Commit Graph

2597 Commits (7d46a7f16a78f44a7d7714956eff76a0e7b52380)

Author SHA1 Message Date
Markus Kahl 1eaea06360 forbid user creation if password login is disabled 10 years ago
Martin Linkhorst 8877883c63 given openproject runs in a subdirectory we cannot allow redirecting to a different subdirectory. also tries to catch shenanigans to circumvent the check like ".." in the path. 10 years ago
Michael Frister ee31c8de7d Omniauth: Add after_login, remove on_success 10 years ago
Markus Kahl c798ebe878 pass auth_hash to #on_success. Call it upon bumpy registration too. 10 years ago
Markus Kahl 41603b0f43 on_success callback for Authorization 10 years ago
Markus Kahl 8b53158127 made rest of support methods private 10 years ago
Markus Kahl e7c2f5097b spell out decision variable's name 10 years ago
Markus Kahl fd1f8315cf do not pass user into authorization callback 10 years ago
Markus Kahl c9a3dd87bd put #disable_password_login? into OP Configuration 10 years ago
Markus Kahl 3303126657 OmniAuth Authorization API 10 years ago
Jens Ulferts 85bb7e58c6 only applies default filter if no query attribte is provided 10 years ago
Till Breuer 2c4483544c Merge branch 'dev' into feature/adding-and-removing-watchers 10 years ago
Markus Kahl a572c6af7f properly qualify OmniauthLogin everywhere 10 years ago
Markus Kahl 4ec21c7cde enable override through env of disable password login 10 years ago
Markus Kahl 92138d7af4 make omniauth developer strategy work again 10 years ago
Markus Kahl 1e1ac3a742 fixed allow_registration? 10 years ago
Markus Kahl f8770d5e93 block password-related functionality (e.g. lost) 10 years ago
Markus Kahl 4dba21f002 added disable password option 10 years ago
Jens Ulferts 9a2268cc7a fixes references to OmniauthLogin 10 years ago
Philipp Tessenow a7b021d010 re-integrate repository_authentication plugin 10 years ago
Jens Ulferts 433f707843 only open wp on initial load of wp#index 10 years ago
Markus Kahl 100f3d00c6 also disable login per post 10 years ago
Philipp Tessenow a7740a4c8e re-integrate repository_authentication plugin 10 years ago
Markus Kahl 902654a91d omniauth direct login 10 years ago
Hagen Schink bf1de6a3e6 Pass user prefs to timelogs view 10 years ago
Hagen Schink affbb9056e Extract preference creation 10 years ago
Hagen Schink bb9e666ef1 Set user preferences for messages 10 years ago
Marek Takac 2269f9a8ee Fixed authorization service calls 11 years ago
Sebastian Schuster d13ccc572e Fixes on the fly version creation 11 years ago
Hagen Schink 0710c1df39 Don't use a before filter for parsing ids parameter 11 years ago
Hagen Schink f44cca280e Consider ids parameter 11 years ago
Till Breuer a9e82e7a54 Render user preferences to wp#index via gon 11 years ago
Martin Linkhorst 1f36d43b70 there was a wrong parenthesis: the last match needs to be ANDed with all the prior checks. instead of changing it, refactored the code to be more clear. still allows redirects to different sub-uris. 11 years ago
Philipp Tessenow d8cb82a2e8 explicitly allow home path in back_url 11 years ago
Philipp Tessenow 0cdbaf39f6 fix protocol-relative redirection test 11 years ago
jplang 1db8642ac6 [security] fixed back url verification 11 years ago
Richard 44c9a14a08 Slightly modified init_query method in query loading concern. 11 years ago
Richard 4176330b64 WIP Extracting old retrieve_query method from experimental api. 11 years ago
Richard ba30602604 Paths for api corrected for saving queries without project 11 years ago
Richard 37dc5ffa21 Forgot to add file. 11 years ago
Richard 1088e52a7b Keeping query permissions up to date after save/update query. 11 years ago
Richard 9b92a383bb WIP refactoring AuthService 11 years ago
Richard 3acd4875f2 new work packages disabled until proven otherwise. 11 years ago
Richard e75200ff46 Disabling new work packages button on toolbar if user is unauthorised. 11 years ago
Richard 3c31db5481 Made some tweaks to the save(as) auth 11 years ago
Hagen Schink 181347566c Let anonymous user access public custom fields 11 years ago
Hagen Schink c87cf9b7bf Remove duplicate WP custom fields 11 years ago
Hagen Schink 5065215415 Filter WP custom fields by membership 11 years ago
Hagen Schink 6ce1f68d7e Deny anonymous access 11 years ago
Jens Ulferts 3d8473093c refactors and adds create link 11 years ago