canaille-globuzma/doc/locales/ta/LC_MESSAGES/doc.po
Hosted Weblate a971be4d7c
Update translation files
Updated by "Update PO files to match POT (msgmerge)" add-on in Weblate.

Translation: Canaille/Documentation
Translate-URL: https://hosted.weblate.org/projects/canaille/documentation/
2025-01-10 12:34:57 +01:00

7040 lines
241 KiB
Text
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# SOME DESCRIPTIVE TITLE.
# Copyright (C) 2024, Yaal Coop
# This file is distributed under the same license as the canaille package.
# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
#
msgid ""
msgstr ""
"Project-Id-Version: canaille 0.0.56\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2025-01-10 12:34+0100\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: Automatically generated\n"
"Language-Team: none\n"
"Language: ta\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
#: ../development/changelog.rst:2 1f34b2340e8b40bebbbb26b15e68b03b
msgid "Release notes"
msgstr ""
#: ../development/changelog.rst:4 974a9ddc92084ba885466bd64dd8473e
msgid "All notable changes to this project will be documented in there."
msgstr ""
#: ../development/changelog.rst:6 412266a64b564ebd8cf722ee2e952ea5
msgid ""
"The format is based on `Keep a Changelog <https://keepachangelog.com/"
"en/1.0.0/>`_, and this project adheres to `Semantic Versioning <https://"
"semver.org/spec/v2.0.0.html>`_."
msgstr ""
#: ../../CHANGES.rst:2 8e30b80f3f94498da6f59c6f63a94ec5
msgid "[0.0.58] - Unreleased"
msgstr ""
#: ../../CHANGES.rst:5 ../../CHANGES.rst:23 ../../CHANGES.rst:57
#: ../../CHANGES.rst:85 ../../CHANGES.rst:104 ../../CHANGES.rst:111
#: ../../CHANGES.rst:130 ../../CHANGES.rst:190 ../../CHANGES.rst:216
#: ../../CHANGES.rst:231 ../../CHANGES.rst:280 ../../CHANGES.rst:306
#: ../../CHANGES.rst:325 ../../CHANGES.rst:333 ../../CHANGES.rst:342
#: ../../CHANGES.rst:368 ../../CHANGES.rst:403 ../../CHANGES.rst:429
#: ../../CHANGES.rst:478 ../../CHANGES.rst:506 ../../CHANGES.rst:536
#: ../../CHANGES.rst:592 ../../CHANGES.rst:625 ../../CHANGES.rst:646
#: ../../CHANGES.rst:656 ../../CHANGES.rst:679 ../../CHANGES.rst:746
#: ../../CHANGES.rst:784 ../../CHANGES.rst:801 ../../CHANGES.rst:837
#: 74bd8e6a205c4a06b55ec9b1b8d86f48 4b956af725cc45d0ab80a2fdd02a4b9a
#: b8d535f039134b0a9afd68f7f8713d0c 879c4a3feec54624b5c16345690f94dd
#: 1985623df8644a759ff789f1fef96076 383ea6426a8f484f9ffb40a520830935
#: ac97d42167a54f52a4f4387433d4f2a6 51abb94c86684f0e98aa85821b3b55de
#: b7a9f2fff1f842a7b3df26649bc8bc63 cbc8dd1774c44a428cb21e8f4c9d8f2e
#: 240d272f380e4681987edd02c169246e 15e513215a474d70b40edf12381e72f7
#: 0418257ecc0c44959535ccb1f84887ed 105bf789bacd488b9547c456c678ce9a
#: 941f4be6c4fc4387a16a415291dcea10 39fb9e60582f4e7b849c6b352d4b8900
#: ba1f31ddd6a54152b9ec60ff8dc828e3 29032d8c22424133893779341d9a3cc4
#: 5becffbb07f9439f8f8e5128f6ae4b4c 5dca26ae33b5403883d0624bbebb09d3
#: 82f1ceff9a0449798fd2cda980481ef5 6f19ab064ce74b30a553a9c7f40734cc
#: 5bb5974e718c4fd898c6951c84e83fd8 e73ec88847a5405c83925f07aa1c9fa4
#: d0ecd5272cb842a39060ae5357ffdea1 668f2ebaabe94e7cae8d43c6ae82b8c0
#: fce964069b044cf3a9ef4c7b514572bc d889698da80b4ae486084b2081c9aaea
#: 18a1a9aca2364d989bed0ef2e1c05083 efcfdd51c4fe4adb81edbcb955eaec75
msgid "Added"
msgstr ""
#: ../../CHANGES.rst:6 2deee404aef64ad3803993329510bc5a
msgid "``--version`` option to the CLI. :pr:`209`"
msgstr ""
#: ../../CHANGES.rst:7 68dd17fef135479c891a55e7657b2af9
msgid ""
":attr:`~canaille.backends.sql.configuration.SQLSettings.PASSWORD_SCHEMES` :"
"issue:`175`"
msgstr ""
#: ../../CHANGES.rst:8 63808a8f2ece4e8299c1d6a3d48678fb
msgid "`canaille dump` command option to perform full database dumps"
msgstr ""
#: ../../CHANGES.rst:11 ../../CHANGES.rst:16 ../../CHANGES.rst:45
#: ../../CHANGES.rst:65 ../../CHANGES.rst:78 ../../CHANGES.rst:90
#: ../../CHANGES.rst:115 ../../CHANGES.rst:123 ../../CHANGES.rst:171
#: ../../CHANGES.rst:197 ../../CHANGES.rst:249 ../../CHANGES.rst:286
#: ../../CHANGES.rst:355 ../../CHANGES.rst:373 ../../CHANGES.rst:411
#: ../../CHANGES.rst:450 ../../CHANGES.rst:485 ../../CHANGES.rst:528
#: ../../CHANGES.rst:632 ../../CHANGES.rst:686 ../../CHANGES.rst:718
#: ../../CHANGES.rst:732 9d6779c7467447bf9348630f9df9f7a6
#: c9d0c3771a1545029cbf181cdaaf010e b71b6cc4093d47b0a025a6084ee10b82
#: 3a1c46806f3a4fcd9bbcf94b8f2ecd6f 4ecdd331965d4307bcae6b8e23cc2758
#: 3007fe60da8b497489115528ff73a22a d97da6e417504c30905b3bbbcff0a3e5
#: 8379ca38044741609b60ac5563f117e8 a65d6cf0ec7440a89b6e4e26bcee20a9
#: 603c0752d0754d31ba81c98b44689841 803aba2541184a568053711d70a98172
#: a0d9788d439b4e76a40fecbedda27dd7 61a3b7ac77f1470db2511ddd0f4fb557
#: 893961704a1d436cbd4ca48dfb664ace 104393fcd7b0433cb2600fa15b60db74
#: 2900ac4761c1410c94519e4d29763ec5 e32378837b094cbbbf4e2446f6454991
#: 3cc46ac4032447bcb723f9c694279c51 47d34ef97528461eb4b152543826122d
#: 12cf7bbc8c624173a724dd66eea7edf2 b974765388144565a52c260b58adca84
#: 303ba7514eba49cda1e049ff223d146c
msgid "Changed"
msgstr ""
#: ../../CHANGES.rst:12 ../../CHANGES.rst:17 6f26098796454b3cad6eb8ecdb44eddf
#: 2bd1e492a77e48be91838061fed5e7b8
msgid "fixed a bug on updating user's settings :issue:`206`"
msgstr ""
#: ../../CHANGES.rst:13 fe7429ca2df94118964bd4c3ea5cb945
msgid "CLI commands dump hashed passwords :issue:`214`"
msgstr ""
#: ../../CHANGES.rst:20 a9391eece84240bb82abe2cbcd0d2367
msgid "[0.0.57] - 2024-12-31"
msgstr ""
#: ../../CHANGES.rst:24 fb0fd10598b4464dae61d7edea3f3246
msgid "Intruder lockout :issue:`173`"
msgstr ""
#: ../../CHANGES.rst:25 ac217f88cae6455a91e3240120afecd1
msgid ""
":attr:`~canaille.core.configuration.CoreSettings.ENABLE_INTRUDER_LOCKOUT` :"
"issue:`173`"
msgstr ""
#: ../../CHANGES.rst:27 61171b21dcc64e56b9a6d1b8fe1aa10e
msgid "Multi-factor authentication :issue:`47`"
msgstr ""
#: ../../CHANGES.rst:28 00fe2c01e8e741fbafa9004b6cbde2ae
msgid ""
":attr:`~canaille.core.configuration.CoreSettings.OTP_METHOD` and :attr:"
"`~canaille.core.configuration.CoreSettings.EMAIL_OTP` and :attr:`~canaille."
"core.configuration.CoreSettings.SMS_OTP` and :attr:`~canaille.core."
"configuration.CoreSettings.SMPP` :issue:`47`"
msgstr ""
#: ../../CHANGES.rst:33 81230933555848b4b7db27a802f7445f
msgid "Password compromission check :issue:`179`"
msgstr ""
#: ../../CHANGES.rst:34 283ab183148249a2b3eab298fc7746c6
msgid ""
":attr:`~canaille.core.configuration.CoreSettings.ADMIN_EMAIL` and :attr:"
"`~canaille.core.configuration.CoreSettings."
"ENABLE_PASSWORD_COMPROMISSION_CHECK` and :attr:`~canaille.core.configuration."
"CoreSettings.PASSWORD_COMPROMISSION_CHECK_API_URL` :issue:`179`"
msgstr ""
#: ../../CHANGES.rst:38 935d8279dbc64e649d6d647c5747456a
msgid "Implement OIDC client_credentials flow. :issue:`207`"
msgstr ""
#: ../../CHANGES.rst:39 cde005956a384cc2a9c6e19cb14e6c99
msgid "Button in the client admin page to create client tokens."
msgstr ""
#: ../../CHANGES.rst:40 2f64a0f5e56f40c093e7c8bb34e57b21
msgid "Basic SCIM implementation. :issue:`116` :pr:`197`"
msgstr ""
#: ../../CHANGES.rst:41 e1497232147641ed858b53ca6d1a0c4d
msgid "Password expiry policy :issue:`176`"
msgstr ""
#: ../../CHANGES.rst:42 452b760e978e47dc91176f653dc53d5b
msgid ":attr:`~canaille.core.configuration.CoreSettings.PASSWORD_LIFETIME`"
msgstr ""
#: ../../CHANGES.rst:46 7f89d7aba58f465eab40eb10192962c4
msgid ""
"PostgreSQL and MySQL extras does not rely on libraries that need to be "
"compiled."
msgstr ""
#: ../../CHANGES.rst:47 da03a9cd311a416bbb18aed6783e2855
msgid ""
"``.env`` files are not loaded by default. The ``ENV_FILE`` env var must be "
"passed so ``.env`` files are loaded."
msgstr ""
#: ../../CHANGES.rst:50 50fe28668fa04a39b0004b6cd8cb9e68
msgid "[0.0.56] - 2024-11-07"
msgstr ""
#: ../../CHANGES.rst:53 ../../CHANGES.rst:95 ../../CHANGES.rst:134
#: ../../CHANGES.rst:142 ../../CHANGES.rst:150 ../../CHANGES.rst:157
#: ../../CHANGES.rst:164 ../../CHANGES.rst:178 ../../CHANGES.rst:208
#: ../../CHANGES.rst:221 ../../CHANGES.rst:239 ../../CHANGES.rst:258
#: ../../CHANGES.rst:266 ../../CHANGES.rst:292 ../../CHANGES.rst:300
#: ../../CHANGES.rst:320 ../../CHANGES.rst:350 ../../CHANGES.rst:382
#: ../../CHANGES.rst:390 ../../CHANGES.rst:416 ../../CHANGES.rst:436
#: ../../CHANGES.rst:460 ../../CHANGES.rst:470 ../../CHANGES.rst:491
#: ../../CHANGES.rst:499 ../../CHANGES.rst:522 ../../CHANGES.rst:545
#: ../../CHANGES.rst:557 ../../CHANGES.rst:566 ../../CHANGES.rst:575
#: ../../CHANGES.rst:584 ../../CHANGES.rst:604 ../../CHANGES.rst:611
#: ../../CHANGES.rst:661 ../../CHANGES.rst:669 ../../CHANGES.rst:694
#: ../../CHANGES.rst:702 ../../CHANGES.rst:710 ../../CHANGES.rst:723
#: ../../CHANGES.rst:737 ../../CHANGES.rst:769 ../../CHANGES.rst:792
#: ../../CHANGES.rst:823 53c5a65f508e4ce4a2cdb301851dd948
#: b274bbd1b95e42bcb8153fc3514259ce 2533d3c823f74185b35b06fa4e1b80e3
#: ed1e8ab37be64a8f8ca5ffecb229e0ad df88f1d57bf34873bffea45537b3af4c
#: 6172e8c8655f4dcc9adc6bea34c0fc95 f69752d371734b35af74db0812516dd9
#: e84d4fc2503b4cb9bc30b43d71515f3d de5ce855802f402a8b90fd3f7401d7d9
#: b0d8d589bafb44e7a50e1df6b5a2c0ee df7c8e6f591146ae9d0214b5cf2ef20c
#: 01c7173e0c4f4edd9b9435c71cf0b42f f852bdbb77364a7e9cc6b146e56ed402
#: 0fde0faefcc74c63814c308767cfece9 646698a0b8834d5a82e6251501ac750e
#: 72754d5c2e904a22a329f4254a514e9c 7e1ac803c25144c0b2b9c902530a21a2
#: 526a14aecd6f4e87b95a6edb635fc92c 194cefb8995b489fb1cedfa349a864c0
#: 50050907eee8458fb96d8c32a755b0d4 acbb3ec553594f6680d223653479eff4
#: 089020254ca745848ba3bc24c50f593b 2dccac9b689a4eefab864be77ee5a433
#: 7ac15c877d0e44deadcfbb9c99e14ca6 0606f5a65c6d412a96cb74b9eaf59706
#: 08260e612848485cb1928449b08ddfa2 0a5801741e6e4f68b248e8eefc11e32e
#: d6643e325d37484d9c9b14c4dc3e26ff ff19c7e139e64f40be24d0d3766e12d1
#: 70025a466d2940dd82bb4d943cae9cbc bc7c7a9dc156475c8a65bfe5b94c66df
#: 10d045405e844791b053eee9e1f845e2 66784d9272f44414a23d2b25cc73b179
#: 02d5e48f9ea0441688e6d8e75da2bc20 daca4e664b6d4a949f8825c48941a1f2
#: 42fe0d93e6da4649b6315591d95fabfd e344dc15cfcd4ebaa54ed440b8745fd8
#: 52a9e522d4784784aa9db400ec187e1f 0d260c98b74242b0bde5f2cca4aca9b0
#: 7f343e5272b14cdabcd8606c3af8de59 6c2e38da89e548bcb490b4ef93d4cdd1
#: 27d0795441ff491e8d5599a42d03f41b e74496b8550542b7a5061fffdd77cddc
msgid "Fixed"
msgstr ""
#: ../../CHANGES.rst:54 d1079f04609745a5b2b84388ffbafe12
msgid ""
"With LDAP backend, updating another user groups could result in a permission "
"lost for the editor. :issue:`202`"
msgstr ""
#: ../../CHANGES.rst:58 5064e81a1a254f5cae3b89c8d59a263d
msgid ""
":attr:`~canaille.core.configuration.CoreSettings.MAX_PASSWORD_LENGTH` and :"
"attr:`~canaille.core.configuration.CoreSettings.MIN_PASSWORD_LENGTH` "
"configuration options :issue:`174`"
msgstr ""
#: ../../CHANGES.rst:60 26e4f63a1064497b93ca4f9849d60b6e
msgid "Password strength visual indicator. :issue:`174`"
msgstr ""
#: ../../CHANGES.rst:61 a2fdef5b105b41d5ad708fe077dd6ea5
msgid "Security events logs. :issue:`177`"
msgstr ""
#: ../../CHANGES.rst:62 c01dd0db19874fb1a2bce1ab058ff012
msgid "Support for Python 3.13. :pr:`186`"
msgstr ""
#: ../../CHANGES.rst:66 123ca7470aaa4f0ea643e898579c3cdb
msgid "Update to `HTMX` 2.0.3. :pr:`184`"
msgstr ""
#: ../../CHANGES.rst:67 289367c535344e859b7a42df83c7cf4f
msgid "Migrate the Python project management tool from poetry to uv. :pr:`187`"
msgstr ""
#: ../../CHANGES.rst:68 b553f5d728d74f9ea62e87cbf8472ef2
msgid ""
"The ``sql`` package extra is now split between ``sqlite``, ``postgresql`` "
"and ``mysql``."
msgstr ""
#: ../../CHANGES.rst:71 ../../CHANGES.rst:421 ../../CHANGES.rst:829
#: ac38305d876e48789c182a1fbf0483ac 022fcf9dd0534233866aa0d9974e2987
#: 29bdcf38f9d748fe90268b40a612f081
msgid "Removed"
msgstr ""
#: ../../CHANGES.rst:72 943bfc081ef14407995de675069f94d1
msgid "End support for Python 3.9. :pr:`179`"
msgstr ""
#: ../../CHANGES.rst:75 1329245bc09c41e790e01b07835c59a9
msgid "[0.0.55] - 2024-08-30"
msgstr ""
#: ../../CHANGES.rst:79 79310b4f35ed49b980404e77433ad344
msgid "Use poetry-core build backend. :pr:`178`"
msgstr ""
#: ../../CHANGES.rst:82 b1c2cc3b8f1644cba3e1e82dfd2eda3b
msgid "[0.0.54] - 2024-07-25"
msgstr ""
#: ../../CHANGES.rst:86 ebb97b0ad729407381eafd00a0345db4
msgid ""
"Group member removal can be achieved from the group edition page. :issue:"
"`192`"
msgstr ""
#: ../../CHANGES.rst:87 b938d978231f485d96dd65c284b50c75
msgid "Model management commands. :issue:`117` :issue:`54`"
msgstr ""
#: ../../CHANGES.rst:91 194419a0a61744cabd33b572a65b9ebb
msgid "Model `identifier_attributes` are fixed."
msgstr ""
#: ../../CHANGES.rst:92 38cf7ccdf64844b3b46da32df1b7e6c3
msgid "Bump to `HTMX` 1.9.12. :pr:`172`"
msgstr ""
#: ../../CHANGES.rst:97 03e01fffdd994e5688cff3e313bd4402
msgid "Dark theme colors for better readability."
msgstr ""
#: ../../CHANGES.rst:98 d0f2bd58fbd24866855da92cff441bbf
msgid ""
"Crash for passwordless users at login when no SMTP server was configured."
msgstr ""
#: ../../CHANGES.rst:101 a93bd621e6d442e09311f9a527e82cb5
msgid "[0.0.53] - 2024-04-22"
msgstr ""
#: ../../CHANGES.rst:105 e57b8cfe44ef43fdb1cb5c6796f6f07e
msgid ""
"`env_prefix` `create_app`` variable can select the environment var prefix."
msgstr ""
#: ../../CHANGES.rst:108 5f3aedb0fb95429c948c48a44ce99bc9
msgid "[0.0.52] - 2024-04-22"
msgstr ""
#: ../../CHANGES.rst:112 fc80c3f894ac496da58299137473570f
msgid "`env_file` create_app variable can customize/disable the .env file."
msgstr ""
#: ../../CHANGES.rst:116 dfee8d84d47a46d4a02626043ad3c378
msgid "Locked users cannot be impersonated anymore."
msgstr ""
#: ../../CHANGES.rst:117 50b623665b86438d8d94f754ddfec814
msgid "Minimum Python requirement is 3.9."
msgstr ""
#: ../../CHANGES.rst:120 2aef1c38709f40de94070e2591894618
msgid "[0.0.51] - 2024-04-09"
msgstr ""
#: ../../CHANGES.rst:124 b7591b424f2e45788b23199143298a26
msgid "Display the menu bar on error pages."
msgstr ""
#: ../../CHANGES.rst:127 0482caf34246470a9cad38fb5494ec06
msgid "[0.0.50] - 2024-04-09"
msgstr ""
#: ../../CHANGES.rst:131 1ac6b68041ac41b588d06ee7289d7b54
msgid "Sign in/out events are logged in. :issue:`177`"
msgstr ""
#: ../../CHANGES.rst:135 c3deb238bd1448c384f74146a0cb34c1
msgid "`HTMX` and `JAVASCRIPT` configuration settings."
msgstr ""
#: ../../CHANGES.rst:136 7e5dc3a8203f4975938a56512527ce61
msgid "Compatibility with old sessions IDs."
msgstr ""
#: ../../CHANGES.rst:139 e7a941e0a4d841fba7e67ca25ddf14a7
msgid "[0.0.49] - 2024-04-08"
msgstr ""
#: ../../CHANGES.rst:143 d2faee827c5b40b68570ab1c02b3d467
msgid "LDAP user group removal."
msgstr ""
#: ../../CHANGES.rst:144 3530ff4f5a494c97be1248713efad111
msgid ""
"Display an error message when trying to remove the last user from a group."
msgstr ""
#: ../../CHANGES.rst:147 37b850b8747f4885bb59c4b600f07e39
msgid "[0.0.48] - 2024-04-08"
msgstr ""
#: ../../CHANGES.rst:151 43fcc4664e2c493e8d6fe0db840fe372
msgid "LDAP ``objectClass`` guessing exception."
msgstr ""
#: ../../CHANGES.rst:154 ae0eb5c761394db2b1d091e6fa1cb7b6
msgid "[0.0.47] - 2024-04-08"
msgstr ""
#: ../../CHANGES.rst:158 cf62cb736d744b53b5968b84e6b3b424
msgid "Lazy permission loading exception."
msgstr ""
#: ../../CHANGES.rst:161 c5ba2703aa9742a8957fcb6a15a22298
msgid "[0.0.46] - 2024-04-08"
msgstr ""
#: ../../CHANGES.rst:165 d9150b7d06724be49a3d165891332d9e
msgid ""
"Saving an object with the LDAP backend keeps the ``objectClass`` un-managed "
"by Canaille. :pr:`171`"
msgstr ""
#: ../../CHANGES.rst:168 aa1459361e01481a9f2f9e3e29927db4
msgid "[0.0.45] - 2024-04-04"
msgstr ""
#: ../../CHANGES.rst:172 5f111a4408054a86a564f89965320a0e
msgid "Internal indexation mechanism of ``MemoryModel``."
msgstr ""
#: ../../CHANGES.rst:175 4ec01913c134471ba2c9bc6c7d6594a0
msgid "[0.0.44] - 2024-03-29"
msgstr ""
#: ../../CHANGES.rst:179 96427ccf2ab844e09af39f35d99e62f4
msgid "Fix the default LDAP ``USER_FILTER`` value."
msgstr ""
#: ../../CHANGES.rst:180 bdc76b00698649b0a1662a4f4574295e
msgid "Fix the OIDC feature detection."
msgstr ""
#: ../../CHANGES.rst:183 aac8fcfe3c274caf955d0c0ec4d56a95
msgid "[0.0.43] - 2024-03-29"
msgstr ""
#: ../../CHANGES.rst:187 ../../CHANGES.rst:446 580f0fc146ec498a9bab5ebbcc1a075d
#: 50bb86bd7d0e43d6807b49af9344f81f
msgid "Configuration files must be updated."
msgstr ""
#: ../../CHANGES.rst:192 5e07cdf3619e479d8481e119065404ec
msgid "Add ``created`` and ``last_modified`` datetime for all models."
msgstr ""
#: ../../CHANGES.rst:193 3102a152b0dd403b86e27d64a971ce87
msgid "Sitemap to the documentation. :pr:`169`"
msgstr ""
#: ../../CHANGES.rst:194 0219c78a44ed414fa3c72cf01961951b
msgid ""
"Configuration management with `pydantic-settings`. :issue:`138` :pr:`170`"
msgstr ""
#: ../../CHANGES.rst:199 b3186678446f4f74aad4f014d22d39be
msgid "Use default Python logging configuration format. :issue:`188` :pr:`165`"
msgstr ""
#: ../../CHANGES.rst:200 fd5c70ba10bc4ea199529498765da9c8
msgid "Bump to `HTMX` 1.99.11. :pr:`166`"
msgstr ""
#: ../../CHANGES.rst:201 97733b3cecda49b59eda7684cbcf0bdc
msgid ""
"Use the standard tomllib Python module instead of `toml` starting from "
"Python 3.11. :pr:`167`"
msgstr ""
#: ../../CHANGES.rst:202 417ca230093143fd898eacb9326a5bce
msgid "Use shibuya as the documentation theme :pr:`168`"
msgstr ""
#: ../../CHANGES.rst:205 265939621caf4ae4be01d355c819a1a4
msgid "[0.0.42] - 2023-12-29"
msgstr ""
#: ../../CHANGES.rst:210 8ff42abcf9f14d8cb6acb1252cb72185
msgid "Avoid to fail on imports if ``cryptography`` is missing."
msgstr ""
#: ../../CHANGES.rst:213 a3b54c69b61f4cab9c33ccffaa2ccb1d
msgid "[0.0.41] - 2023-12-25"
msgstr ""
#: ../../CHANGES.rst:218 b7be279b17f04cdead0f43eb1263cc8f
msgid ""
"OIDC support for the ``create`` value of the ``prompt`` parameter. :issue:"
"`185` :pr:`164`"
msgstr ""
#: ../../CHANGES.rst:223 c2131815b4ee4e53854f1c9801b81672
msgid ""
"Correctly set up :attr:`~canaille.oidc.basemodels.Client.audience` during "
"OIDC dynamic registration."
msgstr ""
#: ../../CHANGES.rst:224 674bd58192194c48872f1bceb85b64b9
msgid ""
"``post_logout_redirect_uris`` was ignored during OIDC dynamic registration."
msgstr ""
#: ../../CHANGES.rst:225 f00edc3069de458793e37db8f46cf24c
msgid "Group field error prevented the registration form validation."
msgstr ""
#: ../../CHANGES.rst:228 acfe93442a3e445daccb56cb0a977bd5
msgid "[0.0.40] - 2023-12-22"
msgstr ""
#: ../../CHANGES.rst:233 e963680d5372445bb660af444ebc5fc3
msgid "The ``THEME`` setting can be a relative path."
msgstr ""
#: ../../CHANGES.rst:236 13b3c18f8c344461a0f22041afdce696
msgid "[0.0.39] - 2023-12-15"
msgstr ""
#: ../../CHANGES.rst:241 346414ba0ed545abaa3c92f8e00e4573
msgid "Crash when no ACL were defined."
msgstr ""
#: ../../CHANGES.rst:242 b1302bfb48c5482e84720a6ad95541b0
msgid "OIDC Userinfo endpoint is also available in POST."
msgstr ""
#: ../../CHANGES.rst:243 7923b8de73af4dce9521620ee749336f
msgid "Fix redirection after password reset. :issue:`159`"
msgstr ""
#: ../../CHANGES.rst:246 52a4d55d277f4b7389318b494216b17b
msgid "[0.0.38] - 2023-12-15"
msgstr ""
#: ../../CHANGES.rst:251 7ce633eaccb84a0abe491918a8a48b6d
msgid "Convert all the `PNG` pictures in `Webp`. :pr:`162`"
msgstr ""
#: ../../CHANGES.rst:252 3fcb891995404ae99d79ce23eb8caa0d
msgid "Update to Flask 3. :issue:`161` :pr:`163`"
msgstr ""
#: ../../CHANGES.rst:255 cbee12051316441698e3c2c15d6ede8a
msgid "[0.0.37] - 2023-12-01"
msgstr ""
#: ../../CHANGES.rst:260 01c5325fd82c43d9b530c2dac22b5fe6
msgid "Handle 4xx and 5xx error codes with HTMX. :issue:`171` :pr:`161`"
msgstr ""
#: ../../CHANGES.rst:263 9a17c644884048a2992dd5428c40d05f
msgid "[0.0.36] - 2023-12-01"
msgstr ""
#: ../../CHANGES.rst:268 96261936841c49d9ace436ca743e1e9f
msgid "Avoid crashing when LDAP groups references unexisting users."
msgstr ""
#: ../../CHANGES.rst:269 7acc84b824d0448c97a734b600f5c421
msgid ""
"Password reset and initialization mails were only sent to the preferred user "
"email address."
msgstr ""
#: ../../CHANGES.rst:271 4312e1ec50d3417fae1c5274518b4603
msgid ""
"Password reset and initialization mails were not sent at all the user "
"addresses if one email address could not be reached."
msgstr ""
#: ../../CHANGES.rst:273 2252295c032d4e41a5d6a38857a2f5cf
msgid "Password comparison was too permissive on login."
msgstr ""
#: ../../CHANGES.rst:274 27ed494c0fd942129181c56473fa068e
msgid "Encrypt passwords in the SQL backend."
msgstr ""
#: ../../CHANGES.rst:277 e5a596d2090c48589c732902e4ea1715
msgid "[0.0.35] - 2023-11-25"
msgstr ""
#: ../../CHANGES.rst:282 6f53586e55d14c0a88ce91b1d3dd5a0e
msgid ""
"Refresh token grant supports other client authentication methods. :pr:`157`"
msgstr ""
#: ../../CHANGES.rst:283 b11afbdb2b1c4d37b7364fa8426cd740
msgid "Implement a SQLAlchemy backend. :issue:`30` :pr:`158`"
msgstr ""
#: ../../CHANGES.rst:288 092696abad604e50a28844294cc25b5b
msgid "Model attributes cardinality is closer to SCIM model. :pr:`155`"
msgstr ""
#: ../../CHANGES.rst:289 8e581ce7d30d47d7a98ae99979bf471f
msgid "Bump to `HTMX` 1.9.9. :pr:`159`"
msgstr ""
#: ../../CHANGES.rst:294 bc46a9529f664beeb57d37afb6538007
msgid "Disable `HTMX` boosting during the OIDC dance. :pr:`160`"
msgstr ""
#: ../../CHANGES.rst:297 4cc90925acde46e6bc670a73abcfd2b1
msgid "[0.0.34] - 2023-10-02"
msgstr ""
#: ../../CHANGES.rst:302 aeca0dbe6dd646a182af06ae52e21bab
msgid ""
"Canaille installations without account lockabilty could not delete users. :"
"pr:`153`"
msgstr ""
#: ../../CHANGES.rst:308 e2e75a18ecd34793a12ed5b1b116202b
msgid ""
"If users register or authenticate during a OAuth Authorization phase, they "
"get redirected back to that page afterwards. :issue:`168` :pr:`151`"
msgstr ""
#: ../../CHANGES.rst:311 f4f96c897ca841af8798712e0f0dcd41
msgid ""
"The `flask-babel` and `pytz` libraries are now part of the `front` packaging "
"extras."
msgstr ""
#: ../../CHANGES.rst:312 d9d9125da5484af3b63440eec6c4b8b0
msgid "Bump to `fomantic-ui` 2.9.3. :pr:`152`"
msgstr ""
#: ../../CHANGES.rst:313 2520552fc51d4064bf0862108b44ef63
msgid "Bump to `HTMX` 1.9.6. :pr:`154`"
msgstr ""
#: ../../CHANGES.rst:314 e46900d403e047ec90aae41b0988436b
msgid "Support for Python 3.12. :pr:`155`"
msgstr ""
#: ../../CHANGES.rst:317 45acc759934d44949490e91b88fcf082
msgid "[0.0.33] - 2023-08-26"
msgstr ""
#: ../../CHANGES.rst:322 5943247053c7415da4498ba141e70558
msgid "OIDC jwks endpoint do not return empty `kid` claim."
msgstr ""
#: ../../CHANGES.rst:327 a971c7037bd74e9fa857a92fb695d9b8
msgid "Documentation details on the Canaille models."
msgstr ""
#: ../../CHANGES.rst:330 667888a9f86e4623a43d6f86b59a5575
msgid "[0.0.32] - 2023-08-17"
msgstr ""
#: ../../CHANGES.rst:335 2af3dcdb899a44acbe3de44e71df8135
msgid "Additional inmemory backend. :issue:`30` :pr:`149`"
msgstr ""
#: ../../CHANGES.rst:336 2ba5da0aea28417290b07dd3a1801eb5
msgid "Installation extras. :issue:`167` :pr:`150`"
msgstr ""
#: ../../CHANGES.rst:339 b0c7c8a21cd64b8f962fe1ecc850225f
msgid "[0.0.31] - 2023-08-15"
msgstr ""
#: ../../CHANGES.rst:344 aaf2b92f1c6b445eaf28e272153f622f
msgid ""
"Configuration option to disable the forced usage of OIDC `nonce` parameter. :"
"pr:`143`"
msgstr ""
#: ../../CHANGES.rst:345 ed95959d47a540daa19d1f994a3dde58
msgid "Validate phone numbers with a regex. :pr:`146`"
msgstr ""
#: ../../CHANGES.rst:346 f39302c55f0f4ce583fe0329947a4f35
msgid "Email verification. :issue:`41` :pr:`147`"
msgstr ""
#: ../../CHANGES.rst:347 5bd084c1ce134929aa6bce51792b08fb
msgid "Account registration. :issue:`55` :pr:`133` :pr:`148`"
msgstr ""
#: ../../CHANGES.rst:352 63c8bd04ebd7478ba461e5fa3d1e43a6
msgid "The `check` command uses the default configuration values."
msgstr ""
#: ../../CHANGES.rst:357 f242fb900ae14d2eb49fd473fae1313b
msgid "Modals do not need use Javascript at the moment. :issue:`158` :pr:`144`"
msgstr ""
#: ../../CHANGES.rst:360 3b4b7eb562c14f48ac1ad43a108da59e
msgid "[0.0.30] - 2023-07-06"
msgstr ""
#: ../../CHANGES.rst:364 53e1f5ae6b92429181ad69dd80ca4869
msgid ""
"Configuration files must be updated. Check the new format with ``git diff "
"0.0.29 0.0.30 canaille/conf/config.sample.toml``"
msgstr ""
#: ../../CHANGES.rst:370 002bbcc157fc4d29aed42c1047a61aeb
msgid "Configuration option to disable Javascript. :pr:`141`"
msgstr ""
#: ../../CHANGES.rst:375 e2785b5f1bd041a2827469286db836ff
msgid "The configuration parameter ``USER_FILTER`` is parsed with Jinja."
msgstr ""
#: ../../CHANGES.rst:376 2953a560d0414f03a2ca068f41b515ec
msgid ""
"Configuration use ``PRIVATE_KEY_FILE`` instead of ``PRIVATE_KEY`` and "
"``PUBLIC_KEY_FILE`` instead of ``PUBLIC_KEY``."
msgstr ""
#: ../../CHANGES.rst:379 5049ed8674084571afb1ff9198181b5a
msgid "[0.0.29] - 2023-06-30"
msgstr ""
#: ../../CHANGES.rst:384 a072c563d2b549b8b4df37f718e0b892
msgid "Disabled `HTMX` boosting on OIDC forms to avoid errors."
msgstr ""
#: ../../CHANGES.rst:387 db156cd566a64fdeaf6d3a0ad118ebd4
msgid "[0.0.28] - 2023-06-30"
msgstr ""
#: ../../CHANGES.rst:392 afeaf312be7c4482acda1b70e6c78ffb
msgid "A template variable was misnamed."
msgstr ""
#: ../../CHANGES.rst:395 404964fb0e2d4aa693b0c760d0e059f7
msgid "[0.0.27] - 2023-06-29"
msgstr ""
#: ../../CHANGES.rst:399 c7974ece102f4a8198ebd2b0723293df
msgid ""
"Configuration files must be updated. Check the new format with ``git diff "
"0.0.26 0.0.27 canaille/conf/config.sample.toml``"
msgstr ""
#: ../../CHANGES.rst:405 96138d7e5aa54a8eb198758f5b8fc15f
msgid ""
"Configuration entries can be loaded from files if the entry key has a "
"*_FILE* suffix and the entry value is the path to the file. :issue:`134` :pr:"
"`134`"
msgstr ""
#: ../../CHANGES.rst:407 6faee467462e4c119a9376683f3f7469
msgid "Field list support. :issue:`115` :pr:`136`"
msgstr ""
#: ../../CHANGES.rst:408 fc6362954cf1477898af50459f340745
msgid "Pages are boosted with `HTMX`. :issue:`144` :issue:`145` :pr:`137`"
msgstr ""
#: ../../CHANGES.rst:413 98e71a54cd1a45a2ac5dbfb3f524332a
msgid "Bump to jquery 3.7.0. :pr:`138`"
msgstr ""
#: ../../CHANGES.rst:418 5e461d234d4f48ee8e22788ac686e24a
msgid ""
"Profile edition when the user RDN was not ``uid``. :issue:`148` :pr:`139`"
msgstr ""
#: ../../CHANGES.rst:423 7f5c0656cb6c417dafe6db0ed3554c7c
msgid "Stop support for Python 3.7. :pr:`131`"
msgstr ""
#: ../../CHANGES.rst:426 64c961d63d5542e586843d44c1b9d256
msgid "[0.0.26] - 2023-06-03"
msgstr ""
#: ../../CHANGES.rst:431 679364c32f5e423692372a1c993f3538
msgid ""
"Implemented account expiration based on OpenLDAP ppolicy overlay. Needs "
"OpenLDAP 2.5+. :issue:`13` :pr:`118`"
msgstr ""
#: ../../CHANGES.rst:433 1eb00fcc6bc243adb17806d211fa8e05
msgid "Timezone configuration entry. :issue:`137` :pr:`130`"
msgstr ""
#: ../../CHANGES.rst:438 dbf3a64e5c1d4a209416371f291d493e
msgid "Avoid setting ``None`` in JWT claims when they have no value."
msgstr ""
#: ../../CHANGES.rst:439 57d98f2e337e40288f8460b70a3aebfc
msgid "Display password recovery button on OIDC login page. :pr:`129`"
msgstr ""
#: ../../CHANGES.rst:442 7bd1e12bdc5547ac95950d1629c6be6c
msgid "[0.0.25] - 2023-05-05"
msgstr ""
#: ../../CHANGES.rst:447 c520e75e7db14c95904bc57074a6a23f
msgid ""
"Check the new format with ``git diff 0.0.25 0.0.24 canaille/conf/config."
