Commit Graph

2604 Commits (b1a8ffe3a687db9a44dd8138fe5a2ccb55e444cf)

Author SHA1 Message Date
Richard 93e558e854 Use latest icons for pdf and xls with descriptions exporting. 10 years ago
Markus Kahl c25f92576c only append origin if back_url is given 10 years ago
Markus Kahl ae6b6f8d9e disable password-related settings in settings controller 10 years ago
Markus Kahl 9dc9d69000 redirect to last URL after direct omniauth login 10 years ago
Markus Kahl ce618e21ee hide and disable LDAP auth if password login disabled 10 years ago
Markus Kahl 1eaea06360 forbid user creation if password login is disabled 10 years ago
Martin Linkhorst 8877883c63 given openproject runs in a subdirectory we cannot allow redirecting to a different subdirectory. also tries to catch shenanigans to circumvent the check like ".." in the path. 10 years ago
Michael Frister ee31c8de7d Omniauth: Add after_login, remove on_success 10 years ago
Markus Kahl c798ebe878 pass auth_hash to #on_success. Call it upon bumpy registration too. 10 years ago
Markus Kahl 41603b0f43 on_success callback for Authorization 10 years ago
Markus Kahl 8b53158127 made rest of support methods private 10 years ago
Markus Kahl e7c2f5097b spell out decision variable's name 10 years ago
Markus Kahl fd1f8315cf do not pass user into authorization callback 10 years ago
Markus Kahl c9a3dd87bd put #disable_password_login? into OP Configuration 10 years ago
Markus Kahl 3303126657 OmniAuth Authorization API 10 years ago
Jens Ulferts 85bb7e58c6 only applies default filter if no query attribte is provided 10 years ago
Till Breuer 2c4483544c Merge branch 'dev' into feature/adding-and-removing-watchers 10 years ago
Markus Kahl a572c6af7f properly qualify OmniauthLogin everywhere 10 years ago
Markus Kahl 4ec21c7cde enable override through env of disable password login 10 years ago
Markus Kahl 92138d7af4 make omniauth developer strategy work again 10 years ago
Markus Kahl 1e1ac3a742 fixed allow_registration? 10 years ago
Markus Kahl f8770d5e93 block password-related functionality (e.g. lost) 10 years ago
Markus Kahl 4dba21f002 added disable password option 10 years ago
Jens Ulferts 9a2268cc7a fixes references to OmniauthLogin 10 years ago
Philipp Tessenow a7b021d010 re-integrate repository_authentication plugin 10 years ago
Jens Ulferts 433f707843 only open wp on initial load of wp#index 10 years ago
Markus Kahl 100f3d00c6 also disable login per post 10 years ago
Philipp Tessenow a7740a4c8e re-integrate repository_authentication plugin 10 years ago
Markus Kahl 902654a91d omniauth direct login 10 years ago
Hagen Schink bf1de6a3e6 Pass user prefs to timelogs view 10 years ago
Hagen Schink affbb9056e Extract preference creation 10 years ago
Hagen Schink bb9e666ef1 Set user preferences for messages 10 years ago
Marek Takac 2269f9a8ee Fixed authorization service calls 10 years ago
Sebastian Schuster d13ccc572e Fixes on the fly version creation 10 years ago
Hagen Schink 0710c1df39 Don't use a before filter for parsing ids parameter 10 years ago
Hagen Schink f44cca280e Consider ids parameter 10 years ago
Till Breuer a9e82e7a54 Render user preferences to wp#index via gon 10 years ago
Martin Linkhorst 1f36d43b70 there was a wrong parenthesis: the last match needs to be ANDed with all the prior checks. instead of changing it, refactored the code to be more clear. still allows redirects to different sub-uris. 10 years ago
Philipp Tessenow d8cb82a2e8 explicitly allow home path in back_url 10 years ago
Philipp Tessenow 0cdbaf39f6 fix protocol-relative redirection test 10 years ago
jplang 1db8642ac6 [security] fixed back url verification 10 years ago
Richard 44c9a14a08 Slightly modified init_query method in query loading concern. 11 years ago
Richard 4176330b64 WIP Extracting old retrieve_query method from experimental api. 11 years ago
Richard ba30602604 Paths for api corrected for saving queries without project 11 years ago
Richard 37dc5ffa21 Forgot to add file. 11 years ago
Richard 1088e52a7b Keeping query permissions up to date after save/update query. 11 years ago
Richard 9b92a383bb WIP refactoring AuthService 11 years ago
Richard 3acd4875f2 new work packages disabled until proven otherwise. 11 years ago
Richard e75200ff46 Disabling new work packages button on toolbar if user is unauthorised. 11 years ago
Richard 3c31db5481 Made some tweaks to the save(as) auth 11 years ago