openproject

Commit Graph

Author	SHA1	Message	Date
Markus Kahl	2ed52b163d	only use exit screen if login is required to view anything at all	10 years ago
Markus Kahl	d6401e79f5	polish	10 years ago
Markus Kahl	89731db2d1	some refactoring; test display of instructions	10 years ago
Markus Kahl	bbd4cad404	fix: #14385 (direct login infinite redirect loop)	10 years ago
Hagen Schink	9c740f4f2d	Don't use WP because it does not exist for index	10 years ago
Hagen Schink	22184c373e	Use project object extracted by before filter	10 years ago
Hagen Schink	f11738ad67	Show plugin attributes in WP overview	10 years ago
Richard	93e558e854	Use latest icons for pdf and xls with descriptions exporting.	10 years ago
Markus Kahl	c25f92576c	only append origin if back_url is given	10 years ago
Markus Kahl	ae6b6f8d9e	disable password-related settings in settings controller	10 years ago
Markus Kahl	9dc9d69000	redirect to last URL after direct omniauth login	10 years ago
Markus Kahl	ce618e21ee	hide and disable LDAP auth if password login disabled	10 years ago
Markus Kahl	1eaea06360	forbid user creation if password login is disabled	10 years ago
Martin Linkhorst	8877883c63	given openproject runs in a subdirectory we cannot allow redirecting to a different subdirectory. also tries to catch shenanigans to circumvent the check like ".." in the path.	10 years ago
Michael Frister	ee31c8de7d	Omniauth: Add after_login, remove on_success After a successfull login seems to be a much clearer description of when the callback will be executed than "on successful authorization". E.g. it's not clear whether ending up on the registration page also indicates successful authorization (which it does in the OmniAuth sense, but not in the OpenProject sense). The after login callback is called each time a user is logged in, no matter whether that happens via regular Omniauth login or after completing the registration process and being automatically logged in (when automated account activation is enabled).	10 years ago
Markus Kahl	c798ebe878	pass auth_hash to #on_success. Call it upon bumpy registration too.	10 years ago
Markus Kahl	41603b0f43	on_success callback for Authorization	10 years ago
Markus Kahl	8b53158127	made rest of support methods private	10 years ago
Markus Kahl	e7c2f5097b	spell out decision variable's name	10 years ago
Markus Kahl	fd1f8315cf	do not pass user into authorization callback	10 years ago
Markus Kahl	c9a3dd87bd	put #disable_password_login? into OP Configuration	10 years ago
Markus Kahl	3303126657	OmniAuth Authorization API	10 years ago
Jens Ulferts	85bb7e58c6	only applies default filter if no query attribte is provided	10 years ago
Till Breuer	2c4483544c	Merge branch 'dev' into feature/adding-and-removing-watchers Conflicts: app/assets/javascripts/angular/work_packages/controllers/work-package-details-controller.js karma/tests/controllers/work-package-details-controller-test.js lib/api/v3/work_packages/work_package_representer.rb	10 years ago
Markus Kahl	a572c6af7f	properly qualify OmniauthLogin everywhere	10 years ago
Markus Kahl	4ec21c7cde	enable override through env of disable password login and omniauth_direct_login_provider	10 years ago
Markus Kahl	92138d7af4	make omniauth developer strategy work again	10 years ago
Markus Kahl	1e1ac3a742	fixed allow_registration?	10 years ago
Markus Kahl	f8770d5e93	block password-related functionality (e.g. lost)	10 years ago
Markus Kahl	4dba21f002	added disable password option	10 years ago
Jens Ulferts	9a2268cc7a	fixes references to OmniauthLogin	10 years ago
Philipp Tessenow	a7b021d010	re-integrate repository_authentication plugin	10 years ago
Jens Ulferts	433f707843	only open wp on initial load of wp#index	10 years ago
Markus Kahl	100f3d00c6	also disable login per post	10 years ago
Philipp Tessenow	a7740a4c8e	re-integrate repository_authentication plugin	10 years ago
Markus Kahl	902654a91d	omniauth direct login	10 years ago
Hagen Schink	bf1de6a3e6	Pass user prefs to timelogs view	10 years ago
Hagen Schink	affbb9056e	Extract preference creation	10 years ago
Hagen Schink	bb9e666ef1	Set user preferences for messages	10 years ago
Marek Takac	2269f9a8ee	Fixed authorization service calls	10 years ago
Sebastian Schuster	d13ccc572e	Fixes on the fly version creation	10 years ago
Hagen Schink	0710c1df39	Don't use a before filter for parsing ids parameter	10 years ago
Hagen Schink	f44cca280e	Consider ids parameter	10 years ago
Till Breuer	a9e82e7a54	Render user preferences to wp#index via gon	10 years ago
Martin Linkhorst	1f36d43b70	there was a wrong parenthesis: the last match needs to be ANDed with all the prior checks. instead of changing it, refactored the code to be more clear. still allows redirects to different sub-uris.	10 years ago
Philipp Tessenow	d8cb82a2e8	explicitly allow home path in back_url	10 years ago
Philipp Tessenow	0cdbaf39f6	fix protocol-relative redirection test - escape forward slash in regexp - allow redirection to home_path '/'	10 years ago
jplang	1db8642ac6	[security] fixed back url verification --HG-- extra : convert_revision : svn%3Ae93f8b46-1217-0410-a6f0-8f06a7374b81/trunk%4013018	10 years ago
Richard	44c9a14a08	Slightly modified init_query method in query loading concern.	11 years ago
Richard	4176330b64	WIP Extracting old retrieve_query method from experimental api.	11 years ago

1 2 3 4 5 ...

2400 Commits (92c386afbee0e420242b76e527e9a67d66932c49)