
"If unset, sms-related features like sms one-time passwords won't be enabled."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.SMS_OTP:1
#: 8e19d8a485fe456191ab16773f84483e
msgid ""
"If :py:data:`True`, then users will need to authenticate themselves via a "
"one-time password sent to their primary phone number."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.SMTP:1
#: 79d66e38b7d94974a21563fac9a58149
msgid "The settings related to SMTP and mail configuration."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.SMTP:3
#: 41d396512e7d40b28223841b21f8ed09
msgid ""
"If unset, mail-related features like password recovery won't be enabled."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.THEME:1
#: e327a089ace6495285f29ade69226d1b
msgid "The name of a theme in the 'theme' directory, or a path to a theme."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.THEME:3
#: 641146b41ecc461d9fa7280687a462d9
msgid ""
"Defaults to ``default``. Theming is done with `flask-themer <https://github."
"com/tktech/flask-themer>`_."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.TIMEZONE:1
#: 421c3427b77b4cc4af9619406463c1c2
msgid ""
"The timezone in which datetimes will be displayed to the users (e.g. "
"``CEST``)."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.TIMEZONE:4
#: d8d80524578e4697a5bb9f7e83c7d113
msgid "If unset, the server timezone will be used."
msgstr ""
#: ../../canaille/core/configuration.py:docstring of
#: canaille.core.configuration.SMTPSettings:1 2f0178f9dbe747c695273f89e42da8c2
msgid ""
"The SMTP configuration. Belong in the ``CANAILLE.SMTP`` namespace. If unset, "
"mail related features will be disabled, such as mail verification or "
"password recovery emails."
msgstr ""
#: ../../canaille/core/configuration.py:docstring of
#: canaille.core.configuration.SMTPSettings:5 598e1ca109154455ad98b50d8853891d
msgid ""
"By default, Canaille will try to send mails from localhost without "
"authentication."
msgstr ""
#: ../../docstring of canaille.core.configuration.SMTPSettings.FROM_ADDR:1
#: 8ab9425f8a6b42dc9097b69e3eaa334a
msgid "The sender for Canaille mails."
msgstr ""
#: ../../docstring of canaille.core.configuration.SMTPSettings.FROM_ADDR:3
#: f8f5f1377e5147d4baf9782ff95b4aa3
msgid "Some mail provider might require a valid sender address."
msgstr ""
#: ../../docstring of canaille.core.configuration.SMTPSettings.HOST:1
#: 9059b29ae44849efb180f3b2da128c19
msgid "The SMTP host."
msgstr ""
#: ../../docstring of canaille.core.configuration.SMTPSettings.LOGIN:1
#: 0bf8168dc84545cb810a8f25bbb4abf7
msgid "The SMTP login."
msgstr ""
#: ../../docstring of canaille.core.configuration.SMTPSettings.PASSWORD:1
#: ec1b4f81894e45f5abcae80dfaee87a9
msgid "The SMTP password."
msgstr ""
#: ../../docstring of canaille.core.configuration.SMTPSettings.PORT:1
#: 514104bb8bcc4331b1e7fff12e550ba3
msgid "The SMTP port."
msgstr ""
#: ../../docstring of canaille.core.configuration.SMTPSettings.SSL:1
#: f4e65d7811cb43d5b7d86ec07af2576d
msgid "Whether to use SSL to connect to the SMTP server."
msgstr ""
#: ../../docstring of canaille.core.configuration.SMTPSettings.TLS:1
#: bd8dac0e38f14b6583d024fca1768b7d
msgid "Whether to use TLS to connect to the SMTP server."
msgstr ""
#: ../../canaille/core/configuration.py:docstring of
#: canaille.core.configuration.SMPPSettings:1 2f0178f9dbe747c695273f89e42da8c2
msgid ""
"The SMPP configuration. Belong in the ``CANAILLE.SMPP`` namespace. If not "
"set, sms related features such as sms one-time passwords will be disabled."
msgstr ""
#: ../../docstring of canaille.core.configuration.SMPPSettings.HOST:1
#: 9059b29ae44849efb180f3b2da128c19
msgid "The SMPP host."
msgstr ""
#: ../../docstring of canaille.core.configuration.SMPPSettings.LOGIN:1
#: 0bf8168dc84545cb810a8f25bbb4abf7
msgid "The SMPP login."
msgstr ""
#: ../../docstring of canaille.core.configuration.SMPPSettings.PASSWORD:1
#: ec1b4f81894e45f5abcae80dfaee87a9
msgid "The SMPP password."
msgstr ""
#: ../../docstring of canaille.core.configuration.SMPPSettings.PORT:1
#: 1c6040260eac4930a107d3f612c6ef6e
msgid "The SMPP port. Use 8775 for SMPP over TLS (recommended)."
msgstr ""
#: ../../canaille/core/configuration.py:docstring of
#: canaille.core.configuration.ACLSettings:1 45f3089188214078ab06f2b1cff3b0e0
msgid "Access Control List settings. Belong in the ``CANAILLE.ACL`` namespace."
msgstr ""
#: ../../canaille/core/configuration.py:docstring of
#: canaille.core.configuration.ACLSettings:3 733df203b313404eb417f40ed8708a2e
msgid ""
"You can define access controls that define what users can do on canaille. An "
"access control consists in a :attr:`FILTER` to match users, a list of :attr:"
"`PERMISSIONS` matched users will be able to perform, and fields users will "
"be able to :attr:`READ` and :attr:`WRITE`. Users matching several filters "
"will cumulate permissions."
msgstr ""
#: ../../docstring of canaille.core.configuration.ACLSettings.FILTER:1
#: a14933a4c7244138bb59a43c9d288955
msgid ":attr:`FILTER` can be:"
msgstr ""
#: ../../docstring of canaille.core.configuration.ACLSettings.FILTER:3
#: d0f71dfab2ec47fca2184767e58eec59
msgid ""
":py:data:`None`, in which case all the users will match this access control"
msgstr ""
#: ../../docstring of canaille.core.configuration.ACLSettings.FILTER:4
#: e33849bb0c954228951cb18c56a9e70d
msgid ""
"a mapping where keys are user attributes name and the values those user "
"attribute values. All the values must be matched for the user to be part of "
"the access control."
msgstr ""
#: ../../docstring of canaille.core.configuration.ACLSettings.FILTER:7
#: 2ed07fdd7da94cfd90167b2d1f4cb4eb
msgid ""
"a list of those mappings. If a user values match at least one mapping, then "
"the user will be part of the access control"
msgstr ""
#: ../../docstring of canaille.core.configuration.ACLSettings.FILTER:10
#: 657a11f5921947b88bfc47cf8affbe00
msgid "Here are some examples::"
msgstr ""
#: ../../docstring of canaille.core.configuration.ACLSettings.PERMISSIONS:1
#: df95253032c647229909e34386b1e5cc
msgid ""
"A list of :class:`Permission` users in the access control will be able to "
"manage."
msgstr ""
#: ../../docstring of canaille.core.configuration.ACLSettings.PERMISSIONS:8
#: 700fa74aeea44e9aa6dd204df7870e90
msgid ""
"PERMISSIONS = [\"manage_users\", \"manage_groups\", \"manage_oidc\", "
"\"delete_account\", \"impersonate_users\"]"
msgstr ""
#: ../../docstring of canaille.core.configuration.ACLSettings.READ:1
#: ab801708874c4b1bb937f62969614340
msgid ""
"A list of :class:`~canaille.core.models.User` attributes that users in the "
"ACL will be able to read."
msgstr ""
#: ../../docstring of canaille.core.configuration.ACLSettings.WRITE:1
#: 384d296240314638a1f1b6b7719c6bb6
msgid ""
"A list of :class:`~canaille.core.models.User` attributes that users in the "
"ACL will be able to edit."
msgstr ""
#: ../../canaille/core/configuration.py:docstring of
#: canaille.core.configuration.Permission:1 f9eec27878c64e608b2783b5e89172ed
msgid "The permissions that can be assigned to users."
msgstr ""
#: ../../canaille/core/configuration.py:docstring of
#: canaille.core.configuration.Permission:3 217cf0cc0b9b4a48a26abeaad488c131
msgid ""
"The permissions are intended to be used in :attr:`ACLSettings <canaille.core."
"configuration.ACLSettings.PERMISSIONS>`."
msgstr ""
#: ../../docstring of canaille.core.configuration.Permission.DELETE_ACCOUNT:1
#: 370dec6e2b8049d0b7353b085340b102
msgid "Allows users to delete their account."
msgstr ""
#: ../../docstring of canaille.core.configuration.Permission.DELETE_ACCOUNT:3
#: f7be239942c94727a948d27c6c93408e
msgid ""
"If used with :attr:`~canaille.core.configuration.Permission.MANAGE_USERS`, "
"users can delete any account."
msgstr ""
#: ../../docstring of canaille.core.configuration.Permission.EDIT_SELF:1
#: 1f716bb0d0ec481ab5dff0a02f5c9e37
msgid "Allows users to edit their own profile."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.Permission.IMPERSONATE_USERS:1
#: c9018bb9aceb40bc9536cc03320c5bad
msgid "Allows users to take the identity of another user."
msgstr ""
#: ../../docstring of canaille.core.configuration.Permission.MANAGE_GROUPS:1
#: 1072c369689f4922997715eb5337795a
msgid "Allows group edition and creation."
msgstr ""
#: ../../docstring of canaille.core.configuration.Permission.MANAGE_OIDC:1
#: 014b4028381e4f4d8dcc8dc8a5e3a26f
msgid "Allows OpenID Connect client managements."
msgstr ""
#: ../../docstring of canaille.core.configuration.Permission.MANAGE_USERS:1
#: ff39df8edc7143c7b23d22bb773b5198
msgid "Allows other users management."
msgstr ""
#: ../../docstring of canaille.core.configuration.Permission.USE_OIDC:1
#: c7e27c4618a9460e8373c17f558f8d1e
msgid "Allows OpenID Connect authentication."
msgstr ""
#: ../../canaille/oidc/configuration.py:docstring of
#: canaille.oidc.configuration.OIDCSettings:1 e2e226bd197b4d6f87291ee45a3004ef
msgid "OpenID Connect settings."
msgstr ""
#: ../../canaille/oidc/configuration.py:docstring of
#: canaille.oidc.configuration.OIDCSettings:3 db9af81a48ac4b1a914370a2e47bf4e0
msgid "Belong in the ``CANAILLE_OIDC`` namespace."
msgstr ""
#: ../../docstring of
#: canaille.oidc.configuration.OIDCSettings.DYNAMIC_CLIENT_REGISTRATION_OPEN:1
#: 092f0d4259994eb8b834b256a8f72453
msgid ""
"Whether a token is needed for the RFC7591 dynamical client registration."
msgstr ""
#: ../../docstring of
#: canaille.oidc.configuration.OIDCSettings.DYNAMIC_CLIENT_REGISTRATION_OPEN:3
#: 506f1fcd0f424df4bdafd9a69307f645
msgid ""
"If :py:data:`True`, no token is needed to register a client. If :py:data:"
"`False`, dynamical client registration needs a token defined in :attr:"
"`DYNAMIC_CLIENT_REGISTRATION_TOKENS`."
msgstr ""
#: ../../docstring of
#: canaille.oidc.configuration.OIDCSettings.DYNAMIC_CLIENT_REGISTRATION_TOKENS:1
#: 30861c9a3a294daf8105dd5ac9007282
msgid "A list of tokens that can be used for dynamic client registration."
msgstr ""
#: ../../docstring of canaille.oidc.configuration.OIDCSettings.JWT:1
#: 04e054bb3d094e4ea8f23ab6fdec9bf6
msgid "JSON Web Token settings."
msgstr ""
#: ../../docstring of canaille.oidc.configuration.OIDCSettings.REQUIRE_NONCE:1
#: 95b1ee4fd0da4ec2b30beb3e25944cd9
msgid "Force the nonce exchange during the authentication flows."
msgstr ""
#: ../../docstring of canaille.oidc.configuration.OIDCSettings.REQUIRE_NONCE:3
#: de680082bc4546a6883ff4826df0067b
msgid "This adds security but may not be supported by all clients."
msgstr ""
#: ../../canaille/oidc/configuration.py:docstring of
#: canaille.oidc.configuration.JWTSettings:1 750fbe7d77954d87855e68d3199c81e7
msgid "JSON Web Token settings. Belong in the ``CANAILLE_OIDC.JWT`` namespace."
msgstr ""
#: ../../canaille/oidc/configuration.py:docstring of
#: canaille.oidc.configuration.JWTSettings:3 03945dc4192c4f7abefbcd2b5c7c2bd9
msgid "You can generate a RSA keypair with::"
msgstr ""
#: ../../docstring of canaille.oidc.configuration.JWTSettings.ALG:1
#: d65a4aaf4cb64130ac59c97cddcffb0b
msgid "The key algorithm."
msgstr ""
#: ../../docstring of canaille.oidc.configuration.JWTSettings.EXP:1
#: c0c460480db94b1a9ebceea06528d426
msgid "The time the JWT will be valid, in seconds."
msgstr ""
#: ../../docstring of canaille.oidc.configuration.JWTSettings.ISS:1
#: 6501426215db4b27b7b5d217954ca6be
msgid "The URI of the identity provider."
msgstr ""
#: ../../docstring of canaille.oidc.configuration.JWTSettings.KTY:1
#: 3e338458e42e405fb025bfcfc53688f4
msgid "The key type."
msgstr ""
#: ../../docstring of canaille.oidc.configuration.JWTSettings.PRIVATE_KEY:1
#: 27a15f235d63447884175edd85e55cf4
msgid "The private key."
msgstr ""
#: ../../docstring of canaille.oidc.configuration.JWTSettings.PRIVATE_KEY:3
#: canaille.oidc.configuration.JWTSettings.PUBLIC_KEY:3
#: 29d2c1b105e74d46b80db01b78954711
msgid ""
"If :py:data:`None` and debug mode is enabled, then an in-memory key will be "
"used."
msgstr ""
#: ../../docstring of canaille.oidc.configuration.JWTSettings.PUBLIC_KEY:1
#: e88605c89e4b47989186fd27e5aff172
msgid "The public key."
msgstr ""
#: ../../canaille/oidc/configuration.py:docstring of
#: canaille.oidc.configuration.JWTMappingSettings:1
#: 235687b99f2c408aaf1c063061975f77
msgid "Mapping between the user model and the JWT fields."