"sample.toml``"
msgstr ""
#: ../../CHANGES.rst:452 ee2ef81304e643f7a203487a2ab8ee4f
msgid ""
"Renamed user model attributes to match SCIM naming convention. :pr:`123`"
msgstr ""
#: ../../CHANGES.rst:453 6610a6a82402441f9f5576cf1b0a6bb3
msgid "Moved OIDC related configuration entries in ``OIDC``."
msgstr ""
#: ../../CHANGES.rst:454 6b567a15909841659979d4c608c4a65f
msgid "Moved ``LDAP`` configuration entry to ``BACKENDS.LDAP``."
msgstr ""
#: ../../CHANGES.rst:455 17aae437222746ba8b3443adc5f556b5
msgid "Bumped to `HTMX` 1.9.0. :pr:`124`"
msgstr ""
#: ../../CHANGES.rst:456 7373759762424878b0c8a0faaec36c64
msgid ""
"ACL filters are no more LDAP filters but user attribute mappings. :pr:`125`"
msgstr ""
#: ../../CHANGES.rst:457 22364336688d42ac9c77bc9203cfeafb
msgid "Bumped to `HTMX` 1.9.2. :pr:`127`"
msgstr ""
#: ../../CHANGES.rst:462 51f8a182379f40fcbb97c59ab3a964d3
msgid "``OIDC.JWT.MAPPING`` configuration entry is really optional now."
msgstr ""
#: ../../CHANGES.rst:463 efea74181b5b4c40b307993e97ea35ec
msgid "Fixed empty model attributes registration. :pr:`125`"
msgstr ""
#: ../../CHANGES.rst:464 51fc989c81574dae8c1242ab5ad24aaf
msgid "Password initialization mails were not correctly sent. :pr:`128`"
msgstr ""
#: ../../CHANGES.rst:467 334afb8a4e1f45c5b8b2d38c255679c4
msgid "[0.0.24] - 2023-04-07"
msgstr ""
#: ../../CHANGES.rst:472 bf3d671baf10499f99d287bdbc914b97
msgid "Fixed avatar update. :pr:`122`"
msgstr ""
#: ../../CHANGES.rst:475 339df86f0d1344778a5f40d4c20eafef
msgid "[0.0.23] - 2023-04-05"
msgstr ""
#: ../../CHANGES.rst:480 48a3d313e64f4114b0831e83123c25ea
msgid "Organization field. :pr:`116`"
msgstr ""
#: ../../CHANGES.rst:481 54788639e7b14b42900ea5a7613fbbb6
msgid "ETag and Last-Modified headers on user photos. :pr:`116`"
msgstr ""
#: ../../CHANGES.rst:482 b1a1c1d88698449eb6195003a25b67d7
msgid "Dynamic form validation. :pr:`120`"
msgstr ""
#: ../../CHANGES.rst:487 999932f58c6b4c809b4436373faa1f13
msgid "UX rework. Submenu addition. :pr:`114`"
msgstr ""
#: ../../CHANGES.rst:488 7c8b2566d4db458586c8337e6741cf23
msgid "Properly handle LDAP date timezones. :pr:`117`"
msgstr ""
#: ../../CHANGES.rst:493 7600d248c21e452dbe579fbdb9305e20
msgid "CSRF protection on every forms. :pr:`119`"
msgstr ""
#: ../../CHANGES.rst:496 3f9aac4badee40a484b1f5ff80bcab53
msgid "[0.0.22] - 2023-03-13"
msgstr ""
#: ../../CHANGES.rst:500 01ce5349718e429699c70113d0dcda5d
msgid ""
"The `Faker` library is not imported anymore when the `clean` command is "
"called."
msgstr ""
#: ../../CHANGES.rst:503 66d3c164cb34406f9046aa8edb9a8928
msgid "[0.0.21] - 2023-03-12"
msgstr ""
#: ../../CHANGES.rst:508 a397eca3471640e696a9ff70fb36bef9
msgid "Display TOS and policy URI on the consent list page. :pr:`102`"
msgstr ""
#: ../../CHANGES.rst:509 22a5f8c34f1345b5a54965ec438f8315
msgid "Admin token deletion. :pr:`100` :pr:`101`"
msgstr ""
#: ../../CHANGES.rst:510 6f4eca0831854f35bd47d0f0e56dd7ca
msgid "Revoked consents can be restored. :pr:`103`"
msgstr ""
#: ../../CHANGES.rst:511 cd47eb57f7fc4f1d9a0515f89faeef57
msgid ""
"Pre-consented clients are displayed in the user consent list, and their "
"consents can be revoked. :issue:`69` :pr:`103`"
msgstr ""
#: ../../CHANGES.rst:513 0f1343c1ee75454092b6de800afa42c7
msgid ""
"A ``populate`` command can be used to fill the database with random users "
"generated with faker. :pr:`105`"
msgstr ""
#: ../../CHANGES.rst:515 e44b67a6721f4e3fa68c41837a5ca554
msgid "SMTP SSL support. :pr:`108`"
msgstr ""
#: ../../CHANGES.rst:516 8c9317bed0bb4b27bd29987ff121b787
msgid "Server side pagination. :issue:`114` :pr:`111`"
msgstr ""
#: ../../CHANGES.rst:517 0f50375487384246ab4eb7938f07db01
msgid "Department number support. :issue:`129`"
msgstr ""
#: ../../CHANGES.rst:518 727bc53d7c984ba99850545096c51202
msgid "Address edition support (but not in the OIDC claims yet). :pr:`112`"
msgstr ""
#: ../../CHANGES.rst:519 2bbc467920d24e02875a5fd3199e5bcd
msgid "Title edition support. :pr:`113`"
msgstr ""
#: ../../CHANGES.rst:524 36b0872d19f344adb8b44ccbfd920cd8
msgid ""
"Client deletion also deletes related :class:`~canaille.oidc.basemodels."
"Consent`, :class:`~canaille.oidc.basemodels.Token` and :class:`~canaille."
"oidc.basemodels.AuthorizationCode` objects. :issue:`126` :pr:`98`"
msgstr ""
#: ../../CHANGES.rst:530 bcdf981ce5eb414099830d68efe4c1b5
msgid "Removed the `DataTables` Javascript library."
msgstr ""
#: ../../CHANGES.rst:533 fb503d354a2d4c92b75a9a6a603bb5f4
msgid "[0.0.20] - 2023-01-28"
msgstr ""
#: ../../CHANGES.rst:538 364e4a2dfd8148c0b93b75d8ff1c4214
msgid "Spanish translation. :pr:`85` :pr:`88`"
msgstr ""
#: ../../CHANGES.rst:539 39a35892e6494270a65a235562211e53
msgid "Dedicated connectivity test email. :pr:`89`"
msgstr ""
#: ../../CHANGES.rst:540 b47b044c9d814ea98df1d057bdef5a19
msgid "Update to jquery 3.6.3. :pr:`90`"
msgstr ""
#: ../../CHANGES.rst:541 a48c5424848f4396a6300f38b5471daf
msgid "Update to fomantic-ui 2.9.1. :pr:`90`"
msgstr ""
#: ../../CHANGES.rst:542 7746a18d023c460c8b64b83eeb4e1895
msgid "Update to DataTables 1.13.1. :pr:`90`"
msgstr ""
#: ../../CHANGES.rst:547 7e1217800b654fc8adc10eeb952cc2f5
msgid "Fix typos and grammar errors. :pr:`84`"
msgstr ""
#: ../../CHANGES.rst:548 abda017241404950b48f8efac9fdc9c9
msgid "Fix wording and punctuations. :pr:`86`"
msgstr ""
#: ../../CHANGES.rst:549 10e5ef2bbd284e31b4eda7f81f7bc477
msgid "Fix HTML lang tag. :issue:`122` :pr:`87`"
msgstr ""
#: ../../CHANGES.rst:550 4e7702ae17ee456992ea48cd8a37e1fc
msgid "Automatically trims the HTML translated strings. :pr:`91`"
msgstr ""
#: ../../CHANGES.rst:551 ce0f54018448492c983b83f9f687ef82
msgid "Fixed dynamic registration scope management. :issue:`123` :pr:`93`"
msgstr ""
#: ../../CHANGES.rst:554 c237ea1f9aac4ec2b1c843d7ab9ab218
msgid "[0.0.19] - 2023-01-14"
msgstr ""
#: ../../CHANGES.rst:559 14c643ff842042b5a51f46661b7b8681
msgid ""
"Ensures the token `expires_in` claim and the `access_token` `exp` claim have "
"the same value. :pr:`83`"
msgstr ""
#: ../../CHANGES.rst:563 21e042a3e48f41048409e27017a970b9
msgid "[0.0.18] - 2022-12-28"
msgstr ""
#: ../../CHANGES.rst:568 c4b8dee13cf54cc9b3a09610a6b384a3
msgid ""
"OIDC end_session was not returning the ``state`` parameter in the "
"``post_logout_redirect_uri``. :pr:`82`"
msgstr ""
#: ../../CHANGES.rst:572 353f49a6db7247d989368befd4c90822
msgid "[0.0.17] - 2022-12-26"
msgstr ""
#: ../../CHANGES.rst:577 ab608e9bb5e149e39c0c59c3be3dbf66
msgid "Fixed group deletion button. :pr:`80`"
msgstr ""
#: ../../CHANGES.rst:578 25c9cf71a4b84a2d9cd0f78b741c0b6f
msgid "Fixed post requests in oidc clients views. :pr:`81`"
msgstr ""
#: ../../CHANGES.rst:581 4149b3b16d764ab7905fc817ba705009
msgid "[0.0.16] - 2022-12-15"
msgstr ""
#: ../../CHANGES.rst:586 4f7b050ada524ca99110de2af98ef375
msgid "Fixed LDAP operational attributes handling."
msgstr ""
#: ../../CHANGES.rst:589 eb6d98c6f1954de58a40b1a7a8bc10eb
msgid "[0.0.15] - 2022-12-15"
msgstr ""
#: ../../CHANGES.rst:594 a0e5a6ff923246d68231d5e1f7356f76
msgid "User can chose their display name. :pr:`77`"
msgstr ""
#: ../../CHANGES.rst:595 44c07c21854a42fc885ae1fcd1a6a201
msgid "Bumped to Authlib 1.2. :pr:`78`"
msgstr ""
#: ../../CHANGES.rst:596 1b360e7ce02f411b9834514fbc1b00c4
msgid ""
"Implemented :rfc:`RFC7592 <7592>` OAuth 2.0 Dynamic Client Registration "
"Management Protocol. :pr:`79`"
msgstr ""
#: ../../CHANGES.rst:598 33d751e32dcd4a13adce2196a729447c
msgid ""
"Add the ``nonce`` parameter to the ``claims_supported`` server metadata list."
msgstr ""
#: ../../CHANGES.rst:601 dba04a29e3a14c5fb7e9aa2a1a549a34
msgid "[0.0.14] - 2022-11-29"
msgstr ""
#: ../../CHANGES.rst:605 8cd0feacd2824b0b87a841aa5d4ee1ba
msgid "Fixed translation catalogs packaging."
msgstr ""
#: ../../CHANGES.rst:608 b60ffadb24184fa2a813cf0c67a816a0
msgid "[0.0.13] - 2022-11-21"
msgstr ""
#: ../../CHANGES.rst:613 9f23aca3972f48e9bc8d9cf2c760257b
msgid ""
"Fixed a bug on the contacts field in the admin client form following the "
"LDAP schema update of 0.0.12."
msgstr ""
#: ../../CHANGES.rst:615 6c68ccda597a42df9148cfef906797ae
msgid ""
"Fixed a bug happening during RP initiated logout on clients without "
"`post_logout_redirect_uri` defined."
msgstr ""
#: ../../CHANGES.rst:617 ac6c8083aa374040984d0350fa2fbc36
msgid "Gitlab CI fix. :pr:`64`"
msgstr ""
#: ../../CHANGES.rst:618 a747a08976904f3fb6bc3381b8c94e61
msgid ""
"Fixed `client_secret` display on the client administration page. :pr:`65`"
msgstr ""
#: ../../CHANGES.rst:619 6a64b2d613c14ae9b7973dad5c7c925d
msgid "Fixed non-square logo CSS. :pr:`67`"
msgstr ""
#: ../../CHANGES.rst:620 29182f0e7f1248e1a1c917b6ae0dfd01
msgid "Fixed schema path on installation. :pr:`68`"
msgstr ""
#: ../../CHANGES.rst:621 bb240d19b70243efb891b21b8a241bc2
msgid "Fixed RFC7591 ``software_statement`` claim support. :pr:`70`"
msgstr ""
#: ../../CHANGES.rst:622 7f9a0251d66846479a85943aa1fbe036
msgid "Fixed client preconsent disabling. :pr:`72`"
msgstr ""
#: ../../CHANGES.rst:627 03fac1bbdf3342018f4eb1b6efa8b465
msgid "Python 3.11 support. :pr:`61`"
msgstr ""
#: ../../CHANGES.rst:628 ba0b5e607d0a40e29cdcdc1a6cc98147
msgid ""
"``apparmor`` slapd configuration instructions in the documentation page for "
"contributions. :pr:`66`"
msgstr ""
#: ../../CHANGES.rst:629 235a8b4a7ac74cc089299db6c43f5a94
msgid "``preferredLanguage`` attribute support. :pr:`75`"
msgstr ""
#: ../../CHANGES.rst:634 b8515bd5812547b9b6408e07754188bf
msgid ""
"Replaced the use of the deprecated `FLASK_ENV` environment variable by "
"`FLASK_DEBUG`."
msgstr ""
#: ../../CHANGES.rst:636 722ab05a3e8240b3a984e91cbcb85f2c
msgid ""
"Dynamically generate the server metadata. Users won't have to copy and "
"manually edit ``oauth-authorizationserver.json`` and ``openid-configuration."
"json``. :pr:`71`"
msgstr ""
#: ../../CHANGES.rst:639 a79d0a5fc950458f9ea40f5fa340ae2d
msgid "The `FROM_ADDR` configuration option is not mandatory anymore. :pr:`73`"
msgstr ""
#: ../../CHANGES.rst:640 f5c1547a0084442eba537cccef2a3181
msgid "The `JWT.ISS` configuration option is not mandatory anymore. :pr:`74`"
msgstr ""
#: ../../CHANGES.rst:643 c9903f9704254bd8856c6fb23a3f7f34
msgid "[0.0.12] - 2022-10-24"
msgstr ""
#: ../../CHANGES.rst:648 713bdc2d9dee45d0b80eead40194b1f7
msgid "Basic WebFinger endpoint. :pr:`59`"
msgstr ""
#: ../../CHANGES.rst:649 cc2f977715cb4c8ba51d4d34f6a4151f
msgid "Bumped to FomanticUI 2.9.0."
msgstr ""
#: ../../CHANGES.rst:650 a41e569505ed46e8a30eabb1605a9f4e
msgid "Implemented Dynamic Client Registration. :pr:`60`"
msgstr ""
#: ../../CHANGES.rst:653 40e16cae3052481c9a967a80643e51dc
msgid "[0.0.11] - 2022-08-11"
msgstr ""
#: ../../CHANGES.rst:658 ac2a36a292ee496ba78a96711e33b778
msgid "Default theme has a dark variant. :pr:`57`"
msgstr ""
#: ../../CHANGES.rst:663 c4d05a11686d406bba007ff8d333de4d
msgid "Fixed missing ``canaille`` binary. :pr:`58`"
msgstr ""
#: ../../CHANGES.rst:666 1d3f0b2e79a94cf787d645b8898bce4a
msgid "[0.0.10] - 2022-07-07"
msgstr ""
#: ../../CHANGES.rst:671 eaf79a2a1e6f4b1e9c3b3823e5dda85b
msgid "Online demo. :pr:`55`"
msgstr ""
#: ../../CHANGES.rst:672 0d80f6e630d049c9ad813e945376ab83
msgid ""
"The consent page was displaying scopes not supported by clients. :pr:`56`"
msgstr ""
#: ../../CHANGES.rst:673 559c5036f54d4cacab704fb3cdf57958
msgid "Fixed end session when user are already disconnected."
msgstr ""
#: ../../CHANGES.rst:676 5395b02e05a04ce19c8d9cf8c0d54845
msgid "[0.0.9] - 2022-06-05"
msgstr ""
#: ../../CHANGES.rst:681 d6b2f45bfea548cebbe625ae282f95c0
msgid ""
"``DISABLE_PASSWORD_RESET`` configuration option to disable password "
"recovery. :pr:`46`"
msgstr ""
#: ../../CHANGES.rst:682 216697ca6fc046a28864aa8152639a7c
msgid "``edit_self`` ACL permission to control user self edition. :pr:`47`"
msgstr ""
#: ../../CHANGES.rst:683 ea4420bc7f1c4c568d8da8657deddb66
msgid "`RP-initiated logout` implementation. :pr:`54`"
msgstr ""
#: ../../CHANGES.rst:688 72b36fc3a5e74417b5fdcb5a23be8c12
msgid "Bumped to Authlib 1. :pr:`48`"
msgstr ""
#: ../../CHANGES.rst:689 4fbf3c55b45a4a119e339bd126960d20
msgid "Various documentation improvements. :pr:`50`"
msgstr ""
#: ../../CHANGES.rst:690 45feed1105504c609b5df975797e4194
msgid "Use poetry instead of setuptools as project management tool. :pr:`51`"
msgstr ""
#: ../../CHANGES.rst:691 c4542cdb5f7c4d58b07b4b0a90cb302d
msgid "Additional tests for the OIDC ``nonce`` parameter. :pr:`52`"
msgstr ""
#: ../../CHANGES.rst:695 b327af2d08cb437e9b4751818cf8a8e2
msgid "``HIDE_INVALID_LOGIN`` behavior and default value."
msgstr ""
#: ../../CHANGES.rst:696 b000da6a9373445dad688a3b780a6aa0
msgid ""
"Compiled translation catalogs are not versioned anymore. :pr:`49` :pr:`53`"
msgstr ""
#: ../../CHANGES.rst:699 b2b2047443544b74a71bc79ff8c5f47b
msgid "[0.0.8] - 2022-03-15"
msgstr ""
#: ../../CHANGES.rst:704 375d29aba6424d43b859b8c3edfa80ba
msgid "Fixed dependencies."
msgstr ""
#: ../../CHANGES.rst:707 aeb08878a74b4f47b6d37baacf675b15
msgid "[0.0.7] - 2022-03-15"
msgstr ""
#: ../../CHANGES.rst:712 34c20276bd7c45bcb792f22355e4927a
msgid ""
"Fixed spaces and escaped special char in LDAP ``cn/dn`` attributes. :pr:`43`"
msgstr ""
#: ../../CHANGES.rst:715 0976abec0d0b46a3ae20e83d110393ec
msgid "[0.0.6] - 2022-03-08"
msgstr ""
#: ../../CHANGES.rst:720 d963ca446eb94c6e9aeb75012abb1cfd
msgid "Access token are JWT. :pr:`38`"
msgstr ""
#: ../../CHANGES.rst:725 02ca5edc4d13450db7f18d59d45864bf
msgid "Default groups on invitations. :pr:`41`"
msgstr ""
#: ../../CHANGES.rst:726 5891d198061a448c9ba57ffdbc6f801d
msgid "LDAP schemas are shipped within the Canaille package. :pr:`42`"
msgstr ""
#: ../../CHANGES.rst:729 c3272c14158a40f59a6b0f77af890f33
msgid "[0.0.5] - 2022-02-17"
msgstr ""
#: ../../CHANGES.rst:734 406e2245d9dc4d679bdcbd6b5728861e
msgid "LDAP model objects have new identifiers. :pr:`37`"
msgstr ""
#: ../../CHANGES.rst:739 a9f0c61002d0458eb30d4affda6e47c1
msgid "Admin menu dropdown display. :pr:`39`"
msgstr ""
#: ../../CHANGES.rst:740 fe303a61e23a434a890964802224e16a
msgid "``GROUP_ID_ATTRIBUTE`` configuration typo. :pr:`40`"
msgstr ""
#: ../../CHANGES.rst:743 5bd8b178d1d5466e844942b7afed166e
msgid "[0.0.4] - 2022-02-16"
msgstr ""
#: ../../CHANGES.rst:748 649efb86b8b2433589e7bbbdd8b5cd1e
msgid "Client pre-authorization. :pr:`11`"
msgstr ""
#: ../../CHANGES.rst:749 6e7050395d194611ad2c085e64f383a2
msgid "LDAP permissions check with the check command. :pr:`12`"
msgstr ""
#: ../../CHANGES.rst:750 5ae674761b1f4b2ea7718a8d8f227016
msgid ""
"Update consents when a scope required is larger than the scope of an already "
"given consent. :pr:`13`"
msgstr ""
#: ../../CHANGES.rst:752 5fb12e8bee6440d5912e9ebd8921a6e3
msgid "Theme customization. :pr:`15`"
msgstr ""
#: ../../CHANGES.rst:753 c2ebd08df453407f97b9eebd16b55149
msgid "Logging configuration. :pr:`16`"
msgstr ""
#: ../../CHANGES.rst:754 06ac3fd9e9474c87a1d5dce79d49f547
msgid "Installation command. :pr:`17`"
msgstr ""
#: ../../CHANGES.rst:755 5b18c8b637654faa84da8cf06f428780
msgid "Invitation links. :pr:`18`"
msgstr ""
#: ../../CHANGES.rst:756 13e0a85eb2b7475181bdd35f25eecee6
msgid "Advanced permissions. :pr:`20`"
msgstr ""
#: ../../CHANGES.rst:757 2d166176352d463282ef0c831cba992c
msgid "An option to not use OIDC. :pr:`23`"
msgstr ""
#: ../../CHANGES.rst:758 3b87847e50664f6196aa406788838dc7
msgid "Disable some features when no SMTP server is configured. :pr:`24`"
msgstr ""
#: ../../CHANGES.rst:759 de8d6a74115549b8adc25882f14e9588
msgid ""
"Login placeholder dynamically generated according to the configuration. :pr:"
"`25`"
msgstr ""
#: ../../CHANGES.rst:760 c5919e02f35e45469b725fd79aade908
msgid "Added an option to tune object IDs. :pr:`26`"
msgstr ""
#: ../../CHANGES.rst:761 607e9f8c23b54e8c998700ff4416eaec
msgid "Avatar support. :pr:`27`"
msgstr ""
#: ../../CHANGES.rst:762 c279a511c9b141568ede28b7c0afa583
msgid "Dynamical and configurable JWT claims. :pr:`28`"
msgstr ""
#: ../../CHANGES.rst:763 08fa58159ca6437e8f1beca79627fa27
msgid "UI improvements. :pr:`29`"
msgstr ""
#: ../../CHANGES.rst:764 2a2b659fe7154b799ce44fafb902fd57
msgid "Invitation links expiration. :pr:`30`"
msgstr ""
#: ../../CHANGES.rst:765 ce7aa46cc889408aa52bbb62f76c92b6
msgid "Invitees can choose their IDs. :pr:`31`"
msgstr ""
#: ../../CHANGES.rst:766 6bdec9f52f5044e698c2bf619c587280
msgid "LDAP backend refactoring. :pr:`35`"
msgstr ""
#: ../../CHANGES.rst:771 e819e93e00234beea6d9820e82fde531
msgid "Fixed ghost members in a group. :pr:`14`"
msgstr ""
#: ../../CHANGES.rst:772 10dd9d261d284523a84fd5c59050af24
msgid "Fixed email sender names. :pr:`19`"
msgstr ""
#: ../../CHANGES.rst:773 8b309c5389bf44e8ac69e53c2765b585
msgid "Fixed filter being not escaped. :pr:`21`"
msgstr ""
#: ../../CHANGES.rst:774 cd93af35f9cc4576b1659289218ec809
msgid "Demo script good practices. :pr:`32`"
msgstr ""
#: ../../CHANGES.rst:775 9e92fa5ce3cd43848cc7c809c709180c
msgid "Binary path for Debian. :pr:`33`"
msgstr ""
#: ../../CHANGES.rst:776 7d0dadcab0a644aba779030c25e2fc88
msgid ""
"Last name was not mandatory in the forms while this was mandatory in the "
"LDAP server. :pr:`34`"
msgstr ""
#: ../../CHANGES.rst:778 4526606a32614a238d9ba69b3f3c311d
msgid "Spelling typos. :pr:`36`"
msgstr ""
#: ../../CHANGES.rst:781 c92de561587746169e06e8a51bd2efcd
msgid "[0.0.3] - 2021-10-13"
msgstr ""
#: ../../CHANGES.rst:786 b4e4578702394d8db53727dca04e2eeb
msgid "Two-steps sign-in. :issue:`49`"
msgstr ""
#: ../../CHANGES.rst:787 f1f267f1648f4866b3b003c271acb344
msgid "Tokens can have several audiences. :issue:`62` :pr:`9`"
msgstr ""
#: ../../CHANGES.rst:788 51257e276adb454f9bd203167e591489
msgid "Configuration check command. :issue:`66` :pr:`8`"
msgstr ""
#: ../../CHANGES.rst:789 5684d9f7c259429290886a77f263ce3f
msgid "Groups management. :issue:`12` :pr:`6`"
msgstr ""
#: ../../CHANGES.rst:794 c439c2e96fa14377bc990f5fc2cd65bc
msgid "Introspection access bugfix. :issue:`63` :pr:`10`"
msgstr ""
#: ../../CHANGES.rst:795 0c8a65056b0c4684984d84f76362f380
msgid "Introspection sub claim. :issue:`64` :pr:`7`"
msgstr ""
#: ../../CHANGES.rst:798 664b613f4fd74b97a6caa749d9c5fd58
msgid "[0.0.2] - 2021-01-06"
msgstr ""
#: ../../CHANGES.rst:803 2a77b05db06141a9918f93152e999c25
msgid "Login page is responsive. :issue:`1`"
msgstr ""
#: ../../CHANGES.rst:804 6d5de8101cf648e3b546489ba36f58aa
msgid "Adapt mobile keyboards to login page fields. :issue:`2`"
msgstr ""
#: ../../CHANGES.rst:805 b945b81cdb88450c92efe96b2baa1329
msgid "Password recovery interface. :issue:`3`"
msgstr ""
#: ../../CHANGES.rst:806 89545855a2d04788922fe2566668d450
msgid "User profile interface. :issue:`4`"
msgstr ""
#: ../../CHANGES.rst:807 909bce16a1e349f6b070d4b2fb7dc069
msgid "Renamed the project *Canaille*. :issue:`5`"
msgstr ""
#: ../../CHANGES.rst:808 f1cd27a5a0794001afd13fdacf6fc6c5
msgid "Command to remove old tokens. :issue:`17`"
msgstr ""
#: ../../CHANGES.rst:809 17fa5866a3994849b85361163b9ea131
msgid "Improved password recovery email. :issue:`14` :issue:`26`"
msgstr ""
#: ../../CHANGES.rst:810 9565eb5071fa47ddae91f5f76af6b048
msgid ""
"Use Flask `SERVER_NAME` configuration variable instead of `URL`. :issue:`24`"
msgstr ""
#: ../../CHANGES.rst:811 8386c50a80aa4b8ca9ce34942d659216
msgid "Improved consents page. :issue:`27`"
msgstr ""
#: ../../CHANGES.rst:812 0aa2212e1af549f8bdce3c9588cd6109
msgid "Admin user page. :issue:`8`"
msgstr ""
#: ../../CHANGES.rst:813 0c8c21373574440392345e305971d258
msgid "Project logo. :pr:`29`"
msgstr ""
#: ../../CHANGES.rst:814 912385ce9ea24b4b81f77904ad670901
msgid ""
"User account self-deletion can be enabled in the configuration with "
"`SELF_DELETION`. :issue:`35`"
msgstr ""
#: ../../CHANGES.rst:815 447289b003f64e72b8b0977842a73f9c
msgid "Admins can impersonate users. :issue:`39`"
msgstr ""
#: ../../CHANGES.rst:816 ad67189130fd49868fcb0abfad1e7275
msgid "Forgotten page UX improvement. :pr:`43`"
msgstr ""
#: ../../CHANGES.rst:817 660c1528bbe0431aa50394306e761072
msgid "Admins can remove clients. :pr:`45`"
msgstr ""
#: ../../CHANGES.rst:818 3aa25de74978491ab76de431e7819552
msgid ""
"Option `HIDE_INVALID_LOGIN` that can be unactivated to let the user know if "
"the login he attempt to sign in with exists or not. :pr:`48`"
msgstr ""
#: ../../CHANGES.rst:820 44549258486845fab0456f113a04f98b
msgid "Password initialization mail. :pr:`51`"
msgstr ""
#: ../../CHANGES.rst:825 11f9843c7ed348d89ec776212da1f871
msgid "Form translations. :issue:`19` :issue:`23`"
msgstr ""
#: ../../CHANGES.rst:826 115b5ed2ccf441d59dd25dc521fb148e
msgid "Avoid to use Google Fonts. :issue:`21`"
msgstr ""
#: ../../CHANGES.rst:831 ce6a992d5aa3472aa464e0aae5e1dd58
msgid "'My tokens' page. :issue:`22`"
msgstr ""
#: ../../CHANGES.rst:834 5c71c7871c87474a9a6e956d46958569
msgid "[0.0.1] - 2020-10-21"
msgstr ""
#: ../../CHANGES.rst:839 174e925430f14fad869e0c91923805af
msgid "Initial release."
msgstr ""
#: ../../CONTRIBUTING.rst:2 0990185d86db4ce8a07d51360d1322d3
msgid "Contributions"
msgstr ""
#: ../../CONTRIBUTING.rst:4 da4d8554175642ba94b4f7e339063077
msgid "Contributions are welcome!"
msgstr ""
#: ../../CONTRIBUTING.rst:6 7c2b65c2bab049f7ae36d441f0956ecd
msgid ""
"The repository is hosted at `gitlab.com/yaal/canaille <https://gitlab.com/"
"yaal/canaille>`_."
msgstr ""
#: ../../CONTRIBUTING.rst:9 a673ec733c0a4064b2cd6cb76e454637
msgid "Discuss"
msgstr ""
#: ../../CONTRIBUTING.rst:11 1cb0899f872a4345aa339d9f3a6139a3
msgid ""
"If you want to implement a feature or a bugfix, please start by discussing "
"it with us on the `bugtracker <https://gitlab.com/yaal/canaille/-/issues>`_ "
"or the `matrix room <https://matrix.to/#/#canaille-discuss:yaal.coop>`_."
msgstr ""
#: ../../CONTRIBUTING.rst:16 393a353bc9ee457e876a227f79bddc75
msgid "Development environment"
msgstr ""
#: ../../CONTRIBUTING.rst:18 7948bd5b6ee144f59136b49cfb7ee55f
msgid "You can either run the demo locally or with Docker."
msgstr ""
#: ../../CONTRIBUTING.rst:20 f119e4446ee4463d80ce3fe3e0588b06
msgid ""
"The only tool required for local development is `uv`. Make sure to have uv "
"`installed on your computer <https://docs.astral.sh/uv/getting-started/"
"installation/>`_ to be able to hack Canaille."
msgstr ""
#: ../../CONTRIBUTING.rst:24 632e3a0e19ab4c97aea1bfdfd0b5c165
msgid "Initialize your development environment with:"
msgstr ""
#: ../../CONTRIBUTING.rst:26 507673718d174120a28e7afc5a110ec7
msgid ""
"``uv sync --extra front --extra oidc`` to have a minimal working development "
"environment. This will allow you to run the tests with ``uv pytest --backend "
"memory``."
msgstr ""
#: ../../CONTRIBUTING.rst:27 942fe3cb54354168a07c3862241e378c
msgid ""
"``uv sync --extra front --extra oidc --extra sqlite`` to have a minimal "
"working development environment with SQLite backend support. This will allow "
"you to run the tests with ``uv pytest --backend sql``."
msgstr ""
#: ../../CONTRIBUTING.rst:28 18e74ae611944f71b212e9072eb24b3e
msgid ""
"``uv sync --extra front --extra oidc --extra ldap`` to have a minimal "
"working development environment with LDAP backend support. This will allow "
"you to run the tests with ``uv pytest --backend ldap``."
msgstr ""
#: ../../CONTRIBUTING.rst:29 4a5010a9a38349dbb5af58ff13291b28
msgid ""
"``uv sync --all-extras`` if you want to have everything at your fingertips. "
"Note that it may compile some Python dependencies that would expect things "
"to be installed on your system; Some dependencies of Canaille might need to "
"be compiled, so you probably want to check that `GCC` and `cargo` are "
"available on your computer."
msgstr ""
#: ../../CONTRIBUTING.rst:32 75f515626b4f4524b29f13d98acf40ad
msgid "After having launched the demo you have access to several services:"
msgstr ""
#: ../../CONTRIBUTING.rst:34 7eb94a5ef2ee4a4db852ca0988e51945
msgid "A canaille server at `localhost:5000 <http://localhost:5000>`_"
msgstr ""
#: ../../CONTRIBUTING.rst:35 ad12ff8db3d64a02b528e93c352ebdf1
msgid "A dummy client at `localhost:5001 <http://localhost:5001>`_"
msgstr ""
#: ../../CONTRIBUTING.rst:36 2cd9a0e0ac94408289a0d31a15112fd0
msgid "Another dummy client at `localhost:5002 <http://localhost:5002>`_"
msgstr ""
#: ../../CONTRIBUTING.rst:38 e3696d8d026b4c0391112ce8c19e90b1
msgid "The canaille server has some default users:"
msgstr ""
#: ../../CONTRIBUTING.rst:40 8f956c9e5db842f6a5e28e81353915f9
msgid "A regular user which login and password are **user**;"
msgstr ""
#: ../../CONTRIBUTING.rst:41 b2efc68d24d34fa39590ef3064ce84b0
msgid "A moderator user which login and password are **moderator**;"
msgstr ""
#: ../../CONTRIBUTING.rst:42 d38003f0a5674760918da590be8b7c60
msgid "An admin user which admin and password are **admin**;"
msgstr ""
#: ../../CONTRIBUTING.rst:43 9cf3b6e86c78488fbadac5d7f7da7081
msgid ""
"A new user which login is **james**. This user has no password yet, and his "
"first attempt to log-in would result in sending a password initialization "
"email (if a smtp server is configured)."
