composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-02-13 07:24:13 +01:00
Code Issues Packages Projects Releases Wiki Activity
14,561 Commits 151 Branches 134 Tags
890a2568c8c069af7450d0bdab9d9862d22b2a49
Commit Graph

180 Commits

Author SHA1 Message Date
Guillaume Lajarige
5f2245595f N°313 Show product name on branding logo title instead of a generic "iTop" text. 
SVN:trunk[4866]
 2017-08-18 13:50:33 +00:00
Guillaume Lajarige
3420db26a5 N°564 LoginWebPage title default value is now a dictionary entry ('UI:Login:Title'). Only english & french are available for now, feel free to contribute ! :) 
SVN:trunk[4850]
 2017-07-31 15:06:21 +00:00
Romain Quetiez
46b5293867 N.542, N.912 Finalized the API UserRights::Impersonate. This is an enabler for several enhancements. 
SVN:trunk[4837]
 2017-07-18 09:36:25 +00:00
Romain Quetiez
fa2fd6dcdf NEW! Archiving data. Archiving is a soft delete. It can be undone. Enter the archive mode to see all the data including archives (everything is read-only in that mode). Archiving must be enabled per class (data model). Archiving is achieved by the mean of the API DBObject::Archive (or Unarchive). 
SVN:trunk[4692]
 2017-04-26 09:52:20 +00:00
Denis Flaven
93ff327b54 2.3.0 Regression: login_mode was broken ! 
SVN:trunk[4301]
 2016-07-08 11:56:27 +00:00
Denis Flaven
2773419faa New field on the User class to enable/disable user accounts. 
SVN:trunk[4230]
 2016-06-21 09:22:14 +00:00
Denis Flaven
63b6b95f71 Use one-way encryption for storing the token used for the "Forgotten password" feature. 
SVN:trunk[3920]
 2016-02-19 18:17:11 +00:00
Guillaume Lajarige
879f5d89b9 Moved static method GetAllowedPortals() from LoginWebpage class to UserRights class. 
SVN:trunk[3862]
 2016-01-15 10:32:17 +00:00
Romain Quetiez
3fe2aa3b1d Portal: Use absolute URLs for js+css embedded into iTop (login prompt not working with the usage of symlinks or rewrite rules) 
SVN:trunk[3857]
 2016-01-12 09:15:37 +00:00
Romain Quetiez
3be0bc8ca8 Improved the User Rights management API: 
- new verbs: HasProfile and ListProfiles
- doing less queries (no need for listing all the profiles, caching the user profiles into the SESSION cookie
- did some code cleanup (unused variables)

SVN:trunk[3852]
 2015-12-15 20:30:30 +00:00
Denis Flaven
3eec1d358c Make sure that the images are reloaded when the application is upgraded. 
SVN:trunk[3785]
 2015-09-22 15:14:04 +00:00
Denis Flaven
9f92e5e0be #788 Whenever a timeout is detected by an ajax request, a popup dialog warns the user to log-in again. 
SVN:trunk[3613]
 2015-06-25 15:32:30 +00:00
Denis Flaven
4919ca88ec Modularization of the portal. The entry points for portals is now defined in XML, and thus can be altered by an extension. 
SVN:trunk[3509]
 2015-03-23 16:02:44 +00:00
Denis Flaven
a64b299644 "Portal Users" are not allowed to use the REST/JSON webservices. This case is now properly handled with a specific message. 
SVN:trunk[3253]
 2014-07-08 10:47:50 +00:00
Denis Flaven
06582cfe35 Oops, fixed a typo in: Add the ability to supply a default "from" email address for the "forgot password" feature, instead of using the same address as for the "to". 
SVN:trunk[3219]
 2014-06-18 15:57:25 +00:00
Denis Flaven
4fccf5c815 Add the ability to supply a default "from" email address for the "forgot password" feature, instead of using the same address as for the "to". 
SVN:trunk[3213]
 2014-06-16 15:14:40 +00:00
Romain Quetiez
d07ca49e53 #636 and #861 Set the focus on User Name in iTop Login Form 
SVN:trunk[3197]
 2014-06-05 09:48:59 +00:00
Denis Flaven
e2e6861b03 Properly handle external and basic authentication methods for REST web services. 
SVN:trunk[3170]
 2014-05-23 13:53:20 +00:00
Denis Flaven
678f982024 #923: prevent XSS injection in forgot password page. 
SVN:trunk[3139]
 2014-05-06 08:26:54 +00:00
Denis Flaven
d36a03bfc3 Make the Basic Authentication (login_mode=basic) work with non-ASCII characters (in the username as well as in the password), though this may depend on the browser... 
SVN:trunk[3084]
 2014-02-19 17:34:53 +00:00
Romain Quetiez
f83bb7fa90 Fixed regression introduced with "forgot password": button to reset the user password labelled as "Send now!" 
SVN:trunk[2965]
 2013-10-29 13:13:58 +00:00
Romain Quetiez
7017bbf88b The login web page must NOT be cached by the web browsers 
SVN:trunk[2880]
 2013-10-08 08:28:25 +00:00
Romain Quetiez
6f8be14711 Internal: failed authentication to return error 401 instead of prompting the end-user (to be exploited by the ajax calls) 
SVN:trunk[2871]
 2013-10-02 09:30:14 +00:00
Romain Quetiez
955beb70e4 Cosmetics on the login web page 
SVN:trunk[2857]
 2013-09-24 12:43:44 +00:00
Romain Quetiez
fde3808cdf New feature: Forgot password -> email to reset (possibly disabled in the config file) 
SVN:trunk[2855]
 2013-09-24 09:15:52 +00:00
Romain Quetiez
607236a7cb Compiler: added brand management 
SVN:trunk[2838]
 2013-08-29 08:35:44 +00:00
Denis Flaven
3060462edc #732: Change password: exit after building the page in case of wrong "old" password 
SVN:trunk[2756]
 2013-05-22 08:43:48 +00:00
Denis Flaven
9afe28be20 Support non scalar posted parameters... 
SVN:trunk[2749]
 2013-05-16 15:45:57 +00:00
Denis Flaven
667f258ec2 Preserve POSted parameters on the login web page (useful when the session expires) 
SVN:trunk[2659]
 2013-03-28 09:59:49 +00:00
Romain Quetiez
b38dea4bba #634 Detection of HTTPS not working with nginx (iTop always considering the current connection as being secure) 
SVN:trunk[2617]
 2013-03-13 13:57:51 +00:00
Romain Quetiez
721faa7e1e Updated copyright (2012) and license (LGPL changed to AGPL) 
SVN:trunk[2333]
 2012-10-23 21:41:36 +00:00
Romain Quetiez
c9d5743c4a Config: use app_icon_url to change the hyperlink used when clicking on the main icon 
SVN:trunk[2289]
 2012-10-18 10:17:49 +00:00
Denis Flaven
3c46ac9011 Added the ability to display a custom welcome/disclaimer message at the bottom of the login form. 
SVN:trunk[1806]
 2012-01-24 15:20:47 +00:00
Denis Flaven
ea1193b90f Fix for Trac#519 - change password bug ! 
SVN:trunk[1805]
 2012-01-24 15:11:20 +00:00
Denis Flaven
780fb6dc27 Fixed absolute/relative path issues in the JS and href places 
SVN:trunk[1763]
 2012-01-12 16:58:26 +00:00
Romain Quetiez
6a9ea25b27 Setup based on either compiled modules or xml datamodel files (or both). 
SetupWebPage is an alias for ModuleDiscovery and the module files should be updated progressively to invoke ModuleDiscovery::AddModule() instead.
The implementation of the module still assumes they are in the directory 'modules'... this has to be changed later to ensure the distinction between the source modules and the executed modules