msgstr ""
#: ../../canaille/oidc/configuration.py:docstring of
#: canaille.oidc.configuration.JWTMappingSettings:3
#: ebe87d5efdaa458b97451b5ab4fdeb3d
msgid "Fields are evaluated with jinja. A ``user`` var is available."
msgstr ""
#: ../../canaille/scim/configuration.py:docstring of
#: canaille.scim.configuration.SCIMSettings:1 e2e226bd197b4d6f87291ee45a3004ef
msgid "SCIM settings."
msgstr ""
#: ../../canaille/backends/sql/configuration.py:docstring of
#: canaille.backends.sql.configuration.SQLSettings:1
#: b7ccdac0ebd14f47be2d77ea52bd75d7
msgid "Settings related to the SQL backend."
msgstr ""
#: ../../canaille/backends/sql/configuration.py:docstring of
#: canaille.backends.sql.configuration.SQLSettings:3
#: 07e03b184cb54e0a92ca3a33033da5cd
msgid "Belong in the ``CANAILLE_SQL`` namespace."
msgstr ""
#: ../../docstring of
#: canaille.backends.sql.configuration.SQLSettings.DATABASE_URI:1
#: 4d1ff118c1a44a50a962e527d1a8e2a2
msgid "The SQL server URI. For example:"
msgstr ""
#: ../../docstring of
#: canaille.backends.sql.configuration.SQLSettings.DATABASE_URI:6
#: 4bb9ca2e412a461caacf1a146582247f
msgid "DATABASE_URI = \"postgresql://user:password@localhost/database_name\""
msgstr ""
#: ../../docstring of
#: canaille.backends.sql.configuration.SQLSettings.PASSWORD_SCHEMES:1
#: b1827fc993454e8fbfbe2868c28e751c
msgid "Password hashing scheme."
msgstr ""
#: ../../docstring of
#: canaille.backends.sql.configuration.SQLSettings.PASSWORD_SCHEMES:3
#: 2e0dbdbc64944ec7948324890d02b255
msgid ""
"Defines password hashing scheme in SQL database. examples : \"mssql2000\", "
"\"ldap_salted_sha1\", \"pbkdf2_sha512\""
msgstr ""
#: ../../canaille/backends/ldap/configuration.py:docstring of
#: canaille.backends.ldap.configuration.LDAPSettings:1
#: e656ae1d120e45109618f653d29d845e
msgid "Settings related to the LDAP backend."
msgstr ""
#: ../../canaille/backends/ldap/configuration.py:docstring of
#: canaille.backends.ldap.configuration.LDAPSettings:3
#: 9877879932a3406b87f9893f4a6bf8f3
msgid "Belong in the ``CANAILLE_LDAP`` namespace."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.BIND_DN:1
#: 96d852cc067c459cabfcc201a7271cf0
msgid "The LDAP bind DN."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.BIND_PW:1
#: 084f3814a8604375aed794d649845045
msgid "The LDAP bind password."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.GROUP_BASE:1
#: 8f56c7d2bfb348afbcc36de24398dfac
msgid "The LDAP node under which groups will be looked for and saved."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.GROUP_BASE:3
#: 58cf9c9e87464b709e4e8508577fbd63
msgid "For instance `\"ou=groups,dc=mydomain,dc=tld\"`."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.GROUP_CLASS:1
#: 3b6a2121763e4302aa1780cb6d51d9d6
msgid "The object class to use for creating new groups."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.GROUP_NAME_ATTRIBUTE:1
#: 10d8bb8232bf4b30b6c631847ea70b2b
msgid "The attribute to use to identify a group."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.GROUP_RDN:1
#: 688132cb0d4e4f27973a02406d50edaa
msgid "The attribute to identify an object in the Group DN."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.ROOT_DN:1
#: 4428b1de4b664a55b077caa3969d6769
msgid "The LDAP root DN."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.TIMEOUT:1
#: 5a175d6a66e445458ee6bc473d614a45
msgid "The LDAP connection timeout."
msgstr ""
#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.URI:1
#: 3172b80b5b86434699f226a3b713c52f
msgid "The LDAP server URI."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.USER_BASE:1
#: 0e03c3262f504b79b84847041ee442e5
msgid "The LDAP node under which users will be looked for and saved."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.USER_BASE:3
#: e1d16301542b40929d9e65c9a949b303
msgid "For instance `ou=users,dc=mydomain,dc=tld`."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.USER_CLASS:1
#: 92a1f8f8665848c9aaf4d5f9f1f3b6b7
msgid "The object class to use for creating new users."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.USER_FILTER:1
#: 228fcd64b4704fa0b4ea52ab85f48f08
msgid "Filter to match users on sign in."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.USER_FILTER:3
#: f61c66f7c0e94e67ae5a4ce5de0dc548
msgid ""
"For instance ``(|(uid={{ login }})(mail={{ login }}))``. Jinja syntax is "
"supported and a ``login`` variable is available, containing the value passed "
"in the login field."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.USER_RDN:1
#: d49e7765b3d6440d9fdcb0ecb18c06c1
msgid "The attribute to identify an object in the User DN."
msgstr ""
#: ../references/configuration.rst:94 c4674c5a1b434e81944983c7ec2fb0f1
msgid "Example file"
msgstr ""
#: ../references/configuration.rst:96 87c3dcb2ef5a4f649ec0fa9005449a79
msgid "Here is a configuration file example:"
msgstr ""
#: ../references/index.rst:2 51ac90bb647f41b69879253e3e7c475e
msgid "References"
msgstr ""
#: ../references/models.rst:2 bf9a972313e94c6aa0e72470dfc9677c
msgid "Data models"
msgstr ""
#: ../references/models.rst:4 620f9112555349eba4cc5daecdb72217
msgid ""
"This reference details the data models used by Canaille. This is mostly "
"useful for developers."
msgstr ""
#: ../../canaille/app/features.py:docstring of canaille.app.features.Features:1
#: ../../canaille/backends/models.py:docstring
#: canaille.backends.models.BackendModel:1 canaille.backends.models.Model:1
#: b407db3f81d14e789f9f7f2e2bec7613 b29fcc3a6bdc4ee582d1e14851e430b7
#: 3ac32584e20443aaae7659c3e894cb06
msgid "Bases: :py:class:`object`"
msgstr ""
#: ../../canaille/backends/models.py:docstring of
#: canaille.backends.models.BackendModel:1 664ca63468e648ddb0b2f2f957139ae9
msgid "The backend model abstract class."
msgstr ""
#: ../../canaille/backends/models.py:docstring of
#: canaille.backends.models.BackendModel:3 e16c978524f44a57affe6f2e15fdb5e2
msgid ""
"It details all the methods and attributes that are expected to be "
"implemented for every model and for every backend."
msgstr ""
#: ../../canaille/backends/models.py:docstring of
#: canaille.backends.models.Model:1 9f46b7e1801e4a57a346c598161cbdac
msgid "The model abstract class."
msgstr ""
#: ../../canaille/backends/models.py:docstring of
#: canaille.backends.models.Model:3 f4dad754b1d7448f842620b4f7b6069b
msgid "It details all the common attributes shared by every models."
msgstr ""
#: ../../docstring of canaille.backends.models.Model.created:1
#: 8685782e932b476a8b6f80256ebca659
msgid ""
"The :class:`~datetime.datetime` that the resource was added to the service "
"provider."
msgstr ""
#: ../../docstring of canaille.backends.models.Model.id:1
#: 112d9fd0a032418682875fe5f5685fc8
msgid ""
"A unique identifier for a SCIM resource as defined by the service provider. "
"Id will be :data:`None` until the ``Backend.save`` method is called."
msgstr ""
#: ../../docstring of canaille.backends.models.Model.id:5
#: fe3e4be3b44b43ebbbd11fe81fdc2613
msgid ""
"Each representation of the resource MUST include a non-empty \"id\" value. "
"This identifier MUST be unique across the SCIM service provider's entire set "
"of resources. It MUST be a stable, non- reassignable identifier that does "
"not change when the same resource is returned in subsequent requests. The "
"value of the \"id\" attribute is always issued by the service provider and "
"MUST NOT be specified by the client. The string \"bulkId\" is a reserved "
"keyword and MUST NOT be used within any unique identifier value. The "
"attribute characteristics are \"caseExact\" as \"true\", a mutability of "
"\"readOnly\", and a \"returned\" characteristic of \"always\". See Section "
"9 for additional considerations regarding privacy."
msgstr ""
#: ../../canaille/backends/models.py:docstring of
#: canaille.backends.models.Model.identifier:1 4f16f8a2628746e0bbb013e0ebdd53de
msgid ""
"Returns a unique value that will be used to identify the model instance."
msgstr ""
#: ../../canaille/backends/models.py:docstring of
#: canaille.backends.models.Model.identifier:4 570af0c54d8a4b9ca5e1180a154578c6
msgid ""
"This value will be used in URLs in canaille, so it should be unique and "
"short."
msgstr ""
#: ../../docstring of canaille.backends.models.Model.last_modified:1
#: a64d636f5ae843698bae18cbc27adae5
msgid ""
"The most recent :class:`~datetime.datetime` that the details of this "
"resource were updated at the service provider."
msgstr ""
#: ../../docstring of canaille.backends.models.Model.last_modified:4
#: 1478742051c64d3c8e8cb44b101c2337
msgid ""
"If this resource has never been modified since its initial creation, the "
"value MUST be the same as the value of :attr:`~canaille.backends.models."
"Model.created`."
msgstr ""
#: ../../canaille/core/models.py:docstring of canaille.core.models.Group:1
#: canaille.core.models.User:1 ../../canaille/oidc/basemodels.py:docstring
#: canaille.oidc.basemodels.AuthorizationCode:1
#: canaille.oidc.basemodels.Client:1 canaille.oidc.basemodels.Consent:1
#: canaille.oidc.basemodels.Token:1 31058fb082044629ab68e330524f37d4
#: 963c873782434df6bc7a6314e406858e ec3b5ed7c8e94f728377c74990bc94e6
msgid "Bases: :py:class:`~canaille.backends.models.Model`"
msgstr ""
#: ../../canaille/core/models.py:docstring of canaille.core.models.Group:1
#: d8d4759602c44e048e0d4f053dc5c895
msgid ""
"User model, based on the `SCIM Group schema <https://datatracker.ietf.org/"
"doc/html/rfc7643#section-4.2>`_."
msgstr ""
#: ../../docstring of canaille.core.models.Group.display_name:1
#: f557ae62a380458ca1e212165ff7ebd2
msgid "A human-readable name for the Group."
msgstr ""
#: ../../docstring of canaille.core.models.Group.display_name:3
#: canaille.oidc.basemodels.Client.client_id:1 3a782effac4c44f2b4084280c168f909
#: 038998149ec146249f6cd7993b6ea7c2
msgid "REQUIRED."
msgstr ""
#: ../../docstring of canaille.core.models.Group.members:1
#: 83c94299de834bb7899fc5d919567ddf
msgid "A list of members of the Group."
msgstr ""
#: ../../docstring of canaille.core.models.Group.members:3
#: f8395458983d4efd966c1f2bd3e771dc
msgid ""
"While values MAY be added or removed, sub-attributes of members are "
"\"immutable\". The \"value\" sub-attribute contains the value of an \"id\" "
"attribute of a SCIM resource, and the \"$ref\" sub-attribute must be the URI "
"of a SCIM resource such as a \"User\", or a \"Group\". The intention of the "
"\"Group\" type is to allow the service provider to support nested groups. "
"Service providers MAY require clients to provide a non-empty value by "
"setting the \"required\" attribute characteristic of a sub-attribute of the "
"\"members\" attribute in the \"Group\" resource schema."
msgstr ""
#: ../../canaille/core/models.py:docstring of canaille.core.models.User:1
#: 3de74c338e4e45d4ada0909e1d6a2c1d
msgid ""
"User model, based on the `SCIM User schema <https://datatracker.ietf.org/doc/"
"html/rfc7643#section-4.1>`_, `Entreprise User Schema Extension <https://"
"datatracker.ietf.org/doc/html/rfc7643#section-4.3>`_ and `SCIM Password "
"Management Extension <https://datatracker.ietf.org/doc/html/draft-hunt-scim-"
"password-mgmt-00.html>`_ draft. Attribute description is based on SCIM and "
"put there for information purpose. The description may not fit the current "
"implementation in Canaille."
msgstr ""
#: ../../canaille/core/models.py:docstring of canaille.core.models.User.can:1
#: dd44c29c7f88458e923a6bdc89ff4bd8
msgid ""
"Whether or not the user has the :class:`~canaille.core.configuration."
"Permission` according to the :class:`configuration <canaille.core."