msgstr ""
#: ../development/specifications.rst:106 ../../CONTRIBUTING.rst:48
#: 381b89217b0348debccf9ea7d3e494b8 24da1fbbb1214b0aad0e8cfd91ebad9f
msgid "Backends"
msgstr ""
#: ../../CONTRIBUTING.rst:50 a456ad4a727440eea70c2267c7dd5a8a
msgid "Canaille comes with several backends:"
msgstr ""
#: ../../CONTRIBUTING.rst:52 d658db4aa8734153b436094cd3c588b2
msgid "a lightweight test purpose `memory` backend"
msgstr ""
#: ../../CONTRIBUTING.rst:53 d8b76bacd56f44168825850444a6b29e
msgid "a `sql` backend, based on sqlalchemy"
msgstr ""
#: ../../CONTRIBUTING.rst:54 0b6fbdf76a3748059ed8f25be5597e12
msgid "a production-ready `LDAP` backend"
msgstr ""
#: ../../CONTRIBUTING.rst:57 a131ee5f73f3462281ec7b8ce52c4ff2
msgid "Docker environment"
msgstr ""
#: ../../CONTRIBUTING.rst:59 934a3551784041c2a96d1040950cf880
msgid ""
"If you want to develop with docker, your browser needs to be able to reach "
"the `canaille` container. The docker-compose file exposes the right ports, "
"but front requests are from outside the docker network: the `canaille` url "
"that makes sense for docker, points nowhere from your browser. As exposed "
"ports are on `localhost`, you need to tell your computer that `canaille` url "
"means `localhost`."
msgstr ""
#: ../../CONTRIBUTING.rst:64 669dec4ddb9844a097afd2f606725df1
msgid "To do that, you can add the following line to your `/etc/hosts`:"
msgstr ""
#: ../../CONTRIBUTING.rst:70 9bdeeebb82004fabb71ccd006be5a152
msgid "To launch containers, use:"
msgstr ""
#: ../development/specifications.rst:108 ../tutorial/databases.rst:16
#: ../../CONTRIBUTING.rst:73 ../../CONTRIBUTING.rst:108
#: e147d723475a42de95ae6b307ec2c1b3 129d25dfcdd144ccb4be37e7474aed23
#: e6e3a6c57dbd41f4bbb3846087970020 cdf80b9bdb0a4d59b519e6d6ffd71ae3
msgid "SQL"
msgstr ""
#: ../../CONTRIBUTING.rst:74 ../../CONTRIBUTING.rst:109
#: 24ef4199122140dd8f6df3109ee6544e 19b6a09e2468439b82b110ec4c051ae6
msgid ""
"With the SQL backend, the demo instance will load and save data in a local "
"sqlite database."
msgstr ""
#: ../../CONTRIBUTING.rst:76 ../../CONTRIBUTING.rst:111
#: 9bc9fa8549854c99ad7f739ec5317a99 573978fa6ecb432fa0d54cc76e8f2861
msgid "Run the demo instance with the SQL backend"
msgstr ""
#: ../tutorial/databases.rst:8 ../../CONTRIBUTING.rst:83
#: ../../CONTRIBUTING.rst:117 c9ac76f0f24b441aa9632911fb19ff7e
#: d578daebea3f4c2cb6fe0d4866bcb690 b22dc1aeb5f0489c9a2228869072255b
msgid "Memory"
msgstr ""
#: ../../CONTRIBUTING.rst:84 ../../CONTRIBUTING.rst:118
#: 8d19234a6dd74306bd775fc44ac43c63 9be657a56d1c460b9ce184d59e8b1c5f
msgid "With the memory backend, all data is lost when Canaille stops."
msgstr ""
#: ../../CONTRIBUTING.rst:86 ../../CONTRIBUTING.rst:120
#: 8f594f36a26342d8a6c1b8f53ab7dcd2 2c26d8e08f034833b27c02831de86710
msgid "Run the demo instance with the memory backend"
msgstr ""
#: ../development/specifications.rst:108 ../tutorial/databases.rst:45
#: ../../CONTRIBUTING.rst:93 ../../CONTRIBUTING.rst:126
#: c135807ed63542f1ae515a60df0501ba 00ed3f79be9f4e7588e38a777da737ab
#: 5933c483337e4ebb9390a59a166e2a13 2c30cc73fa584d5886d6f04ed75f1b1d
msgid "LDAP"
msgstr ""
#: ../../CONTRIBUTING.rst:94 ../../CONTRIBUTING.rst:127
#: 83b3c6b4940141b885f051fb82b84125 054bfb478e684320a73b57569eec14df
msgid "With the LDAP backend, all data is lost when Canaille stops."
msgstr ""
#: ../../CONTRIBUTING.rst:96 ../../CONTRIBUTING.rst:129
#: 6e2da183608c4e7bb87e38a2c66aa63b 73a67cd951644177bdccca3a08deb606
msgid "Run the demo instance with the LDAP backend"
msgstr ""
#: ../../CONTRIBUTING.rst:105 2fa57166974946a899931022ba5fad8a
msgid "Local environment"
msgstr ""
#: ../../CONTRIBUTING.rst:135 8283fb57ce51423a9b3541571cc4cd0b
msgid ""
"If you want to run the demo locally with the LDAP backend, you need to have "
"`OpenLDAP <https://www.openldap.org/>`_ installed on your system. It is "
"generally shipped under the ``slapd`` or ``openldap`` package name."
msgstr ""
#: ../../CONTRIBUTING.rst:140 6e8c5a2f92e348ab9afedd54df75c46a
msgid ""
"On Debian or Ubuntu systems, the OpenLDAP `slapd` binary usage might be "
"restricted by apparmor, and thus makes the tests and the demo fail. This can "
"be mitigated by removing apparmor restrictions on `slapd`."
msgstr ""
#: ../../CONTRIBUTING.rst:150 c78ca4223f9645a583ac47bd1aa5c146
msgid "Populate the database"
msgstr ""
#: ../../CONTRIBUTING.rst:152 bb0e31cb292b423fba42e70830997721
msgid ""
"The demo database comes populated with some random users and groups. If you "
"need more, you can generate users and groups with the ``populate`` command:"
msgstr ""
#: ../../CONTRIBUTING.rst:163 cbb12aab253c455fa1b1754f2eb0729a
msgid ""
"Adapt to use either the `ldap` or the `sql` configuration file. Note that "
"this will not work with the memory backend."
msgstr ""
#: ../../CONTRIBUTING.rst:166 0e899d83156d4e029681d634b1dec436
msgid "Unit tests"
msgstr ""
#: ../../CONTRIBUTING.rst:168 39be72b7c6d54603abbca8de879267c5
msgid ""
"To run the tests, you just can run `uv run pytest` and/or `uv run tox` to "
"test all the supported python environments. Everything must be green before "
"patches get merged."
msgstr ""
#: ../../CONTRIBUTING.rst:171 45992e8a617143e6a2b805043155118a
msgid ""
"To test a specific backend you can pass ``--backend memory``, ``--backend "
"sql`` or ``--backend ldap`` to pytest and tox."
msgstr ""
#: ../../CONTRIBUTING.rst:173 8162f265527e4a42a0ab95ec14e769a4
msgid ""
"The test coverage is 100%, patches won't be accepted if not entirely "
"covered. You can check the test coverage with ``uv run pytest --cov --cov-"
"report=html`` or ``uv run tox -e coverage -- --cov-report=html``. You can "
"check the HTML coverage report in the newly created `htmlcov` directory."
msgstr ""
#: ../../CONTRIBUTING.rst:178 775bdfa6e27e469383647d7d603659a1
msgid "Code style"
msgstr ""
#: ../../CONTRIBUTING.rst:180 b309d56f31904c9da28ceb01fe67d6f9
msgid ""
"We use `ruff <https://docs.astral.sh/ruff/>`_ along with other tools to "
"format our code. Please run ``uv run tox -e style`` on your patches before "
"submitting them. In order to perform a style check and correction at each "
"commit you can use our `pre-commit <https://pre-commit.com/>`_ configuration "
"with ``uv run pre-commit install``."
msgstr ""
#: ../../CONTRIBUTING.rst:186 dbbdab0936124ac2a12af49411a84128
msgid "Front"
msgstr ""
#: ../../CONTRIBUTING.rst:188 799d621279764c62af4239338d80db8a
msgid ""
"The interface is built upon the `Fomantic UI <https://fomantic-ui.com/>`_ "
"CSS framework. The dynamical parts of the interface use `htmx <https://htmx."
"org/>`_."
msgstr ""
#: ../../CONTRIBUTING.rst:191 128898c5e69d49368cdbf572550dacca
msgid ""
"Using Javascript in the interface is tolerated, but the whole website MUST "
"be accessible for browsers without Javascript support, and without any "
"feature loss."
msgstr ""
#: ../../CONTRIBUTING.rst:193 dc05fa959ec8437381264442b6a30974
msgid ""
"Because of Fomantic UI we have a dependency to jQuery, however new "
"contributions should not depend on jQuery at all. See the `related issue "
"<https://gitlab.com/yaal/canaille/-/issues/130>`_."
msgstr ""
#: ../index.rst:71 ../../CONTRIBUTING.rst:198 392f1081f6e94b6da5679a367a2e7a4a
#: 0f273ce3769347ce8015316671ac1b15
msgid "Documentation"
msgstr ""
#: ../../CONTRIBUTING.rst:200 b5151aeda933407bb66f3ea0d6ba101e
msgid "The documentation is generated when the tests run:"
msgstr ""
#: ../../CONTRIBUTING.rst:206 39f2fefbdf4343ccb8641e3dcc1549b4
msgid ""
"You can also run sphinx by hand, that should be faster since it avoids the "
"tox environment initialization:"
msgstr ""
#: ../../CONTRIBUTING.rst:212 89531c0a7d17422684603832f8aeef47
msgid "The generated documentation is located at ``build/sphinx/html/en``."
msgstr ""
#: ../../CONTRIBUTING.rst:215 bb87f6e759f140baa631b9a44d008e97
msgid "Code translation"
msgstr ""
#: ../../canaille/translations/README.rst:1 c4bd0dcdf5b847958c1713690a062440
msgid ""
"Translations are done with `Weblate <https://hosted.weblate.org/projects/"
"canaille/canaille>`__."
msgstr ""
#: ../../canaille/translations/README.rst:3 04a9342ea51b4cceb41bf7505907566a
msgid ""
"The following commands are there as documentation, only the message "
"extraction is needed for contributors. All the other steps are automatically "
"done with Weblate."
msgstr ""
#: readme.rst:6 ../../canaille/translations/README.rst:8
#: 84706a46430343e6aa358b28a46feff2 08d06911b6e54459881d14deaf9a7a80
#: 33cedfb8b8624971bbe4cb2413fbdb15
msgid "Message extraction"
msgstr ""
#: readme.rst:8 ../../canaille/translations/README.rst:10
#: 4ade1dc0d8cb420cb02eae9fd4fd3653 d8994cc54925437687864ded269ddc34
#: 384b7d18414843f9adfa40c46f734da5
msgid ""
"After you have edited translatable strings, you should extract the messages "
"with:"
msgstr ""
#: readme.rst:15 ../../canaille/translations/README.rst:17
#: 1e09dc8b659c479eb2f6f943786e423e 6ddd54ecd3f540b28fea415cea1199df
#: 8492e236ff844116b90640e12b246f67
msgid "Language addition"
msgstr ""
#: readme.rst:17 ../../canaille/translations/README.rst:19
#: 0720284c793641c5a85eecc25ba0d9b3 0aea2aff48bf4743b456f7a56cd41359
#: 9aaae4da193146b4b4f41aa2bd467336
msgid ""
"You can add a new language manually with the following command, however this "
"should not be needed as Weblate takes car of this:"
msgstr ""
#: ../../canaille/translations/README.rst:26 25ee62b065294ad5adf105b9d575587b
msgid "Catalog update"
msgstr ""
#: ../../canaille/translations/README.rst:28 20e76bc5528c40b4bdd89c629723e8c4
msgid ""
"You can update the catalogs with the following command, however this should "
"not be needed as Weblate automatically update language catalogs when it "
"detects new strings or when someone translate some existing strings. Weblate "
"pushes happen every 24h."
msgstr ""
#: ../../canaille/translations/README.rst:36 15327a715c38464fa9dfb969965c2ac1
msgid "Catalog compilation"
msgstr ""
#: ../../canaille/translations/README.rst:38 4c95a49edb0740d0ad34d7eee9466334
msgid ""
"You can compile the catalogs with the following command, however this should "
"not be needed as catalogs are automatically compiled before running the unit "
"tests, before launching the demo and before compiling the Canaille python "
"package:"
msgstr ""
#: ../../CONTRIBUTING.rst:221 da97f28b857241879092e1c0a45cc6d6
msgid "Documentation translation"
msgstr ""
#: readme.rst:1 9776df929dbd40f59315d9dad326da0a
#: 127143cd0922422c941bd0880cb85699
msgid ""
"Translations are done with `Weblate <https://hosted.weblate.org/projects/"
"canaille/documentation>`__."
msgstr ""
#: readme.rst:3 b1e092b9af914bbaa60034638b5feb44
#: cb5ccfce511a4bff97a39b300396dfce
msgid ""
"The following commands are there as documentation, only the message "
"extraction and the language addition is needed for contributors."
msgstr ""
#: readme.rst:24 9312e9d146484a30b47297cfe934dcb7
#: f6ae3452c2de41c397aec993afaab244
msgid "Build the documentation in another language"
msgstr ""
#: ../../CONTRIBUTING.rst:226 588494c60125438a9a70645678f05ca3
msgid "Publish a new release"
msgstr ""
#: ../../CONTRIBUTING.rst:228 420e9e7fcb244f18b3db1d1b9c52d92c
msgid ""
"Check that dependencies are up to date with ``uv sync --all-extras --"
"upgrade`` and update dependencies accordingly in separated commits;"
msgstr ""
#: ../../CONTRIBUTING.rst:229 00227bd468c34010a3883e4e0f90d8e3
msgid ""
"Check that tests are still green for every supported python version, and "
"that coverage is still at 100%, by running ``uv run tox``;"
msgstr ""
#: ../../CONTRIBUTING.rst:230 72f3b000f5b1489384c00d6e266c63a8
msgid ""
"Check that the demo environments are still working, both the local and the "
"Docker one;"
msgstr ""
#: ../../CONTRIBUTING.rst:231 5bea104b168a477f9accf8d55549330e
msgid ""
"Check that the :ref:`development/changelog:Release notes` section is "
"correctly filled up;"
msgstr ""
#: ../../CONTRIBUTING.rst:232 90f263cc1eeb4ef5a42f8809672f64ef
msgid "Increase the version number in ``pyproject.toml``;"
msgstr ""
#: ../../CONTRIBUTING.rst:233 58fe93530d98448c82779271abb44629
msgid "Commit with ``git commit``;"
msgstr ""
#: ../../CONTRIBUTING.rst:234 ad1df1a61c3942368ec1313411547c13
msgid "Build with ``uv build``;"
msgstr ""
#: ../../CONTRIBUTING.rst:235 0cfad1da05584638ab4bc386b666f5a3
msgid ""
"Publish on test PyPI with ``uv publish --publish-url https://test.pypi.org/"
"legacy/``;"
msgstr ""
#: ../../CONTRIBUTING.rst:236 f6308d8a0b3f4db4bc7c7907d8a1f266
msgid ""
"Install the test package somewhere with ``pip install --extra-index-url "
"https://test.pypi.org/simple --upgrade canaille``. Check that everything "
"looks fine;"
msgstr ""
#: ../../CONTRIBUTING.rst:237 0e10ccf92af749d49e9bfea50fd82a50
msgid "Publish on production PyPI ``uv publish``;"
msgstr ""
#: ../../CONTRIBUTING.rst:238 fa1c23c9661d4fb8b0f5d291a64d49f7
msgid "Tag the commit with ``git tag XX.YY.ZZ``;"
msgstr ""
#: ../../CONTRIBUTING.rst:239 7a281f02d2a741c892e150979920d23b
msgid ""
"Push the release commit and the new tag on the repository with ``git push --"
"tags``."
msgstr ""
#: ../development/index.rst:2 ../tutorial/theming.rst:41
#: 52e76c88219e4de19a2b82b2a2c1c4d8 1b6948f6a143409db5b73d81af367214
msgid "Development"
msgstr ""
#: ../development/specifications.rst:2 b3876dc3555842a49a1c8e1eb079fbe1
msgid "Specifications"
msgstr ""
#: ../development/specifications.rst:4 8ce7c58ef8634acb8f37bf04fde97d9c
msgid ""
"This page details which specifications are implemented in Canaille, and "
"compares Canaille with other well-known identity providers."
msgstr ""
#: ../development/specifications.rst:7 4c4e202076854f99b4d398d1e3719296
msgid "State of the specs in Canaille"
msgstr ""
#: ../development/specifications.rst:10 682849a438ce4c9eb771d18c1c3e21b4
msgid "OAuth2"
msgstr ""
#: ../development/specifications.rst:12 829d6454dfd14680b17fad372f8cca40
msgid ""
"✅ `RFC6749: OAuth 2.0 Framework <https://tools.ietf.org/html/rfc6749>`_"
msgstr ""
#: ../development/specifications.rst:13 f115a6d1703c4250ab425bb030e48939
msgid ""
"✅ `RFC6750: OAuth 2.0 Bearer Tokens <https://tools.ietf.org/html/rfc6750>`_"
msgstr ""
#: ../development/specifications.rst:14 77024b74c51f45b984117084b8f7deb5
msgid ""
"✅ `RFC7009: OAuth 2.0 Token Revocation <https://tools.ietf.org/html/"
"rfc7009>`_"
msgstr ""
#: ../development/specifications.rst:15 9fdf59e113c6482f8db2451c5b2df549
msgid ""
"❌ `RFC7523: JWT Profile for OAuth 2.0 Client Authentication and "
"Authorization Grants <https://tools.ietf.org/html/rfc7523>`_"
msgstr ""
#: ../development/specifications.rst:16 bdeb1dc9178d4e00a0377e2c22346350
msgid ""
"✅ `RFC7591: OAuth 2.0 Dynamic Client Registration Protocol <https://tools."
"ietf.org/html/rfc7591>`_"
msgstr ""
#: ../development/specifications.rst:17 fe66b098739b46ceb8bc989246fc9067
msgid ""
"✅ `RFC7592: OAuth 2.0 Dynamic Client Registration Management Protocol "
"<https://tools.ietf.org/html/rfc7592>`_"
msgstr ""
#: ../development/specifications.rst:18 f084226dce6c46c1b6aa79e024bd4543
msgid ""
"✅ `RFC7636: Proof Key for Code Exchange by OAuth Public Clients <https://"
"tools.ietf.org/html/rfc7636>`_"
msgstr ""
#: ../development/specifications.rst:19 ae8757b89e224f2d8348038e1924d795
msgid ""
"✅ `RFC7662: OAuth 2.0 Token Introspection <https://tools.ietf.org/html/"
"rfc7662>`_"
msgstr ""
#: ../development/specifications.rst:20 531dff6077d14c7aa880e7f823c72eff
msgid ""
"✅ `RFC8414: OAuth 2.0 Authorization Server Metadata <https://tools.ietf.org/"
"html/rfc8414>`_"
msgstr ""
#: ../development/specifications.rst:21 6b2fc87355914a08b0e0c9e4d795443c
msgid ""
"❌ `RFC8428: OAuth 2.0 Device Authorization Grant <https://tools.ietf.org/"
"html/rfc8428>`_"
msgstr ""
#: ../development/specifications.rst:22 535bd458ee31408ebe837c03ea660d17
msgid ""
"❌ `RFC8693: OAuth 2.0 Token Exchange <https://tools.ietf.org/html/rfc8693>`_"
msgstr ""
#: ../development/specifications.rst:23 f0bfbeac37b44b8d816100505c291ba9
msgid ""
"❌ `RFC8705: OAuth 2.0 Mutual-TLS Client Authentication and Certificate-"
"Bound Access Tokens <https://tools.ietf.org/html/rfc8705>`_"
msgstr ""
#: ../development/specifications.rst:24 ed43d77027d44b88b776baeebed78802
msgid ""
"❌ `RFC8707: Resource Indicators for OAuth 2.0 <https://tools.ietf.org/html/"
"rfc8707>`_"
msgstr ""
#: ../development/specifications.rst:25 5630d915f527443e93073192b4bc2e8a
msgid ""
"❌ `RFC9068: JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens "
"<https://tools.ietf.org/html/rfc9068>`_"
msgstr ""
#: ../development/specifications.rst:26 6dfb4c82f5d24fe5ac3edde198aae615
msgid ""
"❌ `RFC9101: OAuth 2.0 JWT-Secured Authorization Request (JAR) <https://"
"tools.ietf.org/html/rfc9101>`_"
msgstr ""
#: ../development/specifications.rst:27 b14871b2584c40ddb76374986a69d89f
msgid ""
"❌ `RFC9126: OAuth 2.0 Pushed Authorization Requests <https://tools.ietf.org/"
"html/rfc9126>`_"
msgstr ""
#: ../development/specifications.rst:28 8d53df978c09455cbbd5f0b3c86fae56
msgid ""
"❌ `RFC9207: OAuth 2.0 Authorization Server Issuer Identification <https://"
"tools.ietf.org/html/rfc9207>`_"
msgstr ""
#: ../development/specifications.rst:29 fc24914060bc4e2b83be624cf1e72c4b
msgid ""
"❌ `RFC9394: OAuth 2.0 Rich Authorization Requests <https://www.rfc-editor."
"org/rfc/rfc9396.html>`_"
msgstr ""
#: ../development/specifications.rst:30 415da024ae33470ead9213e36bbb5287
msgid ""
"❌ `OAuth2 Multiple Response Types <https://openid.net/specs/oauth-v2-"
"multiple-response-types-1_0.html>`_"
msgstr ""
#: ../development/specifications.rst:31 90dca086523a4b7992b11bd243218023
msgid ""
"❌ `OAuth2 Form Post Response Mode <https://openid.net/specs/oauth-v2-form-"
"post-response-mode-1_0.html>`_"
msgstr ""
#: ../development/specifications.rst:34 ../features.rst:230
#: a191e1d8741042fd82b609c98cb88f49 a39756472b3e413583feb8a2a3c5a456
msgid "OpenID Connect"
msgstr ""
#: ../development/specifications.rst:36 f8aa5fbf69f64a6cae6b53d13ab9f14d
msgid ""
"✅ `OpenID Connect Core <https://openid.net/specs/openid-connect-core-1_0."
"html>`_"
msgstr ""
#: ../development/specifications.rst:37 0aa3c6a211764851be72af8859e72faf
msgid ""
"✅ `OpenID Connect Discovery <https://openid.net/specs/openid-connect-"
"discovery-1_0.html>`_"
msgstr ""
#: ../development/specifications.rst:38 8731b7e2a1f440d0ab3d19f58363205b
msgid ""
"✅ `OpenID Connect Dynamic Client Registration <https://openid.net/specs/"
"openid-connect-registration-1_0.html>`_"
msgstr ""
#: ../development/specifications.rst:39 19762de2d0564cd2bab6556f5daa32b9
msgid ""
"✅ `OpenID Connect RP Initiated Logout <https://openid.net/specs/openid-"
"connect-rpinitiated-1_0.html>`_"
msgstr ""
#: ../development/specifications.rst:40 b1f99cddaa19432189ba53247b24d887
msgid ""
"❌ `OpenID Connect Session Management <https://openid.net/specs/openid-"
"connect-session-1_0.html>`_"
msgstr ""
#: ../development/specifications.rst:41 6bc7d7cf2e6e4fbd8c5b37ee78f38da3
msgid ""
"❌ `OpenID Connect Front Channel Logout <https://openid.net/specs/openid-"
"connect-frontchannel-1_0.html>`_"
msgstr ""
#: ../development/specifications.rst:42 c86778f4c87d4ea5bf51969fd79efa9a
msgid ""
"❌ `OpenID Connect Back Channel Logout <https://openid.net/specs/openid-"
"connect-backchannel-1_0.html>`_"
msgstr ""
#: ../development/specifications.rst:43 f29d468edc9e4c93b4e132dcb896ec23
msgid ""
"❌ `OpenID Connect Back Channel Authentication Flow <https://openid.net/"
"specs/openid-client-initiated-backchannel-authentication-core-1_0.html>`_"
msgstr ""
#: ../development/specifications.rst:44 aca2626f01c94811ab9cbb4e11c8249a
msgid ""
"❌ `OpenID Connect Core Error Code unmet_authentication_requirements "
"<https://openid.net/specs/openid-connect-unmet-authentication-"
"requirements-1_0.html>`_"
msgstr ""
#: ../development/specifications.rst:45 5a70caff3ff34223b1fc4bd8270c2184
msgid ""
"✅ `Initiating User Registration via OpenID Connect 1.0 <https://openid.net/"
"specs/openid-connect-prompt-create-1_0.html>`_"
msgstr ""
#: ../development/specifications.rst:46 ca8c178eab77479991d9744e62826ca5
msgid ""
"❌ `OpenID Connect Profile for SCIM Services <https://openid.net/specs/"
"openid-connect-scim-profile-1_0.html>`_"
msgstr ""
#: ../development/specifications.rst:49 ../development/specifications.rst:108
#: 794c29185c834483b43d4cd7efa94774 4c7bd083d6eb494aa8290e0e28cf88d3
msgid "SCIM"
msgstr ""
#: ../development/specifications.rst:51 9f8697b813204adba4a63ddf11a7fd36
msgid "Canaille provides a basic SCIM server implementation."
msgstr ""
#: ../development/specifications.rst:53 3e956d7fa3934bc7a67befcae72393c8
msgid ""
"🟠 `RFC7642: System for Cross-domain Identity Management: Definitions, "
"Overview, Concepts, and Requirements <https://www.rfc-editor.org/rfc/"
"rfc7642>`_"
msgstr ""
#: ../development/specifications.rst:54 c51b643157fe4079b535244f4f63c809
msgid ""
"🟠 `RFC7643: System for Cross-domain Identity Management: Core Schema "
"<https://www.rfc-editor.org/rfc/rfc7642>`_"
msgstr ""
#: ../development/specifications.rst:55 f31d0b61f1c44de4befe75f6142c1421
msgid ""
"🟠 `RFC7644: System for Cross-domain Identity Management: Protocol <https://"
"www.rfc-editor.org/rfc/rfc7642>`_"
msgstr ""
#: ../development/specifications.rst:57 4b113baa287044a5b3710d8083f306e1
msgid ""
"Client-side implementation (i.e. broadcasting changes on users and groups "
"among clients) and advanced features will be implemented in the future."
msgstr ""
#: ../development/specifications.rst:60 68cfc580aef74b74ac47e293bbf7440e
msgid "What's implemented"
msgstr ""
#: ../development/specifications.rst:62 ../development/specifications.rst:83
#: 344f97d9c70a41f2aa7db3e292674b0d 2a7e31290d3b4472a9886379380543d7
msgid "Endpoints:"
msgstr ""
#: ../development/specifications.rst:64 51a2a6bac44a4c84b78e77b3e1c03d51
msgid "/Users (GET, POST)"
msgstr ""
#: ../development/specifications.rst:65 35f011e2bf79415883469e279325ef25
msgid "/Users/<user_id> (GET, PUT, DELETE)"
msgstr ""
#: ../development/specifications.rst:66 a071464fe752465bbe18f12c5f63562f
msgid "/Groups (GET, POST)"
msgstr ""
#: ../development/specifications.rst:67 48d92f0c8d28471f9c4de06a6fee14aa
msgid "/Groups/<user_id> (GET, PUT, DELETE)"
msgstr ""
#: ../development/specifications.rst:68 8b34a263d2b046cbb9a20a2083938892
msgid "/ServiceProviderConfig (GET)"
msgstr ""
#: ../development/specifications.rst:69 75ce8a0bca0543dd9059ea6b0090f9c3
msgid "/Schemas (GET)"
msgstr ""
#: ../development/specifications.rst:70 f9e4b33f55864bc09237b0688d4c1cba
msgid "/Schemas/<schema_id> (GET)"
msgstr ""
#: ../development/specifications.rst:71 7315f0b03e3447bfb18af0bd54b13e99
msgid "/ResourceTypes (GET)"
msgstr ""
#: ../development/specifications.rst:72 cb771a93cdef478bbc6d52657d778ba1
msgid "/ResourceTypes/<resource_type_id> (GET)"
msgstr ""
#: ../development/specifications.rst:74 f8cb594cde24439c8d642d7eecdeb33d
msgid "Features:"
msgstr ""
#: ../development/specifications.rst:76 175a65fc837f4dc48a10d3b167a464a7
msgid ":rfc:`pagination <7644#section-3.4.2.4>`"
msgstr ""
#: ../development/specifications.rst:81 38c532b3622f4a2b8b789298a0bfed99
msgid "What is not implemented yet"
msgstr ""
#: ../development/specifications.rst:85 d2456827f07847dfa9f42e8bf86da08f
msgid "/Users (PATCH)"
msgstr ""
#: ../development/specifications.rst:86 6bad7d4b458c4294be2ad05dcac5abd4
msgid "/Groups (PATCH)"
msgstr ""
#: ../development/specifications.rst:87 a26dd83532c44f7abad4572dd932170a
msgid ":rfc:`/Me <7644#section-3.11>` (GET, POST, PUT, PATCH, DELETE)"
msgstr ""
#: ../development/specifications.rst:88 836bfaabb5544327a40fb8c893a2f0e5
msgid ":rfc:`/Bulk <7644#section-3.11>` (POST)"
msgstr ""
#: ../development/specifications.rst:89 aa37c0272ba24b308922fc40b66e3a2e
msgid ":rfc:`/.search <7644#section-3.4.3>` (POST)"
msgstr ""
#: ../development/specifications.rst:91 ../features.rst:9
#: d7b01888bb114c7d95660a93cbf52311 d58b104b8d5548c594cfd8be5a3a1adc
msgid "Features"
msgstr ""
#: ../development/specifications.rst:93 c62cbc4b8b56467aa7fd7d0ff542fe4a
msgid ":rfc:`filtering <7644#section-3.4.2.2>`"
msgstr ""
#: ../development/specifications.rst:94 7ca9fca1e13c4f79a9ba327f7ce384f6
msgid ":rfc:`sorting <7644#section-3.4.2.3>`"
msgstr ""
#: ../development/specifications.rst:95 5c835bee9e924b52881f7bf441ecb4e9
msgid ":rfc:`attributes selection <7644#section-3.4.2.5>`"
msgstr ""
#: ../development/specifications.rst:96 5d3dbd08058047d8a38b559ea46c277e
msgid ":rfc:`ETags <7644#section-3.14>`"
msgstr ""
#: ../development/specifications.rst:99 255c6e6f83b44945a5f67191414a1b9b
msgid "Comparison with other providers"
msgstr ""
#: ../development/specifications.rst:101 4d4ac8c44b4a459792dfd9e7c931c6f4
msgid "Here is a feature comparison with other OpenID Connect server software."
msgstr ""
#: ../development/specifications.rst:103 034c310137f74d2cbaf87959b844f123
msgid ""
"Canaille voluntarily only implements the OpenID Connect protocol to keep its "
"codebase simple."
