tyler.durden
/
icingaweb2
mirror of https://github.com/Icinga/icingaweb2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
13,466 Commits 121 Branches 71 Tags 80 MiB
Commit Graph

29 Commits

Author SHA1 Message Date
Eric Lippmann d1aaaf7fb0 Replace user:local_name with user.local_name macro in restrictions 2021-06-28 15:16:56 +02:00
Johannes Meyer d9a87f76a2 AdmissionLoader: Optimize role loading 2021-04-14 10:11:19 +02:00
Johannes Meyer 9d10424f97 AdmissionLoader: Set additional user information `assigned_roles` 2021-04-07 14:30:14 +02:00
Johannes Meyer 5dfa5e28da User: Add property `$unrestricted` 2021-03-09 11:27:13 +01:00
Johannes Meyer cc65164a67 Adjust global permissions 2021-02-18 11:11:39 +01:00
Johannes Meyer 429a70f05f Auth: Allow to ignore any and all restrictions 2021-02-18 11:11:39 +01:00
Johannes Meyer 6eb0139446 User: Move `$user:local_name$` handling to class `AdmissionLoader` 
This way it also adjusts the roles directly, and not just their
copies for the user object
 2021-02-18 11:11:39 +01:00
Johannes Meyer bdd0f204f0 Auth: Support single inheritance in roles 2021-02-18 11:11:39 +01:00
Johannes Meyer 87d741265e Auth: Add support for denied permissions 2021-02-18 11:11:39 +01:00
Eric Lippmann f495b390da Apply role to all users if the role is defined with users=* 
If the users directive contains at least one single asterisk, the role is applied to all users.
So, this supports roles which define users=username, ..., * and users=*

refs #3095
 2017-11-16 12:02:41 +01:00
Eric Lippmann e0781cf8b5 Fix PHPDoc of AdmissionLoader::applyRoles() 
refs #10887
 2016-03-29 11:26:00 +02:00
Eric Lippmann 5b5978787b Move permission and restriction initialization in AdmissionLoader 
refs #10887
 2016-03-29 11:25:55 +02:00
Alexander A. Klimov df0d3aaf1e AdmissionLoader: set the roles of the user 
refs #10887
 2016-03-24 16:24:24 +01:00
Eric Lippmann 2699d2c9ed lib: Rename AdmissionLoader::applyPerm... to applyRoles() 
refs #10887
 2016-03-24 15:28:21 +01:00
Alexander A. Klimov 474803fee4 Change all license headers to only reflect a file's year of creation 
refs #11000
 2016-02-08 15:41:00 +01:00
Eric Lippmann 7fd575080e PHP7: Rename String to StringHelper 
refs #10251
 2016-01-27 16:46:55 +01:00
Eric Lippmann 6bae2e0a53 Note that our license is GPL v2 or any later version in our license header instead of pointing to the license's URL 2015-02-04 10:52:27 +01:00
Eric Lippmann 5b4fab0750 Add license header 
This time without syntax errors hopefully :)
 2015-02-03 16:27:59 +01:00
Eric Lippmann 5fa2e3cfdc Revert "Add license header" 
This reverts commit 338d067aba.
 2015-02-03 16:16:26 +01:00
Eric Lippmann 338d067aba Add license header 
fixes #7788
 2015-02-03 15:51:04 +01:00
Eric Lippmann 3e1583ca40 Security: Remove getPermissions and getRestrictions from the AdmissionLoader 
These funtctions are superseded by getRestrictionsAndPermissions.

refs #5647
 2014-11-19 15:13:45 +01:00
Eric Lippmann b01a9a65e0 Security: Introduce AdmissionLoader::getPermissionsAndRestrictions() for loading permissins and restrictions from roles.ini 
When loading from roles.ini there's currently an empty permission added which is of course a bug and will be fixed asap.

refs #5647
 2014-11-19 15:10:09 +01:00
Johannes Meyer 7621f6642d Adjust usages of Icinga\Application\Config 
refs #7147
 2014-11-18 13:11:52 +01:00
Eric Lippmann cee261bf7e Use lowercase username and user groups for loading user permissions and restrictions 2014-10-20 13:36:37 +02:00
Eric Lippmann 74bd9b319d restrictions: Include restriction's section name in user restrictions 2014-10-01 14:08:21 +02:00
Eric Lippmann 084691570e permissions: Use a comma-separated list as config instead of the `permission_*' directives 
Permissions are now set using a comma-separated list of permissions using the `permissions' config because
the `users' and `groups' are comma-separated lists too.
 2014-10-01 08:14:03 +02:00
Johannes Meyer 3105c2059e Remove license headers from all files 
refs #6309
 2014-07-15 13:43:52 +02:00
Eric Lippmann 39c80dccaf Decouple authentication backend creation from Icinga\Authentication\Manager 
Add authentication backend type msldap with default values for user_class
and user_name_attribute. Backend type ldap now logs an error when user_class
and user_name_attribute ist not configured. Rename membership.ini to
memberships.ini since all our INI configuration files are in the plurar
where it makes sense. The AuthenticationController now handles
authentication

refs #5685
refs #5638
fixes #5218
 2014-03-03 17:21:17 +01:00
Marius Hein 8a604f1c2c Implement structures for permissions, restrictions and membership 
refs #4624
 2014-02-12 17:03:18 +01:00