"configuration.ACLSettings>`."
msgstr ""
#: ../../docstring of canaille.core.models.User.department:1
#: d09b761f1c3d4bcda3c7c5841cb86768
msgid "Identifies the name of a department."
msgstr ""
#: ../../docstring of canaille.core.models.User.display_name:1
#: 7a92e34396f14701a901c6342ba43372
msgid "The name of the user, suitable for display to end-users."
msgstr ""
#: ../../docstring of canaille.core.models.User.display_name:3
#: e89fec83b2eb42deaac70264489240e3
msgid ""
"Each user returned MAY include a non-empty displayName value. The name "
"SHOULD be the full name of the User being described, if known (e.g., \"Babs "
"Jensen\" or \"Ms. Barbara J Jensen, III\") but MAY be a username or handle, "
"if that is all that is available (e.g., \"bjensen\"). The value provided "
"SHOULD be the primary textual label by which this User is normally displayed "
"by the service provider when presenting it to end-users."
msgstr ""
#: ../../docstring of canaille.core.models.User.emails:1
#: 5383ce6b712040c4a0bba18c1bbef93d
msgid "Email addresses for the User."
msgstr ""
#: ../../docstring of canaille.core.models.User.emails:3
#: dcbfe09f878141a4bd5a20b9e2d9b6da
msgid ""
"The value SHOULD be specified according to [RFC5321]. Service providers "
"SHOULD canonicalize the value according to [RFC5321], e.g., "
"\"bjensen@example.com\" instead of \"bjensen@EXAMPLE.COM\". The \"display\" "
"sub-attribute MAY be used to return the canonicalized representation of the "
"email value. The \"type\" sub-attribute is used to provide a classification "
"meaningful to the (human) user. The user interface should encourage the use "
"of basic values of \"work\", \"home\", and \"other\" and MAY allow "
"additional type values to be used at the discretion of SCIM clients."
msgstr ""
#: ../../docstring of canaille.core.models.User.employee_number:1
#: 6cc0c003bd234628a0bc0a0c27cccaee
msgid ""
"A string identifier, typically numeric or alphanumeric, assigned to a "
"person, typically based on order of hire or association with an organization."
msgstr ""
#: ../../docstring of canaille.core.models.User.family_name:1
#: db1cbc1b88a44555ac36431d951ed1bc
msgid ""
"The family name of the User, or last name in most Western languages (e.g., "
"\"Jensen\" given the full name \"Ms. Barbara Jane Jensen, III\")."
msgstr ""
#: ../../docstring of canaille.core.models.User.formatted_address:1
#: 19bb2c52eb2747a8bae2df988b0f3226
msgid ""
"The full mailing address, formatted for display or use with a mailing label."
msgstr ""
#: ../../docstring of canaille.core.models.User.formatted_address:4
#: aaf2f2de713c468a8388bd976795c621
msgid "This attribute MAY contain newlines."
msgstr ""
#: ../../docstring of canaille.core.models.User.formatted_name:1
#: 6e02928b97a944b5929f0002f9c7b70c
msgid ""
"The full name, including all middle names, titles, and suffixes as "
"appropriate, formatted for display (e.g., \"Ms. Barbara Jane Jensen, III\")."
msgstr ""
#: ../../docstring of canaille.core.models.User.given_name:1
#: 0adf168d41024021aca8fcbf22e2b575
msgid ""
"The given name of the User, or first name in most Western languages (e.g., "
"\"Barbara\" given the full name \"Ms. Barbara Jane Jensen, III\")."
msgstr ""
#: ../../docstring of canaille.core.models.User.groups:1
#: ef755a48c32047c187a2405190a88b07
msgid ""
"A list of groups to which the user belongs, either through direct "
"membership, through nested groups, or dynamically calculated."
msgstr ""
#: ../../docstring of canaille.core.models.User.groups:4
#: 0d7136476f7649ddad322de96971e938
msgid ""
"The values are meant to enable expression of common group-based or role-"
"based access control models, although no explicit authorization model is "
"defined. It is intended that the semantics of group membership and any "
"behavior or authorization granted as a result of membership are defined by "
"the service provider. The canonical types \"direct\" and \"indirect\" are "
"defined to describe how the group membership was derived. Direct group "
"membership indicates that the user is directly associated with the group and "
"SHOULD indicate that clients may modify membership through the \"Group\" "
"resource. Indirect membership indicates that user membership is transitive "
"or dynamic and implies that clients cannot modify indirect group membership "
"through the \"Group\" resource but MAY modify direct group membership "
"through the \"Group\" resource, which may influence indirect memberships. "
"If the SCIM service provider exposes a \"Group\" resource, the \"value\" sub-"
"attribute MUST be the \"id\", and the \"$ref\" sub-attribute must be the URI "
"of the corresponding \"Group\" resources to which the user belongs. Since "
"this attribute has a mutability of \"readOnly\", group membership changes "
"MUST be applied via the \"Group\" Resource (Section 4.2). This attribute "
"has a mutability of \"readOnly\"."
msgstr ""
#: ../../canaille/core/models.py:docstring of
#: canaille.core.models.User.has_password:1 034f9fa73a5d455382726ac4b448c136
msgid "Check whether a password has been set for the user."
msgstr ""
#: ../../docstring of canaille.core.models.User.hotp_counter:1
#: 05380b82ddda46bfa9678288cebf85a7
msgid ""
"HMAC-based One Time Password counter, used for multi-factor authentication."
msgstr ""
#: ../../docstring of canaille.core.models.User.last_otp_login:1
#: bdfeb17b4cc24311b1945121f22d4e61
msgid ""
"A DateTime indicating when the user last logged in with a one-time password. "
"This attribute is currently used to check whether the user has activated one-"
"time password authentication or not."
msgstr ""
#: ../../docstring of canaille.core.models.User.locality:1
#: 3d50110e459f4ba3b06af609c8f2bef8
msgid "The city or locality component."
msgstr ""
#: ../../docstring of canaille.core.models.User.lock_date:1
#: bc9386fb2f7c41cc82308c45d919feb9
msgid "A DateTime indicating when the resource was locked."
msgstr ""
#: ../../canaille/core/models.py:docstring of
#: canaille.core.models.User.locked:1 8f227ede6e584fda946d50e86049afcb
msgid "Whether the user account has been locked or has expired."
msgstr ""
#: ../../docstring of canaille.core.models.User.one_time_password:1
#: 4f6ac05bac3845ea8325c2b34e8c0824
msgid "One time password used for email or sms multi-factor authentication."
msgstr ""
#: ../../docstring of
#: canaille.core.models.User.one_time_password_emission_date:1
#: cc1503678fc046f9bb759040e7e561e1
msgid ""
"A DateTime indicating when the user last emitted an email or sms one-time "
"password."
msgstr ""
#: ../../docstring of canaille.core.models.User.organization:1
#: 39b14adbf8ad42b39c2cdd9fb0fcf96c
msgid "Identifies the name of an organization."
msgstr ""
#: ../../docstring of canaille.core.models.User.password:1
#: a4ec9a6f72834b47b82db401e1ebed2f
msgid ""
"This attribute is intended to be used as a means to set, replace, or compare "
"(i.e., filter for equality) a password. The cleartext value or the hashed "
"value of a password SHALL NOT be returnable by a service provider. If a "
"service provider holds the value locally, the value SHOULD be hashed. When "
"a password is set or changed by the client, the cleartext password SHOULD be "
"processed by the service provider as follows:"
msgstr ""
#: ../../docstring of canaille.core.models.User.password:9
#: 4a4c0608f0ac4739bbb358ebfffbc94c
msgid ""
"Prepare the cleartext value for international language comparison. See "
"Section 7.8 of [RFC7644]."
msgstr ""
#: ../../docstring of canaille.core.models.User.password:12
#: 770cfb12f1c943188e281ef2e527ccb2
msgid ""
"Validate the value against server password policy. Note: The definition and "
"enforcement of password policy are beyond the scope of this document."
msgstr ""
#: ../../docstring of canaille.core.models.User.password:16
#: 736bf805f27d4dfb8c1292b5afaca0be
msgid ""
"Ensure that the value is encrypted (e.g., hashed). See Section 9.2 for "
"acceptable hashing and encryption handling when storing or persisting for "
"provisioning workflow reasons."
msgstr ""
#: ../../docstring of canaille.core.models.User.password:20
#: 605f5a91894e42ee9d14686ae2f346cd
msgid ""
"A service provider that immediately passes the cleartext value on to another "
"system or programming interface MUST pass the value directly over a secured "
"connection (e.g., Transport Layer Security (TLS)). If the value needs to be "
"temporarily persisted for a period of time (e.g., because of a workflow) "
"before provisioning, then the value MUST be protected by some method, such "
"as encryption."
msgstr ""
#: ../../docstring of canaille.core.models.User.password:28
#: 198ed93545fe467ea461cef9a184362c
msgid ""
"Testing for an equality match MAY be supported if there is an existing "
"stored hashed value. When testing for equality, the service provider:"
msgstr ""
#: ../../docstring of canaille.core.models.User.password:32
#: becd82e6d299471d94ab4906ce105218
msgid ""
"Prepares the filter value for international language comparison. See "
"Section 7.8 of [RFC7644]."
msgstr ""
#: ../../docstring of canaille.core.models.User.password:35
#: ca91b3fdd3ae434dbb47d55b73ccbcb2
msgid ""
"Generates the salted hash of the filter value and tests for a match with the "
"locally held value."
msgstr ""
#: ../../docstring of canaille.core.models.User.password:38
#: 0c4d62a31f2d442981432c2f841abdac
msgid ""
"The mutability of the password attribute is \"writeOnly\", indicating that "
"the value MUST NOT be returned by a service provider in any form (the "
"attribute characteristic \"returned\" is \"never\")."
msgstr ""
#: ../../docstring of canaille.core.models.User.password_failure_timestamps:1
#: af54ab55d44c469d886fbacc828582d6
msgid ""
"This attribute stores the timestamps of the user's failed authentications."
msgstr ""
#: ../../docstring of canaille.core.models.User.password_failure_timestamps:4
#: 785dc2a557f5471fb7e5cdebbaf84443
msgid "It's currently used by the intruder lockout delay system."
msgstr ""
#: ../../docstring of canaille.core.models.User.password_last_update:1
#: f1bb412648244da18357a6e88d57836b
msgid ""
"Specifies the last time the user password was changed. By default, the date "
"of creation of the password is retained."
msgstr ""
#: ../../docstring of canaille.core.models.User.phone_numbers:1
#: 636757499c76498ca8a1cbad6ea4fbb7
msgid "Phone numbers for the user."
msgstr ""
#: ../../docstring of canaille.core.models.User.phone_numbers:3
#: dabf654512714fda965fded70f74aeac
msgid ""
"The value SHOULD be specified according to the format defined in [RFC3966], "
"e.g., 'tel:+1-201-555-0123'. Service providers SHOULD canonicalize the "
"value according to [RFC3966] format, when appropriate. The \"display\" sub-"
"attribute MAY be used to return the canonicalized representation of the "
"phone number value. The sub- attribute \"type\" often has typical values of "
"\"work\", \"home\", \"mobile\", \"fax\", \"pager\", and \"other\" and MAY "
"allow more types to be defined by the SCIM clients."
msgstr ""
#: ../../docstring of canaille.core.models.User.photo:1
#: 27d8a36d06ce46858ed9974cfb3a9a9b
msgid ""
"A URI that is a uniform resource locator (as defined in Section 1.1.3 of "
"[RFC3986]) that points to a resource location representing the user's image."
msgstr ""
#: ../../docstring of canaille.core.models.User.photo:5
#: 8d0e8ca2555c48b0aad26fa7fdb102cf
msgid ""
"The resource MUST be a file (e.g., a GIF, JPEG, or PNG image file) rather "
"than a web page containing an image. Service providers MAY return the same "
"image in different sizes, although it is recognized that no standard for "
"describing images of various sizes currently exists. Note that this "
"attribute SHOULD NOT be used to send down arbitrary photos taken by this "
"user; instead, profile photos of the user that are suitable for display when "
"describing the user should be sent. Instead of the standard canonical values "
"for type, this attribute defines the following canonical values to represent "
"popular photo sizes: \"photo\" and \"thumbnail\"."
msgstr ""
#: ../../docstring of canaille.core.models.User.postal_code:1
#: ca9c10bc74eb4a2b90365bbd3473b1be
msgid "The zip code or postal code component."
msgstr ""
#: ../../docstring of canaille.core.models.User.preferred_language:1
#: 5c7d29d6e6334161b21068010f566af2
msgid ""
"Indicates the user's preferred written or spoken languages and is generally "
"used for selecting a localized user interface."
msgstr ""
#: ../../docstring of canaille.core.models.User.preferred_language:4
#: c45f7e1feb59446daa9dbea7cce24305
msgid ""
"The value indicates the set of natural languages that are preferred. The "
"format of the value is the same as the HTTP Accept-Language header field "
"(not including \"Accept-Language:\") and is specified in Section 5.3.5 of "
"[RFC7231]. The intent of this value is to enable cloud applications to "
"perform matching of language tags [RFC4647] to the user's language "
"preferences, regardless of what may be indicated by a user agent (which "
"might be shared), or in an interaction that does not involve a user (such as "
"in a delegated OAuth 2.0 [RFC6749] style interaction) where normal HTTP "
"Accept-Language header negotiation cannot take place."
msgstr ""
#: ../../docstring of canaille.core.models.User.profile_url:1
#: 267adc8c4ecf4750a9db3464eb2b8573
msgid ""
"A URI that is a uniform resource locator (as defined in Section 1.1.3 of "
"[RFC3986]) and that points to a location representing the user's online "
"profile (e.g., a web page)."
msgstr ""
#: ../../docstring of canaille.core.models.User.profile_url:5
#: 7f227419ab034b3da8303fe94affeb6c
msgid "URIs are canonicalized per Section 6.2 of [RFC3986]."
msgstr ""
#: ../../canaille/core/models.py:docstring of
#: canaille.core.models.User.readable_fields:1 e064888816ad4e228797af005daa0c1b
msgid ""
"The fields the user can read according to the :class:`configuration "
"<canaille.core.configuration.ACLSettings>` configuration."
msgstr ""
#: ../../canaille/core/models.py:docstring of
#: canaille.core.models.User.readable_fields:4 d51b5c9a3058444187f7f52aafcc57ce
msgid ""
"This does not include the :attr:`writable <canaille.core.models.User."
"writable_fields>` fields."
msgstr ""
#: ../../docstring of canaille.core.models.User.region:1
#: 7781da46bb4f45c19d4061a73efd1860
msgid "The state or region component."
msgstr ""
#: ../../docstring of canaille.core.models.User.secret_token:1
#: 3764681cd7844fdaa69cc2ab072ff732
msgid ""
"Unique token generated for each user, used for multi-factor authentication."
msgstr ""
#: ../../docstring of canaille.core.models.User.street:1
#: e15de46ed1a745e580399d0bf40e96b8
msgid ""
"The full street address component, which may include house number, street "
"name, P.O."
msgstr ""
#: ../../docstring of canaille.core.models.User.street:4
#: 663a1b080f3646f5bbc30492beccda49
msgid ""
"box, and multi-line extended street address information. This attribute MAY "
"contain newlines."
msgstr ""
#: ../../docstring of canaille.core.models.User.title:1
#: 96571ab69f47443087e9de7cdf2af3ef
msgid "The user's title, such as \"Vice President\"."
msgstr ""
#: ../../docstring of canaille.core.models.User.user_name:1
#: 5a41c74aee6040d78b20e68feedbe91d
msgid ""
"A service provider's unique identifier for the user, typically used by the "
"user to directly authenticate to the service provider."
msgstr ""
#: ../../docstring of canaille.core.models.User.user_name:4
#: 305c46ac8a734b4fb513c2da9c0bd78d
msgid ""
"Often displayed to the user as their unique identifier within the system (as "
"opposed to \"id\" or \"externalId\", which are generally opaque and not user-"
"friendly identifiers). Each User MUST include a non-empty userName value. "
"This identifier MUST be unique across the service provider's entire set of "
"Users. This attribute is REQUIRED and is case insensitive."
msgstr ""
#: ../../canaille/core/models.py:docstring of
#: canaille.core.models.User.writable_fields:1 f99945951b7f476484908fef5eb9bee4
msgid ""
"The fields the user can write according to the :class:`configuration "
"<canaille.core.configuration.ACLSettings>`."
msgstr ""
#: ../../canaille/core/models.py:docstring of
#: canaille.core.models.string_code:1 81f725c1782d45b395593f37c0776e41
msgid "Add leading 0 if the code length does not match the defined length."
msgstr ""
#: ../../canaille/core/models.py:docstring of
#: canaille.core.models.string_code:3 1cc69f629da14627a5d08132c7388c45
msgid ""
"For instance, parameter ``digit=6``, but ``code=123``, this method would "
"return ``000123``::"
msgstr ""
#: ../../canaille/oidc/basemodels.py:docstring of
#: canaille.oidc.basemodels.AuthorizationCode:1
#: 470216f2acc344a9bc4fe9408cf38b4c
msgid "OpenID Connect temporary authorization code definition."
msgstr ""
#: ../../canaille/oidc/basemodels.py:docstring of
#: canaille.oidc.basemodels.Client:1 b0248a05ffa44100bfcf4e84de0e154b
msgid ""
"OpenID Connect client definition, based on the `OAuth 2.0 Dynamic Client "
"Registration protocols <https://datatracker.ietf.org/doc/html/rfc7591."