msgstr ""
#: ../development/specifications.rst:106 a0b6d9411ccd46a0a614e61187457f81
msgid "Software"
msgstr ""
#: ../development/specifications.rst:106 0972e311a8984d718913ab728c5a613d
msgid "Project"
msgstr ""
#: ../development/specifications.rst:106 ec16e393279c4574919b9dc2fde6566e
msgid "Protocols implementations"
msgstr ""
#: ../development/specifications.rst:108 069a90c864e9485ba71f0626a04bb7ac
msgid "FLOSS"
msgstr ""
#: ../development/specifications.rst:108 793ab8c0e5864c36951cdfe503b6b520
msgid "Language"
msgstr ""
#: ../development/specifications.rst:108 a17def4fd4ba4cdf836371d70a58dae0
msgid "LOC"
msgstr ""
#: ../development/specifications.rst:108 ../references/templates.rst:48
#: 2489de89a6ae4142a72fb3176f96d97c 4d2cf4eb587146ad9de3a2e651a4f59b
msgid "OIDC"
msgstr ""
#: ../development/specifications.rst:108 fde25f12c34b4290a5781d59545fd4f5
msgid "SAML"
msgstr ""
#: ../development/specifications.rst:108 1bf933220236402a8578cb23e99a23d6
msgid "CAS"
msgstr ""
#: ../development/specifications.rst:110 a06c6e50e788419f8e23165436f5b64a
msgid "Canaille"
msgstr ""
#: ../development/specifications.rst:110 ../development/specifications.rst:112
#: ../development/specifications.rst:114 ../development/specifications.rst:116
#: ../development/specifications.rst:118 ../development/specifications.rst:120
#: ../development/specifications.rst:122 ../development/specifications.rst:124
#: ../development/specifications.rst:126 ../development/specifications.rst:128
#: ../development/specifications.rst:130 ../development/specifications.rst:132
#: 8359cdf8361a4f40af83efebc710b26c 92ab0f4a4a88426788a990e1a4e66ac1
#: 2144f214b51540269c3be06540f96d80 07291bfd83b44fea9b28698e9459714f
#: c1c334386ed74b60a5c918c27074b3b2 4141a1bf492f460f9122f6e4a6a472cc
#: 7da15555b136476c90a6ee8c07ad8931 bb31a9d5919e4ec496f1ded1061047ef
#: 29b780d8270448919bb84882ad99e208 cf66b87d6d6946b2a6a1bba66ec49866
#: 405ec378a23f45368056001f0e125e86 32573bb2db2c48f294f1c8e99041b7ba
#: fa87dc7094444bf192921dc21d96e163 31885860425144758e2f46e1d15fb0ed
#: 4fab7f1511c941f1a2d49c35650eec5b 958e8e4c17ae448ab5446180b5bd5907
#: 03c8b263424f44b5b671ddc157dd5cbc b417afdb4bf84c16af18d53b34834dcd
#: 5199937c1c8b4832a2f9576e4dc925d9 888dd2299cac429ca0feff30cb7ee7fd
#: 89cd7338992946d0b687a257acc47a1a 411d48d5271146c7a27f5e61927d5718
#: 7d8bf7085a2d407b88566b752769d211 b03b87ae7f0a463f81fe51fd42c9d856
#: d56cbf84355a44ca8b2783ca1296fe33 395c20898c52466d9ea4d48f3b51f8b5
#: 274d57a4fe6a40bfadaff61802338c2c ee3e34ce765f4a0b9ca32df1e2154604
#: e4b974ef3e284bb79a6af7f6ba7b6bf8 68486605ae5f433d9276e6cf2fdb6352
#: f2f6140c99c744eba16734ae914f6068 b2dc6bf2db8d40e0923c648a7f3fbe77
#: a6709cf0859f42bdb86a3efa686225f9 8beffdfc8f574c68bf648c43d1b9fd53
#: 8e1c7536e3a449ffb9057ee3d9fd0616 4a99ccc8d37b4ef79c1d5fb9156cb01d
#: 559c72bcf9154c7482c3c9817c013846 d90a2be715354f9fbec07d1ddecf0587
#: 7de72e60317f48dea89bef5d42834ce9 72dfddba807a4ff3a1b6d21f05357709
#: c2154721e215407d9519a1364e36cf94 bcfc9457ee264da795001e4691011bf3
#: 6a6b82c0868442c2b3910c250c9c30ff d5dff4f0dae6496a879e8b23b78f98c5
#: 61dcd56d6ecc43b59758e02fdddc9b45 67b31d28861444308994cdf883ae317a
#: 270eace283a14d66b9e59db048efc37f 7ea946aabc7e4da186e50262a66e66a8
#: 428c79ed0ab4413081e3cf9b65023836 8f8e1f80778c4738989497cdf6fd0cad
#: 3586504e4d564d288508699bf1a476f7 cc2d8201751c4180a568013887a8fa37
#: 4fc53bcdaf484ca48d2d4d8be91eee4b e6544ae648cb4504a26dd8f471900b7c
#: feb5d4d093514ec682e54082d8fe615c ab882015b1b943c4b7890f07712df299
#: 6b9ef531feaf40e8bdff9ff234df758c b9210995b5634268b16adb581dee4c0a
#: f25e1de836dc405eb0a8c879ae679dd8 0e8ef9488cc94903b2841e13fb9a19cc
#: 9a715a4a98ae4db0b95302ea696f69ff 0726f102de6646dfa28e29178067d786
#: 6b7ffc0ef20048e0a85521ccae8f188a
msgid "✅"
msgstr ""
#: ../development/specifications.rst:110 ../development/specifications.rst:116
#: 2ce059e05f9c4da293172ace511122de e2ab2a0e8ea74bb39c1a9551b335cb61
msgid "Python"
msgstr ""
#: ../development/specifications.rst:110 87708af531fc4265a4221079fa936a2c
msgid "10k"
msgstr ""
#: ../development/specifications.rst:110 ../development/specifications.rst:112
#: ../development/specifications.rst:114 ../development/specifications.rst:116
#: ../development/specifications.rst:118 ../development/specifications.rst:120
#: ../development/specifications.rst:122 ../development/specifications.rst:126
#: ../development/specifications.rst:130 ../development/specifications.rst:132
#: a57dfb6ec28747e7b0c22d5350a438f6 7e3f062885a04d51bd3d990d0f12b3c2
#: 7d4be1af719440a394a3c1db62aa2f57 8063e8846e4b43bd986948c13850e137
#: 8286477f5979436697efd5449d716d5f f37761c3350c46e3be462ed8d0ca2e1e
#: e19f121e83dc41b28a0d5327d4a41286 7f3f1182bd8042f688e05e50d93fa2c9
#: dd13ab9d853841f8949c74f2ed9e6480 0070fe7c812341df9dc54a2131baa9a7
#: aed906e90e9e4e2c97fc4879dbada5db 8081047a12364457b6c2961c72761759
#: cfb3090585a84c4486cd07855168bfd2 fd1891815a1344c0a6bac195dea94853
#: b025e52c9ab64fa1a6f08154653574f0 b69c1d1477034615a2a974f68873f5f2
#: 990657b9343d4f12b279bd27e0ee2078 572f6127a926431cbed73c7fcb29a41a
msgid "❌"
msgstr ""
#: ../development/specifications.rst:110 4deaec7283d04195bb4b5ce830423c17
msgid "🟠"
msgstr ""
#: ../development/specifications.rst:112 ef8ef0ca3a3e41d89ca0d204cf9575ef
msgid "`Auth0`_"
msgstr ""
#: ../development/specifications.rst:112 ../development/specifications.rst:122
#: ../development/specifications.rst:124 ../development/specifications.rst:132
#: 1ec8da617dc74ff48cc221502b18cb5f 55ff3b92c3614bc39efd55d219010756
#: 7c8ef00509294715b264887ecdba0d35 c2bbeca5ac0541109fbfb688ce50219c
#: 621c54fa39e74dec875e6141a490d52d 01e2de36a736422bbb195cafe4d932b5
#: 69ff3ec3345847089a98e5660b75c27b c764dfbb678342618ca6ba085ce34bff
#: 6196220072c04e4680c81a3da830f32c
msgid "❔"
msgstr ""
#: ../development/specifications.rst:114 a06e90a200c142329aab42c417145475
msgid "`Authelia`_"
msgstr ""
#: ../development/specifications.rst:114 ../development/specifications.rst:118
#: ../development/specifications.rst:126 afc0d499c6624f029bf984a2b660a06f
#: 147dfdd1635f4d37a961194619b1b761 c9febc2d19ec455f9377f9a83cb24686
msgid "Go"
msgstr ""
#: ../development/specifications.rst:114 ../development/specifications.rst:126
#: 38acc1bf34554da2ac15381b4ae4bcbf 8fa0178c68534ff0bcf109e0713cf937
msgid "50k"
msgstr ""
#: ../development/specifications.rst:116 3cc6d108c87045fbbf9a63da618a9e6e
msgid "`Authentic2`_"
msgstr ""
#: ../development/specifications.rst:116 a0ffc4dc899d49b08f8b32146c8a4a43
msgid "65k"
msgstr ""
#: ../development/specifications.rst:118 1105db265e8f46369b7ddb743e1f7e9b
msgid "`Authentik`_"
msgstr ""
#: ../development/specifications.rst:118 83b25cffb0da4a24a3b2a402d484524e
msgid "55k"
msgstr ""
#: ../development/specifications.rst:120 248eb430ee704fc3a24e022cfb5eee14
msgid "`CAS`_"
msgstr ""
#: ../development/specifications.rst:120 ../development/specifications.rst:124
#: ../development/specifications.rst:128 a8b79f9ecab5469a9b80cc7e909609f6
#: 9273ae9f8bb240dcb07cad9ca0bc19d2 7aca0c51a5bd45509421444dc8e21b00
msgid "Java"
msgstr ""
#: ../development/specifications.rst:120 679056ff38cb4ba4b09d21fbbb583fcb
msgid "360k"
msgstr ""
#: ../development/specifications.rst:122 5a7602cb44b545679f6f464b0c967659
msgid "`Connect2id`_"
msgstr ""
#: ../development/specifications.rst:124 07e7c1d67f2245e4b1a36a6ef061721a
msgid "`Gluu`_"
msgstr ""
#: ../development/specifications.rst:126 a8a9b571aedd4fc0bdb545fa04a09c35
msgid "`Hydra`_"
msgstr ""
#: ../development/specifications.rst:128 f354d55bcfa445269d2f873e3cad72be
msgid "`Keycloak`_"
msgstr ""
#: ../development/specifications.rst:128 ae7e82db3a9f458f96b0d07be7f9bc60
msgid "600k"
msgstr ""
#: ../development/specifications.rst:130 0cbcdf7a4748404eb674088a9b3b26e5
msgid "`LemonLDAP`_"
msgstr ""
#: ../development/specifications.rst:130 a9e79acd7894437c9b290df6b4b630db
msgid "Perl"
msgstr ""
#: ../development/specifications.rst:130 a9c50fc2632c4efcbd0a7107c93c6f44
msgid "130k"
msgstr ""
#: ../development/specifications.rst:132 7b0328f64db64f4ab4712b67ea0793fe
msgid "`Okta`_"
msgstr ""
#: ../features.rst:11 83992b326f024b0f85077ae68cb0587b
msgid ""
"Here are the different features that Canaille provides. You can enable any "
"of those features with the :doc:`configuration <references/configuration>` "
"to fit any :doc:`use cases <usecases>` you may meet. Check our :ref:"
"`roadmap <features:Roadmap>` to see what is coming next."
msgstr ""
#: ../features.rst:15 e84eca88d1f945c0b75f5cb7660e147e
msgid ""
"Users can interact with Canaille through its :ref:`web interface <features:"
"Web interface>` and administrators can also use its :ref:`command line "
"interface <feature_cli>`. Canaille can handle data stored in different :ref:"
"`database backends <feature_databases>`."
msgstr ""
#: ../features.rst:19 54195631200f46668dd0774d8fb1fe7c
msgid "User and group management"
msgstr ""
#: ../features.rst:21 93495d3a171a49898396742c01e8c0f6
msgid ""
"Canaille web interface can be used either in :doc:`production environments "
"<tutorial/deployment>` or locally for development purposes."
msgstr ""
#: ../features.rst:26 ../index.rst:27 747fc6d9c0ff4afe99f5e8c636fc0630
#: 281a61a509c14bd785713a9e32ff21d3
msgid "Profile management"
msgstr ""
#: ../features.rst:28 ../features.rst:238 7cd208e6778b4e3ca435fcaa282b6656
#: 3845e2e3bc7048fb8e477f3964ea4286
msgid "Profile"
msgstr ""
#: ../features.rst:33 bd8bf9442ea64aedaa39bad6408300b6
msgid "Canaille provides an interface to manage user profiles."
msgstr ""
#: ../features.rst:35 735d8c451c114d188fdfda137bb0b3da
msgid ""
"The exact list of displayed fields, and whether they are :attr:`writable "
"<canaille.core.configuration.ACLSettings.WRITE>` or :attr:`read-only "
"<canaille.core.configuration.ACLSettings.READ>` depends on the user :class:"
"`Access Control List settings (ACL) <canaille.core.configuration."
"ACLSettings>`."
msgstr ""
#: ../features.rst:37 d85f58ac8b8b4d0c809d18cd01308676
msgid ""
"Depending on their ACL :class:`permissions <canaille.core.configuration."
"Permission>`, users can either be allowed to edit their own profile, edit "
"any user profile, or do nothing at all."
msgstr ""
#: ../features.rst:42 b0204857451143228a47d4bd0d207425
msgid "Email confirmation"
msgstr ""
#: ../features.rst:44 6357bf8141804e8ca3c7cc4688147c79
msgid ""
"If the :attr:`email confirmation feature <canaille.core.configuration."
"CoreSettings.EMAIL_CONFIRMATION>` is enabled, any modification or addition "
"of a profile email will send a confirmation mail to the new address. The "
"mail will contain a link that users will need to click on to confirm their "
"email address."
msgstr ""
#: ../features.rst:46 2b8cac7a02c241db86c0e1a8977f539f
msgid ""
"Users with :attr:`user management permission <canaille.core.configuration."
"Permission.MANAGE_USERS>` can set user emails without confirmation though."
msgstr ""
#: ../features.rst:51 5ca54af9769c4d66b1f073cf5dae0f8c
msgid "Group management"
msgstr ""
#: ../features.rst:53 ../features.rst:140 859672dbd62e44f68edf373e3db0f25f
#: 7b785345dfe54831abb635f53566cbb4
msgid "Group edition"
msgstr ""
#: ../features.rst:58 3c406b087545469ba8233b792ccf4117
msgid ""
"In a similar fashion than :ref:`profile management "
"<feature_profile_management>` Canaille provides an interface to manage user "
"groups."
msgstr ""
#: ../features.rst:60 f3aa5eee77bb4c878ea3117ef50906b1
msgid ""
"The group management is quite simple at the moment and consists in a group "
"name and description, and the list of its members. Group membership can be "
"use as :attr:`ACL Filter <canaille.core.configuration.ACLSettings.FILTER>` "
"to define user permissions."
msgstr ""
#: ../features.rst:63 ../features.rst:83 ../features.rst:149
#: ../tutorial/deployment.rst:13 ../tutorial/provisioning.rst:9
#: be163aa553874c63a119ca1e531e4926 bbcda8b5363746de842d3fd4565df358
#: 61f8b293eb1840df8775b9a46977e68a 7d063927a16248008786ce8fff0c0f4c
#: ef513869dfee4036992c4c33ae89cb19
msgid "Todo"
msgstr ""
#: ../features.rst:64 19616dc65f50458da4280f5f0a763790
msgid ""
"At the moment adding an user to a group can only be achieved by the user "
"settings page, but we are :issue:`working to improve this <192>`."
msgstr ""
#: ../features.rst:66 1f22335eacb94aa8a46554367a8edb65
msgid ""
"Group management can be enable with a :attr:`dedicated user permission "
"<canaille.core.configuration.Permission.MANAGE_GROUPS>`."
msgstr ""
#: ../features.rst:69 206521f4720945159a79dcd353d89a63
msgid ""
"Due to limitations in the :ref:`LDAP backend <tutorial/databases:LDAP>`, "
"groups must have at least one member. Thus it is not possible to remove the "
"last user of a group without removing the group."
msgstr ""
#: ../features.rst:75 ../index.rst:34 df0f45720dd54482a606b7384b0af773
#: b96f3e623fbc42cc886ade8fce98b625
msgid "User authentication"
msgstr ""
#: ../features.rst:77 009db2e14df8413095b0d9f3150e4b5e
msgid ""
"Unless their account is :ref:`locked <feature_account_locking>`, users can "
"authenticate with a login and a password."
msgstr ""
#: ../features.rst:81 ad32a04ddd764be6bc4f07f835189dc1
msgid ""
"For security reasons, it won't be told to users if they try to sign in with "
"an unexisting logging, unless explicitly :attr:`set in the configuration "
"<canaille.core.configuration.CoreSettings.HIDE_INVALID_LOGINS>`."
msgstr ""
#: ../features.rst:83 160e331c61874a97aa78b514e80863ef
msgid ""
":ref:`LDAP backend <tutorial/databases:LDAP>` users can define which :class:"
"`user field <canaille.core.models.User>` should be used as the login (such "
"as :attr:`~canaille.core.models.User.user_name` or :attr:`~canaille.core."
"models.User.emails`) using a :attr:`configuration parameter <canaille."
"backends.ldap.configuration.LDAPSettings.USER_FILTER>`, but other backends "
"can only login using :attr:`~canaille.core.models.User.user_name`. We are :"
"issue:`working to improve this <196>`."
msgstr ""
#: ../features.rst:88 eac565374d1d43499d808cb66e3db17b
msgid "User registration"
msgstr ""
#: ../features.rst:90 b2e46804265c43df8ee0242a495608c4
msgid ""
"Users can create accounts on Canaille if the :attr:`registration feature "
"<canaille.core.configuration.CoreSettings.ENABLE_REGISTRATION>` is enabled. "
"They will be able to fill a registration form with the fields detailed in "
"the default :class:`ACL settings <canaille.core.configuration.ACLSettings>`."
msgstr ""
#: ../features.rst:92 beef77105d71424a81a7608596a70ddc
msgid ""
"If :attr:`email confirmation <canaille.core.configuration.CoreSettings."
"EMAIL_CONFIRMATION>` is also enabled, users will be sent a confirmation link "
"to their email address, on which they will need to click in order to "
"finalize their registration."
msgstr ""
#: ../features.rst:97 ../features.rst:99 16180dbd28a247d0b58017290d410e1c
#: 27d275b7f1524eae9a3d0bb28d27d734
msgid "User invitation"
msgstr ""
#: ../features.rst:104 9c5e83d641624935a643163f6194f1b3
msgid ""
"If a :class:`mail server <canaille.core.configuration.SMTPSettings>` is "
"configured, users with :attr:`user management permission <canaille.core."
"configuration.Permission.MANAGE_USERS>` can create an invitation link for "
"one user."
msgstr ""
#: ../features.rst:106 547e556908d6485e91d11299f6d7731c
msgid ""
"The link goes to a registration form, even if regular :ref:`user "
"registration <feature_user_registration>` is disabled."
msgstr ""
#: ../features.rst:108 c5f67c0c35744d06a46ff62581a68be5
msgid "It can be automatically sent by email to the new user."
msgstr ""
#: ../features.rst:113 87dc5cf8a5644adba540c43626b85116
msgid "Account locking"
msgstr ""
#: ../features.rst:115 e06722f64e4d4b51860928e63423b9f7
msgid ""
"If Canaille is plugged to a :ref:`backend <feature_databases>` that supports "
"it, user accounts can be locked by users with :attr:`user management "
"permission <canaille.core.configuration.Permission.MANAGE_USERS>`. The lock "
"date can be set instantly or at a given date in the future."
msgstr ""
#: ../features.rst:118 8b1b5e618c3943a989c0d9b7958890ce
msgid "At the moment a user account is locked:"
msgstr ""
#: ../features.rst:120 9df53f0bc1e14517b207979063e506db
msgid "their open sessions will be closed;"
msgstr ""
#: ../features.rst:121 76e0e046a3af405a94194bad849adca5
msgid "they won't be able to sign in again;"
msgstr ""
#: ../features.rst:122 82e4c98b176c4d2bba2f7ce96c2322d9
msgid "no new OIDC token will be issued;"
msgstr ""
#: ../features.rst:124 5f9b8faf05a246bea2a23417d83ec83d
msgid ""
"User accounts must be manually unlocked by an administrator for the users to "
"regain access to those actions."
msgstr ""
#: ../features.rst:129 19999c792f774669959a562731f2ae45
msgid "Account deletion"
msgstr ""
#: ../features.rst:131 7009976bf70348c5a99681fe82017a2f
msgid ""
"Users with the :attr:`account deletion permission <canaille.core."
"configuration.Permission.DELETE_ACCOUNT>` are allowed to delete their own "
"account."
msgstr ""
#: ../features.rst:133 2a140bd932e84750ac0b767017723fb2
msgid ""
"Users that also have the :attr:`user management permission <canaille.core."
"configuration.Permission.MANAGE_USERS>` are also allowed to delete other "
"users accounts."
msgstr ""
#: ../features.rst:138 93cd6c928328482a98f4ed4bf3868fb5
msgid "Password recovery"
msgstr ""
#: ../features.rst:145 92d716598ce844bf80049d7c7720d73c
msgid ""
"If a :class:`mail server <canaille.core.configuration.SMTPSettings>` is "
"configured and the :attr:`password recovery feature <canaille.core."
"configuration.CoreSettings.ENABLE_PASSWORD_RECOVERY>` is enabled, then users "
"can ask for a password reset email if they cannot remember their password."
msgstr ""
#: ../features.rst:147 662c873cc0ea45dc9535c075a2f97203
msgid ""
"The email will be sent to the email addresses filled in their profile, and "
"will contain a link that will allow them to choose a new password. ."
msgstr ""
#: ../features.rst:151 f13a4bafd63a4087a5750e4c6160142f
msgid "Check that password recovery is disabled on locked accounts."
msgstr ""
#: ../features.rst:156 fe3e4ba9348341808cde4c4bc5c39767
msgid "Password reset"
msgstr ""
#: ../features.rst:158 f4fe4f29702f42b0974ca95307d66d4f
msgid ""
"If a :class:`mail server <canaille.core.configuration.SMTPSettings>` is "
"configured, :attr:`user management permission <canaille.core.configuration."
"Permission.MANAGE_USERS>` can send password reset mails to users. The mails "
"contains a link that allow users to choose a new password without having to "
"retrieve the old one."
msgstr ""
#: ../features.rst:164 8efff1070020462f95e1fe41de00136d
msgid "Password initialization"
msgstr ""
#: ../features.rst:166 9b4bda837bea410692718890b76877c8
msgid ""
"User :attr:`passwords <canaille.core.models.User.password>` are optional. If "
"a :class:`mail server <canaille.core.configuration.SMTPSettings>` is "
"configured, when users with no password attempt to sign in, they are invited "
"to click a button that will send them a password initialization mail. The "
"mail contains a link that leads to a form that allows users to choose a "
"password."
msgstr ""
#: ../features.rst:173 5319e975d4fb4701b91648542a2d8828
msgid "Password compromission check"
msgstr ""
#: ../features.rst:175 6808b4633ea2473480a7de609cc74213
msgid ""
"If :attr:`password compromission check feature <canaille.core.configuration."
"CoreSettings.ENABLE_PASSWORD_COMPROMISSION_CHECK>` is enabled, Canaille will "
"check for password compromise on HIBP (https://haveibeenpwned.com/) every "
"time a new password is register. You will need to set an :attr:`admin email "
"<canaille.core.configuration.CoreSettings.ADMIN_EMAIL>`."
msgstr ""
#: ../features.rst:180 71fd2622c9734be487e462b06fd8e6bf
msgid "Multi-factor authentication"
msgstr ""
#: ../features.rst:182 707f699e7d374657ac3b29d3e5c65eba
msgid ""
"If the :attr:`one-time password feature <canaille.core.configuration."
"CoreSettings.OTP_METHOD>` is set, then users will need to authenticate "
"themselves using a one-time password via an authenticator app. Two options "
"are supported : \"TOTP\" for time one-time password, and \"HOTP\" for HMAC-"
"based one-time password. In case of lost token, TOTP/HOTP authentication can "
"be reset by users with :attr:`user management permission <canaille.core."
"configuration.Permission.MANAGE_USERS>`. If a :class:`mail server <canaille."
"core.configuration.SMTPSettings>` is configured and the :attr:`email one-"
"time password feature <canaille.core.configuration.CoreSettings.EMAIL_OTP>` "
"is enabled, then users will need to authenticate themselves via a one-time "
"password sent to their primary email address. If a :class:`smpp server "
"<canaille.core.configuration.SMPPSettings>` is configured and the :attr:`sms "
"one-time password feature <canaille.core.configuration.CoreSettings."
"SMS_OTP>` is enabled, then users will need to authenticate themselves via a "
"one-time password sent to their primary phone number."
msgstr ""
#: ../features.rst:191 92cf33b469d640cbaa67400714a54221
msgid "Intruder lockout"
msgstr ""
#: ../features.rst:193 2122ba68652f47df83d6863d31d4f169
msgid ""
"If the :attr:`intruder lockout feature <canaille.core.configuration."
"CoreSettings.ENABLE_INTRUDER_LOCKOUT>` is enabled, then users will have to "
"wait for an increasingly long time between each failed login attempt."
msgstr ""
#: ../features.rst:196 8278c8d375764d8b81559827f6ec5c96
msgid "Web interface"
msgstr ""
#: ../features.rst:201 30a7dce9d05d46bba5697e75b939ebd7
msgid "Internationalization"
msgstr ""
#: ../features.rst:203 b76e44066c3e436c8d850b9bc8552c40
msgid "Translation state"
msgstr ""
#: ../features.rst:208 e2fdac042d5b4d7fb37fdebf1f54393e
msgid ""
"Canaile will display in your :attr:`preferred language <canaille.core.models."
"User.preferred_language>` if available, or your browser language if "
"available (and if it is not you can :ref:`help us with the translation "
"<development/contributing:Code translation>`). If you prefer, you can also :"
"attr:`force a language <canaille.core.configuration.CoreSettings.FAVICON>` "
"for every users."
msgstr ""
#: ../features.rst:214 a8d7dd0ef8a148079d86252bfdb24e8d
msgid "Lightweight"
msgstr ""
#: ../features.rst:216 62e134fecda54ecebd2ed99cfad21431
msgid ""
"The web interface is lightweight, so everything should load quickly. There "
"is a few Javascript here and there to smooth the experience, but no "
"Javascript at all is needed to use Canaille."
msgstr ""
#: ../features.rst:220 98e5119178fe49fc865631a7f0f79683
msgid "Customizable"
msgstr ""
#: ../features.rst:222 0289e553e0c141c5bf0584f63db93a0b
msgid ""
"The default theme should be good enough for most usages. It has a dark "
"theme, display well on mobile, and let you choose a :attr:`logo <canaille."
"core.configuration.CoreSettings.LOGO>` and a :attr:`favicon <canaille.core."
"configuration.CoreSettings.FAVICON>`."
msgstr ""
#: ../features.rst:225 b12a1b77895c45c39c69711771f45cfc
msgid ""
"If you need more you can also use a :attr:`custom theme <canaille.core."
"configuration.CoreSettings.THEME>`."
msgstr ""
#: ../features.rst:232 9093d3d195d14410aa63d5fb011294d9
msgid ""
"Canaille implements a :ref:`subset<development/specifications:State of the "
"specs in Canaille>` of the OAuth2/OpenID Connect specifications . This "
"allows to provide :abbr:`SSO (Single Sign-On)` and :abbr:`SLO (Single Log-"
"On)` to applications plugged to Canaille."
msgstr ""
#: ../features.rst:236 8d78707d882c4ad7bd911a12f77357bf
msgid "Consent management"
msgstr ""
#: ../features.rst:244 2f4773e2479e40b5a5b8f85b99d07d2b
msgid ""
"Users can give their consent to application requesting access to their "
"personal information, and then revoke those consent at their will."
msgstr ""
#: ../features.rst:248 cb6b8f0c1c3f4fba9fa0271cfde526f8
msgid "Application management"
msgstr ""
#: ../features.rst:250 7a6c934205fd409cb24d57d8abb44f3b
msgid ""
"Users with the right :attr:`permission <canaille.core.configuration."
"Permission.MANAGE_OIDC>` can manager OIDC clients through the web interface."
msgstr ""
#: ../features.rst:252 58ff42230b714f6887b089d27d4cbb1e
msgid ""
"In some cases, it might be useful to avoid the consent page for some trusted "
"applications, so clients can be pre-consented."
msgstr ""
#: ../features.rst:255 d3d907c775ac40e7804b9d807393fd24
msgid "Discovery"
msgstr ""
#: ../features.rst:257 3cbdbbb7efdf497390e96311f23ba98c
msgid ""
"Canaille implements the :doc:`Discovery specifications <development/"
"specifications>` so most of the applications plugged to Canaille can auto-"
"configure themselves."
msgstr ""
#: ../features.rst:260 a898023be2a341718e270e67167d0779
msgid "Dynamic Client Registration"
msgstr ""
#: ../features.rst:262 ad31ff1cd9644ab683677d17732722b8
msgid ""
"Canaille implements the :doc:`Dynamic Client Registration specifications "
"<development/specifications>`, so when the :attr:`feature is enabled "
"<canaille.oidc.configuration.OIDCSettings."
"DYNAMIC_CLIENT_REGISTRATION_OPEN>`, clients can register themselves on "
"Canaille without an administrator intervention."
msgstr ""
#: ../features.rst:265 203b8da2c05346b988887b1fbcd7eb33
msgid "System administration"
msgstr ""
#: ../features.rst:270 ../references/commands.rst:2
#: 9977d7c7ec444216ad6aae3ab99637f7 389875cae59843dc8c837dd6aaaae752
msgid "Command Line Interface"
msgstr ""
#: ../features.rst:272 b8b20bc2fcf64a8d92111dcddbec0d84
msgid ""
"Canaille comes with a :abbr:`CLI (Command Line Interface)` to help "
"administrators in hosting and management."
msgstr ""
#: ../features.rst:274 d2b7aaf441474ac2ad1d8cc3caf1085f
msgid ""
"There are tools to :ref:`check your configuration <cli_check>` or to :ref:"
"`install missing parts <cli_install>`. You can use the CLI to :ref:`create "
"<cli_create>`, :ref:`read <cli_get>`, :ref:`update <cli_set>` and :ref:"
"`delete <cli_delete>` models such as :class:`users <canaille.core.models."
"User>`, :class:`groups <canaille.core.models.Group>` or :class:`OIDC "
"clients <canaille.oidc.basemodels.Client>`."
msgstr ""
#: ../features.rst:277 3a7b780ed2aa4a4c809b0919ddb14f6a
msgid ""
"There are also tools to :ref:`fill your database <cli_populate>` with random "
"objects, for tests purpose for instance."
msgstr ""
#: ../features.rst:282 ../tutorial/databases.rst:2
#: 3da864e6a4114405bf250d130fde7a25 f0012cb6a1764925a997dd5dc87dd7d2
msgid "Databases"
msgstr ""
#: ../features.rst:284 9406baff55794744bdd337ba3d2f4a3d
msgid ""
"Canaille can handle data from the most :ref:`common SQL databases <tutorial/"
"databases:SQL>` such as PostgreSQL, MariaDB or SQLite, as well as :ref:"
"`OpenLDAP <tutorial/databases:LDAP>`. It also comes with a no-dependency :"
"ref:`in-memory database <tutorial/databases:Memory>` that can be used in "
"unit tests suites."
msgstr ""
#: ../features.rst:290 01c71f0086e048ecbd75c8adad975135
msgid "Logging"
msgstr ""
#: ../features.rst:292 c1c30fa9a81741bfb7da053d314a7767
msgid ""
"Canaille writes :attr:`logs <canaille.core.configuration.CoreSettings."
"LOGGING>` for every important event happening, to help administrators "
"understand what is going on and debug funky situations."
msgstr ""
#: ../features.rst:294 04974cc2a4704184a19298b064ab6c2e
msgid ""
"The following security events are logged with the log level \"security\" for "
"easy retrieval :"
msgstr ""
#: ../features.rst:296 769a0d2fbc474a72ae85d332cd09ce09
msgid "Authentication attempt"
msgstr ""
#: ../features.rst:297 94e144420f1b4f2992067040bf4a5582
msgid "Password update"
msgstr ""
#: ../features.rst:298 38f087163a9541c29f06820437135d5c
msgid "Email update"
msgstr ""
#: ../features.rst:299 4a9bbfa8dd4947f28bab05cf76fbb9f8
msgid "Forgotten password mail sent to user"
msgstr ""
#: ../features.rst:300 38d9fce3533c4f1e94cb34743ea4fb68
msgid "One-time password mail sent to user"
msgstr ""
#: ../features.rst:301 461dfd630cb34a6c833d803dbc6fde75
msgid "Multi-factor authentication reset"
msgstr ""
#: ../features.rst:302 73ad0b101d244196bb1bce7c516078a8
msgid "Token emission"
msgstr ""
#: ../features.rst:303 42d20b5c805c45c289c4e76202ca10ea
msgid "Token refresh"
msgstr ""
#: ../features.rst:304 62b5a24c52434109abbef7d96a6566da
msgid "Token revokation"
msgstr ""
#: ../features.rst:305 9c696c7b26174b6bacf9a65d84f6ba8e
msgid "New consent given for client application"
msgstr ""
#: ../features.rst:306 f036ee77fd30459f8b17970f43d3faaa
msgid "Consent revokation"
msgstr ""
#: ../features.rst:311 50c4cb979d764e9fad538a0c95490708
msgid "Development and testing tool"
msgstr ""
#: ../features.rst:316 28171f4aabbe4c209ba0d928d7fceb51
msgid "Unit-testing tool"
msgstr ""
#: ../features.rst:318 b4efc9d6589d47f3816505275ce27bed
msgid ""
"Thanks to its lightweight :ref:`in-memory database <tutorial/databases:"
"Memory>` and its curated :ref:`dependency list <tutorial/install:Get the "
"code>`, Canaille can be used in the unit test suite of your application, so "
"you can check how it behaves against a real world OpenID Connect server. If "
"you work with python you might want to check :doc:`pytest-iam:index`."
msgstr ""
#: ../features.rst:321 fb449cf78c2c4a80bf32a5417bebcade
msgid "Development server"
msgstr ""
#: ../features.rst:323 2a86b8ed7f734e8992d7449f3b6b9880
msgid ""
"It can also being launched in your development environment, if you find that "
"launching a Keycloak in a Docker container is too heavy for your little web "
"application."
msgstr ""
#: ../features.rst:328 0adf57513787473680b4af6d3fad5100
msgid "Continuous Integration tools"
msgstr ""
#: ../features.rst:330 e18a26ec34c740dcbab5a69449464f51
msgid ""
"It also fits well in continuous integration scenarios. Thanks to its :ref:"
"`CLI <feature_cli>`, you can prepare data in Canaille, let your application "
"interact with it, and then check the side effects."
msgstr ""
#: ../features.rst:333 2603a014b9f74261b4e108f98b2d8e05
msgid "Roadmap"
msgstr ""
#: ../features.rst:336 843a62acc9414741ace4ed40372359fe
msgid "Bêta version"
msgstr ""
#: ../features.rst:338 5af3d35132f44adab7d0a442d742db59
msgid ""
"To go out of the current Alpha version we want to achieve the following "
"tasks:"
msgstr ""
#: ../features.rst:340 7f1b9a153b2a4174b7c70668fdf717b7
msgid ":issue:`Configuration validation using pydantic <138>`"
msgstr ""
#: ../features.rst:343 317b18e87a674ce5a39f0aef073a5e1c
msgid "Stable version"
msgstr ""
#: ../features.rst:345 074aa5b4bbf94a5282c9493291f8bcf7
msgid ""
"Before we push Canaille in stable version we want to achieve the following "
"tasks:"
msgstr ""
#: ../features.rst:348 32e169e1f36441549ddbee882110def8
msgid "Security"
msgstr ""
#: ../features.rst:350 542d78c7c5bc4dea80a39a63ce215989
msgid ":issue:`Password hashing configuration <175>`"
msgstr ""
#: ../features.rst:351 e0ab0dd48216432ea2f3e683b151f7d0
msgid ":issue:`Authentication logging policy <177>`"
msgstr ""
#: ../features.rst:352 1e865664fc1b4c6ea020e5924e36e4f0
msgid ":issue:`Intruder lockout <173>`"
msgstr ""
#: ../features.rst:353 eff48eadd8d546508709110ee4297ccc
msgid ":issue:`Password expiry policy <176>`"
msgstr ""
#: ../features.rst:354 b57aa03df49f4bed8674f579ed2be7de
msgid ":issue:`Multi-factor authentication: Email <47>`"
msgstr ""
#: ../features.rst:355 7cd9c56ff1ec4fe4844ba21eac411b41
msgid ":issue:`Multi-factor authentication: SMS <47>`"
msgstr ""
#: ../features.rst:356 5349695bf05a4f9fa1072fe0bb6c4b58
msgid ":issue:`Multi-factor authentication: OTP <47>`"
msgstr ""
#: ../features.rst:359 7d5beadbd8184d7eb1fdd52b06f8a0bc
msgid "Packaging"
msgstr ""
#: ../features.rst:361 90de3f4dabb043a58c125c85126c5c3a
msgid ":issue:`Nix package <190>`"
msgstr ""
#: ../features.rst:362 f86de768f08c4e44bda3b40a54193b1c
msgid ":issue:`Docker / OCI package <59>`"
msgstr ""
#: ../features.rst:365 8f0ff63fc2264a2994584ca350cfacb9
msgid "And beyond"
msgstr ""
#: ../features.rst:367 18f71a0ecade47288245c41b1fcd4bad
msgid ":issue:`OpenID Connect certification <182>`"
msgstr ""
#: ../features.rst:368 d2176d37d72c4b7d8cc90a8374661c98
msgid ":issue:`SCIM support <116>`"
msgstr ""
#: ../index.rst:15 3cd93747449e4826a82978400fa0021a
msgid "Lightweight Identity and Authorization Management"
msgstr ""
#: ../index.rst:19 e1f076af69624d368f1c12f86cfc965d
msgid ""
"**Canaille** is a French word meaning *rascal*. It is roughly pronounced "
"**Can I?**, as in *Can I access your data?* Canaille is a lightweight "
"identity and authorization management software. It aims to be very light, "
"simple to install and simple to maintain. Its main features are :"
msgstr ""
#: ../index.rst:31 88bafd653fb4418ea8afaa3cde8baa0b
msgid "User profile and groups management, Basic permissions"
msgstr ""
#: ../index.rst:38 8054216c1dd746c2b1210f5c402cb1f1
msgid ""
"Authentication, registration, email confirmation, \"I forgot my password\" "
"emails"
msgstr ""
#: ../index.rst:40 60a03d30d8fe43fbae685b2702612b09
msgid "SSO"
msgstr ""
#: ../index.rst:44 142f93e5c0ad4fb2a486b4aa87f90cef
msgid "OpenID Connect identity provider"
msgstr ""
#: ../index.rst:46 24e2262cc93549c2a6997f62f8f7e38e
msgid "Multi-database support"
msgstr ""
#: ../index.rst:50 ccf5ab1611aa4893aa498f3cad5f6107
msgid "PostgreSQL, Mariadb and OpenLDAP first-class citizenship"
msgstr ""
#: ../index.rst:52 510ac22471fe41ea981c5b6f8b6503db
msgid "Customization"
msgstr ""
#: ../index.rst:56 bf2a273bba904d2393eb781cc5e84b84
msgid "Put Canaille at yours colors by choosing a logo or use a custom theme!"
msgstr ""
#: ../index.rst:58 1c7791be752c4b288c420a47929998af
msgid "Developers friendliness"
msgstr ""
#: ../index.rst:62 9b22b1a84542414d9448bde94c60b8b7
msgid ""
"Canaille can easily fit in your unit tests suite or in your Continuous "
"Integration."
msgstr ""
#: ../index.rst:66 4d0c2675411c4891a1da5945a8d99894
msgid ":doc:`Full feature list <features>` :doc:`Common use cases <usecases>`"
msgstr ""
#: ../references/commands.rst:4 88c4569acf554105957f705b7f6a9d10
msgid ""
"Canaille provide several commands to help administrator manage their data."
msgstr ""
#: ../references/commands.rst:6 e29d45adb32440248cfc56c951ada110
msgid ""
"Generally, some configuration has to be loaded by `Canaille`. This can be "
"achieved by :ref:`configuration loading method<references/configuration:Load "
"the configuration>` available, but most of the time a ``CONFIG`` environment "
"variable is used. For the sake of readability, it is omitted in the "
"following examples."
msgstr ""
#: ../../canaille check:1 ecbba95cc3894bb5922eb1c5d9aab9db
msgid "Test the configuration file."
msgstr ""
#: ../../canaille check:1 bb7356ed147f4b589cd06e1ba1aa2a31
msgid ""
"Attempt to reach the database and the SMTP server with the provided "
"credentials."
msgstr ""
#: ../../canaille clean:1 e54877b8950d4ca586a827146ddc381b
msgid "Remove expired tokens and authorization codes."
msgstr ""
#: ../../canaille dump:1 328ab9586ff247b599244e1ed1ec4ee1
msgid "Dump all the available models."
msgstr ""
#: ../../canaille install:1 ecf525c0e8d24ed887d09a8bce106b90
msgid "Installs canaille elements from the configuration."