SVN:trunk[1758]
 2012-01-11 15:04:15 +00:00
Denis Flaven
f29d673ffb Added self-registering / user synchronization extensibility 
SVN:trunk[1756]
 2012-01-11 11:17:08 +00:00
Denis Flaven
cf65b58981 Make sure that the path/href base is correct to display the page (images, CSS...) 
SVN:trunk[1755]
 2012-01-09 08:57:48 +00:00
Denis Flaven
8231420c44 - New way to handle sessions compatible with multiple environments 
SVN:trunk[1710]
 2011-12-08 15:37:48 +00:00
Denis Flaven
f17f4e1f78 Use the default language when creating a new user from CAS 
SVN:trunk[1697]
 2011-11-29 15:54:53 +00:00
Denis Flaven
a94ccb9091 Support patterns for the definition of casMemberOf groups. 
SVN:trunk[1695]
 2011-11-29 15:31:04 +00:00
Denis Flaven
cbafb5f1d1 Automatic synchro of CAS users 
SVN:trunk[1625]
 2011-10-03 13:54:58 +00:00
Romain Quetiez
a3a94cccbb #484 Fixed issue with IIS ("Wrong password" at first prompt) 
SVN:trunk[1609]
 2011-09-28 12:55:15 +00:00
Denis Flaven
c4db9cd84e More fixes for Trac#446: XSS vulnerabilities with vectors containing double quotes 
SVN:trunk[1563]
 2011-09-08 13:21:32 +00:00
Romain Quetiez
06e9bd0c25 #446 XSS vector on the login web page 
SVN:trunk[1561]
 2011-09-08 10:28:14 +00:00
Denis Flaven
6859326646 Fixed Trac#446: XSS vulnerabilities... to be tested ! 
Also fixed the display/download links on documents that were both doing exactly the same thing !

SVN:trunk[1443]
 2011-08-11 10:17:03 +00:00
Denis Flaven
ff89c4d424 CAS authentication improvements: 
- Check if the user is part of a group (memberOf)
- Fixed the use of the 'redirect_service' when logging-out

SVN:trunk[1384]
 2011-07-28 17:39:49 +00:00
Denis Flaven
ecca1aa070 Use absolute URLs as much as possible to be independent from the page being executed... 
SVN:trunk[1365]
 2011-07-26 13:22:45 +00:00
Denis Flaven
3ab670e8c2 Implemented two new options for CAS: 
- logout_redirect_service
- memberOf

SVN:trunk[1362]
 2011-07-26 09:42:46 +00:00
Romain Quetiez
c4b7497770 #423 Fixed issues with application root URL = f(mode CLI, modules, web server techno, etc.) 
SVN:trunk[1304]
 2011-06-28 10:30:03 +00:00