"html>`_ and the `OpenID Connect RP-Initiated Logout <https://openid.net/"
"specs/openid-connect-rpinitiated-1_0.html>`_ specifications."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.client_id:3
#: 9630f3464163481993a425c28c308969
msgid ""
"OAuth 2.0 client identifier string. It SHOULD NOT be currently valid for "
"any other registered client, though an authorization server MAY issue the "
"same client identifier to multiple instances of a registered client at its "
"discretion."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.client_id_issued_at:1
#: canaille.oidc.basemodels.Client.client_secret:1
#: canaille.oidc.basemodels.Client.post_logout_redirect_uris:1
#: 05d209d5010c49c99c2e88fd070c5595
msgid "OPTIONAL."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.client_id_issued_at:3
#: fb189c4d73054f559edc1f71e252013c
msgid ""
"Time at which the client identifier was issued. The time is represented as "
"the number of seconds from 1970-01-01T00:00:00Z as measured in UTC until the "
"date/time of issuance."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.client_name:1
#: 90b1171c71784152b30c868ce6a69e92
msgid ""
"Human-readable string name of the client to be presented to the end-user "
"during authorization."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.client_name:4
#: 2f438f6285d3455f81459326d3ed2a3d
msgid ""
"If omitted, the authorization server MAY display the raw \"client_id\" value "
"to the end-user instead. It is RECOMMENDED that clients always send this "
"field. The value of this field MAY be internationalized, as described in "
"Section 2.2."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.client_secret:3
#: b659e17a18ae49d6b460ce4bfd3ef720
msgid ""
"OAuth 2.0 client secret string. If issued, this MUST be unique for each "
"\"client_id\" and SHOULD be unique for multiple instances of a client using "
"the same \"client_id\". This value is used by confidential clients to "
"authenticate to the token endpoint, as described in OAuth 2.0 [RFC6749], "
"Section 2.3.1."
msgstr ""
#: ../../docstring of
#: canaille.oidc.basemodels.Client.client_secret_expires_at:1
#: fe3efeb714e642038fddaee69b85a240
msgid "REQUIRED if \"client_secret\" is issued."
msgstr ""
#: ../../docstring of
#: canaille.oidc.basemodels.Client.client_secret_expires_at:3
#: 8224ead887464588a9b93fc320780f69
msgid ""
"Time at which the client secret will expire or 0 if it will not expire. The "
"time is represented as the number of seconds from 1970-01-01T00:00:00Z as "
"measured in UTC until the date/time of expiration."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.client_uri:1
#: c7ec8c5c04bd41fa87825f3d6f4e71b3
msgid "URL string of a web page providing information about the client."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.client_uri:3
#: 8be313c7ec5848419e7a0062beefd60c
msgid ""
"If present, the server SHOULD display this URL to the end-user in a "
"clickable fashion. It is RECOMMENDED that clients always send this field. "
"The value of this field MUST point to a valid web page. The value of this "
"field MAY be internationalized, as described in Section 2.2."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.contacts:1
#: 133418eefb1d484ba26f492838063c04
msgid ""
"Array of strings representing ways to contact people responsible for this "
"client, typically email addresses."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.contacts:4
#: 4c4d89f737af445da4e7eb5882887e00
msgid ""
"The authorization server MAY make these contact addresses available to end-"
"users for support requests for the client. See Section 6 for information on "
"Privacy Considerations."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:1
#: 5105e93451e946fea6c3fd0b09c19683
msgid ""
"Array of OAuth 2.0 grant type strings that the client can use at the token "
"endpoint. These grant types are defined as follows:"
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:4
#: 471bb398e08d45d588f320d2c25cb025
msgid ""
"\"authorization_code\": The authorization code grant type defined in OAuth "
"2.0, Section 4.1."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:7
#: c1785e60703f46e5a3a6e7131ba26894
msgid ""
"\"implicit\": The implicit grant type defined in OAuth 2.0, Section 4.2."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:10
#: 99ec3801466340bd83367ab92a351ac3
msgid ""
"\"password\": The resource owner password credentials grant type defined in "
"OAuth 2.0, Section 4.3."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:13
#: a62c7b8185ee4863aec423c5fe445ae5
msgid ""
"\"client_credentials\": The client credentials grant type defined in OAuth "
"2.0, Section 4.4."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:16
#: 2fd298fce6974e4da2f670da31280955
msgid ""
"\"refresh_token\": The refresh token grant type defined in OAuth 2.0, "
"Section 6."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:19
#: 2fb0f1de8f46429eb46970d53c954d91
msgid ""
"\"urn:ietf:params:oauth:grant-type:jwt-bearer\": The JWT Bearer Token Grant "
"Type defined in OAuth JWT Bearer Token Profiles [RFC7523]."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:23
#: dd4f8e0551e048d599a3f95740ea3cf1
msgid ""
"\"urn:ietf:params:oauth:grant-type:saml2-bearer\": The SAML 2.0 Bearer "
"Assertion Grant defined in OAuth SAML 2 Bearer Token Profiles [RFC7522]."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:27
#: 241768369988480b8f79cae93fa06ff4
msgid ""
"If the token endpoint is used in the grant type, the value of this parameter "
"MUST be the same as the value of the \"grant_type\" parameter passed to the "
"token endpoint defined in the grant type definition. Authorization servers "
"MAY allow for other values as defined in the grant type extension process "
"described in OAuth 2.0, Section 4.5. If omitted, the default behavior is "
"that the client will use only the \"authorization_code\" Grant Type."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.jwk:1
#: 779d5b8c355f4e469d0880100f197dbd
msgid ""
"Client's JSON Web Key Set [RFC7517] document value, which contains the "
"client's public keys."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.jwk:4
#: 786a840808f042fdb3a97eb1bd7f7a98
msgid ""
"The value of this field MUST be a JSON object containing a valid JWK Set. "
"These keys can be used by higher-level protocols that use signing or "
"encryption. This parameter is intended to be used by clients that cannot "
"use the \"jwks_uri\" parameter, such as native clients that cannot host "
"public URLs. The \"jwks_uri\" and \"jwks\" parameters MUST NOT both be "
"present in the same request or response."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.jwks_uri:1
#: 29bbb97b4b0545df84cf23ec1e6b14cf
msgid ""
"URL string referencing the client's JSON Web Key (JWK) Set [RFC7517] "
"document, which contains the client's public keys."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.jwks_uri:4
#: 4021b5fbeabb464d938a3903ef7e718b
msgid ""
"The value of this field MUST point to a valid JWK Set document. These keys "
"can be used by higher-level protocols that use signing or encryption. For "
"instance, these keys might be used by some applications for validating "
"signed requests made to the token endpoint when using JWTs for client "
"authentication [RFC7523]. Use of this parameter is preferred over the "
"\"jwks\" parameter, as it allows for easier key rotation. The \"jwks_uri\" "
"and \"jwks\" parameters MUST NOT both be present in the same request or "
"response."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.logo_uri:1
#: 723f17b9b9df481394bcff341b2730b1
msgid "URL string that references a logo for the client."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.logo_uri:3
#: 6b1a034be4f248e98f185c7a0ef2c3b5
msgid ""
"If present, the server SHOULD display this image to the end-user during "
"approval. The value of this field MUST point to a valid image file. The "
"value of this field MAY be internationalized, as described in Section 2.2."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.policy_uri:1
#: 92446c1f45fc4da9bf18fed32b046f26
msgid ""
"URL string that points to a human-readable privacy policy document that "
"describes how the deployment organization collects, uses, retains, and "
"discloses personal data."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.policy_uri:5
#: canaille.oidc.basemodels.Client.tos_uri:5 470f3a6ebe5a470d97207d2d724d7a50
msgid ""
"The authorization server SHOULD display this URL to the end-user if it is "
"provided. The value of this field MUST point to a valid web page. The "
"value of this field MAY be internationalized, as described in Section 2.2."
msgstr ""
#: ../../docstring of
#: canaille.oidc.basemodels.Client.post_logout_redirect_uris:3
#: 80775602163f4c4eae2aa73101fb4a59
msgid ""
"Array of URLs supplied by the RP to which it MAY request that the End-User's "
"User Agent be redirected using the post_logout_redirect_uri parameter after "
"a logout has been performed. These URLs SHOULD use the https scheme and MAY "
"contain port, path, and query parameter components; however, they MAY use "
"the http scheme, provided that the Client Type is confidential, as defined "
"in Section 2.1 of OAuth 2.0 [RFC6749], and provided the OP allows the use of "
"http RP URIs."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.redirect_uris:1
#: 9864218626a9495d837ca07ecabe2e83
msgid ""
"Array of redirection URI strings for use in redirect-based flows such as the "
"authorization code and implicit flows."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.redirect_uris:4
#: a1f4e7a342764daf9b91f5c582e0d704
msgid ""
"As required by Section 2 of OAuth 2.0 [RFC6749], clients using flows with "
"redirection MUST register their redirection URI values. Authorization "
"servers that support dynamic registration for redirect-based flows MUST "
"implement support for this metadata value."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.response_types:1
#: 2b675d8a76b64442baaf96288a99145f
msgid ""
"Array of the OAuth 2.0 response type strings that the client can use at the "
"authorization endpoint. These response types are defined as follows:"
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.response_types:5
#: 3f19f3d3bf244c669c336230f4e548e5
msgid ""
"\"code\": The authorization code response type defined in OAuth 2.0, Section "
"4.1."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.response_types:8
#: 8be17e9ef4c642a0a227974a40450da2
msgid ""
"\"token\": The implicit response type defined in OAuth 2.0, Section 4.2."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.response_types:11
#: 3be1d7f3ab82407ebcf77c9ad6294934
msgid ""
"If the authorization endpoint is used by the grant type, the value of this "
"parameter MUST be the same as the value of the \"response_type\" parameter "
"passed to the authorization endpoint defined in the grant type definition. "
"Authorization servers MAY allow for other values as defined in the grant "
"type extension process is described in OAuth 2.0, Section 4.5. If omitted, "
"the default is that the client will use only the \"code\" response type."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.scope:1
#: 99bf5a0735f3490eb63943c7926eb165
msgid ""
"String containing a space-separated list of scope values (as described in "
"Section 3.3 of OAuth 2.0 [RFC6749]) that the client can use when requesting "
"access tokens."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.scope:5
#: d9c4d3be73ae454fbc08c0452c4cafba
msgid ""
"The semantics of values in this list are service specific. If omitted, an "
"authorization server MAY register a client with a default set of scopes."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.software_id:1
#: ee3bd26091c94945b33584e781c19370
msgid ""
"A unique identifier string (e.g., a Universally Unique Identifier (UUID)) "
"assigned by the client developer or software publisher used by registration "
"endpoints to identify the client software to be dynamically registered."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.software_id:6
#: 8fd0e02b12354b72b7175ade2536eac3
msgid ""
"Unlike \"client_id\", which is issued by the authorization server and SHOULD "
"vary between instances, the \"software_id\" SHOULD remain the same for all "
"instances of the client software. The \"software_id\" SHOULD remain the "
"same across multiple updates or versions of the same piece of software. The "
"value of this field is not intended to be human readable and is usually "
"opaque to the client and authorization server."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.software_version:1
#: 2d69ee9b36d244ec98fb0ca3135ac74f
msgid ""
"A version identifier string for the client software identified by "
"\"software_id\"."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.software_version:4
#: 0da082aab3354aad8196b87ea111796f
msgid ""
"The value of the \"software_version\" SHOULD change on any update to the "
"client software identified by the same \"software_id\". The value of this "
"field is intended to be compared using string equality matching and no other "
"comparison semantics are defined by this specification. The value of this "
"field is outside the scope of this specification, but it is not intended to "
"be human readable and is usually opaque to the client and authorization "
"server. The definition of what constitutes an update to client software "
"that would trigger a change to this value is specific to the software itself "
"and is outside the scope of this specification."
msgstr ""
#: ../../docstring of
#: canaille.oidc.basemodels.Client.token_endpoint_auth_method:1
#: e666c285e9d0483a8b06ed07b9596fd1
msgid ""
"String indicator of the requested authentication method for the token "
"endpoint. Values defined by this specification are:"
msgstr ""
#: ../../docstring of
#: canaille.oidc.basemodels.Client.token_endpoint_auth_method:4
#: 75019e0ffa134fe0a48fc885130c97ee
msgid ""
"\"none\": The client is a public client as defined in OAuth 2.0, Section "
"2.1, and does not have a client secret."
msgstr ""
#: ../../docstring of
#: canaille.oidc.basemodels.Client.token_endpoint_auth_method:7
#: 6d1fcab0de3a41e18101687e93c45444
msgid ""
"\"client_secret_post\": The client uses the HTTP POST parameters as defined "
"in OAuth 2.0, Section 2.3.1."
msgstr ""
#: ../../docstring of
#: canaille.oidc.basemodels.Client.token_endpoint_auth_method:10
#: 75493a43244c4357842d2fdfa745f330
msgid ""
"\"client_secret_basic\": The client uses HTTP Basic as defined in OAuth 2.0, "
"Section 2.3.1."
msgstr ""
#: ../../docstring of
#: canaille.oidc.basemodels.Client.token_endpoint_auth_method:13
#: 070320a7585e4d9ba744cbaed1593208
msgid ""
"Additional values can be defined via the IANA \"OAuth Token Endpoint "
"Authentication Methods\" registry established in Section 4.2. Absolute URIs "
"can also be used as values for this parameter without being registered. If "
"unspecified or omitted, the default is \"client_secret_basic\", denoting the "
"HTTP Basic authentication scheme as specified in Section 2.3.1 of OAuth 2.0."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.tos_uri:1
#: 95cc7b66c6da48e5a189a32abaa9c24e
msgid ""
"URL string that points to a human-readable terms of service document for the "
"client that describes a contractual relationship between the end-user and "
"the client that the end-user accepts when authorizing the client."
msgstr ""
#: ../../canaille/oidc/basemodels.py:docstring of
#: canaille.oidc.basemodels.Consent:1 bf6c359aadbc4404ba1967b1b8d26255
msgid "Long-term user consent to an application."
msgstr ""
#: ../../canaille/oidc/basemodels.py:docstring of
#: canaille.oidc.basemodels.Token:1 a20eaa516c854599a62222141346d76b
msgid "OpenID Connect token definition."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_account_lockability:1
#: 51e69cc91e5b411db5b8ebdb30702245
msgid "Indicate whether the user accounts can be locked."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_account_lockability:3
#: e8475984eb0f465f97109240832fc978
msgid ""
"It depends on the backend used by Canaille. This is only disabled for "
"OpenLDAP versions under 2.6."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_email_confirmation:1
#: db40ea1562de466b8cd314d95f04fb64
msgid "Indicate whether the user email confirmation is enabled."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_email_confirmation:3
#: 24739facc2bd4c75aaabe0ab4f870c52
msgid ""
"It is controlled by the :attr:`CANAILLE.EMAIL_CONFIRMATION <canaille.core."
