composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-02-28 06:34:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,969 Commits 154 Branches 134 Tags
b6d0843e552f498fa5963b93fdb89bbfceea8021
Commit Graph

92 Commits

Author SHA1 Message Date
Eric Espié
a848cb28f1 N°1436 - Access control updated for grant_by_profile categories of classes - 
Fix access to internal classes form the core engine

SVN:trunk[5903]
 2018-06-22 16:07:35 +00:00
Eric Espié
97c8e1f7a9 N° 1436 - Allowed orgs on Users not managed 
SVN:trunk[5850]
 2018-06-11 10:02:20 +00:00
Eric Espié
e1caf61a18 N°1248 - Fix API access (back to the same behavior as 2.4.1) 
SVN:trunk[5706]
 2018-04-20 12:32:01 +00:00
Eric Espié
f7879256c1 N°1248 - Fix API access (back to the same behavior as 2.4.1) 
SVN:trunk[5705]
 2018-04-20 12:30:20 +00:00
Eric Espié
182e644a33 Fix setup 
SVN:trunk[5692]
 2018-04-18 14:30:33 +00:00
Eric Espié
c3fbdc907c N°1248 - User Management: Check organization related to the current user 
SVN:trunk[5677]
 2018-04-17 10:22:12 +00:00
Vincent Dumas
6d86bd516b Set default search criteria for objects + index on ticket's ref. 
SVN:trunk[5648]
 2018-04-12 15:38:18 +00:00
Vincent Dumas
d7c960e150 Enabling search and access control by organization on User class. Reworking fields displayed in Details and List as well. 
SVN:trunk[5387]
 2018-03-07 14:00:10 +00:00
Eric Espié
85a5ddb980 N°478 - Customizable access to the 'Admin Tools' 
- Display additional rights (grant_by_profile) in the grant matrix

SVN:trunk[5367]
 2018-02-26 10:38:09 +00:00
Eric Espié
d65bd97956 N°478 - Customizable access to the 'Admin Tools' 
SVN:trunk[5364]
 2018-02-23 11:13:07 +00:00
Guillaume Lajarige
4bd3084403 Fix regression introduced in r5298: Portal user could not change its preferences. 
Removed the 'grant_by_profile' category check in UserRights::GetSelectFilter().

SVN:trunk[5302]
 2018-01-31 12:29:20 +00:00
Eric Espié
94d45fc77f N°1248 - User Management Portal 
* Added a new grant_by_profile category that allows to manage certain classes in addition to bizmodel with user profiles.
* The following classes have the new grant_by_profile category:
    User, UserInternal, UserLocal, UserLDAP, UserExternal, URP_UserProfile, URP_UserOrg
* For these classes, it is possible to manage access rights with user profiles for non-administrators.
* For these classes, the default behavior of SELECT requests changes from allowed to forbidden.
* For user profiles, the default behavior '*' is limited to the bizmodel category to keep the previous behavior of profiles, i. e. for classes in the grant_by_profile category, rights (including READ) must be given explicitly.
* New constraints have been added, so only an administrator can manage (attach or detach) the 'Administrator' profile.

SVN:trunk[5298]
 2018-01-30 15:17:51 +00:00
Denis Flaven
6544659251 Small setup refactoring for getting ready for the Hub. 
SVN:trunk[5232]
 2018-01-10 15:47:15 +00:00
Guillaume Lajarige
c7857835c7 N°850 Show "delete" and "bulk delete" rights in user's grant matrix. 
SVN:trunk[5177]
 2017-12-28 10:37:04 +00:00
Romain Quetiez
cba6e8d8a3 890.3 Fixed regression introduced in commit 4870 - fatal error during a MTP from the designer 
SVN:trunk[4874]
 2017-08-23 15:31:08 +00:00
Romain Quetiez
b1494d0dd9 N890.3 Archive mode toggle menu not visible after setup/MTP: the information is cached into the session and needs to be reset 
SVN:trunk[4870]
 2017-08-21 15:28:07 +00:00
Romain Quetiez
46b5293867 N.542, N.912 Finalized the API UserRights::Impersonate. This is an enabler for several enhancements. 
SVN:trunk[4837]
 2017-07-18 09:36:25 +00:00
Romain Quetiez
b238283104 Archives: show the menu 'activate archive mode' only if there is at least one archivable class 
SVN:trunk[4701]
 2017-04-27 08:53:23 +00:00
Romain Quetiez
fa2fd6dcdf NEW! Archiving data. Archiving is a soft delete. It can be undone. Enter the archive mode to see all the data including archives (everything is read-only in that mode). Archiving must be enabled per class (data model). Archiving is achieved by the mean of the API DBObject::Archive (or Unarchive). 
SVN:trunk[4692]
 2017-04-26 09:52:20 +00:00
Denis Flaven
fcc5342775 Bug fix: protect against a non existing Contact class (a rather drastic iTop customization!) 
SVN:trunk[4559]
 2017-02-24 14:09:44 +00:00
Romain Quetiez
47ec6d4917 N.523 UserRights::ListProfiles must return an empty array if nobody is currently logged in (instead of a FATAL ERROR). 
SVN:trunk[4478]
 2016-11-18 15:47:20 +00:00
Denis Flaven
2773419faa New field on the User class to enable/disable user accounts. 
SVN:trunk[4230]
 2016-06-21 09:22:14 +00:00
Denis Flaven
63b6b95f71 Use one-way encryption for storing the token used for the "Forgotten password" feature. 
SVN:trunk[3920]
 2016-02-19 18:17:11 +00:00
Romain Quetiez
e0fad5e0e6 Magic query arguments: 
- In addition to current_contact_id, the following arguments can be used in any OQL query (provided that the page running the query requires a  login): current_contact->attcode and current_user->attcode
- Code refactoring: magic arguments in one single place
- The "Run queries" page is now taking into account those magic arguments (do not prompt the end-user with these arguments!)