msgstr ""
#: ../../canaille install:1 d060c2fbfe874a949db94e78b9dd86a1
msgid ""
"For instance, depending on the configuration, this can generate OIDC keys or "
"install LDAP schemas."
msgstr ""
#: ../../canaille populate:1 9e2e5a1d5c724de6907206c8713565b4
msgid "Populate the database with generated random data."
msgstr ""
#: ../references/commands.rst:0 0be3fdcbc5e8477eb729119840fc94db
#: 73af358a71184c90a446a0aec6a49490 a72c738435cf4a199cc28f9e168d61b4
#: 612db4d6c17246c4981bfc66b03e4c27 f82b2b0573fb4be1bce67c535184ce1b
#: c2646781921c4d9daa443b1c74c4e5fd 497abf548fb54afaa71c4b751530be5d
#: 16a8dfcef5164d229c53bae4fa67074b 0e5017c92c494defaba493327d2d6ec7
#: bb84806cf1c845b0baa936309a8215a8 79f94d26480e45f9a8a1d2e8c3e1f455
#: 452b4f3fb3e54255aec3d1dcac05cffd ac24f0ea4e174d5ebb6596ec5f61176a
#: 1d054222a5a749a6bd071daa0e7f95f1 30ae5e08dac14ce7920d1211d29a4d36
#: d5b54dc8b2e74c668a904c368289f197 57fb21a4ea444457be0c8f905443be56
#: 177c1bf012b94b2bbfeea4a6568030b2 5c5a57ae32c44aab8a068eea26fa5683
#: b44f96fbfcd942d6a7434e8e473ba97b
msgid "Options"
msgstr ""
#: ../../canaille populate:1 366e3818f94644f69b0ea3d3f9020dfa
msgid "Number of items to create"
msgstr ""
#: ../../canaille populate groups:1 e4b4b48f7fb946efb4411110c1d641b9
msgid "Populate the database with generated random groups."
msgstr ""
#: ../../canaille populate groups:1 d129a8ce41e94f9fa44c53f570f20781
msgid "The maximum number of users that will randomly be affected in the group"
msgstr ""
#: ../../canaille populate users:1 6f71793741a04ec694f309a274727f16
msgid "Populate the database with generated random users."
msgstr ""
#: ../../canaille get authorizationcode:1 1856e19b41084221967584aa188d3768
msgid "Search for authorizationcodes and display the matching models as JSON."
msgstr ""
#: ../../canaille get client:1 59eea12c091c408084fddbb81dbf5193
msgid "Search for clients and display the matching models as JSON."
msgstr ""
#: ../../canaille get consent:1 912e0992bca64d958062aee12cefdc6c
msgid "Search for consents and display the matching models as JSON."
msgstr ""
#: ../../canaille get group:1 42b53a54d53c486696864c0e7c8c8219
msgid "Search for groups and display the matching models as JSON."
msgstr ""
#: ../../canaille get token:1 97406ed4387e42c1840f5ab179be4c67
msgid "Search for tokens and display the matching models as JSON."
msgstr ""
#: ../../canaille get user:1 a1bb3a313c9d4650934186a4b25dccdb
msgid "Search for users and display the matching models as JSON."
msgstr ""
#: ../../canaille set authorizationcode:1 9155eca32e47450c91c0951a506c0098
msgid ""
"Update a authorizationcode and display the edited model in JSON format in "
"the standard output."
msgstr ""
#: ../../canaille delete authorizationcode:1 set
#: 502a6cdfbcb346aa81489816b3b21085 bc1755a860354bfbbc2d37ac3601e5a2
msgid "IDENTIFIER should be a authorizationcode id or authorization_code_id"
msgstr ""
#: ../references/commands.rst:0 aa12a9d952cf41499ebd5244b9f67ef0
#: 40009c8c78e942f59d6290fd420b2006 4c066924118e4106ba70f7f1d4266443
#: 6298303ab0684cc1ad8858bdf39a46c8 a99fbbf913cb438983b5e61e58f66d44
#: 74e52188f29743449a244bdaa1dfbb94 b281d9fe2cad4c9c888aebb03111ca0e
#: d05ee88f1feb418fb4602fe3fe81f500 ed946bcc41d54f09a1b9e6bb43f8c680
#: e386fefc0ba14f128b72383b66800191 9ad2daf76c0c4d4a991b69eaad1c5863
#: 7fc91b00ce1546ba97c4d79416db666c 8349f6b5685b420abc56fb0d625c6e2e
msgid "Arguments"
msgstr ""
#: ../../canaille delete authorizationcode:1 client:1 consent:1 group:1 token:1
#: user:1 reset-otp:1 set e73a83348f80436ea9281503ad63de3b
#: 9bd472787e5745e4bc51f308a19f70fb bca4dc351b19409e9642b69df0cedf1b
#: bec4293a1baf42fc87d730b31bb053b1 5f5b177343204b6697edda987c93309c
#: b282e290019942a99468d86dfe2fb92e cd37ce7521cc45deb7893a68ef4a8f77
#: 1eac8e8f62634c139608ebbf792fdf29 0f347c920d444e079131929ef7b19209
#: d3c357a9ddce40fdbad45e6e04720e2f 07ca99703bca4ce1815d0d14bcaf0884
#: 4ce856a10c6b411b81caf2e961d35084 c86318d21435475f972a7ea91e52b543
msgid "Required argument"
msgstr ""
#: ../../canaille set client:1 82881bc9fae94bea951683d3eb3638aa
msgid ""
"Update a client and display the edited model in JSON format in the standard "
"output."
msgstr ""
#: ../../canaille delete client:1 set 19e76b8f40d24e89847673a45a2b9dea
#: e545f6ec93cf4cf2af8a5d099dbb8be1
msgid "IDENTIFIER should be a client id or client_id"
msgstr ""
#: ../../canaille set consent:1 94055381228c4006948d67b4d53496ae
msgid ""
"Update a consent and display the edited model in JSON format in the standard "
"output."
msgstr ""
#: ../../canaille delete consent:1 set bc0c92990b414a05b301f1d9c64ab815
#: c5cae07741284c2aa8f5bcf6db9e5fe9
msgid "IDENTIFIER should be a consent id or consent_id"
msgstr ""
#: ../../canaille set group:1 cf971b160de14b57aca3c219daae8f5a
msgid ""
"Update a group and display the edited model in JSON format in the standard "
"output."
msgstr ""
#: ../../canaille delete group:1 set 61ab5cbb0d29421cb2c7f6782606f222
#: 2d2c44a7edae495d93109429f16fc48b
msgid "IDENTIFIER should be a group id or display_name"
msgstr ""
#: ../../canaille set token:1 1b02610f05e74f1998213d3bd334fcf8
msgid ""
"Update a token and display the edited model in JSON format in the standard "
"output."
msgstr ""
#: ../../canaille delete token:1 set a8b1c621ffd44dc78c45e92bd7f5aae9
#: a8c3ec382ac644aea294a7352e7c6c9a
msgid "IDENTIFIER should be a token id or token_id"
msgstr ""
#: ../../canaille set user:1 5b0d012ca9b14c97ac52fe32bc38549d
msgid ""
"Update a user and display the edited model in JSON format in the standard "
"output."
msgstr ""
#: ../../canaille delete user:1 reset-otp:1 set
#: 522ea543a79a43bead732048d8732e37 f280546270254fa2a708d954fb308141
#: dc4e9f9c0a83411b8edcc6e6775c2233
msgid "IDENTIFIER should be a user id or user_name"
msgstr ""
#: ../../canaille create authorizationcode:1 03ccc90e00c04cf085f412f08796fa3f
msgid ""
"Create a new authorizationcode and display the created model in JSON format "
"in the standard output."
msgstr ""
#: ../../canaille create client:1 a188a2b7df4047568c522d8547cbfb90
msgid ""
"Create a new client and display the created model in JSON format in the "
"standard output."
msgstr ""
#: ../../canaille create consent:1 f6f36d745e5d43e1b216278b68ca5c3a
msgid ""
"Create a new consent and display the created model in JSON format in the "
"standard output."
msgstr ""
#: ../../canaille create group:1 17e167ef7039482cad4dbec0e88e0120
msgid ""
"Create a new group and display the created model in JSON format in the "
"standard output."
msgstr ""
#: ../../canaille create token:1 f1adad3af4dd4428af1b96bd65897c6d
msgid ""
"Create a new token and display the created model in JSON format in the "
"standard output."
msgstr ""
#: ../../canaille create user:1 32aa21ad4e204a46a9aef2e718d684d6
msgid ""
"Create a new user and display the created model in JSON format in the "
"standard output."
msgstr ""
#: ../../canaille delete authorizationcode:1 84e90972c7eb4446a8eb7c0f5efa1d91
msgid "Delete a authorizationcode."
msgstr ""
#: ../../canaille delete client:1 56132374fa444822835b04c957f0a9aa
msgid "Delete a client."
msgstr ""
#: ../../canaille delete consent:1 8722277683284356b26927adab59e187
msgid "Delete a consent."
msgstr ""
#: ../../canaille delete group:1 533f8e3e48114b52a851f37bad10a06c
msgid "Delete a group."
msgstr ""
#: ../../canaille delete token:1 a4686b65e4f04af3a4c4f95948e4e489
msgid "Delete a token."
msgstr ""
#: ../../canaille delete user:1 d1b92475013e46aeb9503ee1c44bf476
msgid "Delete a user."
msgstr ""
#: ../../canaille reset-otp:1 93d47f3e20c74d97878f3a870cfca1e7
msgid ""
"Reset one-time password authentication for a user and display the edited "
"user in JSON format in the standard output."
msgstr ""
#: ../references/configuration.rst:2 ../tutorial/databases.rst:22
#: ../tutorial/provisioning.rst:18 1746a821036a46f1bf9e04427bc4fb80
#: 79476926999b413589ab6aef13766ee0 1a1b8b34fb0f4b49bc4d1030ebf3915c
msgid "Configuration"
msgstr ""
#: ../references/configuration.rst:5 43e4202c704b4f929984e19d0a4b5a88
msgid "Load the configuration"
msgstr ""
#: ../references/configuration.rst:7 62f81648893f4ed7be3c389a91401d2b
msgid ""
"Canaille can be configured either by a environment variables, environment "
"file, or by a configuration file."
msgstr ""
#: ../references/configuration.rst:10 4ab1e9b916ad468b8ddd8b8882aed01e
msgid "Configuration file"
msgstr ""
#: ../references/configuration.rst:14 020bb61791d54e60b4c993071882ed69
msgid ""
"The configuration can be written in `toml` configuration file which path is "
"passed in the :envvar:`CONFIG` environment variable."
msgstr ""
#: ../../canaille/app/configuration.py:docstring of
#: canaille.app.configuration.RootSettings:11
#: ../references/configuration.rst:16 ../references/configuration.rst:98
#: ../tutorial/databases.rst:26 ../tutorial/databases.rst:50
#: ../tutorial/databases.rst:151 ee25cbe0654e482eafb8ab5b1511fa44
#: 0a2249d90bc14a049505d39144b4a916 6c96db7fc97d4eeabdd6201e65ec105d
#: 79476926999b413589ab6aef13766ee0
msgid "config.toml"
msgstr ""
#: ../references/configuration.rst:28 b506560b86214ae28304658d7ea2e061
msgid ""
"You can have a look at the :ref:`example file <references/configuration:"
"Example file>` for inspiration."
msgstr ""
#: ../references/configuration.rst:31 855fd5086aa74bde85c68c3fb4473eca
msgid "Environment variables"
msgstr ""
#: ../references/configuration.rst:33 f5ff88a87e1241d4a07a2c4c3f670b54
msgid ""
"In addition, parameters that have not been set in the configuration file can "
"be read from environment variables. The way environment variables are parsed "
"can be read from the `pydantic-settings documentation <https://docs.pydantic."
"dev/latest/concepts/pydantic_settings/#parsing-environment-variable-"
"values>`_."
msgstr ""
#: ../references/configuration.rst:38 f7fcfa2d43864f288d1c0746fd8ed74e
msgid ""
"For environment vars, the separator between sections and variables is a "
"double underscore: ``__``. For instance, the ``NAME`` var in the "
"``CANAILLE`` section shown above is ``CANAILLE__NAME``."
msgstr ""
#: ../references/configuration.rst:42 ba95ac0bec524f2186c0c5a2fd55ddc4
msgid "Environment file"
msgstr ""
#: ../references/configuration.rst:44 d301925be3cf4943be48ae119f0d518e
msgid ""
"Any environment variable can also be written in an environment file, which "
"path should be passed in the ``ENV_FILE`` environment variable. For "
"instance, set ``ENV_FILE=.env`` to load a ``.env`` file."
msgstr ""
#: ../references/configuration.rst:47 ../tutorial/theming.rst:45
#: 399b3ea19a0f47509d8bc251ed19246f 39e63609b8d14eabb7f70dbd257c3f05
msgid ".env"
msgstr ""
#: ../references/configuration.rst:65 8c82c49133f34f779dcc9309e3633625
msgid "Configuration methods priority"
msgstr ""
#: ../references/configuration.rst:67 29a90274aef046c09f17682553736efc
msgid ""
"If a same configuration option is defined by different ways, here is how "
"Canaille will choose which one to use:"
msgstr ""
#: ../references/configuration.rst:69 5fe899a247494a3babcecca1746b08cd
msgid ""
"environment vars have priority over the environment file and the "
"configuration file;"
msgstr ""
#: ../references/configuration.rst:70 0cd4875aa3a047329f866dba98ea29d8
msgid "environment file will have priority over the configuration file."
msgstr ""
#: ../references/configuration.rst:73 ../references/templates.rst:0
#: 2eb621ffce2f420680529f3bf4901f73 a044d8c4524a4d36bb09196ba221c543
#: c69f134bcb144ad0a92381365ab2f83e 974e15495c234b3a8eb9ce7968e7beda
#: 6b633fbb96d84ec7a52e3a57c7ddb347 515ac97c820c4d6da9aeec7264d9f8b8
#: 02faf1b58dfd4a0f9319a47d7ec47ae2 32d1ed5dd4b842df9bc42ce6a343892e
#: 0b9656a5f894494db688a75cd7d0c642 6edf1abe2cee40738eece983144306d5
#: 941e74d08cb443e48a940d76e5d04438 9a57301253854e968388a7c4cee2002f
#: 4fd00dbcf8c143e4bccbed3edcbee864 d187ad28099a4b569019d8dadba7ec13
#: e35b68481ffb4d068cb15274894b15f9 e99cb8030e8e4cdfbf4c01e06a3e714c
#: 8a29fb06720c4c4397ad4957b490a8c0 a8e69ab44b5540439b59f6f0bf6a38a1
#: a32ac168931245b68611cd6955faeea5 b2e8743b32164566be10d124c518e437
#: bbbaacd277154bceaf2283930962ba8c 71db7835a9984c0b9124fcf46045e799
#: a33a17334e9b4d16a42c11374a9e5095 7529ea6abdac43299a57a0b242497b4c
#: 689c48da2d964dff82be0f72974e6498 63a0c611ea4640a3ad0562e6d8ad7f21
msgid "Parameters"
msgstr ""
#: ../../canaille/app/configuration.py:docstring of
#: canaille.app.configuration.RootSettings:1 84e2009dde284788b29008558f7ee8df
msgid ""
"The top-level namespace contains the configuration settings unrelated to "
"Canaille."
msgstr ""
#: ../../canaille/app/configuration.py:docstring of
#: canaille.app.configuration.RootSettings:4 233b44cb5f924b92b55e0717ec868cc7
msgid "The configuration parameters from the following libraries can be used:"
msgstr ""
#: ../../canaille/app/configuration.py:docstring of
#: canaille.app.configuration.RootSettings:6 528ffc1283f1453f8b5a315650653aad
msgid ":doc:`Flask <flask:config>`"
msgstr ""
#: ../../canaille/app/configuration.py:docstring of
#: canaille.app.configuration.RootSettings:7 8434735c37f44b4a9dca422dcfa35fb0
msgid ":doc:`Flask-WTF <flask-wtf:config>`"
msgstr ""
#: ../../canaille/app/configuration.py:docstring of
#: canaille.app.configuration.RootSettings:8 36e7ddf80e5a439482c95b1cdc3138a2
msgid ":doc:`Flask-Babel <flask-babel:index>`"
msgstr ""
#: ../../canaille/app/configuration.py:docstring of
#: canaille.app.configuration.RootSettings:9 53c48e3c1ee04722bbd19d1a0647ab84
msgid ":doc:`Authlib <authlib:flask/2/authorization-server>`"
msgstr ""
#: ../../docstring of canaille.app.configuration.RootSettings.DEBUG:1
#: 0266d76fe0494ebe951de15dff0a03de
msgid "The Flask :external:py:data:`DEBUG` configuration setting."
msgstr ""
#: ../../docstring of canaille.app.configuration.RootSettings.DEBUG:3
#: 91084957d9a44fba848f2d3bdc4f173b
msgid "This enables debug options."
msgstr ""
#: ../../docstring of canaille.app.configuration.RootSettings.DEBUG:7
#: 4411e21377474f2395da5cf994bf9b5f
msgid ""
"This is useful for development but should be absolutely avoided in "
"production environments."
msgstr ""
#: ../../docstring of
#: canaille.app.configuration.RootSettings.PREFERRED_URL_SCHEME:1
#: 2631e6c917144dcda0f45f75dca3e045
msgid ""
"The Flask :external:py:data:`PREFERRED_URL_SCHEME` configuration setting."
msgstr ""
#: ../../docstring of
#: canaille.app.configuration.RootSettings.PREFERRED_URL_SCHEME:4
#: 17d256877da540b4af0ecb3f816527d1
msgid "This sets the url scheme by which canaille will be served."
msgstr ""
#: ../../docstring of canaille.app.configuration.RootSettings.SECRET_KEY:1
#: ce0a09e3f4bb40b8a88d5d8a02c78b53
msgid "The Flask :external:py:data:`SECRET_KEY` configuration setting."
msgstr ""
#: ../../docstring of canaille.app.configuration.RootSettings.SECRET_KEY:3
#: 054498e41f0c4cf19ba9b6d9a7bd344b
msgid "You MUST change this."
msgstr ""
#: ../../docstring of canaille.app.configuration.RootSettings.SERVER_NAME:1
#: 29d21b789ee2499a81b40546ac5bc867
msgid "The Flask :external:py:data:`SERVER_NAME` configuration setting."
msgstr ""
#: ../../docstring of canaille.app.configuration.RootSettings.SERVER_NAME:3
#: c244712d83da4e2ea46b19c7f7c9677f
msgid "This sets domain name on which canaille will be served."
msgstr ""
#: ../../canaille/core/configuration.py:docstring of
#: canaille.core.configuration.CoreSettings:1 8abadcc23b59421eaf1866cf66f16b82
msgid "The settings from the ``CANAILLE`` namespace."
msgstr ""
#: ../../canaille/core/configuration.py:docstring of
#: canaille.core.configuration.CoreSettings:3 b197626889354c289279eb095892940e
msgid ""
"Those are all the configuration parameters that controls the behavior of "
"Canaille."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.ACL:1
#: 83e6e2dfc47a4a0da12b26098911529d
msgid ""
"Mapping of permission groups. See :class:`ACLSettings` for more details."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.ACL:3
#: cb73b597fa1e4394b1c5bb2bb2435e99
msgid "The ACL name can be freely chosen. For example:"
msgstr ""
#: ../../docstring of
#: canaille.backends.sql.configuration.SQLSettings.DATABASE_URI:4
#: canaille.core.configuration.ACLSettings.PERMISSIONS:6
#: canaille.core.configuration.CoreSettings.ACL:5
#: canaille.core.configuration.CoreSettings.LOGGING:12
#: 881bf101872546348dd1fbe1e0876ce2 14afae3efc904e2085f73676b352e16f
#: f269c5d6271a4989a1bcfddeee3ee9c2 a159a694d7e14098907617eed4f35aa0
msgid "..code-block:: toml"
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.ACL:7
#: 7df785453bf2449bb5fa56a6eb3f40d2
msgid ""
"[CANAILLE.ACL.DEFAULT] PERMISSIONS = [\"edit_self\", \"use_oidc\"] READ = "
"[\"user_name\", \"groups\"] WRITE = [\"given_name\", \"family_name\"]"
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.ACL:12
#: bb75dcb394b84875a95ea5029a452027
msgid "[CANAILLE.ACL.ADMIN] WRITE = [\"user_name\", \"groups\"]"
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.ADMIN_EMAIL:1
#: 753080f7763646d1ad22a17240e53b6c
msgid "Administration email contact."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.ADMIN_EMAIL:3
#: 5c58da831ccb44d4b19d5681c996c78f
msgid ""
"In certain special cases (example : questioning about password corruption), "
"it is necessary to provide an administration contact email."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.EMAIL_CONFIRMATION:1
#: 426b66feb6d3450eaf7638586fec400f
msgid ""
"If :py:data:`True`, users will need to click on a confirmation link sent by "
"email when they want to add a new email."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.EMAIL_CONFIRMATION:4
#: 6479ecaa27d94cf89171e9587af6d468
msgid ""
"By default, this is true if ``SMTP`` is configured, else this is false. If "
"explicitly set to true and ``SMTP`` is disabled, the email field will be "
"read-only."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.EMAIL_OTP:1
#: 7c9b9868ad8c4e99832f5a2d3a5e6aee
msgid ""
"If :py:data:`True`, then users will need to authenticate themselves via a "
"one-time password sent to their primary email address."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.ENABLE_INTRUDER_LOCKOUT:1
#: e374204dc15d4778b430968d4bc5f9d9
msgid ""
"If :py:data:`True`, then users will have to wait for an increasingly long "
"time between each failed login attempt."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.ENABLE_PASSWORD_COMPROMISSION_CHECK:1
#: 4170c86b23554c8ea2c883557a8deec0
msgid ""
"If :py:data:`True`, Canaille will check if passwords appears in "
"compromission databases such as `HIBP <https://haveibeenpwned.com>`_ when "
"users choose a new one."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.ENABLE_PASSWORD_RECOVERY:1
#: bb6bad71e08a4d36b3339537790b147c
msgid ""
"If :py:data:`False`, then users cannot ask for a password recovery link by "
"email."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.ENABLE_REGISTRATION:1
#: 5f8fcd4a000d411c8502c630e54f04ee
msgid ""
"If :py:data:`True`, then users can freely create an account at this instance."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.ENABLE_REGISTRATION:4
#: d92660e43b9347d0ade1e397bc5207b8
msgid ""
"If email verification is available, users must confirm their email before "
"the account is created."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.FAVICON:1
#: 8718e146c23448f682ee9642c6cb911a
msgid "You favicon."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.FAVICON:3
#: 8d1fc56d14134aa9ac8ad88fb924d401
msgid "If unset and :attr:`LOGO` is set, then the logo will be used."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.HIDE_INVALID_LOGINS:1
#: bdf0b98c2bed4013b5bed76ae6326c87
msgid ""
"If :py:data:`True`, when users try to sign in with an invalid login, a "
"message is shown indicating that the password is wrong, but does not give a "
"clue whether the login exists or not."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.HIDE_INVALID_LOGINS:5
#: 192cdb38b79048aaa18dcad8e675d6e9
msgid ""
"If :py:data:`False`, when a user tries to sign in with an invalid login, a "
"message is shown indicating that the login does not exist."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.HTMX:1
#: 988c8b75a0884b80a0a1d65f53ac680e
msgid "Accelerates webpages loading with asynchronous requests."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.INVITATION_EXPIRATION:1
#: 4b6029f0ed44414f953feda8afe9b63e
msgid "The validity duration of registration invitations, in seconds."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.INVITATION_EXPIRATION:3
#: b6745de2c7b84f54b498403bdca444d1
msgid "Defaults to 2 days."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.JAVASCRIPT:1
#: f760d39408a748ce908e65a24a0c6a80
msgid "Enables Javascript to smooth the user experience."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.LANGUAGE:1
#: e02332b4e43042de98a09d40a948302a
msgid "If a language code is set, it will be used for every user."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.LANGUAGE:3
#: 1a676dafa9194a46ae41884d78b1a8a6
msgid "If unset, the language is guessed according to the users browser."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.LOGGING:1
#: a16f42d36574410e929fb61e6ef8abac
msgid ""
"Configures the logging output using the python logging configuration format:"
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.LOGGING:3
#: fb272f04203f46e098520a67a969659e
msgid ""
"If :data:`None`, everything is logged in the standard error output. The log "
"level is :data:`~logging.DEBUG` if the :attr:`~canaille.app.configuration."
"RootSettings.DEBUG` setting is :py:data:`True`, else this is :py:data:"
"`~logging.INFO`."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.LOGGING:6
#: b970691fac51473d9fbc00f9f1a97f64
msgid ""
"If this is a :class:`dict`, it is passed to :func:`logging.config."
"dictConfig`:"
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.LOGGING:7
#: fa42a52c1dc84ef4b56ce123d98cd612
msgid ""
"If this is a :class:`str`, it is expected to be a file path that will be "
"passed to :func:`logging.config.fileConfig`."
msgstr ""
#: ../../docstring of canaille.core.configuration.ACLSettings.PERMISSIONS:4
#: canaille.core.configuration.CoreSettings.LOGGING:10
#: fb6acd57fe244d02bbd69015275cd69c f33e86db2dc74cd0a98a6d5c0d928e73
msgid "For example:"
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.LOGGING:14
#: a5b8c52cf10a429699e2054f42658c17
msgid ""
"[CANAILLE.LOGGING] version = 1 formatters.default.format = \"[%(asctime)s] "
"%(levelname)s in %(module)s: %(message)s\" root = {level = \"INFO\", "
"handlers = [\"canaille\"]}"
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.LOGGING:19
#: 2524ebb40666405b8630a4778d4334fd
msgid ""
"[CANAILLE.LOGGING.handlers.canaille] class = \"logging.handlers."
"WatchedFileHandler\" filename = \"/var/log/canaille.log\" formatter = "
"\"default\""
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.LOGO:1
#: 19233db1937d4d398e9bc82d88b2aeb4
msgid ""
"The logo of your organization, this is useful to make your organization "
"recognizable on login screens."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.MAX_PASSWORD_LENGTH:1
#: b8115919bf52465c8ecad2294c9cb3f5
msgid "User password maximum length."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.MAX_PASSWORD_LENGTH:3
#: acfb34baa52d40c2ac93f84d1d1b0b45
msgid ""
"There is a technical of 4096 characters with the SQL backend. If the value "
"is 0, :data:`None`, or greater than 4096, then 4096 will be retained."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.MIN_PASSWORD_LENGTH:1
#: 06396a965c9342b697bc45dcc011f2be
msgid "User password minimum length."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.MIN_PASSWORD_LENGTH:3
#: 7efa39bf27bb468b9df98c5248428124
msgid "If 0 or :data:`None`, password won't have a minimum length."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.NAME:1
#: 5e65abc8483f455a991d9e047e73da66
msgid "Your organization name."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.NAME:3
#: 606e9a684c9243359899a63d7e2c07d2
msgid "Used for display purpose."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.OTP_METHOD:1
#: 04b59ac479f548bd9740d2b7e243e0be
msgid ""
"If OTP_METHOD is defined, then users will need to authenticate themselves "
"using a one-time password (OTP) via an authenticator app. If set to "
"``TOTP``, the application will use time one-time passwords, If set to "
"``HOTP``, the application will use HMAC-based one-time passwords."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.PASSWORD_COMPROMISSION_CHECK_API_URL:1
#: efecdcc0b3c44808aab72f448d73bf42
msgid "Have i been pwned api url for compromission checks."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.PASSWORD_LIFETIME:1
#: c9deb9285c2e43869c2acf1319bc5cf5
msgid "Password validity duration."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.CoreSettings.PASSWORD_LIFETIME:3
#: e54d23138f1b4d63ab45a1ea9cd55dbd
msgid ""
"If set, user passwords expire after this delay. Users are forced to change "
"their password when the lifetime of the password is over. The duration value "
"is expressed in `ISO8601 format <https://en.wikipedia.org/wiki/"
"ISO_8601#Durations>`_. For example, delay of 60 days is written \"P60D\"."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.SENTRY_DSN:1
#: f2e004ed1352465e8d32c0565f60dc08
msgid "A `Sentry <https://sentry.io>`_ DSN to collect the exceptions."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.SENTRY_DSN:3
#: 396fd294d31a4d2d9ad9967ea5845ea7
msgid "This is useful for tracking errors in test and production environments."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.SMPP:1
#: 2548a23167c14ca791a00efef39a5fba
msgid "The settings related to SMPP configuration."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.SMPP:3
#: 58473f24986d42edb6abb6ac7447701b
msgid ""
"If unset, sms-related features like sms one-time passwords won't be enabled."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.SMS_OTP:1
#: 0d4b32baaef746d0920a8d7b49f41f4c
msgid ""
"If :py:data:`True`, then users will need to authenticate themselves via a "
"one-time password sent to their primary phone number."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.SMTP:1
#: e2bfd599192e4c6f9bfeaead50f548ed
msgid "The settings related to SMTP and mail configuration."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.SMTP:3
#: 444f30f696184ee6898c385d19fc647b
msgid ""
"If unset, mail-related features like password recovery won't be enabled."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.THEME:1
#: d006eeb6ee7c4d1cb5249d35faeda62e
msgid "The name of a theme in the 'theme' directory, or a path to a theme."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.THEME:3
#: 3b7e2c30ab29424a8b1e74cd9404ffce
msgid ""
"Defaults to ``default``. Theming is done with `flask-themer <https://github."
"com/tktech/flask-themer>`_."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.TIMEZONE:1
#: 503564e13430483fbbdbdf3d3933c331
msgid ""
"The timezone in which datetimes will be displayed to the users (e.g. "
"``CEST``)."
msgstr ""
#: ../../docstring of canaille.core.configuration.CoreSettings.TIMEZONE:4
#: 0906370280b743b782a2a6dde00ca491
msgid "If unset, the server timezone will be used."
msgstr ""
#: ../../canaille/core/configuration.py:docstring of
#: canaille.core.configuration.SMTPSettings:1 57a55ca2875c462babb31fd7b4aaa3d4
msgid ""
"The SMTP configuration. Belong in the ``CANAILLE.SMTP`` namespace. If unset, "
"mail related features will be disabled, such as mail verification or "
"password recovery emails."
msgstr ""
#: ../../canaille/core/configuration.py:docstring of
#: canaille.core.configuration.SMTPSettings:5 9a813b531406465e94e5348aef282cd0
msgid ""
"By default, Canaille will try to send mails from localhost without "
"authentication."
msgstr ""
#: ../../docstring of canaille.core.configuration.SMTPSettings.FROM_ADDR:1
#: ddac936f417d41c0ab52e7899e0cd6c3
msgid "The sender for Canaille mails."
msgstr ""
#: ../../docstring of canaille.core.configuration.SMTPSettings.FROM_ADDR:3
#: c9aa4a06ffaf45fcac8c2d518bd32d97
msgid "Some mail provider might require a valid sender address."
msgstr ""
#: ../../docstring of canaille.core.configuration.SMTPSettings.HOST:1
#: ec91a927a1974be1a89fd6f9cf1a9e80
msgid "The SMTP host."
msgstr ""
#: ../../docstring of canaille.core.configuration.SMTPSettings.LOGIN:1
#: 579743b8464b4d29a118d73e1ec74c94
msgid "The SMTP login."
msgstr ""
#: ../../docstring of canaille.core.configuration.SMTPSettings.PASSWORD:1
#: 2a70d820c61c4b3cad94d66bae196094
msgid "The SMTP password."
msgstr ""
#: ../../docstring of canaille.core.configuration.SMTPSettings.PORT:1
#: f59d761d5304416dbb5e2711598e00a4
msgid "The SMTP port."
msgstr ""
#: ../../docstring of canaille.core.configuration.SMTPSettings.SSL:1
#: 83650c04663f4c4ab803282325a29073
msgid "Whether to use SSL to connect to the SMTP server."
msgstr ""
#: ../../docstring of canaille.core.configuration.SMTPSettings.TLS:1
#: c6ec3788d99d46a68815e355bc37e6b0
msgid "Whether to use TLS to connect to the SMTP server."
msgstr ""
#: ../../canaille/core/configuration.py:docstring of
#: canaille.core.configuration.SMPPSettings:1 05a0a772c0964569a863b02e60bb2b60
msgid ""
"The SMPP configuration. Belong in the ``CANAILLE.SMPP`` namespace. If not "
"set, sms related features such as sms one-time passwords will be disabled."
msgstr ""
#: ../../docstring of canaille.core.configuration.SMPPSettings.HOST:1
#: ff31eb63e9c84d4cacd175f5028acda7
msgid "The SMPP host."
msgstr ""
#: ../../docstring of canaille.core.configuration.SMPPSettings.LOGIN:1
#: b18653341cdd49a8bd3cc74e9dc0d177
msgid "The SMPP login."
msgstr ""
#: ../../docstring of canaille.core.configuration.SMPPSettings.PASSWORD:1
#: d8f1c895bda94702aa5efa1b3ffd7f8b
msgid "The SMPP password."
msgstr ""
#: ../../docstring of canaille.core.configuration.SMPPSettings.PORT:1
#: 8e46db242a7b43ccbb26ca42a7a44a97
msgid "The SMPP port. Use 8775 for SMPP over TLS (recommended)."
msgstr ""
#: ../../canaille/core/configuration.py:docstring of
#: canaille.core.configuration.ACLSettings:1 1032e74cacef4f1d8c4cc5a72c374dc0
msgid "Access Control List settings. Belong in the ``CANAILLE.ACL`` namespace."
msgstr ""
#: ../../canaille/core/configuration.py:docstring of
#: canaille.core.configuration.ACLSettings:3 4a2a439777264fee9754f94f04b23815
msgid ""
"You can define access controls that define what users can do on canaille. An "
"access control consists in a :attr:`FILTER` to match users, a list of :attr:"
"`PERMISSIONS` matched users will be able to perform, and fields users will "
"be able to :attr:`READ` and :attr:`WRITE`. Users matching several filters "
"will cumulate permissions."
msgstr ""
#: ../../docstring of canaille.core.configuration.ACLSettings.FILTER:1
#: 30704fd262e54feaa7505f5da3bff786
msgid ":attr:`FILTER` can be:"
msgstr ""
#: ../../docstring of canaille.core.configuration.ACLSettings.FILTER:3
#: 49f0a37bc20a46f788cbcf4e5a67f5b6
msgid ""
":py:data:`None`, in which case all the users will match this access control"
msgstr ""
#: ../../docstring of canaille.core.configuration.ACLSettings.FILTER:4
#: c383b32ac2134422b95321c1159422d2
msgid ""
"a mapping where keys are user attributes name and the values those user "
"attribute values. All the values must be matched for the user to be part of "
"the access control."
msgstr ""
#: ../../docstring of canaille.core.configuration.ACLSettings.FILTER:7
#: 588e0e10a4b347e6a3fdda1ea444b4c7
msgid ""
"a list of those mappings. If a user values match at least one mapping, then "
"the user will be part of the access control"
msgstr ""
#: ../../docstring of canaille.core.configuration.ACLSettings.FILTER:10
#: e662b5f42e8f488ca47ef2885a2e8c85
msgid "Here are some examples::"
msgstr ""
#: ../../docstring of canaille.core.configuration.ACLSettings.PERMISSIONS:1
#: 947459704a294f38b0ee5b0ab39c3d5b
msgid ""
"A list of :class:`Permission` users in the access control will be able to "
"manage."
msgstr ""
#: ../../docstring of canaille.core.configuration.ACLSettings.PERMISSIONS:8
#: 7b7a62237cca42a6bc1cf641951bd872
msgid ""
"PERMISSIONS = [\"manage_users\", \"manage_groups\", \"manage_oidc\", "
"\"delete_account\", \"impersonate_users\"]"
msgstr ""
#: ../../docstring of canaille.core.configuration.ACLSettings.READ:1
#: fd894bac29b14289abb8b997d80f2ace
msgid ""
"A list of :class:`~canaille.core.models.User` attributes that users in the "
"ACL will be able to read."
msgstr ""
#: ../../docstring of canaille.core.configuration.ACLSettings.WRITE:1
#: ed3af117e73c4a08a4cc9570d9505564
msgid ""
"A list of :class:`~canaille.core.models.User` attributes that users in the "
"ACL will be able to edit."
msgstr ""
#: ../../canaille/core/configuration.py:docstring of
#: canaille.core.configuration.Permission:1 3630076631504884994de04711e79c85
msgid "The permissions that can be assigned to users."
msgstr ""
#: ../../canaille/core/configuration.py:docstring of
#: canaille.core.configuration.Permission:3 836f0d6eb00a449b8f593fe22f4c6e3d
msgid ""
"The permissions are intended to be used in :attr:`ACLSettings <canaille.core."