"configuration.CoreSettings.EMAIL_CONFIRMATION>` configuration parameter."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_email_otp:1
#: 21ca21a9a0c240f7899bc11bca2da3b0
msgid "Indicate whether the email OTP authentication factor is enabled."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_email_otp:3
#: e064888816ad4e228797af005daa0c1b
msgid ""
"It is controlled by the :attr:`CANAILLE.EMAIL_OTP <canaille.core."
"configuration.CoreSettings.EMAIL_OTP>` configuration parameter."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_intruder_lockout:1
#: 1998dd6eda9e42f981d690ad9c3114d3
msgid "Indicate whether the intruder lockout feature is enabled."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_intruder_lockout:3
#: f673ed471ad545b18ac0693ba051f9ba
msgid ""
"It is controlled by the :attr:`CANAILLE.ENABLE_INTRUDER_LOCKOUT <canaille."
"core.configuration.CoreSettings.ENABLE_INTRUDER_LOCKOUT>` configuration "
"parameter."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_oidc:1 07510d9a21e7471a86b8cb67ebd3f818
msgid "Indicate whether the OIDC feature is enabled."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_oidc:3 aabe8d66effa4394829dee8ebdbc387b
msgid ""
"This feature is required to make Canaille an authorization server for other "
"applications and enable SSO. It is controlled by the :class:`CANAILLE_OIDC "
"<canaille.oidc.configuration.OIDCSettings>` configuration parameter, and "
"needs the ``oidc`` extra package to be installed."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_otp:1 aa9a89f7384f49e680ea30d8baa145b3
msgid "Indicate whether the OTP authentication factor is enabled."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_otp:3 97dbc9427f2942639739f4ca336b2c5f
msgid ""
"It is controlled by the :attr:`CANAILLE.OTP_METHOD <canaille.core."
"configuration.CoreSettings.OTP_METHOD>` configuration parameter, and needs "
"the ``otp`` extra package to be installed."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_password_recovery:1
#: be057526037b4c0ca9eeadd4d59faf00
msgid "Indicate whether the password recovery feature is enabled."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_password_recovery:3
#: 25817e283da2497d805bfcad9c0175cf
msgid ""
"It is controlled by the :attr:`CANAILLE.ENABLE_PASSWORD_RECOVERY <canaille."
"core.configuration.CoreSettings.ENABLE_PASSWORD_RECOVERY>` configuration "
"parameter."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_registration:1
#: 625966afc8b04095b75167729f416662
msgid "Indicate whether the user account registration is enabled."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_registration:3
#: 2805f75ef1fb4cd0832d589018d21548
msgid ""
"It is controlled by the :attr:`CANAILLE.ENABLE_REGISTRATION <canaille.core."
"configuration.CoreSettings.ENABLE_REGISTRATION>` configuration parameter."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_scim_server:1
#: aaecfeba0f154fe2977fa24558dac7f8
msgid "Indicate whether the SCIM server feature is enabled."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_scim_server:3
#: f585e4196fbb439189756d2389b6c9fc
msgid ""
"This feature is required to make Canaille a provisioning server. It is "
"controlled by the :attr:`CANAILLE_SCIM.ENABLE_SERVER <canaille.scim."
"configuration.SCIMSettings.ENABLE_SERVER>` configuration parameter, and "
"needs the ``scim`` extra package to be installed."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_sms_otp:1
#: 961e256a62724e12aafb8a09b127b0fd
msgid "Indicate whether the SMS OTP authentication factor is enabled."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_sms_otp:3
#: 9f61b04bb6874c56a8774ff9c10a23e3
msgid ""
"It is controlled by the :attr:`CANAILLE.SMS_OTP <canaille.core.configuration."
"CoreSettings.SMS_OTP>` configuration parameter, and needs the ``smpp`` extra "
"package to be installed."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_smtp:1 3a89ac39a9e643149dc0173956a001a3
msgid "Indicate whether the mail sending feature is enabled."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_smtp:3 28bd58a812e84704a83f61aa5e9f0832
msgid ""
"This feature is required to :attr:`validate user email addresses <canaille."
"app.features.Features.has_email_confirmation>`, send email OTP passwords "
"etc. It is controlled by the :attr:`CANAILLE.SMTP <canaille.core."
"configuration.CoreSettings.SMTP>` configuration parameter."
msgstr ""
#: ../references/templates.rst:2 25d974aba30140f4ad6e3445c3d71f50
msgid "Templates"
msgstr ""
#: ../references/templates.rst:4 29dfdb16379245fbb820e7677490ee2a
msgid ""
"This references the template files, their role and the variables available "
"in their contexts. The intended audience for this reference is designers "
"wishing to build their custom Canaille theme."
msgstr ""
#: ../references/templates.rst:8 a9dc7731e37b4ca3900d9a269af917b2
msgid "Base"
msgstr ""
#: ../references/templates.rst:10 0083cf8f344a4aebb0db66182082b38e
msgid "Those templates are shared by all the pages rendered by Canaille."
msgstr ""
#: ../references/templates.rst:13 ../references/templates.rst:35
#: ../references/templates.rst:53 b7454449e2d74b1ba858b35dd9506974
#: 017f3391e5324507b57d461e17c87379 d98c6d77a83046edba83238c1c41f765
msgid "Template files"
msgstr ""
#: ../../<autotemplate>:1 8da82919623541cf99ddb3719a66ce6c
msgid "The main template inherited by almost every other templates."
msgstr ""
#: ../../<autotemplate>:1 0302eac895db4e9192dcda1cf138e681
msgid "The current user, if logged in."
msgstr ""
#: ../../<autotemplate>:1 e3c9d7ed1b37441a9ea451dc09bf0256
msgid "The features enabled and available in Canaille."
msgstr ""
#: ../../<autotemplate>:1 92d32aa698334d27bccff184e7f56f4a
msgid "The user locale."
msgstr ""
#: ../../<autotemplate>:1 46c7365e792d4e44bd0964d401ba3d8d
msgid ""
"The Canaille instance defined in :attr:`~canaille.core.configuration."
"CoreSettings.NAME`."
msgstr ""
#: ../../<autotemplate>:1 4eb0dc013f754cd19b2b0ead85436fc2
msgid ""
"The URL of the instance logo defined in :attr:`~canaille.core.configuration."
"CoreSettings.LOGO`."
msgstr ""
#: ../../<autotemplate>:1 36b2a2855bb84f5a82440c1ce7a066af
msgid ""
"The URL of the instance favicon defined in :attr:`~canaille.core."
"configuration.CoreSettings.FAVICON`."
msgstr ""
#: ../../<autotemplate>:1 b5502e90eb964459b7477ba8cfd4bb56
msgid ""
"Whether the page is boosted by :attr:`~canaille.core.configuration."
"CoreSettings.HTMX`."
msgstr ""
#: ../../<autotemplate>:1 abaac915defc44a39bb760b0fa1ca058
msgid "Whether to display the menu or not."
msgstr ""
#: ../../<autotemplate>:1 4a846a9c1bf04b76bce93d3f51c2c63a
msgid "Whether the app has been launched in debug mode."
msgstr ""
#: ../../<autotemplate>:1 9a6481ec7a844690a56433119b0a980a
msgid ""
"The error page. Displayed for all kinds of errors (not found, internal "
"server error etc.)."
msgstr ""
#: ../../<autotemplate>:1 3c9236009d544093ab37e413f94d45b3
msgid "The code of the HTTP error (404, 500, etc.)"
msgstr ""
#: ../../<autotemplate>:1 072ab6b535b245c0b5c16c84a51e0293
msgid "The error code description."
msgstr ""
#: ../../<autotemplate>:1 01363257f0fd47a9beba953b1580f6f2
msgid "An optional Font Awesome icon reference."
msgstr ""
#: ../../<autotemplate>:1 5eee8575ceec4ab6bb88624d75a23204
msgid "Macros for Flask flash message rendering"
msgstr ""
#: ../../<autotemplate>:1 6df3858522a34bc181b21c3985dab099
msgid "Macros for form and form field rendering."
msgstr ""
#: ../../<autotemplate>:1 45d3e7a61b2247f0b294c31fcdfd752b
msgid "Connects WTForms, Fomantic-UI and HTMX."
msgstr ""
#: ../../<autotemplate>:1 29a5444bd2c545e3a16b992c005e6626
msgid "Macros for rendering table paginated with HTMX."
msgstr ""
#: ../references/templates.rst:22 ../references/templates.rst:40
#: ../references/templates.rst:58 4e87bb3eb49f4aef877cc6d31a2141b8
#: 10827c0bcbb14fc3a1b8054d412a9a7d a1745ac8a300467b9a58c9ae79837332
msgid "Forms"
msgstr ""
#: ../../canaille/app/forms.py:docstring of canaille.app.forms.TableForm:1
#: 438cfba9a79f484b9721d0f91a75b81a
msgid ""
"Bases: :py:class:`~canaille.app.forms.I18NFormMixin`, :py:class:`~flask_wtf."
"form.FlaskForm`"
msgstr ""
#: ../../canaille/app/forms.py:docstring of canaille.app.forms.TableForm:1
#: 57e0185db0a449f485f8c651f063748f
msgid "A form for table rendering of object collections."
msgstr ""
#: ../references/templates.rst:30 162e7b075ee14548a43f9cff48b480a2
msgid "Core"
msgstr ""
#: ../references/templates.rst:32 006bb138232740cdba8de572fe62fa24
msgid ""
"The core templates are displayed in the authentication and profile edition "
"pages."
msgstr ""
#: ../../<autotemplate>:1 e38aa98840094488a64497fcdbaa0264
msgid ""
"The 'About' page. This is an informational page, displaying the project "
"links."
msgstr ""
#: ../../<autotemplate>:1 4c4ed92740f14deb87533cfa65ee80bf
msgid "The current Canaille version."
msgstr ""
#: ../../<autotemplate>:1 d95f55f7f9ff4b5f9686be3dc9a7847f
msgid "The first login page."
msgstr ""
#: ../../<autotemplate>:1 25602187d8a1450d93af69c3a5cb8676
msgid "This page is displayed to users who do not have set a password yet."
msgstr ""
#: ../../<autotemplate>:1 b40d8dbabfb942b9a7e43fd2be5260fb
msgid "Password forgotten page."
msgstr ""
#: ../../<autotemplate>:1 168380710d5343d3ab70eaa096d1eaba
msgid ""
"This page displays a form asking for the email address of users who cannot "
"remember their password."
msgstr ""
#: ../../<autotemplate>:1 c5a709077f1948dc85448baca9d505b2
msgid "Group edition page."
msgstr ""
#: ../../<autotemplate>:1 1d741cc01a7b477ebe6484f595b1ae27
msgid "Displays the group edition or creation form."
msgstr ""
#: ../../<autotemplate>:1 1bb598284f574fadb4afdaa186936d45
msgid ""
":data:`None` in a creation context. In edition context this is the edited "
"group."
msgstr ""
#: ../../<autotemplate>:1 cfb58971b75b4288af102ce52358148d
msgid "The group edition/creation form."
msgstr ""
#: ../../<autotemplate>:1 6a01b239a7364e059ac20e5c32156147
msgid "The group list page."
msgstr ""
#: ../../<autotemplate>:1 8f596f7adabe4f35be79f5f12beb5e50
msgid "A :class:`~canaille.core.models.Group` pagination form."
msgstr ""
#: ../../<autotemplate>:1 b7309cf53df840c1ba19e7177f27c99f
msgid "The invitation form page."
msgstr ""
#: ../../<autotemplate>:1 9fd33d67aac641e7a5c4fc9098332edc
msgid "Displays the invitation form to users with the invitation permission."
msgstr ""
#: ../../<autotemplate>:1 06e9aef4cee8405f96f76c99084ab2ef
msgid "The invitation form."
msgstr ""
#: ../../<autotemplate>:1 50937b6a974343eab8527a1977b6280a
msgid "The invitation acceptation page."
msgstr ""
#: ../../<autotemplate>:1 5781a7c918ac43d0842b01eb38b74cd5
msgid ""
"This page is displayed to users who have clicked on invitation links sent by "
"mail (or by other media). It displays a basic account creation form."
msgstr ""
#: ../../<autotemplate>:1 b447524d0fb1461b81bf503c13eb3788
msgid "The account creation form."
msgstr ""
#: ../../<autotemplate>:1 6f56b461666743eabb55c179df25b96b
msgid "The login page."
msgstr ""
#: ../../<autotemplate>:1 0160e1cfedb04735a642a373eba00f85
msgid "This page displays a form to get the user identifier."
msgstr ""
#: ../../<autotemplate>:1 d2c554cbdaa941f089c6e1d178e2c40a
msgid "The login form."
msgstr ""
#: ../../<autotemplate>:1 5bf5c4af6d5949978459c9558e5959c0
msgid "User account creation page."
msgstr ""
#: ../../<autotemplate>:1 052f0f9a73e54baa90e2beb51100c62f
msgid ""
"This template displays an account creation form. It is used in the "
"registration page, and in the manual account creation page available for "
"users with *user management* permission."
msgstr ""
#: ../../<autotemplate>:1 32e07b796f2542448a5c4f651407e05e
msgid ""
"The user creation form. Dynamically built according to the user :attr:"
"`~canaille.core.configuration.ACLSettings.READ` and :attr:`~canaille.core."