SVN:trunk[3912]
 2016-02-17 18:55:46 +00:00
Romain Quetiez
b978a5d219 Fixed regression introduced in [3852] : setup not working anymore ($_SESSION is unset and a notice is issued, which can prevent the install from completing, depending on your PHP error level). 
SVN:trunk[3891]
 2016-01-28 11:11:12 +00:00
Guillaume Lajarige
879f5d89b9 Moved static method GetAllowedPortals() from LoginWebpage class to UserRights class. 
SVN:trunk[3862]
 2016-01-15 10:32:17 +00:00
Romain Quetiez
3be0bc8ca8 Improved the User Rights management API: 
- new verbs: HasProfile and ListProfiles
- doing less queries (no need for listing all the profiles, caching the user profiles into the SESSION cookie
- did some code cleanup (unused variables)

SVN:trunk[3852]
 2015-12-15 20:30:30 +00:00
Romain Quetiez
62959a89bc #1091 CAS memberships broken (parameter "cas_memberof" NOT given as a regular expression, bugged since iTop 2.0 or earlier) 
SVN:trunk[3731]
 2015-09-08 12:39:02 +00:00
Romain Quetiez
d8113a3304 #1130 CAS authentication security leak when cas_memberof is left empty (already committed into branch 2.1.0) 
SVN:trunk[3685]
 2015-08-18 13:48:12 +00:00
Romain Quetiez
baf54a7c02 #942 OQL now supporting unions. Unions support polymorphism and can be used anywhere in the application. 
SVN:trunk[3631]
 2015-07-08 17:10:40 +00:00
Denis Flaven
1f2ad9ecdb Demo mode: prevent the deletion of Users... 
SVN:trunk[3452]
 2014-12-04 10:02:14 +00:00
Romain Quetiez
372c0835f7 #988 Could not change the case of a login (cosmetic improvement to make sure this piece of code is the right example that can be shared amongst the developpers community) 
SVN:trunk[3342]
 2014-09-16 10:16:10 +00:00
Romain Quetiez
fa856c32cd #988 Could not change the case of a login 
SVN:trunk[3338]
 2014-09-16 08:04:37 +00:00
Romain Quetiez
6f90d626fc Code refactoring: MakeSelectFilter 
SVN:trunk[3015]
 2013-12-03 09:56:46 +00:00
Romain Quetiez
fde3808cdf New feature: Forgot password -> email to reset (possibly disabled in the config file) 
SVN:trunk[2855]
 2013-09-24 09:15:52 +00:00
Romain Quetiez
bedbc387eb Renamed priv_Userinternal into priv_userinternal, and added a check for table names (lowercase is the rule!) 
SVN:trunk[2435]
 2012-11-21 09:41:53 +00:00
Romain Quetiez
721faa7e1e Updated copyright (2012) and license (LGPL changed to AGPL) 
SVN:trunk[2333]
 2012-10-23 21:41:36 +00:00
Romain Quetiez
083c3d8613 Profiles defined in XML: reviewed the internal extension capability (GetReadOnlyAttributes and GetPredefinedObjects) 
SVN:trunk[2152]
 2012-08-21 13:25:32 +00:00
Romain Quetiez
38cca0c144 Profiles defined in XML (setup + runtime), beta version (stable, upgrade required) 
SVN:trunk[2149]
 2012-08-14 16:06:51 +00:00
Denis Flaven
3205d48f84 Properly log-off (and report the issue in the log) in case we fail to create a user during the CAS Synchro 
SVN:trunk[1940]
 2012-04-04 09:28:13 +00:00
Denis Flaven
66e1890b27 CAS integration: 
- regression fix: support patterns for the MemberOf groups filtering
- activate/de-activate the profiles synchronization using the 'cas_update_profiles' configuration flag
- provide default profile(s) when creating a new user from CAS, only if no match is found for assigning profiles from the CAS MemberOf group(s).

SVN:trunk[1922]
 2012-03-22 15:35:46 +00:00
Romain Quetiez
b3dadcba77 Reintegrated from branch 1.2: capability to develop a module to share objects between organizations (beta) 
SVN:trunk[1859]
 2012-02-17 15:11:00 +00:00
Denis Flaven
3a5f73fe65 Fixed typos during the copy/paste for automatic account creation 
SVN:trunk[1827]
 2012-01-31 12:44:16 +00:00
Denis Flaven
308ec94f8c Added self-registering / user synchronization extensibility 
SVN:trunk[1759]
 2012-01-11 15:59:29 +00:00
Denis Flaven
f29d673ffb Added self-registering / user synchronization extensibility 
SVN:trunk[1756]
 2012-01-11 11:17:08 +00:00
Denis Flaven
f979dd40e0 Merged-in the fix for Trac #493: incorrect display of the Users' Grant Matrix 
SVN:trunk[1636]
 2011-10-17 11:27:03 +00:00
Denis Flaven
8f21b9dabb Bug fix: prevent a warning when doing modify-all as a non-admin user. 
SVN:trunk[1549]
 2011-09-01 10:49:56 +00:00
Denis Flaven
54315f41e4 Bug fix: computation of allowed stimuli was wrong 
SVN:trunk[1495]
 2011-08-23 09:17:19 +00:00
Denis Flaven
7c9d4c76a9 Protect against a multiple stimulus on a set based on an abstract class. 
SVN:trunk[1332]
 2011-07-05 14:07:02 +00:00
Romain Quetiez
aa46ab1a67 Portal users: limit their access depending on their organization!!!! 
SVN:trunk[1320]
 2011-07-01 15:09:29 +00:00