"configuration.ACLSettings.PERMISSIONS>`."
msgstr ""
#: ../../docstring of canaille.core.configuration.Permission.DELETE_ACCOUNT:1
#: 2a00700bc3df406bb414932e14a777aa
msgid "Allows users to delete their account."
msgstr ""
#: ../../docstring of canaille.core.configuration.Permission.DELETE_ACCOUNT:3
#: 10ce363401a14711b73f41bf58f5b11c
msgid ""
"If used with :attr:`~canaille.core.configuration.Permission.MANAGE_USERS`, "
"users can delete any account."
msgstr ""
#: ../../docstring of canaille.core.configuration.Permission.EDIT_SELF:1
#: 7876013cd8d34f059c292d35a93e8bed
msgid "Allows users to edit their own profile."
msgstr ""
#: ../../docstring of
#: canaille.core.configuration.Permission.IMPERSONATE_USERS:1
#: 133a7a2df544419db9c12a1d81adb463
msgid "Allows users to take the identity of another user."
msgstr ""
#: ../../docstring of canaille.core.configuration.Permission.MANAGE_GROUPS:1
#: 197c146b044d41e1a91760b38f7fa42b
msgid "Allows group edition and creation."
msgstr ""
#: ../../docstring of canaille.core.configuration.Permission.MANAGE_OIDC:1
#: 1187d515878b4a73a383eb5dafc3cdf3
msgid "Allows OpenID Connect client managements."
msgstr ""
#: ../../docstring of canaille.core.configuration.Permission.MANAGE_USERS:1
#: 3fc23fff9e2541ad9e079c331bfb1296
msgid "Allows other users management."
msgstr ""
#: ../../docstring of canaille.core.configuration.Permission.USE_OIDC:1
#: 500b7afe49f34db3885ae75a2aa99ff8
msgid "Allows OpenID Connect authentication."
msgstr ""
#: ../../canaille/oidc/configuration.py:docstring of
#: canaille.oidc.configuration.OIDCSettings:1 af3b4287fa40413fa0a9095a0972aa94
msgid "OpenID Connect settings."
msgstr ""
#: ../../canaille/oidc/configuration.py:docstring of
#: canaille.oidc.configuration.OIDCSettings:3 569811f41eca490eb6d44f79521b19e4
msgid "Belong in the ``CANAILLE_OIDC`` namespace."
msgstr ""
#: ../../docstring of
#: canaille.oidc.configuration.OIDCSettings.DYNAMIC_CLIENT_REGISTRATION_OPEN:1
#: 3a4739edd59b43b3b39b6ec25b438b20
msgid ""
"Whether a token is needed for the RFC7591 dynamical client registration."
msgstr ""
#: ../../docstring of
#: canaille.oidc.configuration.OIDCSettings.DYNAMIC_CLIENT_REGISTRATION_OPEN:3
#: 81d8fadf800643b5880c3a9b2da2f026
msgid ""
"If :py:data:`True`, no token is needed to register a client. If :py:data:"
"`False`, dynamical client registration needs a token defined in :attr:"
"`DYNAMIC_CLIENT_REGISTRATION_TOKENS`."
msgstr ""
#: ../../docstring of
#: canaille.oidc.configuration.OIDCSettings.DYNAMIC_CLIENT_REGISTRATION_TOKENS:1
#: b9b0f251f5a040788db035222a1833d7
msgid "A list of tokens that can be used for dynamic client registration."
msgstr ""
#: ../../docstring of canaille.oidc.configuration.OIDCSettings.JWT:1
#: 8d4cca4d5d8248569a8b5e284cf2a628
msgid "JSON Web Token settings."
msgstr ""
#: ../../docstring of canaille.oidc.configuration.OIDCSettings.REQUIRE_NONCE:1
#: 45dab080b9b542a78d7c5e7d8f11efdc
msgid "Force the nonce exchange during the authentication flows."
msgstr ""
#: ../../docstring of canaille.oidc.configuration.OIDCSettings.REQUIRE_NONCE:3
#: 9d35f18ffd9540198d0f197c1c2a4240
msgid "This adds security but may not be supported by all clients."
msgstr ""
#: ../../canaille/oidc/configuration.py:docstring of
#: canaille.oidc.configuration.JWTSettings:1 f862449d0b374ae0add26d95ef2f5cb7
msgid "JSON Web Token settings. Belong in the ``CANAILLE_OIDC.JWT`` namespace."
msgstr ""
#: ../../canaille/oidc/configuration.py:docstring of
#: canaille.oidc.configuration.JWTSettings:3 04bb58dabe1849068f0e8fbbde1b6c8c
msgid "You can generate a RSA keypair with::"
msgstr ""
#: ../../docstring of canaille.oidc.configuration.JWTSettings.ALG:1
#: 29ec28a6230a458885f7b7aa999c8a66
msgid "The key algorithm."
msgstr ""
#: ../../docstring of canaille.oidc.configuration.JWTSettings.EXP:1
#: 9430c7f0daae460db38df33e90d593ba
msgid "The time the JWT will be valid, in seconds."
msgstr ""
#: ../../docstring of canaille.oidc.configuration.JWTSettings.ISS:1
#: 3a87f42a35f94be488f736b99fdc235a
msgid "The URI of the identity provider."
msgstr ""
#: ../../docstring of canaille.oidc.configuration.JWTSettings.KTY:1
#: 2e7bd63f53ce4691b16b0ddb6def6788
msgid "The key type."
msgstr ""
#: ../../docstring of canaille.oidc.configuration.JWTSettings.PRIVATE_KEY:1
#: 93f87ea252884bac976fdb483026a745
msgid "The private key."
msgstr ""
#: ../../docstring of canaille.oidc.configuration.JWTSettings.PRIVATE_KEY:3
#: canaille.oidc.configuration.JWTSettings.PUBLIC_KEY:3
#: 5a38848e470044cc86d8088acba470ee d65e8c973f9b4574838315b2ac4fbc6b
msgid ""
"If :py:data:`None` and debug mode is enabled, then an in-memory key will be "
"used."
msgstr ""
#: ../../docstring of canaille.oidc.configuration.JWTSettings.PUBLIC_KEY:1
#: 065eb721cbb646c3957f30587b650b09
msgid "The public key."
msgstr ""
#: ../../canaille/oidc/configuration.py:docstring of
#: canaille.oidc.configuration.JWTMappingSettings:1
#: d9a0b99e00254e1dbae60d4d0f92d268
msgid "Mapping between the user model and the JWT fields."
msgstr ""
#: ../../canaille/oidc/configuration.py:docstring of
#: canaille.oidc.configuration.JWTMappingSettings:3
#: dc177e3a15bd44a58ad9a78d86488317
msgid "Fields are evaluated with jinja. A ``user`` var is available."
msgstr ""
#: ../../canaille/scim/configuration.py:docstring of
#: canaille.scim.configuration.SCIMSettings:1 eb8831b391be4590a8ff7004ce5deec5
msgid "SCIM settings."
msgstr ""
#: ../../canaille/backends/sql/configuration.py:docstring of
#: canaille.backends.sql.configuration.SQLSettings:1
#: ed5d3f22ff8c4dcc98caafbb1c9ef5d3
msgid "Settings related to the SQL backend."
msgstr ""
#: ../../canaille/backends/sql/configuration.py:docstring of
#: canaille.backends.sql.configuration.SQLSettings:3
#: 7a39e104f4d24b5bb0f2999a30e7dd39
msgid "Belong in the ``CANAILLE_SQL`` namespace."
msgstr ""
#: ../../docstring of
#: canaille.backends.sql.configuration.SQLSettings.AUTO_MIGRATE:1
#: c49da2725c2b4bcaa81ff15f505ea439
msgid "Whether to automatically apply database migrations."
msgstr ""
#: ../../docstring of
#: canaille.backends.sql.configuration.SQLSettings.AUTO_MIGRATE:3
#: 47e7693d96434baca0d3dd196c5a4db4
msgid ""
"If :data:`True`, database migrations will be automatically applied when "
"Canaille web application is launched. If :data:`False`, migrations must be "
"applied manually with ``canaille db upgrade``."
msgstr ""
#: ../../docstring of
#: canaille.backends.sql.configuration.SQLSettings.AUTO_MIGRATE:8
#: b58635cfdb7f4240854239418e78fe14
msgid "When running the CLI, migrations will never be applied."
msgstr ""
#: ../../docstring of
#: canaille.backends.sql.configuration.SQLSettings.DATABASE_URI:1
#: 4536c2d4cb2149eeb579656c7d6fef22
msgid "The SQL server URI. For example:"
msgstr ""
#: ../../docstring of
#: canaille.backends.sql.configuration.SQLSettings.DATABASE_URI:6
#: 07d66e79d7df497d85858df1396e191c
msgid "DATABASE_URI = \"postgresql://user:password@localhost/database_name\""
msgstr ""
#: ../../docstring of
#: canaille.backends.sql.configuration.SQLSettings.PASSWORD_SCHEMES:1
#: 10845b88dbdc43c788ee2e0bc36350e1
msgid "Password hashing scheme."
msgstr ""
#: ../../docstring of
#: canaille.backends.sql.configuration.SQLSettings.PASSWORD_SCHEMES:3
#: 52fdf7d843c9432db315f114054c9395
msgid ""
"Defines password hashing scheme in SQL database. examples : \"mssql2000\", "
"\"ldap_salted_sha1\", \"pbkdf2_sha512\""
msgstr ""
#: ../../canaille/backends/ldap/configuration.py:docstring of
#: canaille.backends.ldap.configuration.LDAPSettings:1
#: e15e2823c04d4ec28c7babecc8562d74
msgid "Settings related to the LDAP backend."
msgstr ""
#: ../../canaille/backends/ldap/configuration.py:docstring of
#: canaille.backends.ldap.configuration.LDAPSettings:3
#: 83424c682e70455799fea1843996c454
msgid "Belong in the ``CANAILLE_LDAP`` namespace."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.BIND_DN:1
#: abd1149eb47f4ca391af208bac04862e
msgid "The LDAP bind DN."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.BIND_PW:1
#: 0d9db8acc3bb462e959c147787183929
msgid "The LDAP bind password."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.GROUP_BASE:1
#: dfe0dce641704dfe8e107c25c9a48395
msgid "The LDAP node under which groups will be looked for and saved."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.GROUP_BASE:3
#: d1a484ad5d9b416882079b981605b592
msgid "For instance `\"ou=groups,dc=mydomain,dc=tld\"`."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.GROUP_CLASS:1
#: c683dd1cef604a8eb3b22d39d848788d
msgid "The object class to use for creating new groups."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.GROUP_NAME_ATTRIBUTE:1
#: 82b43769a16441fa96297e1e31f03062
msgid "The attribute to use to identify a group."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.GROUP_RDN:1
#: f3fb1e7028544214a4ea3b83f3c3d49f
msgid "The attribute to identify an object in the Group DN."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.ROOT_DN:1
#: 3f3bc5cd8b044803b3fba6e4fdfde1e3
msgid "The LDAP root DN."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.TIMEOUT:1
#: d5d1aa6b21c64ed4b81236594911f285
msgid "The LDAP connection timeout."
msgstr ""
#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.URI:1
#: f20bc6eb339648d893a110829ce14ab1
msgid "The LDAP server URI."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.USER_BASE:1
#: 9b091562c6774d6b81e8fe6dd81c93cd
msgid "The LDAP node under which users will be looked for and saved."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.USER_BASE:3
#: c61024ac66b44e35925082e9876b8a9a
msgid "For instance `ou=users,dc=mydomain,dc=tld`."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.USER_CLASS:1
#: cd09943f22a8453fbca1aa2173e3186c
msgid "The object class to use for creating new users."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.USER_FILTER:1
#: 894a2a5356004edaa5fc0ac68e8e4742
msgid "Filter to match users on sign in."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.USER_FILTER:3
#: 4daf3e1956864084aa30ea039bdc1ef7
msgid ""
"For instance ``(|(uid={{ login }})(mail={{ login }}))``. Jinja syntax is "
"supported and a ``login`` variable is available, containing the value passed "
"in the login field."
msgstr ""
#: ../../docstring of
#: canaille.backends.ldap.configuration.LDAPSettings.USER_RDN:1
#: 44e7dc51f57347f1b02ad3d371f174e9
msgid "The attribute to identify an object in the User DN."
msgstr ""
#: ../references/configuration.rst:94 3dd3777a442446f594c09782013d74f1
msgid "Example file"
msgstr ""
#: ../references/configuration.rst:96 d1a4ab70ee764b0bb698a26a11818542
msgid "Here is a configuration file example:"
msgstr ""
#: ../references/index.rst:2 071913032bd34cd2bd443cd511ed0f99
msgid "References"
msgstr ""
#: ../references/models.rst:2 8449e7712a554bf88b595a0bbb2d0c4c
msgid "Data models"
msgstr ""
#: ../references/models.rst:4 bee5e0d6c994427f8c8b66eb51ea1eb9
msgid ""
"This reference details the data models used by Canaille. This is mostly "
"useful for developers."
msgstr ""
#: ../../canaille/app/features.py:docstring of canaille.app.features.Features:1
#: ../../canaille/backends/models.py:docstring
#: canaille.backends.models.BackendModel:1 canaille.backends.models.Model:1
#: 38d2033e866440eeaafe892cc6064c18 23d8ede99f5a4ee39d8da74d996a4a1d
#: 3a3408d8f3904b038bce47acee950437
msgid "Bases: :py:class:`object`"
msgstr ""
#: ../../canaille/backends/models.py:docstring of
#: canaille.backends.models.BackendModel:1 c25bd1ffbbd349e5ad1dea57b25154c8
msgid "The backend model abstract class."
msgstr ""
#: ../../canaille/backends/models.py:docstring of
#: canaille.backends.models.BackendModel:3 7ef9431bea8e442ebb713b76b3bc64ff
msgid ""
"It details all the methods and attributes that are expected to be "
"implemented for every model and for every backend."
msgstr ""
#: ../../canaille/backends/models.py:docstring of
#: canaille.backends.models.Model:1 9b1a6bcb81134359bc30467d1dd705ab
msgid "The model abstract class."
msgstr ""
#: ../../canaille/backends/models.py:docstring of
#: canaille.backends.models.Model:3 4e4cc81400bd4a4589afcdce71b2b087
msgid "It details all the common attributes shared by every models."
msgstr ""
#: ../../docstring of canaille.backends.models.Model.created:1
#: a8d222c7abad4c26a9aca53d2227a03d
msgid ""
"The :class:`~datetime.datetime` that the resource was added to the service "
"provider."
msgstr ""
#: ../../docstring of canaille.backends.models.Model.id:1
#: dd7a51180db84215bf6bae28646204cf
msgid ""
"A unique identifier for a SCIM resource as defined by the service provider. "
"Id will be :data:`None` until the ``Backend.save`` method is called."
msgstr ""
#: ../../docstring of canaille.backends.models.Model.id:5
#: c267b02c5d9f44d2b6fa54a4fa80c07a
msgid ""
"Each representation of the resource MUST include a non-empty \"id\" value. "
"This identifier MUST be unique across the SCIM service provider's entire set "
"of resources. It MUST be a stable, non- reassignable identifier that does "
"not change when the same resource is returned in subsequent requests. The "
"value of the \"id\" attribute is always issued by the service provider and "
"MUST NOT be specified by the client. The string \"bulkId\" is a reserved "
"keyword and MUST NOT be used within any unique identifier value. The "
"attribute characteristics are \"caseExact\" as \"true\", a mutability of "
"\"readOnly\", and a \"returned\" characteristic of \"always\". See Section "
"9 for additional considerations regarding privacy."
msgstr ""
#: ../../canaille/backends/models.py:docstring of
#: canaille.backends.models.Model.identifier:1 68b886ca51e94b929e6a81dece535871
msgid ""
"Returns a unique value that will be used to identify the model instance."
msgstr ""
#: ../../canaille/backends/models.py:docstring of
#: canaille.backends.models.Model.identifier:4 b942d5bf24f8490790ea02f455feef27
msgid ""
"This value will be used in URLs in canaille, so it should be unique and "
"short."
msgstr ""
#: ../../docstring of canaille.backends.models.Model.last_modified:1
#: e2986b332a464e609b4d1a6042569839
msgid ""
"The most recent :class:`~datetime.datetime` that the details of this "
"resource were updated at the service provider."
msgstr ""
#: ../../docstring of canaille.backends.models.Model.last_modified:4
#: bc822b66fbc04a00801cac82d2dae44c
msgid ""
"If this resource has never been modified since its initial creation, the "
"value MUST be the same as the value of :attr:`~canaille.backends.models."
"Model.created`."
msgstr ""
#: ../../canaille/core/models.py:docstring of canaille.core.models.Group:1
#: canaille.core.models.User:1 ../../canaille/oidc/basemodels.py:docstring
#: canaille.oidc.basemodels.AuthorizationCode:1
#: canaille.oidc.basemodels.Client:1 canaille.oidc.basemodels.Consent:1
#: canaille.oidc.basemodels.Token:1 82169b55a46b4c65b4beb8d57b131a7c
#: ec3b388e2afc44389fbc8ba448b91118 71f525f7b5c0407db5b52bbd115bc09d
#: 5a01ffa3802640ffa56b74edf6b87cd3 db8c684605854a7e860884b4467182d6
#: e1f14f010ff54e918cc97dc2d2345ff6
msgid "Bases: :py:class:`~canaille.backends.models.Model`"
msgstr ""
#: ../../canaille/core/models.py:docstring of canaille.core.models.Group:1
#: 1957213a8dd2445ea66f5fa8155fdec7
msgid ""
"User model, based on the `SCIM Group schema <https://datatracker.ietf.org/"
"doc/html/rfc7643#section-4.2>`_."
msgstr ""
#: ../../docstring of canaille.core.models.Group.display_name:1
#: 329f754548e54099a1f7ffcbfeab9e77
msgid "A human-readable name for the Group."
msgstr ""
#: ../../docstring of canaille.core.models.Group.display_name:3
#: canaille.oidc.basemodels.Client.client_id:1 0ba4b47f809b4adfb4faa401ab882eb1
#: 1687fff7eedc4a9294f55b5c0e71460d
msgid "REQUIRED."
msgstr ""
#: ../../docstring of canaille.core.models.Group.members:1
#: 3849324e8bd9411ca14cf42753424f0b
msgid "A list of members of the Group."
msgstr ""
#: ../../docstring of canaille.core.models.Group.members:3
#: bfeaf8af5e9a4adaabbdc92a9c16c0b3
msgid ""
"While values MAY be added or removed, sub-attributes of members are "
"\"immutable\". The \"value\" sub-attribute contains the value of an \"id\" "
"attribute of a SCIM resource, and the \"$ref\" sub-attribute must be the URI "
"of a SCIM resource such as a \"User\", or a \"Group\". The intention of the "
"\"Group\" type is to allow the service provider to support nested groups. "
"Service providers MAY require clients to provide a non-empty value by "
"setting the \"required\" attribute characteristic of a sub-attribute of the "
"\"members\" attribute in the \"Group\" resource schema."
msgstr ""
#: ../../canaille/core/models.py:docstring of canaille.core.models.User:1
#: e70c0af0475547bab48542208e6960ab
msgid ""
"User model, based on the `SCIM User schema <https://datatracker.ietf.org/doc/"
"html/rfc7643#section-4.1>`_, `Entreprise User Schema Extension <https://"
"datatracker.ietf.org/doc/html/rfc7643#section-4.3>`_ and `SCIM Password "
"Management Extension <https://datatracker.ietf.org/doc/html/draft-hunt-scim-"
"password-mgmt-00.html>`_ draft. Attribute description is based on SCIM and "
"put there for information purpose. The description may not fit the current "
"implementation in Canaille."
msgstr ""
#: ../../canaille/core/models.py:docstring of canaille.core.models.User.can:1
#: cb1ff62500f2400f80efb9a83b666257
msgid ""
"Whether or not the user has the :class:`~canaille.core.configuration."
"Permission` according to the :class:`configuration <canaille.core."
"configuration.ACLSettings>`."
msgstr ""
#: ../../docstring of canaille.core.models.User.department:1
#: 1a0701e1fb5c4fb0b538e5a1998394a4
msgid "Identifies the name of a department."
msgstr ""
#: ../../docstring of canaille.core.models.User.display_name:1
#: b02fd0fbb2dd404c94264ede072af9d3
msgid "The name of the user, suitable for display to end-users."
msgstr ""
#: ../../docstring of canaille.core.models.User.display_name:3
#: 2c6a95db4eb2484dbc839cf9d5874f6a
msgid ""
"Each user returned MAY include a non-empty displayName value. The name "
"SHOULD be the full name of the User being described, if known (e.g., \"Babs "
"Jensen\" or \"Ms. Barbara J Jensen, III\") but MAY be a username or handle, "
"if that is all that is available (e.g., \"bjensen\"). The value provided "
"SHOULD be the primary textual label by which this User is normally displayed "
"by the service provider when presenting it to end-users."
msgstr ""
#: ../../docstring of canaille.core.models.User.emails:1
#: 09d7beb59dda4fba94ad22d25e6e6e6d
msgid "Email addresses for the User."
msgstr ""
#: ../../docstring of canaille.core.models.User.emails:3
#: f2a627a9e2d64f6e98a8a7d49c6e3960
msgid ""
"The value SHOULD be specified according to [RFC5321]. Service providers "
"SHOULD canonicalize the value according to [RFC5321], e.g., "
"\"bjensen@example.com\" instead of \"bjensen@EXAMPLE.COM\". The \"display\" "
"sub-attribute MAY be used to return the canonicalized representation of the "
"email value. The \"type\" sub-attribute is used to provide a classification "
"meaningful to the (human) user. The user interface should encourage the use "
"of basic values of \"work\", \"home\", and \"other\" and MAY allow "
"additional type values to be used at the discretion of SCIM clients."
msgstr ""
#: ../../docstring of canaille.core.models.User.employee_number:1
#: 2fad1dcd5a98494782a7261a060cc54d
msgid ""
"A string identifier, typically numeric or alphanumeric, assigned to a "
"person, typically based on order of hire or association with an organization."
msgstr ""
#: ../../docstring of canaille.core.models.User.family_name:1
#: de6af42b8a78479c80c17f9650ff40c0
msgid ""
"The family name of the User, or last name in most Western languages (e.g., "
"\"Jensen\" given the full name \"Ms. Barbara Jane Jensen, III\")."
msgstr ""
#: ../../docstring of canaille.core.models.User.formatted_address:1
#: a98d8370e3ac4f0e8b69c6bbe070c064
msgid ""
"The full mailing address, formatted for display or use with a mailing label."
msgstr ""
#: ../../docstring of canaille.core.models.User.formatted_address:4
#: 231f865353d84dd4a48c1df380cb67f9
msgid "This attribute MAY contain newlines."
msgstr ""
#: ../../docstring of canaille.core.models.User.formatted_name:1
#: 756e32b2f48c4bb699750c4fb7bfeee4
msgid ""
"The full name, including all middle names, titles, and suffixes as "
"appropriate, formatted for display (e.g., \"Ms. Barbara Jane Jensen, III\")."
msgstr ""
#: ../../docstring of canaille.core.models.User.given_name:1
#: 9ea5b53d4e104215b57ac2bbdd26ce37
msgid ""
"The given name of the User, or first name in most Western languages (e.g., "
"\"Barbara\" given the full name \"Ms. Barbara Jane Jensen, III\")."
msgstr ""
#: ../../docstring of canaille.core.models.User.groups:1
#: 38f2628961964453b52af44ae8b771de
msgid ""
"A list of groups to which the user belongs, either through direct "
"membership, through nested groups, or dynamically calculated."
msgstr ""
#: ../../docstring of canaille.core.models.User.groups:4
#: 028cef824f9f4aa4bc32e25d85675aa4
msgid ""
"The values are meant to enable expression of common group-based or role-"
"based access control models, although no explicit authorization model is "
"defined. It is intended that the semantics of group membership and any "
"behavior or authorization granted as a result of membership are defined by "
"the service provider. The canonical types \"direct\" and \"indirect\" are "
"defined to describe how the group membership was derived. Direct group "
"membership indicates that the user is directly associated with the group and "
"SHOULD indicate that clients may modify membership through the \"Group\" "
"resource. Indirect membership indicates that user membership is transitive "
"or dynamic and implies that clients cannot modify indirect group membership "
"through the \"Group\" resource but MAY modify direct group membership "
"through the \"Group\" resource, which may influence indirect memberships. "
"If the SCIM service provider exposes a \"Group\" resource, the \"value\" sub-"
"attribute MUST be the \"id\", and the \"$ref\" sub-attribute must be the URI "
"of the corresponding \"Group\" resources to which the user belongs. Since "
"this attribute has a mutability of \"readOnly\", group membership changes "
"MUST be applied via the \"Group\" Resource (Section 4.2). This attribute "
"has a mutability of \"readOnly\"."
msgstr ""
#: ../../canaille/core/models.py:docstring of
#: canaille.core.models.User.has_password:1 0f2b60791a8b4de6ad01e2aae8599351
msgid "Check whether a password has been set for the user."
msgstr ""
#: ../../docstring of canaille.core.models.User.hotp_counter:1
#: 7270ae13d163421c834873b5c783e59c
msgid ""
"HMAC-based One Time Password counter, used for multi-factor authentication."
msgstr ""
#: ../../docstring of canaille.core.models.User.last_otp_login:1
#: 3733def07fab41e6a20187ed1d5b3e0e
msgid ""
"A DateTime indicating when the user last logged in with a one-time password. "
"This attribute is currently used to check whether the user has activated one-"
"time password authentication or not."
msgstr ""
#: ../../docstring of canaille.core.models.User.locality:1
#: 35cad569116b41dfbe6bbe2b8104b76b
msgid "The city or locality component."
msgstr ""
#: ../../docstring of canaille.core.models.User.lock_date:1
#: 633f6bdeb83f4913a8ee2f882af9002c
msgid "A DateTime indicating when the resource was locked."
msgstr ""
#: ../../canaille/core/models.py:docstring of
#: canaille.core.models.User.locked:1 39db3feba62644ffa9786bffc2ab4a7f
msgid "Whether the user account has been locked or has expired."
msgstr ""
#: ../../docstring of canaille.core.models.User.one_time_password:1
#: f18bf157b3d146f9a1ce6b555d34e063
msgid "One time password used for email or sms multi-factor authentication."
msgstr ""
#: ../../docstring of
#: canaille.core.models.User.one_time_password_emission_date:1
#: 3524d8036e604f5ea0b79f6923281e59
msgid ""
"A DateTime indicating when the user last emitted an email or sms one-time "
"password."
msgstr ""
#: ../../docstring of canaille.core.models.User.organization:1
#: 4d9f6ad494f04647ab74303cf4ac43ff
msgid "Identifies the name of an organization."
msgstr ""
#: ../../docstring of canaille.core.models.User.password:1
#: 40d6c48066524cfc8351cc767f41346a
msgid ""
"This attribute is intended to be used as a means to set, replace, or compare "
"(i.e., filter for equality) a password. The cleartext value or the hashed "
"value of a password SHALL NOT be returnable by a service provider. If a "
"service provider holds the value locally, the value SHOULD be hashed. When "
"a password is set or changed by the client, the cleartext password SHOULD be "
"processed by the service provider as follows:"
msgstr ""
#: ../../docstring of canaille.core.models.User.password:9
#: 8f905c9dd5d348c3a471dba091253875
msgid ""
"Prepare the cleartext value for international language comparison. See "
"Section 7.8 of [RFC7644]."
msgstr ""
#: ../../docstring of canaille.core.models.User.password:12
#: 2ebe8572767c40ef994cdebbe78d85de
msgid ""
"Validate the value against server password policy. Note: The definition and "
"enforcement of password policy are beyond the scope of this document."
msgstr ""
#: ../../docstring of canaille.core.models.User.password:16
#: 75918453e12d4bceb114c825c4bc2be3
msgid ""
"Ensure that the value is encrypted (e.g., hashed). See Section 9.2 for "
"acceptable hashing and encryption handling when storing or persisting for "
"provisioning workflow reasons."
msgstr ""
#: ../../docstring of canaille.core.models.User.password:20
#: b9119fbfcde14dbca59820b443efd8a2
msgid ""
"A service provider that immediately passes the cleartext value on to another "
"system or programming interface MUST pass the value directly over a secured "
"connection (e.g., Transport Layer Security (TLS)). If the value needs to be "
"temporarily persisted for a period of time (e.g., because of a workflow) "
"before provisioning, then the value MUST be protected by some method, such "
"as encryption."
msgstr ""
#: ../../docstring of canaille.core.models.User.password:28
#: 16ddf15766214a3f80f303269bddbb79
msgid ""
"Testing for an equality match MAY be supported if there is an existing "
"stored hashed value. When testing for equality, the service provider:"
msgstr ""
#: ../../docstring of canaille.core.models.User.password:32
#: 827dd01cece04053a65fed8877f35e51
msgid ""
"Prepares the filter value for international language comparison. See "
"Section 7.8 of [RFC7644]."
msgstr ""
#: ../../docstring of canaille.core.models.User.password:35
#: 1e4a8c9cfd7a4bd6960d66a5f63742ab
msgid ""
"Generates the salted hash of the filter value and tests for a match with the "
"locally held value."
msgstr ""
#: ../../docstring of canaille.core.models.User.password:38
#: 8f6cfda04ae544c6822f4a7f06cea845
msgid ""
"The mutability of the password attribute is \"writeOnly\", indicating that "
"the value MUST NOT be returned by a service provider in any form (the "
"attribute characteristic \"returned\" is \"never\")."
msgstr ""
#: ../../docstring of canaille.core.models.User.password_failure_timestamps:1
#: 2bcfd4fcbfb044239e08740a87b836cf
msgid ""
"This attribute stores the timestamps of the user's failed authentications."
msgstr ""
#: ../../docstring of canaille.core.models.User.password_failure_timestamps:4
#: 947638406ec447c69ee529ec5db689c9
msgid "It's currently used by the intruder lockout delay system."
msgstr ""
#: ../../docstring of canaille.core.models.User.password_last_update:1
#: 9ed3dec804234490afb3e06065614fcb
msgid ""
"Specifies the last time the user password was changed. By default, the date "
"of creation of the password is retained."
msgstr ""
#: ../../docstring of canaille.core.models.User.phone_numbers:1
#: e6c0fe4b0a3142fe9197d175f60b217c
msgid "Phone numbers for the user."
msgstr ""
#: ../../docstring of canaille.core.models.User.phone_numbers:3
#: 4e5ec315754d41568d9b1b84d5a7dce7
msgid ""
"The value SHOULD be specified according to the format defined in [RFC3966], "
"e.g., 'tel:+1-201-555-0123'. Service providers SHOULD canonicalize the "
"value according to [RFC3966] format, when appropriate. The \"display\" sub-"
"attribute MAY be used to return the canonicalized representation of the "
"phone number value. The sub- attribute \"type\" often has typical values of "
"\"work\", \"home\", \"mobile\", \"fax\", \"pager\", and \"other\" and MAY "
"allow more types to be defined by the SCIM clients."
msgstr ""
#: ../../docstring of canaille.core.models.User.photo:1
#: 509e5e62dcb240599d27a5f02e7a7e03
msgid ""
"A URI that is a uniform resource locator (as defined in Section 1.1.3 of "
"[RFC3986]) that points to a resource location representing the user's image."
msgstr ""
#: ../../docstring of canaille.core.models.User.photo:5
#: 207121916f8140a89ac96917fb82c3c8
msgid ""
"The resource MUST be a file (e.g., a GIF, JPEG, or PNG image file) rather "
"than a web page containing an image. Service providers MAY return the same "
"image in different sizes, although it is recognized that no standard for "
"describing images of various sizes currently exists. Note that this "
"attribute SHOULD NOT be used to send down arbitrary photos taken by this "
"user; instead, profile photos of the user that are suitable for display when "
"describing the user should be sent. Instead of the standard canonical values "
"for type, this attribute defines the following canonical values to represent "
"popular photo sizes: \"photo\" and \"thumbnail\"."
msgstr ""
#: ../../docstring of canaille.core.models.User.postal_code:1
#: bb30484b20b44c4c8a5e790565a75c52
msgid "The zip code or postal code component."
msgstr ""
#: ../../docstring of canaille.core.models.User.preferred_language:1
#: d28cb1c7653f48619c4ea69883c99982
msgid ""
"Indicates the user's preferred written or spoken languages and is generally "
"used for selecting a localized user interface."
msgstr ""
#: ../../docstring of canaille.core.models.User.preferred_language:4
#: 65ba0d81d5b4453dac85fbb4b80521b4
msgid ""
"The value indicates the set of natural languages that are preferred. The "
"format of the value is the same as the HTTP Accept-Language header field "
"(not including \"Accept-Language:\") and is specified in Section 5.3.5 of "
"[RFC7231]. The intent of this value is to enable cloud applications to "
"perform matching of language tags [RFC4647] to the user's language "
"preferences, regardless of what may be indicated by a user agent (which "
"might be shared), or in an interaction that does not involve a user (such as "
"in a delegated OAuth 2.0 [RFC6749] style interaction) where normal HTTP "
"Accept-Language header negotiation cannot take place."
msgstr ""
#: ../../docstring of canaille.core.models.User.profile_url:1
#: dc41821b1f6940468c4c18d70de4b372
msgid ""
"A URI that is a uniform resource locator (as defined in Section 1.1.3 of "
"[RFC3986]) and that points to a location representing the user's online "
"profile (e.g., a web page)."
msgstr ""
#: ../../docstring of canaille.core.models.User.profile_url:5
#: 8481e9db6717497da875c95d2f8c5a8d
msgid "URIs are canonicalized per Section 6.2 of [RFC3986]."
msgstr ""
#: ../../canaille/core/models.py:docstring of
#: canaille.core.models.User.readable_fields:1 82072608d7184c37ab37493cacb7b587
msgid ""
"The fields the user can read according to the :class:`configuration "
"<canaille.core.configuration.ACLSettings>` configuration."
msgstr ""
#: ../../canaille/core/models.py:docstring of
#: canaille.core.models.User.readable_fields:4 c02e2a584e0c4473b1001c024b24696f
msgid ""
"This does not include the :attr:`writable <canaille.core.models.User."