"configuration.ACLSettings.WRITE` permissions. The available fields are those "
"appearing in *READ* and *WRITE*, those only appearing in *READ* are read-"
"only."
msgstr ""
#: ../../<autotemplate>:1 94e9b36ee7a04d4db509845398904973
msgid "The profile edition template."
msgstr ""
#: ../../<autotemplate>:1 b86d69135b324d5b879980406f1b321b
msgid "Displays a user profile edition form."
msgstr ""
#: ../../<autotemplate>:1 b7dedbaafbf4421dad65efa4edb64bc7
#: f4ab6a408b4846a28755a25c75d49e9d
msgid "The user that the form will edit."
msgstr ""
#: ../../<autotemplate>:1 e971a69e070545b6a3efb2ef229a5e78
#: 57372626a5504526a6602a9903be25f3
msgid ""
"The user profile edition form. Dynamically built according to the user :attr:"
"`~canaille.core.configuration.ACLSettings.READ` and :attr:`~canaille.core."
"configuration.ACLSettings.WRITE` permissions. The available fields are those "
"appearing in *READ* and *WRITE*, those only appearing in *READ* are read-"
"only."
msgstr ""
#: ../../<autotemplate>:1 232f10ffd4634e3e8d30fd95968ff20e
msgid ""
"An email edition form. Used when the :attr:`~canaille.app.features.Features."
"has_email_confirmation` feature is enabled."
msgstr ""
#: ../../<autotemplate>:1 6f083b8c024042d2afc6e830605fcb29
msgid "The profile settings template."
msgstr ""
#: ../../<autotemplate>:1 1e1b6ca57eee407ea373fabfa6b68203
msgid "Displays the user settings edition form."
msgstr ""
#: ../../<autotemplate>:1 79751bf3182a4e728ce7c771919c012e
msgid "Whether the editor is allowed to delete the account of the edited user."
msgstr ""
#: ../../<autotemplate>:1 f6fbc394bb0e4d23b2025ad9512ed7f8
msgid "The password reset template."
msgstr ""
#: ../../<autotemplate>:1 ac11fe027baa47d08507ce462ccf6521
msgid "Displays a password reset form."
msgstr ""
#: ../../<autotemplate>:1 022dc36a70434d0cbbc929e6389ed667
msgid "The password reset form."
msgstr ""
#: ../../<autotemplate>:1 b78ecf9a56b94a57a3b3708a76eb115e
msgid "The user associated with the URL."
msgstr ""
#: ../../<autotemplate>:1 2ad2199bf9a543bc89f2b1eab1575ed3
msgid "The secret link hash."
msgstr ""
#: ../../<autotemplate>:1 d33d88c5756d4573bff6aed0f8b22df9
msgid "The multi-factor authentication initialization template."
msgstr ""
#: ../../<autotemplate>:1 fd9b649f626b4b3e93dc09db80ce6ca4
msgid "Display a QR-code and the OTP secret."
msgstr ""
#: ../../<autotemplate>:1 0f8aaa24949f428d91f05bb8ea510a5e
msgid "The user initializing the OTP."
msgstr ""
#: ../../<autotemplate>:1 23c8614367454fe48500f84535d7345d
msgid "The OTP secret."
msgstr ""
#: ../../<autotemplate>:1 ce26bc1edce5450e867c020efdf0879a
msgid "A QR-code image representing the OTP secret."
msgstr ""
#: ../../<autotemplate>:1 5a2fdfda2f1346bf8027c51f73374f77
msgid "The users list."
msgstr ""
#: ../../<autotemplate>:1 3578a4cf58144521ab2d0883f7aa772e
msgid "Displays a paginated list of :class:`~canaille.core.models.User`."
msgstr ""
#: ../../<autotemplate>:1 27156299d35549f6a45ff3b7ff201226
#: c6be1b3ce3d840fb953550cdaf6e1a29 5cb81767c1704260bc729322c4d6d013
#: 68d31f09582d4ec2ac3706a0f578de31
msgid "The paginated list form."
msgstr ""
#: ../../<autotemplate>:1 8f7a6ad97f984f7b90953f39a07c9bb5
msgid "The multi-factor authentication code verification template."
msgstr ""
#: ../../<autotemplate>:1 1180b06a92c045c189a11016f3d869b3
msgid "Displays a form that asks for the multi-factor authentication code."
msgstr ""
#: ../../<autotemplate>:1 653c3e233b7e41b689dd61a1a575768f
msgid "The code verification form."
msgstr ""
#: ../../<autotemplate>:1 c070afb39eb34d9b92862ae453876355
msgid "The username of the user attempting to log-in."
msgstr ""
#: ../../<autotemplate>:1 1995353d10d24e2e86c87864fc8b17cc
msgid "The authentication factor method."
msgstr ""
#: ../../canaille/core/endpoints/forms.py:docstring of
#: canaille.core.endpoints.forms.CreateGroupForm:1
#: canaille.core.endpoints.forms.DeleteGroupMemberForm:1
#: canaille.core.endpoints.forms.EditGroupForm:1
#: canaille.core.endpoints.forms.EmailConfirmationForm:1
#: canaille.core.endpoints.forms.FirstLoginForm:1
#: canaille.core.endpoints.forms.ForgottenPasswordForm:1
#: canaille.core.endpoints.forms.InvitationForm:1
#: canaille.core.endpoints.forms.JoinForm:1
#: canaille.core.endpoints.forms.LoginForm:1
#: canaille.core.endpoints.forms.PasswordForm:1
#: canaille.core.endpoints.forms.PasswordResetForm:1
#: canaille.core.endpoints.forms.TwoFactorForm:1
#: ../../canaille/oidc/endpoints/forms.py:docstring
#: canaille.oidc.endpoints.forms.AuthorizeForm:1
#: canaille.oidc.endpoints.forms.ClientAddForm:1
#: canaille.oidc.endpoints.forms.LogoutForm:1
#: canaille.oidc.endpoints.forms.TokenRevokationForm:1
#: c6b8f8c4f50047c4ad6f8d99a6de0f22 66162ad74b1f491e9815987352e3f843
#: 3d9992e3d5db4bd0928836aca626058a 3b72a3535cb84d30a1e44d8b91b96903
#: b95ae3bb349946949cb639e4ef9dc552 47a533342bda4ba2a94c62a94fcb70ad
#: 738540f528d74bcba2787fc6e25a04e1 79b58787a6954501a9b171492c9ba562
#: cec55d6a542843f7bf4133f5e7160a89 ba39e17ba4834e048f841ce0689e48ba
#: d5d0648bb1b543a4bcd2f863306b2bf8 9075862fb6944b5d93ec7c848595e7be
#: 99b9891b663544458c6c24aafbaa4355 43741eee6aed4f1885f590c4baf20f83
#: 27c2b976b7ae469d9f82c19665688817 4d826f68173b4b47bac9d96a2abe03a7
msgid "Bases: :py:class:`~canaille.app.forms.Form`"
msgstr ""
#: ../../canaille/core/endpoints/forms.py:docstring of
#: canaille.core.endpoints.forms.CreateGroupForm:1
#: e4a35724e14d4581afe8c1d76256145b
msgid "The group creation form."
msgstr ""
#: ../../canaille/core/endpoints/forms.py:docstring of
#: canaille.core.endpoints.forms.EditGroupForm:1
#: d3488ce4b62b455cbc5919a3592c5eaf
msgid "The group edition form."
msgstr ""
#: ../../canaille/core/endpoints/forms.py:docstring of
#: canaille.core.endpoints.forms.InvitationForm:1
#: a3b72e9abc8b44e9862481fe20209e3f
msgid "The user invitation form."
msgstr ""
#: ../references/templates.rst:50 16e60f31d5e549d8b0332ecdd2c8ec33
msgid "The OIDC templates are displayed in the OIDC consent pages."
msgstr ""
#: ../../<autotemplate>:1 6d3187567112498bafed8211d4e63aa9
msgid "The list of authorizations."
msgstr ""
#: ../../<autotemplate>:1 ab9ee4b402464232a04de5af272ec4a2
msgid ""
"Displays a paginated list of :class:`~canaille.oidc.basemodels."
"AuthorizationCode`."
msgstr ""
#: ../../<autotemplate>:1 af96456e16b5452da48beda8aa765d4d
msgid "Authorization details template."
msgstr ""
#: ../../<autotemplate>:1 60b6bca7f05c44c1863aeb04e3cc2f53
msgid ""
"Displays details about an :class:`~canaille.oidc.basemodels."
"AuthorizationCode`."
msgstr ""
#: ../../<autotemplate>:1 4ddc2e41ee114c249fcebd0f7a4e86f8
msgid "The detailed authorization."
msgstr ""
#: ../../<autotemplate>:1 0b979bab813e4ff39f47fc84cc204598
msgid "Consent request template."
msgstr ""
#: ../../<autotemplate>:1 567c68d08849430da9230de7c671e93a
msgid ""
"This templates is displayed to users accessing a new application that "
"requests to access to personal information. It lists the personal "
"information requested by the application, and offers the user to accept or "
"decline."
msgstr ""
#: ../../<autotemplate>:1 21f53e087f2148f39791bfc780edefb7
msgid "The user whose consent is asked."
msgstr ""
#: ../../<autotemplate>:1 48a0c4f1b88f4aaa9f10b158450a7bb1
msgid "The OIDC grant."
msgstr ""
#: ../../<autotemplate>:1 f6bbf416c64247dbb06044aa221ab515
msgid "The client addition template."
msgstr ""
#: ../../<autotemplate>:1 acbe06b62ce6465b915b5678d5426a35
msgid ""
"Displays a form to create a new :class:`~canaille.oidc.basemodels.Client`."
msgstr ""
#: ../../<autotemplate>:1 3f0bb36f5d614523876371b9466e7861
#: fc6afaad7f0040ba8bc9e5018bf3ebdd
msgid "The client creation form."
msgstr ""
#: ../../<autotemplate>:1 0c6c8a94ac7f41969c583a4e50c7f8c6
msgid "The client edition template."
msgstr ""
#: ../../<autotemplate>:1 fc89d67d55e84fa39dd02decf27c7ad0
msgid "Displays a form to edit a :class:`~canaille.oidc.basemodels.Client`."
msgstr ""
#: ../../<autotemplate>:1 69829ae75e504c15a7042fa0d0ca9a45
msgid "The edited client."
msgstr ""
#: ../../<autotemplate>:1 e4137e9e29764f91ae4314a2b1b55ea9
msgid "The list of OIDC clients."
msgstr ""
#: ../../<autotemplate>:1 e417b00de6f14e44b9fe8a0212f90d24
msgid "Displays a paginated list of :class:`~canaille.oidc.basemodels.Client`."
msgstr ""
#: ../../<autotemplate>:1 1d341bd4be4c40f9b475cab7f3899eac
msgid "The OIDC logout template."
msgstr ""
#: ../../<autotemplate>:1 4968bf02e5154f7d84a89f9790696370
msgid ""
"Used during OIDC RP-initiated logout, when an user confirmation is needed."
msgstr ""
#: ../../<autotemplate>:1 b8bf82eb3cac45a4853dcaf6f5ac1589
msgid "The logout form."
msgstr ""
#: ../../<autotemplate>:1 b6c0b03d71bf4873ac7b8565605d158e
msgid "The client requesting the logout."
msgstr ""
#: ../../<autotemplate>:1 5bac6224d1084ae98930ff6ccdb785f4
msgid "The preconsented applications list."
msgstr ""
#: ../../<autotemplate>:1 9c634a235c2c4991b5e7af9769279832
msgid ""
"Display a list of trusted clients for which it is implied that users don't "
"need to explicitly give their consent."
msgstr ""
#: ../../<autotemplate>:1 c246254d28664995a358d16c42110b49
msgid "Description of the OIDC scopes."
msgstr ""
#: ../../<autotemplate>:1 ae25aa3ac5a345e5a23f6770e33b3ba5
msgid "The scopes to hide."
msgstr ""
#: ../../<autotemplate>:1 076793e823214f96b43e5066270c865c
msgid "The list of implicitly consented clients."
msgstr ""
#: ../../<autotemplate>:1 81333f39450142f3b492f8fe7bd17957
msgid "The number of consents."
msgstr ""
#: ../../<autotemplate>:1 08c463165ae2487eadebc7a4ae928bd0
msgid "The number of preconsented clients."
msgstr ""
#: ../../<autotemplate>:1 e6d5d68657fa4c5f964a902844cf443e
msgid "The list of tokens."
msgstr ""
#: ../../<autotemplate>:1 a67dbec8f19c460eac41e22b702668ac
msgid "Displays a paginated list of :class:`~canaille.oidc.basemodels.Token`."
msgstr ""
#: ../../<autotemplate>:1 7aa26abc05944ecd9afa89d71ca3f60a
msgid "The token edition template."
msgstr ""
#: ../../<autotemplate>:1 0051850e1f994570be480414cb1a8e50
msgid ""
"Displays the details of a token :class:`~canaille.oidc.basemodels.Token`."
msgstr ""
#: ../../<autotemplate>:1 47975a2ecbce481f94ee843e3a77be73
msgid "A token revokation form."
msgstr ""
#: ../tutorial/databases.rst:4 2934007ee99c4b5096855dd9bf47208b
msgid ""
"Canaille can read and save data in different databases. This page presents "
"the different database backends and their specificities:"
msgstr ""
#: ../tutorial/databases.rst:10 4d8d9b1634cf47eca9c118b3af6173df
msgid ""
"Canaille comes with a lightweight inmemory backend by default. It is used "
"when no other backend has been configured."
msgstr ""
#: ../tutorial/databases.rst:13 5383f833c2634382a279cf9c2e9efff5
msgid ""
"This backend is only for test purpose and should not be used in production "
"environments."
msgstr ""
#: ../tutorial/databases.rst:18 5c04f9416e954990a51ad770b994755d
msgid ""
"Canaille can use any database supported by `SQLAlchemy <https://www."
