* Update Radius-Auth to accept permission attribute
* Update Radius-Auth to accept permission attribute
* Fixed list of strings
* Swapped " with ' in switch statement
* Added whitespace to satisfy styleCI bot
* Yet another whitespace...
* Removed two blank lines....
* Fixed missing "s"
* Try to satisfy linter - fixed a stupid mistake
Had put the code for mapping attributes inside the if statement that states that user exists in librenms. It has to be done before testing of user exists, and after radius auth is true.
* Comments was skewed
* Stylefix
* Update LibreNMS/Authentication/RadiusAuthorizer.php
Murrant's edit
Co-authored-by: Tony Murray <murraytony@gmail.com>
* Added 0 on line 54 to satisfy test.
* StyleFix
* Stylefix2
* Style test complained about whitespaces, i guess..
* Update Authentication.md
* Update Authentication.md
Co-authored-by: Tony Murray <murraytony@gmail.com>
* Add option STARTTLS for authentication via AD
* Fix dangling spaces
* Moved starttls code to the correct place
* tabs vs spaces...
* Update ActiveDirectoryAuthorizer.php
Co-authored-by: Tony Murray <murraytony@gmail.com>
* implement support for usernames comming from reverse proxies
* add configurable auth header
* Move implementation to AuthorisationBase class
* refactored default value handling
* fixed external user check
* Adding an option (auth_ldap_skip_group_check) to bypass ldap_compare if the server does not support the option
* add auth_ldap_skip_group_check to config_definitions.json
* update resources/lang/en/settings.php
* add missing comma
* rename auth_ldap_skip_group_check to auth_ldap_require_groupmembership and change logic
Co-authored-by: Tony Murray <murraytony@gmail.com>
* Add userlist filter to ldap-authorization
* Add LDAP bind user to ldap-authorization
* Type hint getFullDn parameter of ldap-authorization
* docs: add missing options of ldap
* docs: add available options of ldap-authorization
* Implement OAuth and SAML2 support via Socialite
* Add socialite docs
* fixes
* Additional information added
* wip
* 22.3.0 targeted version
* Allow mysql auth as long as there is a password saved
Co-authored-by: laf <gh+n@laf.io>
Co-authored-by: Tony Murray <murraytony@gmail.com>
* Kick other session when changing password
Invalidate other sessions when a user password gets changed
* Don't logout admin users when they change passwords.
Cleanup phpstan exceptions
* only restore user if needed
* comment odd behavior
* $current_user typehint
* Improvements to SSO Authorization and logout handling
Changes:
* Adds support for a default access level in the SSO authorization
plugin when group mapping is enabled.
* Restore functionality of the auth_logout_handler configuration option,
allowing the user to be redirected to a configured URL to complete
logout from an external IdP.
* Documentation and test coverage updates
* Set sso.static_level to 0 in AuthSSOTest:testGroupParsing()
* Simplify implementation to use default values in Config::get()
* Remove $debug global
and $vdebug global
makes these variables more accessible and protects from collisions.
* the on boot set sends application as the first parameter, just handle that
* Relocate other debug related functions
* Log debug to stdout
* Wrong output
* remove stupid constants
* Fix lint and style issues
* Fixes issues with binding and authenticating users in nested groups
Signed-off-by: Patrik Forsberg <git@paddyonline.net>
* re-instated the user group check for nested groups after identifying the real issue in ActiveDirectoryAuthorizer.php
added fix for special characters in group checker in ActiveDirectoryAuthorizer.php
Signed-off-by: Patrik Forsberg <git@paddyonline.net>
* fix for styleci/pr issues in ActiveDirectoryAuthorizer.php
Signed-off-by: Patrik Forsberg <git@paddyonline.net>
* further fixes for styleci/pr in ActiveDirectoryAuthorizer.php
Signed-off-by: Patrik Forsberg <git@paddyonline.net>
* fixed return value from userExists in ActiveDirectoryAuthorizer to return boolean instead of integer
Signed-off-by: Patrik Forsberg <git@paddyonline.net>
* fix for styleci/pr issues
Signed-off-by: Patrik Forsberg <git@paddyonline.net>
* cleanup
* don't use boolval on int...
Co-authored-by: Tony Murray <murraytony@gmail.com>
* Device group based access
* Use Permissions class to resolve permissions
Also give port access based on device access
* Convert more pages to use Permissions class
* shorten config setting name
use Eloquent relationships in several places
alphabetize config_definitions.json
* Change Models and Permissions
* Clean up ajax_search LIMIT sql
* Convert more pages to use Permissions class
Co-authored-by: Tony Murray <murraytony@gmail.com>
* Add option to authenticate user independtly of OU
* Set config option in webui
* Compatibility with bind username option
* ran ./lnms translation:generate
* update doc
* user deactivation feature
* update db_schema.yaml
* travis fix
* readd sqlfile with alter statement
* ..
* revert force push
* combine all queries
* fix query
* user enable/disable only visible on mysql authorization
* Update form.blade.php
* Update index.blade.php
* disable 'enabled' on own profile
* bootstraping checkboxes
* Remove $_SESSION usage, except install
Fixes issue with device debug capture
Removes secure_cookies setting, use the .env variable SESSION_SECURE_COOKIE instead. Reminder secure cookies requires cookies are transported over https, if everything is already transported via https, the setting won't make a difference.
* Fix availability map controls
* Refactor tests
Boot Laravel for all tests.
Config use private static property for storage instead of global
* Backup/restore modules
* disable snmpsim log
* Fixing DBTestCase
* Fix macros loading to the wrong place
* trap and other tests should check if db is available
* don't include snmp.inc.php if mock.snmp.inc.php is already included...
* fix migration
* if we don't reset the db, run migrations at least.
* set vars for migrate too
* Fix style
* ignore issues with undefined indexes in legacy code
* Remove auth use of $_SESSION
Will break plugins that depend on $_SESSION, Weathermap was already fixed.
Port them to use Auth::check()/Auth::user()/Auth:id()
* revert accidental replacement
* Modification of the getUserlist fonction to use ldap filter
* Modification of the getUserlist fonction to use ldap filter V2
* documentation of auth_ldap_Userlist_filter option
* documentation of auth_ldap_Userlist_filter option V2
* Allow filtering of getUserlist LDAP function
* Support for system APP_LOCALE
* Start preferences re-write
* port 2fa form
* Working user preferences
* Language user preference
* Don't look up locale from the DB every request
* Device list working
* Deny demo user middleware
* Finish password changing
* remove used resource methods
* remove leftover use
* warn that translation is incomplete
* fix style
* Reorganize trap tests
* Testing db DRIVER to prevent .env from interfering
* New code to detect if Laravel is booted. Hopefully more reliable.
* WIP external test process
* revert module test helper
* Use .env in Eloquent::boot()
* Fix test database settings loading
* fix undefined classes
(didn't find the one I needed)
* Fix incorrect Config usages
And RrdDefinition return type
* fix .env loading
* use the right DB
* slightly more accurate isConnected
* Move db_name to DBSetupTest specifically
* restore $_SERVER in AuthSSOTest
* missed item
* WIP
* tear down in the correct order.
* some testing cleanups
* remove check for duplicate event listener, it's not working right
* Don't need this change anymore
* Implement Log::event to replace legacy function log_event()
* fix port tests
* fix up tests
* remove pointless TrapTestCase class
* fix style
* Fix db config not being merged...
* skip env check for tests
* defer database operations until after Laravel is booted.
* don't include dbFaciale...
* redundant use