"writable_fields>` fields."
msgstr ""
#: ../../docstring of canaille.core.models.User.region:1
#: 037f259a6e984ca1aea1e1f80d9b6079
msgid "The state or region component."
msgstr ""
#: ../../docstring of canaille.core.models.User.secret_token:1
#: 5f56d77ac5ee40d192cc5b122e0f79ae
msgid ""
"Unique token generated for each user, used for multi-factor authentication."
msgstr ""
#: ../../docstring of canaille.core.models.User.street:1
#: e57fcc9747814887a3643ba92cc6dc53
msgid ""
"The full street address component, which may include house number, street "
"name, P.O."
msgstr ""
#: ../../docstring of canaille.core.models.User.street:4
#: 563c42f617d444ec90c40d6af35f43a8
msgid ""
"box, and multi-line extended street address information. This attribute MAY "
"contain newlines."
msgstr ""
#: ../../docstring of canaille.core.models.User.title:1
#: 6d2d009ee87746d4bcb3d63c3bc9f8cb
msgid "The user's title, such as \"Vice President\"."
msgstr ""
#: ../../docstring of canaille.core.models.User.user_name:1
#: 89f788bca8344b2ba7f5967a62e7bcce
msgid ""
"A service provider's unique identifier for the user, typically used by the "
"user to directly authenticate to the service provider."
msgstr ""
#: ../../docstring of canaille.core.models.User.user_name:4
#: f6806a97c1b74c79b9600427618fed91
msgid ""
"Often displayed to the user as their unique identifier within the system (as "
"opposed to \"id\" or \"externalId\", which are generally opaque and not user-"
"friendly identifiers). Each User MUST include a non-empty userName value. "
"This identifier MUST be unique across the service provider's entire set of "
"Users. This attribute is REQUIRED and is case insensitive."
msgstr ""
#: ../../canaille/core/models.py:docstring of
#: canaille.core.models.User.writable_fields:1 2017dc660a66445db67269640fd1fd8f
msgid ""
"The fields the user can write according to the :class:`configuration "
"<canaille.core.configuration.ACLSettings>`."
msgstr ""
#: ../../canaille/core/models.py:docstring of
#: canaille.core.models.string_code:1 b1de5e85f60e43b282a0030180652af0
msgid "Add leading 0 if the code length does not match the defined length."
msgstr ""
#: ../../canaille/core/models.py:docstring of
#: canaille.core.models.string_code:3 97af099fefbe45d6a996d9a721da82c3
msgid ""
"For instance, parameter ``digit=6``, but ``code=123``, this method would "
"return ``000123``::"
msgstr ""
#: ../../canaille/oidc/basemodels.py:docstring of
#: canaille.oidc.basemodels.AuthorizationCode:1
#: adb7d97f3da14c2aacca22dd9662c8ff
msgid "OpenID Connect temporary authorization code definition."
msgstr ""
#: ../../canaille/oidc/basemodels.py:docstring of
#: canaille.oidc.basemodels.Client:1 5b28461fe1a648319cb0c397a99b4e53
msgid ""
"OpenID Connect client definition, based on the `OAuth 2.0 Dynamic Client "
"Registration protocols <https://datatracker.ietf.org/doc/html/rfc7591."
"html>`_ and the `OpenID Connect RP-Initiated Logout <https://openid.net/"
"specs/openid-connect-rpinitiated-1_0.html>`_ specifications."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.client_id:3
#: e0657b683d9647658874cadf0850f835
msgid ""
"OAuth 2.0 client identifier string. It SHOULD NOT be currently valid for "
"any other registered client, though an authorization server MAY issue the "
"same client identifier to multiple instances of a registered client at its "
"discretion."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.client_id_issued_at:1
#: canaille.oidc.basemodels.Client.client_secret:1
#: canaille.oidc.basemodels.Client.post_logout_redirect_uris:1
#: 967cfa0d0db440809c848e54df164c07 4b4d070c368a434f8cc01bd90da45fc9
#: f0ca582d84334ea1a5507f264b52ef8b
msgid "OPTIONAL."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.client_id_issued_at:3
#: 0838ce8aace4443387c90b0261ca5378
msgid ""
"Time at which the client identifier was issued. The time is represented as "
"the number of seconds from 1970-01-01T00:00:00Z as measured in UTC until the "
"date/time of issuance."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.client_name:1
#: 717188e85d47456ebd89ff518aa68b29
msgid ""
"Human-readable string name of the client to be presented to the end-user "
"during authorization."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.client_name:4
#: 245a799f27b0452d8b0796e99a80f07d
msgid ""
"If omitted, the authorization server MAY display the raw \"client_id\" value "
"to the end-user instead. It is RECOMMENDED that clients always send this "
"field. The value of this field MAY be internationalized, as described in "
"Section 2.2."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.client_secret:3
#: c1fc10e0d4c54f52a51026a03b857b99
msgid ""
"OAuth 2.0 client secret string. If issued, this MUST be unique for each "
"\"client_id\" and SHOULD be unique for multiple instances of a client using "
"the same \"client_id\". This value is used by confidential clients to "
"authenticate to the token endpoint, as described in OAuth 2.0 [RFC6749], "
"Section 2.3.1."
msgstr ""
#: ../../docstring of
#: canaille.oidc.basemodels.Client.client_secret_expires_at:1
#: 9cfc3339a1dd46189984275692dba718
msgid "REQUIRED if \"client_secret\" is issued."
msgstr ""
#: ../../docstring of
#: canaille.oidc.basemodels.Client.client_secret_expires_at:3
#: 1186270fd481486caa704d2fd7528b4f
msgid ""
"Time at which the client secret will expire or 0 if it will not expire. The "
"time is represented as the number of seconds from 1970-01-01T00:00:00Z as "
"measured in UTC until the date/time of expiration."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.client_uri:1
#: b0291c41aa9c4f2c8f66a0c71b9b4711
msgid "URL string of a web page providing information about the client."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.client_uri:3
#: f478bd954ac24382b1de1588c419c6a2
msgid ""
"If present, the server SHOULD display this URL to the end-user in a "
"clickable fashion. It is RECOMMENDED that clients always send this field. "
"The value of this field MUST point to a valid web page. The value of this "
"field MAY be internationalized, as described in Section 2.2."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.contacts:1
#: f6e323978f9a463cabca1ddcaa5f6d0b
msgid ""
"Array of strings representing ways to contact people responsible for this "
"client, typically email addresses."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.contacts:4
#: de7fc414bed34c7aab0a55ad3cd826f4
msgid ""
"The authorization server MAY make these contact addresses available to end-"
"users for support requests for the client. See Section 6 for information on "
"Privacy Considerations."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:1
#: 23b30053d45946ecaf4f2d8bc5469f90
msgid ""
"Array of OAuth 2.0 grant type strings that the client can use at the token "
"endpoint. These grant types are defined as follows:"
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:4
#: 75a3dfb08d97436eb62cc7855c3610ea
msgid ""
"\"authorization_code\": The authorization code grant type defined in OAuth "
"2.0, Section 4.1."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:7
#: ae2400d35211470f9ad2dc29e743ecb0
msgid ""
"\"implicit\": The implicit grant type defined in OAuth 2.0, Section 4.2."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:10
#: 0af327a65a014400b624754d17db1304
msgid ""
"\"password\": The resource owner password credentials grant type defined in "
"OAuth 2.0, Section 4.3."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:13
#: 33eb8a7321934eef8b1b8f7c77ca6e04
msgid ""
"\"client_credentials\": The client credentials grant type defined in OAuth "
"2.0, Section 4.4."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:16
#: 986d1fe697094e24b8d1c5d9abcbe542
msgid ""
"\"refresh_token\": The refresh token grant type defined in OAuth 2.0, "
"Section 6."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:19
#: 04635a2484cb4aa98c04ef7e6d06047e
msgid ""
"\"urn:ietf:params:oauth:grant-type:jwt-bearer\": The JWT Bearer Token Grant "
"Type defined in OAuth JWT Bearer Token Profiles [RFC7523]."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:23
#: 30c6734c6f254c9ab0c1bd628606080d
msgid ""
"\"urn:ietf:params:oauth:grant-type:saml2-bearer\": The SAML 2.0 Bearer "
"Assertion Grant defined in OAuth SAML 2 Bearer Token Profiles [RFC7522]."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:27
#: cde679d2d9524468863e856afe8a7b60
msgid ""
"If the token endpoint is used in the grant type, the value of this parameter "
"MUST be the same as the value of the \"grant_type\" parameter passed to the "
"token endpoint defined in the grant type definition. Authorization servers "
"MAY allow for other values as defined in the grant type extension process "
"described in OAuth 2.0, Section 4.5. If omitted, the default behavior is "
"that the client will use only the \"authorization_code\" Grant Type."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.jwk:1
#: 03fcc115c5ff4506bdd2a9adef32c993
msgid ""
"Client's JSON Web Key Set [RFC7517] document value, which contains the "
"client's public keys."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.jwk:4
#: 02fefaf4edc14d88ad63f66d929fbc8f
msgid ""
"The value of this field MUST be a JSON object containing a valid JWK Set. "
"These keys can be used by higher-level protocols that use signing or "
"encryption. This parameter is intended to be used by clients that cannot "
"use the \"jwks_uri\" parameter, such as native clients that cannot host "
"public URLs. The \"jwks_uri\" and \"jwks\" parameters MUST NOT both be "
"present in the same request or response."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.jwks_uri:1
#: 3517e8d1433c4a29af4e1a37e51745b0
msgid ""
"URL string referencing the client's JSON Web Key (JWK) Set [RFC7517] "
"document, which contains the client's public keys."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.jwks_uri:4
#: a4cea848089b4921b616a4cc682df264
msgid ""
"The value of this field MUST point to a valid JWK Set document. These keys "
"can be used by higher-level protocols that use signing or encryption. For "
"instance, these keys might be used by some applications for validating "
"signed requests made to the token endpoint when using JWTs for client "
"authentication [RFC7523]. Use of this parameter is preferred over the "
"\"jwks\" parameter, as it allows for easier key rotation. The \"jwks_uri\" "
"and \"jwks\" parameters MUST NOT both be present in the same request or "
"response."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.logo_uri:1
#: 1058da51ab304a729c47f357ba058b65
msgid "URL string that references a logo for the client."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.logo_uri:3
#: 897286c50a844afeaa8822854d80c376
msgid ""
"If present, the server SHOULD display this image to the end-user during "
"approval. The value of this field MUST point to a valid image file. The "
"value of this field MAY be internationalized, as described in Section 2.2."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.policy_uri:1
#: 3b42d4ff71e940519fe684fb1ff948f7
msgid ""
"URL string that points to a human-readable privacy policy document that "
"describes how the deployment organization collects, uses, retains, and "
"discloses personal data."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.policy_uri:5
#: canaille.oidc.basemodels.Client.tos_uri:5 8b45eca8d1ba446abf902daadf5e1fda
#: 3387991465b848b2a30d39647bbb4957
msgid ""
"The authorization server SHOULD display this URL to the end-user if it is "
"provided. The value of this field MUST point to a valid web page. The "
"value of this field MAY be internationalized, as described in Section 2.2."
msgstr ""
#: ../../docstring of
#: canaille.oidc.basemodels.Client.post_logout_redirect_uris:3
#: fc67d35b36e44cf8aba020e20ed0541f
msgid ""
"Array of URLs supplied by the RP to which it MAY request that the End-User's "
"User Agent be redirected using the post_logout_redirect_uri parameter after "
"a logout has been performed. These URLs SHOULD use the https scheme and MAY "
"contain port, path, and query parameter components; however, they MAY use "
"the http scheme, provided that the Client Type is confidential, as defined "
"in Section 2.1 of OAuth 2.0 [RFC6749], and provided the OP allows the use of "
"http RP URIs."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.redirect_uris:1
#: 9a33ca942bb24edf8a01c21608ea2f73
msgid ""
"Array of redirection URI strings for use in redirect-based flows such as the "
"authorization code and implicit flows."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.redirect_uris:4
#: 68f13c9e8ebb40aeb80f1f8646b9c17a
msgid ""
"As required by Section 2 of OAuth 2.0 [RFC6749], clients using flows with "
"redirection MUST register their redirection URI values. Authorization "
"servers that support dynamic registration for redirect-based flows MUST "
"implement support for this metadata value."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.response_types:1
#: 14f38992c4cd441ebbc8581b5cfc81ed
msgid ""
"Array of the OAuth 2.0 response type strings that the client can use at the "
"authorization endpoint. These response types are defined as follows:"
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.response_types:5
#: f10a2f7b651b49f3a478805baa7d1ba7
msgid ""
"\"code\": The authorization code response type defined in OAuth 2.0, Section "
"4.1."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.response_types:8
#: 5afdef305ded4cb09fd75ef4733d4a7a
msgid ""
"\"token\": The implicit response type defined in OAuth 2.0, Section 4.2."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.response_types:11
#: 31436e43c2444893993f0537a739bb97
msgid ""
"If the authorization endpoint is used by the grant type, the value of this "
"parameter MUST be the same as the value of the \"response_type\" parameter "
"passed to the authorization endpoint defined in the grant type definition. "
"Authorization servers MAY allow for other values as defined in the grant "
"type extension process is described in OAuth 2.0, Section 4.5. If omitted, "
"the default is that the client will use only the \"code\" response type."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.scope:1
#: ee96854b70914411b34d691bee4ea794
msgid ""
"String containing a space-separated list of scope values (as described in "
"Section 3.3 of OAuth 2.0 [RFC6749]) that the client can use when requesting "
"access tokens."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.scope:5
#: 867579989e8343099f2645ec3daae661
msgid ""
"The semantics of values in this list are service specific. If omitted, an "
"authorization server MAY register a client with a default set of scopes."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.software_id:1
#: c267bd27bc0643dfa799a288bba6898c
msgid ""
"A unique identifier string (e.g., a Universally Unique Identifier (UUID)) "
"assigned by the client developer or software publisher used by registration "
"endpoints to identify the client software to be dynamically registered."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.software_id:6
#: b39f9748f4d94612bce4bbafa631edb5
msgid ""
"Unlike \"client_id\", which is issued by the authorization server and SHOULD "
"vary between instances, the \"software_id\" SHOULD remain the same for all "
"instances of the client software. The \"software_id\" SHOULD remain the "
"same across multiple updates or versions of the same piece of software. The "
"value of this field is not intended to be human readable and is usually "
"opaque to the client and authorization server."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.software_version:1
#: 1c86069cf82d405b80e9449c82ecd79e
msgid ""
"A version identifier string for the client software identified by "
"\"software_id\"."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.software_version:4
#: 76d6a1a3931a4366a86c58de3c921b06
msgid ""
"The value of the \"software_version\" SHOULD change on any update to the "
"client software identified by the same \"software_id\". The value of this "
"field is intended to be compared using string equality matching and no other "
"comparison semantics are defined by this specification. The value of this "
"field is outside the scope of this specification, but it is not intended to "
"be human readable and is usually opaque to the client and authorization "
"server. The definition of what constitutes an update to client software "
"that would trigger a change to this value is specific to the software itself "
"and is outside the scope of this specification."
msgstr ""
#: ../../docstring of
#: canaille.oidc.basemodels.Client.token_endpoint_auth_method:1
#: a931df28521e48ac9f2e294e6b40c1af
msgid ""
"String indicator of the requested authentication method for the token "
"endpoint. Values defined by this specification are:"
msgstr ""
#: ../../docstring of
#: canaille.oidc.basemodels.Client.token_endpoint_auth_method:4
#: d03d2336b72748abb03b7629c8cb236c
msgid ""
"\"none\": The client is a public client as defined in OAuth 2.0, Section "
"2.1, and does not have a client secret."
msgstr ""
#: ../../docstring of
#: canaille.oidc.basemodels.Client.token_endpoint_auth_method:7
#: 1d75c85686a6406e80c0609011503309
msgid ""
"\"client_secret_post\": The client uses the HTTP POST parameters as defined "
"in OAuth 2.0, Section 2.3.1."
msgstr ""
#: ../../docstring of
#: canaille.oidc.basemodels.Client.token_endpoint_auth_method:10
#: 3fce72a657484e9987ed472193f364a2
msgid ""
"\"client_secret_basic\": The client uses HTTP Basic as defined in OAuth 2.0, "
"Section 2.3.1."
msgstr ""
#: ../../docstring of
#: canaille.oidc.basemodels.Client.token_endpoint_auth_method:13
#: 01d6f8a488754b5f8da1973c101cffdb
msgid ""
"Additional values can be defined via the IANA \"OAuth Token Endpoint "
"Authentication Methods\" registry established in Section 4.2. Absolute URIs "
"can also be used as values for this parameter without being registered. If "
"unspecified or omitted, the default is \"client_secret_basic\", denoting the "
"HTTP Basic authentication scheme as specified in Section 2.3.1 of OAuth 2.0."
msgstr ""
#: ../../docstring of canaille.oidc.basemodels.Client.tos_uri:1
#: a87b9ed913e74134a96ab13db76ac51f
msgid ""
"URL string that points to a human-readable terms of service document for the "
"client that describes a contractual relationship between the end-user and "
"the client that the end-user accepts when authorizing the client."
msgstr ""
#: ../../canaille/oidc/basemodels.py:docstring of
#: canaille.oidc.basemodels.Consent:1 1ce3e3e8887242d4887f1d65ded91a08
msgid "Long-term user consent to an application."
msgstr ""
#: ../../canaille/oidc/basemodels.py:docstring of
#: canaille.oidc.basemodels.Token:1 5165dd5a43e7441cb556b288dd912159
msgid "OpenID Connect token definition."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_account_lockability:1
#: e317757c8739489cb4c606d40a90cb90
msgid "Indicate whether the user accounts can be locked."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_account_lockability:3
#: 4935317ffeda47b785292d21e926c3a3
msgid ""
"It depends on the backend used by Canaille. This is only disabled for "
"OpenLDAP versions under 2.6."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_email_confirmation:1
#: 2970459a63174e829259ae220ec911dc
msgid "Indicate whether the user email confirmation is enabled."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_email_confirmation:3
#: c1079035d9be414983104194b2ab2120
msgid ""
"It is controlled by the :attr:`CANAILLE.EMAIL_CONFIRMATION <canaille.core."
"configuration.CoreSettings.EMAIL_CONFIRMATION>` configuration parameter."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_email_otp:1
#: 479b07160b35479abc87e2221bec17b2
msgid "Indicate whether the email OTP authentication factor is enabled."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_email_otp:3
#: e84db66b26a44edfa4dc1e6cbde4a367
msgid ""
"It is controlled by the :attr:`CANAILLE.EMAIL_OTP <canaille.core."
"configuration.CoreSettings.EMAIL_OTP>` configuration parameter."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_intruder_lockout:1
#: 61712b4872ac426aa90f58eee9fe9e4c
msgid "Indicate whether the intruder lockout feature is enabled."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_intruder_lockout:3
#: aef23f3499454b14b5bd0b7bbfec559d
msgid ""
"It is controlled by the :attr:`CANAILLE.ENABLE_INTRUDER_LOCKOUT <canaille."
"core.configuration.CoreSettings.ENABLE_INTRUDER_LOCKOUT>` configuration "
"parameter."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_oidc:1 2aabb9553b6949709c73253180bd4d4e
msgid "Indicate whether the OIDC feature is enabled."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_oidc:3 82fb878e33854d91b056aa833b95c490
msgid ""
"This feature is required to make Canaille an authorization server for other "
"applications and enable SSO. It is controlled by the :class:`CANAILLE_OIDC "
"<canaille.oidc.configuration.OIDCSettings>` configuration parameter, and "
"needs the ``oidc`` extra package to be installed."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_otp:1 7b629967c62d4d4082395fd70d845fac
msgid "Indicate whether the OTP authentication factor is enabled."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_otp:3 04109fcdb7c5458290d27321fe20d363
msgid ""
"It is controlled by the :attr:`CANAILLE.OTP_METHOD <canaille.core."
"configuration.CoreSettings.OTP_METHOD>` configuration parameter, and needs "
"the ``otp`` extra package to be installed."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_password_recovery:1
#: 30f3561a2c7f4f82940e8659e07b9fce
msgid "Indicate whether the password recovery feature is enabled."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_password_recovery:3
#: 8dbab1baf660461b957ab458b86f8d1a
msgid ""
"It is controlled by the :attr:`CANAILLE.ENABLE_PASSWORD_RECOVERY <canaille."
"core.configuration.CoreSettings.ENABLE_PASSWORD_RECOVERY>` configuration "
"parameter."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_registration:1
#: 1a46b31407b94556b7d7ba1b1efb72b5
msgid "Indicate whether the user account registration is enabled."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_registration:3
#: 8a808dd6387b49d69a88d23b8da5c3de
msgid ""
"It is controlled by the :attr:`CANAILLE.ENABLE_REGISTRATION <canaille.core."
"configuration.CoreSettings.ENABLE_REGISTRATION>` configuration parameter."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_scim_server:1
#: b6353866864746679e731902db3a6ad5
msgid "Indicate whether the SCIM server feature is enabled."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_scim_server:3
#: 0e4e8b0c28bf4ff893e4b015d4c045e3
msgid ""
"This feature is required to make Canaille a provisioning server. It is "
"controlled by the :attr:`CANAILLE_SCIM.ENABLE_SERVER <canaille.scim."
"configuration.SCIMSettings.ENABLE_SERVER>` configuration parameter, and "
"needs the ``scim`` extra package to be installed."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_sms_otp:1
#: 46464c2c705e4b34b764e4c2442678c7
msgid "Indicate whether the SMS OTP authentication factor is enabled."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_sms_otp:3
#: 5138fc9cb274425b86314c1a729a4ab9
msgid ""
"It is controlled by the :attr:`CANAILLE.SMS_OTP <canaille.core.configuration."
"CoreSettings.SMS_OTP>` configuration parameter, and needs the ``smpp`` extra "
"package to be installed."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_smtp:1 6252fb79e38d40f5b8826dfe87efd84c
msgid "Indicate whether the mail sending feature is enabled."
msgstr ""
#: ../../canaille/app/features.py:docstring of
#: canaille.app.features.Features.has_smtp:3 849b7de93582432cb12e533cacf3d864
msgid ""
"This feature is required to :attr:`validate user email addresses <canaille."
"app.features.Features.has_email_confirmation>`, send email OTP passwords "
"etc. It is controlled by the :attr:`CANAILLE.SMTP <canaille.core."
"configuration.CoreSettings.SMTP>` configuration parameter."
msgstr ""
#: ../references/templates.rst:2 5f9d52fbb7344304a33a0eb7cfb015fb
msgid "Templates"
msgstr ""
#: ../references/templates.rst:4 0ec160217743460aa21c2c99a386524f
msgid ""
"This references the template files, their role and the variables available "
"in their contexts. The intended audience for this reference is designers "
"wishing to build their custom Canaille theme."
msgstr ""
#: ../references/templates.rst:8 c4dae69dc590432f9691c0d763f7df8c
msgid "Base"
msgstr ""
#: ../references/templates.rst:10 2d86d946bebb41a69933f921f2b7312d
msgid "Those templates are shared by all the pages rendered by Canaille."
msgstr ""
#: ../references/templates.rst:13 ../references/templates.rst:35
#: ../references/templates.rst:53 a5a0c7c729174b69b7161dbc8abbd969
#: 298198cd92ec45a490362f33c0e75741 74c0ab51e1da40efb5b75f98868222a9
msgid "Template files"
msgstr ""
#: ../../<autotemplate>:1 7be0a83bad854553b20777a2a0782d23
msgid "The main template inherited by almost every other templates."
msgstr ""
#: ../../<autotemplate>:1 ade7caad09f74fbbbb8e6ae9276e3be8
msgid "The current user, if logged in."
msgstr ""
#: ../../<autotemplate>:1 276fe3eb9c3346dd987a579dad80e69b
msgid "The features enabled and available in Canaille."
msgstr ""
#: ../../<autotemplate>:1 2d0ad06c56034e4296882043db94e127
msgid "The user locale."
msgstr ""
#: ../../<autotemplate>:1 bc1a541d4be4473d9ea86978fb5cbd9f
msgid ""
"The Canaille instance defined in :attr:`~canaille.core.configuration."
"CoreSettings.NAME`."
msgstr ""
#: ../../<autotemplate>:1 e4a5a4c5dc6f40cdb50a5bbd11ad13ca
msgid ""
"The URL of the instance logo defined in :attr:`~canaille.core.configuration."
"CoreSettings.LOGO`."
msgstr ""
#: ../../<autotemplate>:1 a2c4eb224d834cfa8438bfa3da66f569
msgid ""
"The URL of the instance favicon defined in :attr:`~canaille.core."
"configuration.CoreSettings.FAVICON`."
msgstr ""
#: ../../<autotemplate>:1 d547da6f559b42d78fb3a73d97f0447e
msgid ""
"Whether the page is boosted by :attr:`~canaille.core.configuration."
"CoreSettings.HTMX`."
msgstr ""
#: ../../<autotemplate>:1 e96fbba85e69401794cd24472a510920
msgid "Whether to display the menu or not."
msgstr ""
#: ../../<autotemplate>:1 915e2d15e72f448581b4232462138de8
msgid "Whether the app has been launched in debug mode."
msgstr ""
#: ../../<autotemplate>:1 8e94e267a2e24fd086ff86ca5dd2d000
msgid ""
"The error page. Displayed for all kinds of errors (not found, internal "
"server error etc.)."
msgstr ""
#: ../../<autotemplate>:1 2306a7ac505241a7be52428c377fdf3b
msgid "The code of the HTTP error (404, 500, etc.)"
msgstr ""
#: ../../<autotemplate>:1 4bacf1c221314a0caa4206f59268df11
msgid "The error code description."
msgstr ""
#: ../../<autotemplate>:1 d55fefef1f0142afae9079c733167f2d
msgid "An optional Font Awesome icon reference."
msgstr ""
#: ../../<autotemplate>:1 0a534694c6044876aa823571cc6431d6
msgid "Macros for Flask flash message rendering"
msgstr ""
#: ../../<autotemplate>:1 de9e78670ac34fd2a8bfeb84e5fd449a
msgid "Macros for form and form field rendering."
msgstr ""
#: ../../<autotemplate>:1 010fef6420b54e9fa0030bff7cf89d66
msgid "Connects WTForms, Fomantic-UI and HTMX."
msgstr ""
#: ../../<autotemplate>:1 722e1cc69d054b6b90eccbbf14d34fe4
msgid "Macros for rendering table paginated with HTMX."
msgstr ""
#: ../references/templates.rst:22 ../references/templates.rst:40
#: ../references/templates.rst:58 c1141c3140ed49efb429fe7e0ddb07d5
#: f66b89d5a0514f8fbc41b532ceb496b6 ddd9f189d96f48cb92e11a1819d26a8f
msgid "Forms"
msgstr ""
#: ../../canaille/app/forms.py:docstring of canaille.app.forms.TableForm:1
#: 391264c8ae9342b98ccd4af5cfbcf383
msgid ""
"Bases: :py:class:`~canaille.app.forms.I18NFormMixin`, :py:class:`~flask_wtf."
"form.FlaskForm`"
msgstr ""
#: ../../canaille/app/forms.py:docstring of canaille.app.forms.TableForm:1
#: bbbef09257294353ae83fcc921eca400
msgid "A form for table rendering of object collections."
msgstr ""
#: ../references/templates.rst:30 a6ad4ce568a44098a9e487453d689dd5
msgid "Core"
msgstr ""
#: ../references/templates.rst:32 43fe331ad9c54541ac476bbe141b0a51
msgid ""
"The core templates are displayed in the authentication and profile edition "
"pages."
msgstr ""
#: ../../<autotemplate>:1 d19a70214ef0419bb0ce07ea39578834
msgid ""
"The 'About' page. This is an informational page, displaying the project "
"links."
msgstr ""
#: ../../<autotemplate>:1 51aba32d8e6d4e43ab37c3042b830e3a
msgid "The current Canaille version."
msgstr ""
#: ../../<autotemplate>:1 d296db599ed840dda1ffa1af92ce9e15
msgid "The first login page."
msgstr ""
#: ../../<autotemplate>:1 da37d9d1681e41b7beb4d8eb1f52ee17
msgid "This page is displayed to users who do not have set a password yet."
msgstr ""
#: ../../<autotemplate>:1 41cf2f06296f4529825add3e93ecce87
msgid "Password forgotten page."
msgstr ""
#: ../../<autotemplate>:1 5544ff3d795643299723088da49f54d2
msgid ""
"This page displays a form asking for the email address of users who cannot "
"remember their password."
msgstr ""
#: ../../<autotemplate>:1 91f95a21d2cf4cd682dbf7622895f744
msgid "Group edition page."
msgstr ""
#: ../../<autotemplate>:1 eb70b7161ea14a59800362c10a234635
msgid "Displays the group edition or creation form."
msgstr ""
#: ../../<autotemplate>:1 8b37ea965e5e49358b31b3f72980cd14
msgid ""
":data:`None` in a creation context. In edition context this is the edited "
"group."
msgstr ""
#: ../../<autotemplate>:1 c34b493558f041089780f1ee6d8bc0cb
msgid "The group edition/creation form."
msgstr ""
#: ../../<autotemplate>:1 e6f30f59e1984b9696c77b053200c933
msgid "The group list page."
msgstr ""
#: ../../<autotemplate>:1 1123e6271a2547938e77a710f559788a
msgid "A :class:`~canaille.core.models.Group` pagination form."
msgstr ""
#: ../../<autotemplate>:1 bb18bceefbe644b39f75dd515e56f4f0
msgid "The invitation form page."
msgstr ""
#: ../../<autotemplate>:1 84e88c0d7f8146e7b245b725fa1527a1
msgid "Displays the invitation form to users with the invitation permission."
msgstr ""
#: ../../<autotemplate>:1 e6ed714de65843e5bf138d95d9d61316
msgid "The invitation form."
msgstr ""
#: ../../<autotemplate>:1 dd60812049374cd18c7d3cfa6dfaec5c
msgid "The invitation acceptation page."
msgstr ""
#: ../../<autotemplate>:1 8c9de3bd5fd64142b2f1b40644c04114
msgid ""
"This page is displayed to users who have clicked on invitation links sent by "
"mail (or by other media). It displays a basic account creation form."
msgstr ""
#: ../../<autotemplate>:1 f3767e9183b5463b8dc502ac64917496
msgid "The account creation form."
msgstr ""
#: ../../<autotemplate>:1 f8d7f98b7554401081a21e260a78f706
msgid "The login page."
msgstr ""
#: ../../<autotemplate>:1 735e538185894b8282b972ca8b9d3426
msgid "This page displays a form to get the user identifier."
msgstr ""
#: ../../<autotemplate>:1 013c3dbd2c544946b7d26f65bf77a272
msgid "The login form."
msgstr ""
#: ../../<autotemplate>:1 81b9105d642d4fadaec60fe2f3ae2b2b
msgid "User account creation page."
msgstr ""
#: ../../<autotemplate>:1 ad5a3f08284e4d97bb932d57aa7d689e
msgid ""
"This template displays an account creation form. It is used in the "
"registration page, and in the manual account creation page available for "
"users with *user management* permission."
msgstr ""
#: ../../<autotemplate>:1 c4c05e7a207c4a55a3be41d8f4b25339
msgid ""
"The user creation form. Dynamically built according to the user :attr:"
"`~canaille.core.configuration.ACLSettings.READ` and :attr:`~canaille.core."
"configuration.ACLSettings.WRITE` permissions. The available fields are those "
"appearing in *READ* and *WRITE*, those only appearing in *READ* are read-"
"only."
msgstr ""
#: ../../<autotemplate>:1 242018ca141f4b478d46d6837d5e2d70
msgid "The profile edition template."
msgstr ""
#: ../../<autotemplate>:1 f330ada37637476fb4bdb1c84a2ae6ea
msgid "Displays a user profile edition form."
msgstr ""
#: ../../<autotemplate>:1 4c2881082edb4939b2915eadb7ab9bef
#: 010d499b81f04fb199ed2ba1931ee496
msgid "The user that the form will edit."
msgstr ""
#: ../../<autotemplate>:1 8866fc8c9c8e4bf6a3a2f677fd272d3a
#: 4f5e9a4af8cd4f50a56d6ba6f8e5e853
msgid ""
"The user profile edition form. Dynamically built according to the user :attr:"
"`~canaille.core.configuration.ACLSettings.READ` and :attr:`~canaille.core."
"configuration.ACLSettings.WRITE` permissions. The available fields are those "
"appearing in *READ* and *WRITE*, those only appearing in *READ* are read-"
"only."
msgstr ""
#: ../../<autotemplate>:1 c4f0fe40593a4ffaa798eca30b4aac78
msgid ""
"An email edition form. Used when the :attr:`~canaille.app.features.Features."
"has_email_confirmation` feature is enabled."
msgstr ""
#: ../../<autotemplate>:1 779dc49b2ca248c4b05af1ddacec02b6
msgid "The profile settings template."
msgstr ""
#: ../../<autotemplate>:1 40f89421dbc748bca7235657984eb30f
msgid "Displays the user settings edition form."
msgstr ""
#: ../../<autotemplate>:1 ea6777c05f4a4e62b2e2385062c6dc8f
msgid "Whether the editor is allowed to delete the account of the edited user."
msgstr ""
#: ../../<autotemplate>:1 d1d48c1e0d9c43dca9c07b4617b609c1
msgid "The password reset template."
msgstr ""
#: ../../<autotemplate>:1 61f93db68163494f9443a2954a20d7e9
msgid "Displays a password reset form."
msgstr ""
#: ../../<autotemplate>:1 5b94f171e4174999b79c79239f3a0e63
msgid "The password reset form."
msgstr ""
#: ../../<autotemplate>:1 0179c0c333d049749ff14ac90ef2ed73
msgid "The user associated with the URL."
msgstr ""
#: ../../<autotemplate>:1 8cbae008b22349cab8e5647fbba5756e
msgid "The secret link hash."
msgstr ""
#: ../../<autotemplate>:1 b0015de385324c26ab05aaae65cc53bc
msgid "The multi-factor authentication initialization template."
msgstr ""
#: ../../<autotemplate>:1 5f61ae62c1f54123872391a3b49eed9f
msgid "Display a QR-code and the OTP secret."
msgstr ""
#: ../../<autotemplate>:1 1f370c74d1e44aeaa97929094036c1f1
msgid "The user initializing the OTP."
msgstr ""
#: ../../<autotemplate>:1 a372567c3b3b4ff2a99da5b529c6597a
msgid "The OTP secret."
msgstr ""
#: ../../<autotemplate>:1 16636bc9c47b44b79d22b301e102acb2
msgid "A QR-code image representing the OTP secret."
msgstr ""
#: ../../<autotemplate>:1 d164582bacae40b7b2cc7474d6f9fb3e
msgid "The users list."
msgstr ""
#: ../../<autotemplate>:1 882b8d87c79845379937941cc0c97219
msgid "Displays a paginated list of :class:`~canaille.core.models.User`."
msgstr ""
#: ../../<autotemplate>:1 708426b50822492ea31a6c0da17b2c48
#: 125a29d6209f4166bf05a177110f8daf 70d1cef7e598494e868fdb5c6803edda
#: 7cfa3fb4f0f24c93aab1cf503a1a7223
msgid "The paginated list form."
msgstr ""
#: ../../<autotemplate>:1 d56775ed9ad242d4836769c7eedf12f2
msgid "The multi-factor authentication code verification template."
msgstr ""
#: ../../<autotemplate>:1 25a01008fa74404d9b4cd104c129c446
msgid "Displays a form that asks for the multi-factor authentication code."
msgstr ""
#: ../../<autotemplate>:1 55e4772a75ef4013bd616b2a95f6f318
msgid "The code verification form."
msgstr ""
#: ../../<autotemplate>:1 fe2303972b36464c930cefc5633d251e
msgid "The username of the user attempting to log-in."
msgstr ""
#: ../../<autotemplate>:1 28f6d34d343e49d4820c4954328a6831
msgid "The authentication factor method."
msgstr ""
#: ../../canaille/core/endpoints/forms.py:docstring of
#: canaille.core.endpoints.forms.CreateGroupForm:1
#: canaille.core.endpoints.forms.DeleteGroupMemberForm:1
#: canaille.core.endpoints.forms.EditGroupForm:1
#: canaille.core.endpoints.forms.EmailConfirmationForm:1
#: canaille.core.endpoints.forms.FirstLoginForm:1
#: canaille.core.endpoints.forms.ForgottenPasswordForm:1
#: canaille.core.endpoints.forms.InvitationForm:1
#: canaille.core.endpoints.forms.JoinForm:1
#: canaille.core.endpoints.forms.LoginForm:1
#: canaille.core.endpoints.forms.PasswordForm:1
#: canaille.core.endpoints.forms.PasswordResetForm:1
#: canaille.core.endpoints.forms.TwoFactorForm:1
#: ../../canaille/oidc/endpoints/forms.py:docstring
#: canaille.oidc.endpoints.forms.AuthorizeForm:1
#: canaille.oidc.endpoints.forms.ClientAddForm:1
#: canaille.oidc.endpoints.forms.LogoutForm:1
#: canaille.oidc.endpoints.forms.TokenRevokationForm:1
#: 7557d735c06048ccb03d3c4ffed21a1e f5f7ab5ae7484c86a89b57c79ae4d9d6
#: fb8d2b222f4b4d57abf77d5f8faafcc7 d75199c9f7c0404e8853973b78f0215e
#: 9e95fee049e0435cbd4159781f1edd50 2cb77273b20c4212831821fbd01496a6
#: 8c8d1dee54184a78812ac3d859aa7038 e460257810ed4a33a7cb85fe807494ad
#: ec61c50a963d4d8fb3aa676239db3c5c b9313e7cc1e546e0839ac8bd0fa1760e
#: 06303d0c8056424983870c202d19074f 5a75a23845964be5b79acd05e664377a
#: 01c7c817569e47c991d87c04991e1b93 994f96504a2d4c4eae1c01b3ef956af4
#: 69946c83cd194c83be75b93e19961443 364071d215404e7197f25862ad916888
msgid "Bases: :py:class:`~canaille.app.forms.Form`"
msgstr ""
#: ../../canaille/core/endpoints/forms.py:docstring of
#: canaille.core.endpoints.forms.CreateGroupForm:1
#: bce83bbe98ba42a8aa85ba83608565c9
msgid "The group creation form."
msgstr ""
#: ../../canaille/core/endpoints/forms.py:docstring of
#: canaille.core.endpoints.forms.EditGroupForm:1
#: 6bc2bd87056e48ce9974042c0d00bfbc
msgid "The group edition form."
msgstr ""
#: ../../canaille/core/endpoints/forms.py:docstring of
#: canaille.core.endpoints.forms.InvitationForm:1
#: a909bb654e4c4565ac1ea27f28611b10
msgid "The user invitation form."
msgstr ""
#: ../references/templates.rst:50 1e8006623dfc46f3871671308d57d286
msgid "The OIDC templates are displayed in the OIDC consent pages."
msgstr ""
#: ../../<autotemplate>:1 7b424e4d64804074874788b1d21f10c4
msgid "The list of authorizations."
msgstr ""
#: ../../<autotemplate>:1 49a2e809fc454e9eb81444bfa5aea2fd
msgid ""
"Displays a paginated list of :class:`~canaille.oidc.basemodels."