"sqlalchemy.org/>`_, such as sqlite, postgresql or mariadb."
msgstr ""
#: ../tutorial/databases.rst:21 5cef0f1dda384284a256492c7b8dfcca
msgid ""
"It is used when the ``CANAILLE_SQL`` configuration parameter is defined. For "
"instance:"
msgstr ""
#: ../tutorial/databases.rst:29 cedc3bb2dba0427b93cf11791b189c96
msgid ""
"You can find more details on the SQL configuration in the :class:`dedicated "
"section <canaille.backends.sql.configuration.SQLSettings>`."
msgstr ""
#: ../tutorial/databases.rst:34 fd9f8f823d184c72840274fd13de5b91
msgid ""
"Canaille can use OpenLDAP as its main database. It is used when the "
"``CANAILLE_LDAP`` configuration parameter is defined. For instance:"
msgstr ""
#: ../tutorial/databases.rst:52 dbd09fe39b724102813c8d259ad336f6
msgid ""
"If you want to use TOTP/HOTP authentication, you will need to add the "
"``oathHOTPToken`` class to the user:"
msgstr ""
#: ../tutorial/databases.rst:58 fcbc8501c455465daa5142894408bb38
msgid ""
"You can find more details on the LDAP configuration in the :class:`dedicated "
"section <canaille.backends.ldap.configuration.LDAPSettings>`."
msgstr ""
#: ../tutorial/databases.rst:61 2c710def18bc46539b2962ee1bde2bf6
msgid ""
"Currently, only the ``inetOrgPerson``, ``oathHOTPToken`` and "
"``groupOfNames`` schemas have been tested. If you want to use different "
"schemas or LDAP servers, adaptations may be needed. Patches are welcome."
msgstr ""
#: ../tutorial/databases.rst:66 b7014bf888504dcc865871e8275190f6
msgid "OpenLDAP overlays integration"
msgstr ""
#: ../tutorial/databases.rst:68 a67abbc0745e4c7e9353697969a4fbab
msgid "Canaille can integrate with several OpenLDAP overlays:"
msgstr ""
#: ../tutorial/databases.rst:71 b1eebe57d90648b3b24cb48cb49c5436
msgid "memberof / refint"
msgstr ""
#: ../tutorial/databases.rst:73 6bb596696373483ab0a52f0e8169ab9e
msgid ""
"`memberof <https://www.openldap.org/doc/admin26/overlays."
"html#Reverse%20Group%20Membership%20Maintenance>`_ and `refint <https://www."
"openldap.org/doc/admin26/overlays.html#Referential%20Integrity>`_ overlays "
"are needed for the Canaille group membership to work correctly."
msgstr ""
#: ../tutorial/databases.rst:77 ../tutorial/databases.rst:100
#: ../tutorial/databases.rst:123 bff8a12ffd4b4d179d6938a046810186
msgid "Here is a configuration example compatible with canaille:"
msgstr ""
#: ../tutorial/databases.rst:79 d8858049d6d44b7cae4cbd659f9f8ba2
msgid "memberof-config.ldif"
msgstr ""
#: ../tutorial/databases.rst:83 830059290ddc4cf1b2249c45fc303b98
msgid "refint-config.ldif"
msgstr ""
#: ../tutorial/databases.rst:87 ../tutorial/databases.rst:110
#: 4070700e524f481ba82662576453c6b3
msgid "You can adapt and load those configuration files with:"
msgstr ""
#: ../tutorial/databases.rst:96 e37e96d3eac048e191b4da59788b6096
msgid "ppolicy"
msgstr ""
#: ../tutorial/databases.rst:98 88ed660b0098483fa77e880febad6b52
msgid ""
"If the `ppolicy <https://www.ietf.org/archive/id/draft-behera-ldap-password-"
"policy-11.html>`_ overlay is configured and the ``pwdEndTime`` attribute is "
"available (since OpenLDAP 2.6), then account locking support will be enabled "
"in canaille. To allow users to manage account expiration, they need to have "
"a *write* permission on the :attr:`~canaille.core.models.User.lock_date` "
"attribute."
msgstr ""
#: ../tutorial/databases.rst:102 0194f8cb96554ed9a209784cd1a5a10e
msgid "ppolicy-config.ldif"
msgstr ""
#: ../tutorial/databases.rst:106 09776d76a5c54f6eb7d79e15a0dbed82
msgid "ppolicy.ldif"
msgstr ""
#: ../tutorial/databases.rst:119 7bb7048ad0234c28a245626aa50d9c62
msgid "otp"
msgstr ""
#: ../tutorial/databases.rst:121 89b862fd590f4c49a156ed490b778051
msgid ""
"If the `otp <https://www.openldap.org/software/man.cgi?query=slapo-otp>`_ "
"overlay is configured, you will be able to add one-time password "
"authentication in canaille."
msgstr ""
#: ../tutorial/databases.rst:125 0194f8cb96554ed9a209784cd1a5a10e
msgid "otp-config.ldif"
msgstr ""
#: ../tutorial/databases.rst:129 4070700e524f481ba82662576453c6b3
msgid "You can adapt and load this configuration file with:"
msgstr ""
#: ../tutorial/databases.rst:136 14e54c22e9114f30b809b1605c494c6f
msgid "You will also need to add the ``oathHOTPToken`` class to the user:"
msgstr ""
#: ../tutorial/deployment.rst:2 f396d7b4fa884f55bf66b57b6c046fdb
msgid "Deployment"
msgstr ""
#: ../tutorial/deployment.rst:5 2cbff8a64b41470396973c1f66482110
msgid "Application service"
msgstr ""
#: ../tutorial/deployment.rst:7 d60be98207bd489299d7492480a091c5
msgid ""
"After having finished Canaille installation you have to run it in a WSGI "
"application server. Here are some WSGI server configuration examples you can "
"pick. Do not forget to update the paths."
msgstr ""
#: ../tutorial/deployment.rst:11 cf41e4599bea477a8b6742ed38c09555
msgid "gunicorn"
msgstr ""
#: ../tutorial/deployment.rst:15 9f4888747a6d4f5d85d9b94bc2814aff
msgid "Write a gunicorn configuration sample file."
msgstr ""
#: ../tutorial/deployment.rst:18 beb61a6d85dc407c923f0a1797571b4b
msgid "uwsgi"
msgstr ""
#: ../tutorial/deployment.rst:42 804b59080cfb46a5bece65e9dfe52ae4
msgid "Webserver"
msgstr ""
#: ../tutorial/deployment.rst:44 3fd8ef72a9db483aaa18397b136708a4
msgid ""
"Now you have to plug your WSGI application server to your webserver so it is "
"accessible on the internet. Here are some webserver configuration examples "
"you can pick:"
msgstr ""
#: ../tutorial/deployment.rst:48 40d9837c5cdd4c9faf94797e578e409d
msgid "Nginx"
msgstr ""
#: ../tutorial/deployment.rst:114 5407fc49df8b4871a993d95ebe6b216e
msgid "Apache"
msgstr ""
#: ../tutorial/deployment.rst:153 9e1ca64c07984a218f094949ed99bc6e
msgid "Recurrent jobs"
msgstr ""
#: ../tutorial/deployment.rst:155 283551b28f2d465a830885e57a802334
msgid ""
"You might want to clean up your database to avoid it growing too much. You "
"can regularly delete expired tokens and authorization codes with:"
msgstr ""
#: ../tutorial/deployment.rst:164 3a91c9769ca04ed289ef4e08d71c84e0
msgid "Webfinger"
msgstr ""
#: ../tutorial/deployment.rst:166 c0c2aa060ee743e797e0e0e69ed34aad
msgid ""
"You may want to configure a `WebFinger`_ endpoint on your main website to "
"allow the automatic discovery of your Canaille installation based on the "
"account name of one of your users. For instance, suppose your domain is "
"``mydomain.example`` and your Canaille domain is ``auth.mydomain.example`` "
"and there is a user ``john.doe``. A third-party application could require to "
"authenticate the user and ask them for a user account. The user would give "
"their account ``john.doe@mydomain.example``, then the application would "
"perform a WebFinger request at ``https://mydomain.example/.well-known/"
"webfinger`` and the response would contain the address of the authentication "
"server ``https://auth.mydomain.example``. With this information the third "
"party application can redirect the user to the Canaille authentication page."
msgstr ""
#: ../tutorial/deployment.rst:168 d4f07f118d4443bcbd44e55144cf4d1f
msgid ""
"The difficulty here is that the WebFinger endpoint must be hosted at the top-"
"level domain (i.e. ``mydomain.example``) while the authentication server "
"might be hosted on a sublevel (i.e. ``auth.mydomain.example``). Canaille "
"provides a WebFinger endpoint, but if it is not hosted at the top-level "
"domain, a web redirection is required on the ``/.well-known/webfinger`` path."
msgstr ""
#: ../tutorial/deployment.rst:170 b305def4f6e74643b1c47e5491e46126
msgid "Here are configuration examples for Nginx or Apache:"
msgstr ""
#: ../tutorial/deployment.rst:172 f07e30950c0443ea830fb6d01181cbce
msgid "Nginx webfinger configuration for a top level domain"
msgstr ""
#: ../tutorial/deployment.rst:181 f166862da12146e286d09f1189b44637
msgid "Apache webfinger configuration for a top level domain"
msgstr ""
#: ../tutorial/deployment.rst:191 ed7f25a6ab90437984c0249217556b7a
msgid "Create the first user"
msgstr ""
#: ../tutorial/deployment.rst:193 e983e9c5998a475e9472c54742b25c9f
msgid ""
"Once canaille is installed, soon enough you will need to add users. To "
"create your first user you can use the :ref:`canaille create <cli_create>` "
"CLI."
msgstr ""
#: ../tutorial/index.rst:2 40de96b13f0b46ba88769f9f0c91bece
msgid "Tutorial"
msgstr ""
#: ../tutorial/install.rst:2 990b0c4570294a4c914942072b835544
msgid "Installation"
msgstr ""
#: ../tutorial/install.rst:6 1f5645b8ce114b08abc62b4f03e8d613
msgid ""
"Canaille is under heavy development and may not fit a production environment "
"yet."
msgstr ""
#: ../tutorial/install.rst:8 a76d3b71c19b4667a34e1d4b68261499
msgid ""
"The installation of canaille consist in several steps, some of which you can "
"do manually or with command line tool:"
msgstr ""
#: ../tutorial/install.rst:11 de05573555224e75869a68ac41471c97
msgid "Get the code"
msgstr ""
#: ../tutorial/install.rst:13 8d5ce5f2ad284774a673cad8e1be2cc5
msgid ""
"As the moment there is no distribution package for canaille. However, it can "
"be installed with the ``pip`` package manager. Let us choose a place for the "
"canaille environment, like ``/opt/canaille/env``."
msgstr ""
#: ../tutorial/install.rst:24 5e8dbf51cc8e401d8e7f2738c4c1e500
msgid "Extras"
msgstr ""
#: ../tutorial/install.rst:26 ff09c579e2834394992e462c1a7830e6
msgid "Canaille provides different package options:"
msgstr ""
#: ../tutorial/install.rst:28 fba9a7d4ab8f42c1ba19ec58827c49bb
msgid "`front` provides all the things needed to produce the user interface;"
msgstr ""
#: ../tutorial/install.rst:29 3c368569b3434d0c8821fcc5aa2a9fcd
msgid "`oidc` provides the dependencies to perform OAuth2/OIDC authentication;"
msgstr ""
#: ../tutorial/install.rst:30 d2fa3adf12b04e879e8eb1ad5a86d131
msgid "`ldap` provides the dependencies to enable the LDAP backend;"
msgstr ""
#: ../tutorial/install.rst:31 9f0ac2527c844d26999ac4722b7a3062
msgid "`sqlite` provides the dependencies to enable the SQLite backend;"
msgstr ""
#: ../tutorial/install.rst:32 9f8652296fdd460d9d0885fd934a924f
msgid ""
"`postgresql` provides the dependencies to enable the PostgreSQL backend;"
msgstr ""
#: ../tutorial/install.rst:33 dba3b5d89e9e46c6b3774b01bf2ae122
msgid "`mysql` provides the dependencies to enable the MySQL backend;"
msgstr ""
#: ../tutorial/install.rst:34 3284b40cd5ff4177a9369e471dcd1de2
msgid "`sentry` provides sentry integration to watch Canaille exceptions;"
msgstr ""
#: ../tutorial/install.rst:35 11d315c8ffbb415cab5068a2fb287590
msgid ""
"`otp` provides the dependencies to enable one-time password authentication;"
msgstr ""
#: ../tutorial/install.rst:36 c60670612f384704ad46fba12f41dcf9
msgid "`sms` provides the dependencies to enable sms sending;"
msgstr ""
#: ../tutorial/install.rst:37 dfd39313c050407193deac1f01f23e54
msgid "`all` provides all the extras above."
msgstr ""
#: ../tutorial/install.rst:39 3d0f7f47cc1a469e9762578aed91f002
msgid "They can be installed with:"
msgstr ""
#: ../tutorial/install.rst:46 b7732a260ca84ba3a4130bd6cb0d1619
msgid "Configure"
msgstr ""
#: ../tutorial/install.rst:48 86df5b7acf954ddfbb2982dbe0a51da1
msgid ""
"Choose a path where to store your configuration file. You can pass any "
"configuration path with the ``CONFIG`` environment variable."
msgstr ""
#: ../tutorial/install.rst:56 042753d9c5704f21b0da35d38a17a620
msgid ""
"You should then edit your configuration file to adapt the values to your "
"needs. Look at the configuration details in the :doc:`configuration <../"
"references/configuration>` page."
msgstr ""
#: ../tutorial/install.rst:59 a87138181fe64cd9891206619cad6d2d
msgid "Install"
msgstr ""
#: ../tutorial/install.rst:61 2a7cde9a8ef54f6fb6b527734b5e471d
msgid ""
"The :ref:`install command <cli_install>` will apply most of the things "
"needed to get Canaille working. Depending on the configured :doc:`database "
"<databases>` it will create the SQL tables, or install the LDAP schemas for "
"instance."