"AuthorizationCode`."
msgstr ""
#: ../../<autotemplate>:1 59ce05b851854f99b0eb2a80c72487c0
msgid "Authorization details template."
msgstr ""
#: ../../<autotemplate>:1 b4c494183b864ab2a7c99778f68941c5
msgid ""
"Displays details about an :class:`~canaille.oidc.basemodels."
"AuthorizationCode`."
msgstr ""
#: ../../<autotemplate>:1 5044fed4cfb1448fa17f25b4328f8bc6
msgid "The detailed authorization."
msgstr ""
#: ../../<autotemplate>:1 f737bff0908640b78e347324f2c5aa42
msgid "Consent request template."
msgstr ""
#: ../../<autotemplate>:1 b34520f53fde44cf94788a8c83ea3f20
msgid ""
"This templates is displayed to users accessing a new application that "
"requests to access to personal information. It lists the personal "
"information requested by the application, and offers the user to accept or "
"decline."
msgstr ""
#: ../../<autotemplate>:1 9585274c74414512be370fea928f1c78
msgid "The user whose consent is asked."
msgstr ""
#: ../../<autotemplate>:1 5697b00cb677424f8c60d2ac42ce8e35
msgid "The OIDC grant."
msgstr ""
#: ../../<autotemplate>:1 54d27cd742d645eea8d2b8d20258580d
msgid "The client addition template."
msgstr ""
#: ../../<autotemplate>:1 e38ade13b3f34dcd8f06043609e0cf87
msgid ""
"Displays a form to create a new :class:`~canaille.oidc.basemodels.Client`."
msgstr ""
#: ../../<autotemplate>:1 5a6e238a9dd04938b14706662f3ba7a6
#: ab09685570cc4cfcb98550e38e2f08cd
msgid "The client creation form."
msgstr ""
#: ../../<autotemplate>:1 52c08a4adbab4524b7fe5b67e6fe2253
msgid "The client edition template."
msgstr ""
#: ../../<autotemplate>:1 7b0dfa914fa641d984e21ef0fad3112e
msgid "Displays a form to edit a :class:`~canaille.oidc.basemodels.Client`."
msgstr ""
#: ../../<autotemplate>:1 aef123f8ca564e2dac9acc501f3f26e2
msgid "The edited client."
msgstr ""
#: ../../<autotemplate>:1 b22265b671f74acdbc32dde7f2d90d9a
msgid "The list of OIDC clients."
msgstr ""
#: ../../<autotemplate>:1 6c42ffb024e24aea9e96df3dd65675d1
msgid "Displays a paginated list of :class:`~canaille.oidc.basemodels.Client`."
msgstr ""
#: ../../<autotemplate>:1 6fd5e350b6974fc3866228bbbbce8734
msgid "The OIDC logout template."
msgstr ""
#: ../../<autotemplate>:1 d2d905e9b7c649ceacf130530b983fc2
msgid ""
"Used during OIDC RP-initiated logout, when an user confirmation is needed."
msgstr ""
#: ../../<autotemplate>:1 c5ee6b63b12d450c839d00e524666077
msgid "The logout form."
msgstr ""
#: ../../<autotemplate>:1 b9f9a3b61a7e4ec18d7758b91c7021a2
msgid "The client requesting the logout."
msgstr ""
#: ../../<autotemplate>:1 43ad2b30770e4df0af73574b37d2aa2a
msgid "The preconsented applications list."
msgstr ""
#: ../../<autotemplate>:1 c702a3f0221d487499921bc257cceca5
msgid ""
"Display a list of trusted clients for which it is implied that users don't "
"need to explicitly give their consent."
msgstr ""
#: ../../<autotemplate>:1 a6823066956c4fc2b276df9d83388b4d
msgid "Description of the OIDC scopes."
msgstr ""
#: ../../<autotemplate>:1 707d1dfb66c04f43aa1c3a325604c102
msgid "The scopes to hide."
msgstr ""
#: ../../<autotemplate>:1 cd04c23769714fc283d7545736cf76df
msgid "The list of implicitly consented clients."
msgstr ""
#: ../../<autotemplate>:1 82ad0acba372414b871d130c914abfb7
msgid "The number of consents."
msgstr ""
#: ../../<autotemplate>:1 daf494895b0c4ccca750e702b80f6169
msgid "The number of preconsented clients."
msgstr ""
#: ../../<autotemplate>:1 8863e96ede17429c8c8290507298f75e
msgid "The list of tokens."
msgstr ""
#: ../../<autotemplate>:1 9ee471727d394a3ca69aa57a1d1ce2a0
msgid "Displays a paginated list of :class:`~canaille.oidc.basemodels.Token`."
msgstr ""
#: ../../<autotemplate>:1 6f8e482728da4cc4a7cc230406724ac9
msgid "The token edition template."
msgstr ""
#: ../../<autotemplate>:1 b032ea266259462482364e665f4e8d7d
msgid ""
"Displays the details of a token :class:`~canaille.oidc.basemodels.Token`."
msgstr ""
#: ../../<autotemplate>:1 4f81edbeefee48508c2f8b6cb1e2e197
msgid "A token revokation form."
msgstr ""
#: ../tutorial/databases.rst:4 5c79df402123406db2947c3941513130
msgid ""
"Canaille can read and save data in different databases. This page presents "
"the different database backends and their specificities:"
msgstr ""
#: ../tutorial/databases.rst:10 fb804421e3114ddeba964dd491d4930f
msgid ""
"Canaille comes with a lightweight inmemory backend by default. It is used "
"when no other backend has been configured."
msgstr ""
#: ../tutorial/databases.rst:13 68262ac3da6b430584cf68823fef7dce
msgid ""
"This backend is only for test purpose and should not be used in production "
"environments."
msgstr ""
#: ../tutorial/databases.rst:18 87f0d130dcaa4f8190956d5d1a772945
msgid ""
"Canaille can use any database supported by `SQLAlchemy <https://www."
"sqlalchemy.org/>`_, such as sqlite, postgresql or mariadb."
msgstr ""
#: ../tutorial/databases.rst:24 b8d6bb4ac80d41b08f0544154cdf26f4
msgid ""
"It is used when the ``CANAILLE_SQL`` configuration parameter is defined. For "
"instance:"
msgstr ""
#: ../tutorial/databases.rst:32 0ace17711acd4f70a5fddee46acd1f29
msgid ""
"You can find more details on the SQL configuration in the :class:`dedicated "
"section <canaille.backends.sql.configuration.SQLSettings>`."
msgstr ""
#: ../tutorial/databases.rst:35 10baeaf0e5e64feba07dc33caa1c50ff
msgid "Migrations"
msgstr ""
#: ../tutorial/databases.rst:37 eddaa2b6515740d895284b1d2b49955a
msgid ""
"By default, migrations are applied when you run the web application. You can "
"disable this behavior with the :attr:`~canaille.backends.sql.configuration."
"SQLSettings.AUTO_MIGRATE` setting. Migrations are not automatically applied "
"with the use of the CLI though."
msgstr ""
#: ../tutorial/databases.rst:41 dc824fe2ce9047a98a90bc5ac22b09d9
msgid ""
"Migrations are done with :doc:`flask-alembic <flask-alembic:use>`, that "
"provides a dedicated CLI to manually tune migrations. You can check the :doc:"
"`flask-alembic documentation <flask-alembic:index>` and the ``canaille db`` "
"command line if you are in trouble."
msgstr ""
#: ../tutorial/databases.rst:47 8a13bd9f5910475bb70637ce82181eb9
msgid ""
"Canaille can use OpenLDAP as its main database. It is used when the "
"``CANAILLE_LDAP`` configuration parameter is defined. For instance:"
msgstr ""
#: ../tutorial/databases.rst:65 476b7dba11aa40b09e46cbfc9fe108d8
msgid ""
"If you want to use TOTP/HOTP authentication, you will need to add the "
"``oathHOTPToken`` class to the user:"
msgstr ""
#: ../tutorial/databases.rst:71 4e72e945162d43e3a2dddb9cc73c3dd7
msgid ""
"You can find more details on the LDAP configuration in the :class:`dedicated "
"section <canaille.backends.ldap.configuration.LDAPSettings>`."
msgstr ""
#: ../tutorial/databases.rst:74 ae34abf5095c4902b974c7371e352c0f
msgid ""
"Currently, only the ``inetOrgPerson``, ``oathHOTPToken`` and "
"``groupOfNames`` schemas have been tested. If you want to use different "
"schemas or LDAP servers, adaptations may be needed. Patches are welcome."
msgstr ""
#: ../tutorial/databases.rst:79 50561ef9299b4b178f99b9caa13aebb0
msgid "OpenLDAP overlays integration"
msgstr ""
#: ../tutorial/databases.rst:81 3bfe9562b46643b19dee13f11b843626
msgid "Canaille can integrate with several OpenLDAP overlays:"
msgstr ""
#: ../tutorial/databases.rst:84 57a61bc80e964a168c3cfde20793fddf
msgid "memberof / refint"
msgstr ""
#: ../tutorial/databases.rst:86 d0198ad99ed248f18c75fb6d20f84945
msgid ""
"`memberof <https://www.openldap.org/doc/admin26/overlays."
"html#Reverse%20Group%20Membership%20Maintenance>`_ and `refint <https://www."
"openldap.org/doc/admin26/overlays.html#Referential%20Integrity>`_ overlays "
"are needed for the Canaille group membership to work correctly."
msgstr ""
#: ../tutorial/databases.rst:90 ../tutorial/databases.rst:113
#: ../tutorial/databases.rst:136 20e9067e28e145bcabd5174d716a9ef9
msgid "Here is a configuration example compatible with canaille:"
msgstr ""
#: ../tutorial/databases.rst:92 5dca73b931c0468eb5bbe6c6446dafe8
msgid "memberof-config.ldif"
msgstr ""
#: ../tutorial/databases.rst:96 5fb07fee21a64576b0764751cd206ab3
msgid "refint-config.ldif"
msgstr ""
#: ../tutorial/databases.rst:100 ../tutorial/databases.rst:123
#: c7c63b9c7d0f405ea86fe9da06a5a7be
msgid "You can adapt and load those configuration files with:"
msgstr ""
#: ../tutorial/databases.rst:109 193c7d9ce5224c5082f1d1802619c7f2
msgid "ppolicy"
msgstr ""
#: ../tutorial/databases.rst:111 dd723bbdded6481eb77a87638b7043e8
msgid ""
"If the `ppolicy <https://www.ietf.org/archive/id/draft-behera-ldap-password-"
"policy-11.html>`_ overlay is configured and the ``pwdEndTime`` attribute is "
"available (since OpenLDAP 2.6), then account locking support will be enabled "
"in canaille. To allow users to manage account expiration, they need to have "
"a *write* permission on the :attr:`~canaille.core.models.User.lock_date` "
"attribute."
msgstr ""
#: ../tutorial/databases.rst:115 71e349aa00bd4fdead29c503c330fe1d
msgid "ppolicy-config.ldif"
msgstr ""
#: ../tutorial/databases.rst:119 d2a999e876784f7fba94ee1c31e67954
msgid "ppolicy.ldif"
msgstr ""
#: ../tutorial/databases.rst:132 ffcc75b8614c45f5a45c20886313db2b
msgid "otp"
msgstr ""
#: ../tutorial/databases.rst:134 d2aa3bda5d4c4f77807eecedf1a8f7ad
msgid ""
"If the `otp <https://www.openldap.org/software/man.cgi?query=slapo-otp>`_ "
"overlay is configured, you will be able to add one-time password "
"authentication in canaille."
msgstr ""
#: ../tutorial/databases.rst:138 2a30eb140e2e4c97b8da3144326b6086
msgid "otp-config.ldif"
msgstr ""
#: ../tutorial/databases.rst:142 64b6e0b40dfd4236930973e51e84ce52
msgid "You can adapt and load this configuration file with:"
msgstr ""
#: ../tutorial/databases.rst:149 e93012fc7b054366b3c4a354f8a9bf92
msgid "You will also need to add the ``oathHOTPToken`` class to the user:"
msgstr ""
#: ../tutorial/deployment.rst:2 513d899ef6dc4daa8d4d1c80b8fe09db
msgid "Deployment"
msgstr ""
#: ../tutorial/deployment.rst:5 26a94e873f1d47cfbafd6540e505d700
msgid "Application service"
msgstr ""
#: ../tutorial/deployment.rst:7 93f18dfd47d74293b2d4395f986d2df8
msgid ""
"After having finished Canaille installation you have to run it in a WSGI "
"application server. Here are some WSGI server configuration examples you can "
"pick. Do not forget to update the paths."
msgstr ""
#: ../tutorial/deployment.rst:11 e2f76491a3e1478ba424f5edd746c002
msgid "gunicorn"
msgstr ""
#: ../tutorial/deployment.rst:15 82934b4c9e8c4ada9337c45654f68b77
msgid "Write a gunicorn configuration sample file."
msgstr ""
#: ../tutorial/deployment.rst:18 9dd0ac25fb264f0597b815ce11a6bfb3
msgid "uwsgi"
msgstr ""
#: ../tutorial/deployment.rst:42 962996fed1da4efca4a4a02feebd33ef
msgid "Webserver"
msgstr ""
#: ../tutorial/deployment.rst:44 47141e5a9bde40d2965553cc49bfe1ee
msgid ""
"Now you have to plug your WSGI application server to your webserver so it is "
"accessible on the internet. Here are some webserver configuration examples "
"you can pick:"
msgstr ""
#: ../tutorial/deployment.rst:48 820201befbcc48c6b3361229592dc180
msgid "Nginx"
msgstr ""
#: ../tutorial/deployment.rst:114 e2214f07b495472f96579f40c1db65fa
msgid "Apache"
msgstr ""
#: ../tutorial/deployment.rst:153 9cbe3d556cc7426393b232f3d92365fa
msgid "Recurrent jobs"
msgstr ""
#: ../tutorial/deployment.rst:155 e8352b7061ff460a8c5e98ab8df6b855
msgid ""
"You might want to clean up your database to avoid it growing too much. You "
"can regularly delete expired tokens and authorization codes with:"
msgstr ""
#: ../tutorial/deployment.rst:164 41e645107b2f4f429d10e13fdd10dfe3
msgid "Webfinger"
msgstr ""
#: ../tutorial/deployment.rst:166 f9c13500454c4b66a5e07e4daf8ce527
msgid ""
"You may want to configure a `WebFinger`_ endpoint on your main website to "
"allow the automatic discovery of your Canaille installation based on the "
"account name of one of your users. For instance, suppose your domain is "
"``mydomain.example`` and your Canaille domain is ``auth.mydomain.example`` "
"and there is a user ``john.doe``. A third-party application could require to "
"authenticate the user and ask them for a user account. The user would give "
"their account ``john.doe@mydomain.example``, then the application would "
"perform a WebFinger request at ``https://mydomain.example/.well-known/"
"webfinger`` and the response would contain the address of the authentication "
"server ``https://auth.mydomain.example``. With this information the third "
"party application can redirect the user to the Canaille authentication page."
msgstr ""
#: ../tutorial/deployment.rst:168 4ab7ac8eeb9148c9a28a3e22f40fb859
msgid ""
"The difficulty here is that the WebFinger endpoint must be hosted at the top-"
"level domain (i.e. ``mydomain.example``) while the authentication server "
"might be hosted on a sublevel (i.e. ``auth.mydomain.example``). Canaille "
"provides a WebFinger endpoint, but if it is not hosted at the top-level "
"domain, a web redirection is required on the ``/.well-known/webfinger`` path."
msgstr ""
#: ../tutorial/deployment.rst:170 88e080b374de43a383b7eba9c2965280
msgid "Here are configuration examples for Nginx or Apache:"
msgstr ""
#: ../tutorial/deployment.rst:172 a88231c631134524a42f216c40811164
msgid "Nginx webfinger configuration for a top level domain"
msgstr ""
#: ../tutorial/deployment.rst:181 808e93094e5b413e8e1a4963bdb36b14
msgid "Apache webfinger configuration for a top level domain"
msgstr ""
#: ../tutorial/deployment.rst:191 c15c08cbe5f945c8898c5d23d90362d4
msgid "Create the first user"
msgstr ""
#: ../tutorial/deployment.rst:193 4d268375e5ca48bfa9eb90fc4e3ffb44
msgid ""
"Once canaille is installed, soon enough you will need to add users. To "
"create your first user you can use the :ref:`canaille create <cli_create>` "
"CLI."
msgstr ""
#: ../tutorial/index.rst:2 b3789b9e712b4beeb246f85f9c49d48b
msgid "Tutorial"
msgstr ""
#: ../tutorial/install.rst:2 06039f8070f844df9fbda359223ebd9d
msgid "Installation"
msgstr ""
#: ../tutorial/install.rst:6 4e3bbb4435314752bfbc859bd161dadd
msgid ""
"Canaille is under heavy development and may not fit a production environment "
"yet."
msgstr ""
#: ../tutorial/install.rst:8 8969df93b0b149f181069407f24c4d0f
msgid ""
"The installation of canaille consist in several steps, some of which you can "
"do manually or with command line tool:"
msgstr ""
#: ../tutorial/install.rst:11 c23cda31d355445f9fee914f862a52a0
msgid "Get the code"
msgstr ""
#: ../tutorial/install.rst:13 3d08ef96a8624845a45354bb4d39476d
msgid ""
"As the moment there is no distribution package for canaille. However, it can "
"be installed with the ``pip`` package manager. Let us choose a place for the "
"canaille environment, like ``/opt/canaille/env``."
msgstr ""
#: ../tutorial/install.rst:24 7a1b423ba1a84e3b89da2a77f850bae3
msgid "Extras"
msgstr ""
#: ../tutorial/install.rst:26 84c6d479fc1e44129da6841676091c19
msgid "Canaille provides different package options:"
msgstr ""
#: ../tutorial/install.rst:28 7ec187fcd85a4d31b8db333db6173f83
msgid "`front` provides all the things needed to produce the user interface;"
msgstr ""
#: ../tutorial/install.rst:29 fa166a769fee47e98b04ca3bc5baed57
msgid "`oidc` provides the dependencies to perform OAuth2/OIDC authentication;"
msgstr ""
#: ../tutorial/install.rst:30 ccedd8c1040a46feba1f50af045d6387
msgid "`ldap` provides the dependencies to enable the LDAP backend;"
msgstr ""
#: ../tutorial/install.rst:31 6c5366eddd4a464ab031a8a0c427de48
msgid "`sqlite` provides the dependencies to enable the SQLite backend;"
msgstr ""
#: ../tutorial/install.rst:32 a92c054fbc9d4dfdafe81c1c3afdefe8
msgid ""
"`postgresql` provides the dependencies to enable the PostgreSQL backend;"
msgstr ""
#: ../tutorial/install.rst:33 ffa21589e73f4ff89df7807eba77d409
msgid "`mysql` provides the dependencies to enable the MySQL backend;"
msgstr ""
#: ../tutorial/install.rst:34 7f6b4a5423bd4119a59432e27daa023f
msgid "`sentry` provides sentry integration to watch Canaille exceptions;"
msgstr ""
#: ../tutorial/install.rst:35 b817b267e4d54154adb9ad22bdfa5d06
msgid ""
"`otp` provides the dependencies to enable one-time password authentication;"
msgstr ""
#: ../tutorial/install.rst:36 6c6fd587ec504c20811d525a2c0a0bc2
msgid "`sms` provides the dependencies to enable sms sending;"
msgstr ""
#: ../tutorial/install.rst:37 ee7eda989a3c4aaeb902d0f66f3fea3d
msgid "`all` provides all the extras above."
msgstr ""
#: ../tutorial/install.rst:39 29ca33d87d8f46618e3ea5f89c4a63f1
msgid "They can be installed with:"
msgstr ""
#: ../tutorial/install.rst:46 379636cc71c64f659bf2ebd1a5116854
msgid "Configure"
msgstr ""
#: ../tutorial/install.rst:48 6a6c9b6a1d9d42e3899e0b689311389a
msgid ""
"Choose a path where to store your configuration file. You can pass any "
"configuration path with the ``CONFIG`` environment variable."
msgstr ""
#: ../tutorial/install.rst:56 f710879df41b4abebcfdc30a67527d36
msgid ""
"You should then edit your configuration file to adapt the values to your "
"needs. Look at the configuration details in the :doc:`configuration <../"
"references/configuration>` page."
msgstr ""
#: ../tutorial/install.rst:59 c973e8ccd9364877bf39706b06656503
msgid "Install"
msgstr ""
#: ../tutorial/install.rst:61 64701944f4474d878ae759bd7e578bd9
msgid ""
"The :ref:`install command <cli_install>` will apply most of the things "
"needed to get Canaille working. Depending on the configured :doc:`database "
"<databases>` it will create the SQL tables, or install the LDAP schemas for "
"instance."
msgstr ""
#: ../tutorial/install.rst:70 f00606bdf1284a4f8014282a323a6784
msgid "Check"
msgstr ""
#: ../tutorial/install.rst:72 ccda38335f984f02a53d28b9a045e4cd
msgid ""
"After a manual installation, you can check your configuration file using "
"the :ref:`check command <cli_install>`:"
msgstr ""
#: ../tutorial/provisioning.rst:2 9d7ccfd105804dfca14df19021f0bb00
msgid "Provisioning"
msgstr ""
#: ../tutorial/provisioning.rst:4 484d232863c540ef8a27fd528e3a60f1
msgid ""
"Canaille partially implement the :rfc:`SCIM <7642>` provisioning protocol at "
"the ``/scim/v2`` endpoint."
msgstr ""
#: ../tutorial/provisioning.rst:6 acd9d2bffc9042008283550b5dc7271a
msgid ""
"At the moment, only the server part is implemented. It allows client "
"applications to manage user profiles directly in Canaille."
msgstr ""
#: ../tutorial/provisioning.rst:11 f96f385b8bdd453fa8dc5dfad64571d4
msgid ""
"Some SCIM :ref:`features and endpoints <scim_unimplemented>` are not "
"implemented. In addition to these, Canaille will implement in the future:"
msgstr ""
#: ../tutorial/provisioning.rst:14 2d6934f2d1de4397a5cfc88af92433ce
msgid ""
"Access control for clients on the SCIM API endpoint, to finely manage "
"permissions depending on clients."
msgstr ""
#: ../tutorial/provisioning.rst:15 350b84195c284bdd9ae93eed7e2d47ff
msgid ""
"Client-side implementation, to broadcast user and groups modifications among "
"all the clients."
msgstr ""
#: ../tutorial/provisioning.rst:20 12f015c76be64351862c7d36a87f4ce3
msgid ""
"To allow clients to access the SCIM API, the client must have the "
"``client_credentials`` grant type configured. This allows clients to ask an "
"authentication token on their own behalf and use this token to perform "
"queries. Currently, user tokens are not supported."
msgstr ""
#: ../tutorial/provisioning.rst:24 d039cadee3494ada9106f9226b224ab5
msgid ""
"Then the :attr:`CANAILLE_SCIM.ENABLE_SERVER <canaille.scim.configuration."
"SCIMSettings.ENABLE_SERVER>` configuration parameter must be enabled."
msgstr ""
#: ../tutorial/provisioning.rst:33 f3a7fcf65cc545c4a7ad8ac2009b465e
msgid "Implementation details"
msgstr ""
#: ../tutorial/provisioning.rst:35 2d162e0038714a3b9aea13a19a098bee
msgid ""
"Due to technical reasons, the Canaille *User* and *Group* resources "
"implementation subtly differs from the :rfc:`RFC7643 <7643>` definitions:"
msgstr ""
#: ../tutorial/provisioning.rst:37 c8d0951c350640639249f99950282b08
msgid "``User.userName`` is immutable (while it is read-write in RFC7643)."
msgstr ""
#: ../tutorial/provisioning.rst:38 76d54c1a256240818c4a5f84d43bf76f
msgid "``User.name.familyName`` is required (while it is optional in RFC7643)."
msgstr ""
#: ../tutorial/provisioning.rst:39 ac544d900c0249048f073753be25a317
msgid "``Group.displayName`` is required (while it is optional in RFC7643)."
msgstr ""
#: ../tutorial/provisioning.rst:40 c76213daf50f40c2852de2fdec93ba48
msgid ""
"``Group.members`` is required (while it is optional in RFC7643), i.e. groups "
"cannot be empty."
msgstr ""
#: ../tutorial/provisioning.rst:43 58496f192f4c4b94b70c8a760525369c
msgid "Debugging"
msgstr ""
#: ../tutorial/provisioning.rst:45 faa6b4b7a057496abc9d96efcca72e82
msgid ""
"To check what data are exposed through the Canaille SCIM API, you need a "
"*client token* and a SCIM client application. To generate a client token, "
"you can simply manually create a token from the button on the client "
"administration page. Then, we recommend the use of :doc:`scim2-cli:index` to "
"interact with the API:"
msgstr ""
#: ../tutorial/provisioning.rst:49 25e370c855454c10a7f705a96e7c3049
msgid "scim2-cli usage example"
msgstr ""
#: ../tutorial/theming.rst:2 25ff583d708742d6b564212c42ac76a0
msgid "Theming"
msgstr ""
#: ../tutorial/theming.rst:4 19f015eb34ff4185b0fb33829ca916be
msgid ""
"Canaille comes with a default theme based on `Fomantic UI <https://fomantic-"
"ui.com/>`__ but any part of the UI can be slightly modified or even "
"entierely rewritten if needed."
msgstr ""
#: ../tutorial/theming.rst:7 0fdaf7ef1f1d41e88243804d40d16984
msgid "Custom templates"
msgstr ""
#: ../tutorial/theming.rst:9 7e432962674842a6a4ec1321ef3d20f9
msgid ""
"To use a custom theme, set the :attr:`~canaille.core.configuration."
"CoreSettings.THEME` to a path to a directory where you will host your custom "
"templates."
msgstr ""
#: ../tutorial/theming.rst:11 f5e08d34905747839e25e36c22ee7811
msgid ""
"Then in this directory, create new files for templates you want to override. "
"The exhaustive list of templates is available in the :doc:`reference <../"
"references/templates>`. You must respect the template file paths. So for "
"instance if you want to customize the *about page*, you need to do it in a "
"``core/about.html`` file. You can inherit from the origin template by using "
"the Jinja ``extend`` directive."
msgstr ""
#: ../tutorial/theming.rst:15 cfa8a0a2dfe1408d9dd4b339f27a3016
msgid "core/about.html"
msgstr ""
#: ../tutorial/theming.rst:26 08dd0f6259c34b5d92c476bda8bd40e2
msgid "Custom style sheets"
msgstr ""
#: ../tutorial/theming.rst:28 ee6d9940bc7d453f8b754abbf51cfcba
msgid ""
"If you simply want to put your custom style sheets in the default theme, you "
"can just push it in the ``base.html`` template. Put your file in a "
"``static`` subdirectory of your theme, for instance ``static/css/custom."
"css`` and reference it with ``theme_static``."
msgstr ""
#: ../tutorial/theming.rst:31 bcea65c8d4ef4139a353420b7e1d5cdd
msgid "base.html"
msgstr ""
#: ../tutorial/theming.rst:43 b8572e3c71c54d65ad8ea6ce986d30ea
msgid ""
"To write your custom theme and check how it is rendered, you can put the "
"path to your theme in a ``.env`` file and run the Canaille demo instance, as "
"described in the :ref:`contributing guide <local_environment>`"
msgstr ""
#: ../tutorial/theming.rst:50 94442631b4e4430aabc6abe4b0f565db
msgid "Run the demo instance"
msgstr ""
#: ../tutorial/troubleshooting.rst:2 ae54b220570140fc9af7133272cd26f4
msgid "Troubleshooting"
msgstr ""
#: ../tutorial/troubleshooting.rst:5 3f156ee26a7646f69513b66ef675d793
msgid "The web interface throws useless error messages"
msgstr ""
#: ../tutorial/troubleshooting.rst:7 0fb6c271073a4abdb010d7f95eeac81e
msgid ""
"Unless the current user has admin :class:`permissions <canaille.core."
"configuration.Permission>`, or the installation is in :attr:`~canaille.app."
"configuration.RootSettings.DEBUG` mode, error messages won't be too "
"technical. For instance, you can see *The request you made is invalid*. To "
"enable detailed error messages, you can **temporarily** enable the :attr:"
"`~canaille.app.configuration.RootSettings.DEBUG` configuration parameter."
msgstr ""
#: ../tutorial/troubleshooting.rst:12 58570442c05e4cd19751820083151ece
msgid "How to manually install LDAP schemas?"
msgstr ""
#: ../tutorial/troubleshooting.rst:16 067c19e9f37c46ea91b8bed914bcd276
msgid ""
"Schema installation can be automatically done using the :ref:`install "
"command <cli_install>`."
msgstr ""
#: ../tutorial/troubleshooting.rst:18 b590574910044ce299bfbdb318ebea6a
msgid "As of OpenLDAP 2.4, two configuration methods are available:"
msgstr ""
#: ../tutorial/troubleshooting.rst:20 6ad84183e4c64116b49932cef2584fd0
msgid ""
"The `deprecated <https://www.openldap.org/doc/admin26/slapdconf2.html>`_ "
"one, based on a configuration file (generally ``/etc/ldap/slapd.conf``);"
msgstr ""
#: ../tutorial/troubleshooting.rst:21 19abee92e8b14d4ba90f9506412d8118
msgid ""
"The new one, based on a configuration directory (generally ``/etc/ldap/slapd."
"d``)."
msgstr ""
#: ../tutorial/troubleshooting.rst:23 a8ca0bf4ec6e4d71806d2071d226d2cd
msgid ""
"Depending on the configuration method you use with your OpenLDAP "
"installation, you need to chose how to add the canaille schemas:"
msgstr ""
#: ../tutorial/troubleshooting.rst:26 e6d653692ee34c47bb5efe760a381699
msgid "Old fashion: Copy the schemas in your filesystem"
msgstr ""
#: ../tutorial/troubleshooting.rst:35 d64d1890fd104a4ea9a8d9941189af0b
msgid "New fashion: Use slapadd to add the schemas"
msgstr ""
#: ../tutorial/troubleshooting.rst:37 692e81784a5e4fa48dc2bcc2e1cf4a1e
msgid "Be careful to stop your ldap server before running ``slapadd``"
msgstr ""
#: ../tutorial/troubleshooting.rst:46 d404812e38644b3090d9823e682c9254
msgid "How to manually generate the OIDC keypair?"
msgstr ""
#: ../tutorial/troubleshooting.rst:50 62e08f82a4804de8b5dd459b903a8cd3
msgid ""
"The keypair generation can be automatically done using the :ref:`install "
"command <cli_install>`."
msgstr ""
#: ../tutorial/troubleshooting.rst:52 06dd3710174a40e4a0ef3b2c54a2e9b5
msgid ""
"Canaille needs a key pair to sign OIDC tokens. You can customize those "
"commands, as long as they match the ``JWT`` section of your configuration "
"file."
msgstr ""
#: ../usecases.rst:4 168d233560c64d829ee09d581aa7d361
msgid "Use cases"
msgstr ""
#: ../usecases.rst:6 a65d311c88094169acb330c3d6e3c7f7
msgid ""
"Canaille is a lightweight IAM for simple needs. Here are a few use cases you "
"might recognize in, where Canaille would fit your needs."
msgstr ""
#: ../usecases.rst:10 179edacb13c54333aace4b68c4708253
msgid "OpenID Connect provider on top of a LDAP directory"
msgstr ""
#: ../usecases.rst:12 302b4ac43f3e467e85d2bd4b19297569
msgid ""
"Your organization has an historic :ref:`LDAP directory <feature_databases>` "
"and you want to add a :ref:`OpenID Connect <feature_oidc>` :abbr:`SSO "
"(Single Sign-On)` layer on top of it, so users can use all your application "
"while signin-in only once, without any data migration."
msgstr ""
#: ../usecases.rst:15 e0024a833d08474ba72b828f6eb83a8e
msgid "Profile edition of LDAP users"
msgstr ""
#: ../usecases.rst:17 ea3058635a35476eb122ab777c349dc3
msgid ""
"Your organization has a :ref:`LDAP directory <feature_databases>` and you "
"want to provide a way to your users to :ref:`edit their personal information "
"<feature_profile_management>` by themselves, without requiring any "
"administrator intervention."
msgstr ""
#: ../usecases.rst:20 e81a578b174c43b194932cdd88c38500
msgid "Password recovery with a LDAP directory"
msgstr ""
#: ../usecases.rst:22 7f58bba7651f4df6870fc163b486932f
msgid ""
"Your organization has an historic :ref:`LDAP directory <feature_databases>` "
"and you want to provide a way to your users to :ref:`recover their password "
"<feature_password_recovery>` when they cannot remember it, without any "
"administrator intervention."
msgstr ""
#: ../usecases.rst:25 2b626e10eb2b480b816b9151a8f160fd
msgid "A lightweight IAM for unit testing"
msgstr ""
#: ../usecases.rst:27 cff10ba64f6e4184bcbfccae206f6d9c
msgid ""
"You are :ref:`developing <feature_development>` an application relying on "
"OAuth2 or OpenID Connect to authenticate the users. You don't want to mock "
"the calls to the identity provider in your unit tests, but you want to :ref:"
"`perform real OAuth2/OIDC requests <feature_testing>`, and test your "
"application against different identity provider tunings."
msgstr ""
#: ../usecases.rst:30 130dbc72dcb54dbf830a1c0e199e9e3b
msgid "A lightweight IAM for developing"
msgstr ""
#: ../usecases.rst:32 0ff43cbb31f548089d237c4fbcc8e312
msgid ""
"You are :ref:`developing <feature_development>` an application relying on "
"OAuth2 or OpenID Connect to authenticate the users. You need a :ref:`IAM "
"server to develop <feature_development>` locally, but your old computer "
"cannot bear launching a full Keycloak in a Docker container."
msgstr ""
#: ../usecases.rst:35 adc956f5cf0f43bc988261b4f0ba541a
msgid "A lightweight IAM for CIs"
msgstr ""
#: ../usecases.rst:37 68048b0e31044e6eb1b844a8541f900d
msgid ""
"You are :ref:`developing <feature_development>` an application relying on "
"OAuth2 or OpenID Connect to authenticate the users. You need a IAM server "
"that could can populate with custom data, and integrate in your :ref:"
"`continuous integration environment <feature_ci>`."
msgstr ""
#: ../usecases.rst:40 ef4f06a88d3f4f3d99df361d7d25da08
msgid "A CLI to quickly edit LDAP directory users"
msgstr ""
#: ../usecases.rst:42 aec48cc98e9043ac962854780f5e4aa5
msgid ""
"Your organization has an historic :ref:`LDAP directory <feature_databases>`. "
"You are tired to deal with *ldif* syntax to manage your users and group and "
"would prefer a simple human-readable CLI."
msgstr ""