msgstr ""
#: ../tutorial/install.rst:70 faefbbda355349e19671492f478d3153
msgid "Check"
msgstr ""
#: ../tutorial/install.rst:72 ab77edb446f44686bf26ef04fbf3dc7d
msgid ""
"After a manual installation, you can check your configuration file using "
"the :ref:`check command <cli_install>`:"
msgstr ""
#: ../tutorial/provisioning.rst:2 96b0ed3d70cf436a80f82cf3cd89bf37
msgid "Provisioning"
msgstr ""
#: ../tutorial/provisioning.rst:4 a4047f8d0f904f6799d549e2f65181b2
msgid ""
"Canaille partially implement the :rfc:`SCIM <7642>` provisioning protocol at "
"the ``/scim/v2`` endpoint."
msgstr ""
#: ../tutorial/provisioning.rst:6 969c0c2d7d2a47de8fb1c7441ec62e2d
msgid ""
"At the moment, only the server part is implemented. It allows client "
"applications to manage user profiles directly in Canaille."
msgstr ""
#: ../tutorial/provisioning.rst:11 37c0e4ee9eb54f9f94754fec060e0ac5
msgid ""
"Some SCIM :ref:`features and endpoints <scim_unimplemented>` are not "
"implemented. In addition to these, Canaille will implement in the future:"
msgstr ""
#: ../tutorial/provisioning.rst:14 a5d6aea95b444cbb9d10731986ae66ac
msgid ""
"Access control for clients on the SCIM API endpoint, to finely manage "
"permissions depending on clients."
msgstr ""
#: ../tutorial/provisioning.rst:15 98d88ce07bc640bcafedee10c9bbc98f
msgid ""
"Client-side implementation, to broadcast user and groups modifications among "
"all the clients."
msgstr ""
#: ../tutorial/provisioning.rst:20 706556a4f4de43658b7ee3583115216a
msgid ""
"To allow clients to access the SCIM API, the client must have the "
"``client_credentials`` grant type configured. This allows clients to ask an "
"authentication token on their own behalf and use this token to perform "
"queries. Currently, user tokens are not supported."
msgstr ""
#: ../tutorial/provisioning.rst:24 5abc69c6a6ff4cd48e3f2b01cdaa1a52
msgid ""
"Then the :attr:`CANAILLE_SCIM.ENABLE_SERVER <canaille.scim.configuration."
"SCIMSettings.ENABLE_SERVER>` configuration parameter must be enabled."
msgstr ""
#: ../tutorial/provisioning.rst:33 08c5f12f847f4376993010f11b7055e6
msgid "Implementation details"
msgstr ""
#: ../tutorial/provisioning.rst:35 163f28f6d3cf4d94bc60bddec6b1b25e
msgid ""
"Due to technical reasons, the Canaille *User* and *Group* resources "
"implementation subtly differs from the :rfc:`RFC7643 <7643>` definitions:"
msgstr ""
#: ../tutorial/provisioning.rst:37 5e235bded8ba46ae94fe89b82341e3a9
msgid "``User.userName`` is immutable (while it is read-write in RFC7643)."
msgstr ""
#: ../tutorial/provisioning.rst:38 5c0be56ebf754660b7702622cd085221
msgid "``User.name.familyName`` is required (while it is optional in RFC7643)."
msgstr ""
#: ../tutorial/provisioning.rst:39 35cfdbc7fd954036805a8b64bc46ae90
msgid "``Group.displayName`` is required (while it is optional in RFC7643)."
msgstr ""
#: ../tutorial/provisioning.rst:40 7490ca87a3fe4b5f9fdc80991e74a130
msgid ""
"``Group.members`` is required (while it is optional in RFC7643), i.e. groups "
"cannot be empty."
msgstr ""
#: ../tutorial/provisioning.rst:43 432c05f5057e4d6ab93225079865e789
msgid "Debugging"
msgstr ""
#: ../tutorial/provisioning.rst:45 ecce1ab63ddd4b1a8dd3c7c65e9a990c
msgid ""
"To check what data are exposed through the Canaille SCIM API, you need a "
"*client token* and a SCIM client application. To generate a client token, "
"you can simply manually create a token from the button on the client "
"administration page. Then, we recommend the use of :doc:`scim2-cli:index` to "
"interact with the API:"
msgstr ""
#: ../tutorial/provisioning.rst:49 0494884602794d818953870e734c721b
msgid "scim2-cli usage example"
msgstr ""
#: ../tutorial/theming.rst:2 1e8d2a5169ed4313896d1a9c33dee1ab
msgid "Theming"
msgstr ""
#: ../tutorial/theming.rst:4 8b9d02343d7b48a08704a60b2394672a
msgid ""
"Canaille comes with a default theme based on `Fomantic UI <https://fomantic-"
"ui.com/>`__ but any part of the UI can be slightly modified or even "
"entierely rewritten if needed."
msgstr ""
#: ../tutorial/theming.rst:7 aaa944c2e0b64fc7a9d04703be543cc8
msgid "Custom templates"
msgstr ""
#: ../tutorial/theming.rst:9 d431b58edd7c4ab5960f4889ad4bf8b1
msgid ""
"To use a custom theme, set the :attr:`~canaille.core.configuration."
"CoreSettings.THEME` to a path to a directory where you will host your custom "
"templates."
msgstr ""
#: ../tutorial/theming.rst:11 f70b37ff511248529ee7801adeae3f40
msgid ""
"Then in this directory, create new files for templates you want to override. "
"The exhaustive list of templates is available in the :doc:`reference <../"
"references/templates>`. You must respect the template file paths. So for "
"instance if you want to customize the *about page*, you need to do it in a "
"``core/about.html`` file. You can inherit from the origin template by using "
"the Jinja ``extend`` directive."
msgstr ""
#: ../tutorial/theming.rst:15 3abcbfdad0cf41628a3bb4e27789bdf0
msgid "core/about.html"
msgstr ""
#: ../tutorial/theming.rst:26 19d7d3280a9b4cc8a868428d2ef5b12f
msgid "Custom style sheets"
msgstr ""
#: ../tutorial/theming.rst:28 13f029143d7a41ee97bff9bab5c6696d
msgid ""
"If you simply want to put your custom style sheets in the default theme, you "
"can just push it in the ``base.html`` template. Put your file in a "
"``static`` subdirectory of your theme, for instance ``static/css/custom."
"css`` and reference it with ``theme_static``."
msgstr ""
#: ../tutorial/theming.rst:31 5494d679f6294826a4fe0ec3307f1d90
msgid "base.html"
msgstr ""
#: ../tutorial/theming.rst:43 eb8604a736ba49c7a5268aff30c7045f
msgid ""
"To write your custom theme and check how it is rendered, you can put the "
"path to your theme in a ``.env`` file and run the Canaille demo instance, as "
"described in the :ref:`contributing guide <local_environment>`"
msgstr ""
#: ../tutorial/theming.rst:50 f2e3066341864ffdb46f79b737fd491c
msgid "Run the demo instance"
msgstr ""
#: ../tutorial/troubleshooting.rst:2 d5cca3688aea45bb9ed015f84d324407
msgid "Troubleshooting"
msgstr ""
#: ../tutorial/troubleshooting.rst:5 584a62a0d78b4af391bfc8bd916e3934
msgid "The web interface throws useless error messages"
msgstr ""
#: ../tutorial/troubleshooting.rst:7 acc3175f98324e73b0154a833f4291de
msgid ""
"Unless the current user has admin :class:`permissions <canaille.core."
"configuration.Permission>`, or the installation is in :attr:`~canaille.app."
"configuration.RootSettings.DEBUG` mode, error messages won't be too "
"technical. For instance, you can see *The request you made is invalid*. To "
"enable detailed error messages, you can **temporarily** enable the :attr:"
"`~canaille.app.configuration.RootSettings.DEBUG` configuration parameter."
msgstr ""
#: ../tutorial/troubleshooting.rst:12 358b28e47d4a4b48ba2bde7ddd4bc5f3
msgid "How to manually install LDAP schemas?"
msgstr ""
#: ../tutorial/troubleshooting.rst:16 5e241c1fdd044454a5a27a9d4d609a6c
msgid ""
"Schema installation can be automatically done using the :ref:`install "
"command <cli_install>`."
msgstr ""
#: ../tutorial/troubleshooting.rst:18 fa20dff6817848489fee9434d3e8c154
msgid "As of OpenLDAP 2.4, two configuration methods are available:"
msgstr ""
#: ../tutorial/troubleshooting.rst:20 536b6d4fabea43d48240f3b1b4e256c6
msgid ""
"The `deprecated <https://www.openldap.org/doc/admin26/slapdconf2.html>`_ "
"one, based on a configuration file (generally ``/etc/ldap/slapd.conf``);"
msgstr ""
#: ../tutorial/troubleshooting.rst:21 2681e5ed98de4633ab3e958980570c61
msgid ""
"The new one, based on a configuration directory (generally ``/etc/ldap/slapd."
"d``)."
msgstr ""
#: ../tutorial/troubleshooting.rst:23 e623df73a33a4425874322d64990dd09
msgid ""
"Depending on the configuration method you use with your OpenLDAP "
"installation, you need to chose how to add the canaille schemas:"
msgstr ""
#: ../tutorial/troubleshooting.rst:26 7fa64ce5f9834bfc8a84a6b147776135
msgid "Old fashion: Copy the schemas in your filesystem"
msgstr ""
#: ../tutorial/troubleshooting.rst:35 89ec7d1a5b9c488898dd0aeec512eb0f
msgid "New fashion: Use slapadd to add the schemas"
msgstr ""
#: ../tutorial/troubleshooting.rst:37 cf355b0d0d224146b9aa9bde63c3285b
msgid "Be careful to stop your ldap server before running ``slapadd``"
msgstr ""
#: ../tutorial/troubleshooting.rst:46 b688808b89a1486ea46f0a30671f0772
msgid "How to manually generate the OIDC keypair?"
msgstr ""
#: ../tutorial/troubleshooting.rst:50 fe622e23c48a4ec0ba3a9e00e24cfb88
msgid ""
"The keypair generation can be automatically done using the :ref:`install "
"command <cli_install>`."
msgstr ""
#: ../tutorial/troubleshooting.rst:52 2467c8ae6d2a4ba19056d44a89656984
msgid ""
"Canaille needs a key pair to sign OIDC tokens. You can customize those "
"commands, as long as they match the ``JWT`` section of your configuration "
"file."
msgstr ""
#: ../usecases.rst:4 dde73820d8ff46128f0ae5a245d4f212
msgid "Use cases"
msgstr ""
#: ../usecases.rst:6 936471ec6e494f839a45d1a5048ddbe9
msgid ""
"Canaille is a lightweight IAM for simple needs. Here are a few use cases you "
"might recognize in, where Canaille would fit your needs."
msgstr ""
#: ../usecases.rst:10 0c06bc8fc0754db6bdfbae05fe718b2e
msgid "OpenID Connect provider on top of a LDAP directory"
msgstr ""
#: ../usecases.rst:12 0ec337c5784a4dc296538609b9d75dd6
msgid ""
"Your organization has an historic :ref:`LDAP directory <feature_databases>` "
"and you want to add a :ref:`OpenID Connect <feature_oidc>` :abbr:`SSO "
"(Single Sign-On)` layer on top of it, so users can use all your application "
"while signin-in only once, without any data migration."
msgstr ""
#: ../usecases.rst:15 35bb9bbb50064dc7a5383c9d5371adfd
msgid "Profile edition of LDAP users"
msgstr ""
#: ../usecases.rst:17 87226e31a4ef425585e8de20647d72a3
msgid ""
"Your organization has a :ref:`LDAP directory <feature_databases>` and you "
"want to provide a way to your users to :ref:`edit their personal information "
"<feature_profile_management>` by themselves, without requiring any "
"administrator intervention."
msgstr ""
#: ../usecases.rst:20 22ec6d0c58ed413b80cd6aca23f637b6
msgid "Password recovery with a LDAP directory"
msgstr ""
#: ../usecases.rst:22 46f418970c7640f9ace069002ed337bd
msgid ""
"Your organization has an historic :ref:`LDAP directory <feature_databases>` "
"and you want to provide a way to your users to :ref:`recover their password "
"<feature_password_recovery>` when they cannot remember it, without any "
"administrator intervention."
msgstr ""
#: ../usecases.rst:25 f44f325b29594fc7b31521d259e27d5f
msgid "A lightweight IAM for unit testing"
msgstr ""
#: ../usecases.rst:27 c9f537fbf3cd4b3cb0e6d140b8a2327b
msgid ""
"You are :ref:`developing <feature_development>` an application relying on "
"OAuth2 or OpenID Connect to authenticate the users. You don't want to mock "
"the calls to the identity provider in your unit tests, but you want to :ref:"
"`perform real OAuth2/OIDC requests <feature_testing>`, and test your "
"application against different identity provider tunings."
msgstr ""
#: ../usecases.rst:30 5b9b8e07b9154150a105088cc630ce6a
msgid "A lightweight IAM for developing"
msgstr ""
#: ../usecases.rst:32 7a4ff703b94e4706b5123edb0c2abe51
msgid ""
"You are :ref:`developing <feature_development>` an application relying on "
"OAuth2 or OpenID Connect to authenticate the users. You need a :ref:`IAM "
"server to develop <feature_development>` locally, but your old computer "
"cannot bear launching a full Keycloak in a Docker container."
msgstr ""
#: ../usecases.rst:35 e594e15fba204d65a3f483c36e7c0aab
msgid "A lightweight IAM for CIs"
msgstr ""
#: ../usecases.rst:37 ff03e5a191564f90af81c7d210a3de24
msgid ""
"You are :ref:`developing <feature_development>` an application relying on "
"OAuth2 or OpenID Connect to authenticate the users. You need a IAM server "
"that could can populate with custom data, and integrate in your :ref:"
"`continuous integration environment <feature_ci>`."
msgstr ""
#: ../usecases.rst:40 8a37de08f6594334a3ba6ed2f9a3b71e
msgid "A CLI to quickly edit LDAP directory users"
msgstr ""
#: ../usecases.rst:42 b9d55e6eeca547aabb9bbfef3998f6d2
msgid ""
"Your organization has an historic :ref:`LDAP directory <feature_databases>`. "
"You are tired to deal with *ldif* syntax to manage your users and group and "
"would prefer a simple human-readable CLI."
msgstr ""
View git blame Copy permalink