* Install bouncer
* Seeder and level migration
* Display and edit roles
* remove unused deluser page
* Update Radius and SSO to assign roles
* update AlertUtil direct level check to use roles instead
* rewrite ircbot auth handling
* Remove legacy auth getUserlist and getUserlevel methods, add getRoles
Set roles in LegacyUserProvider
* Small cleanups
* centralize role sync code
show roles on user preferences page
* VueSelect component WIP and a little docs
* WIP
* SelectControllers id and text fields.
* LibrenmsSelect component extracted from SettingSelectDynamic
* Handle multiple selections
* allow type coercion
* full width settings
* final style adjustments
* Final compiled assets update
* Style fixes
* Fix SSO tests
* Lint cleanups
* small style fix
* don't use json yet
* Update baseline for usptream package issues
* Change schema, not 100% sure it is correct
not sure why xor doesn't work
* Add userlist filter to ldap-authorization
* Add LDAP bind user to ldap-authorization
* Type hint getFullDn parameter of ldap-authorization
* docs: add missing options of ldap
* docs: add available options of ldap-authorization
* Remove $_SESSION usage, except install
Fixes issue with device debug capture
Removes secure_cookies setting, use the .env variable SESSION_SECURE_COOKIE instead. Reminder secure cookies requires cookies are transported over https, if everything is already transported via https, the setting won't make a difference.
* Fix availability map controls
* AD Authorization fixes
Remove mres() and $_SESSION usage.
Remove broken addUser function and use Mysql addUser.
* AD Authorization fixes
Remove mres() and $_SESSION usage.
Remove broken addUser function and use Mysql addUser.
Extract common AD auth code to ADUtils
* AD Authorization fixes
Remove mres() and $_SESSION usage.
Remove broken addUser function and use Mysql addUser.
Extract common AD auth code to ADUtils
* Send no user info to log instead of toast.
* Remove commented code
* add abstract getConnection() method that is required.
* Actually return the value
* First attempt at ldap-auth fixes
* no, guest, so it is not allowed.
* cast to int
* don't count on Session
* return full user
* Specific error for guest not allowed.
* fix up external auth user creation
* fix check
* Fix user level missing
Simplify middleware
* use guard if configured
* fix: ldap-authorization should be considered external
When sso auth type was added (1c6b7a9), some code for getting a username
was moved into HttpAuthAuthorizer. LdapAuthorizationAuthorizer uses the
same process to get the username and needs to be updated as well.
* Use common implementation of getExternalUsername
Authorizers get the default implementation by setting AUTH_IS_EXTERNAL.
ADAuthorizationAuthorizer is another candidate.
* refactor: AD Auth defer connection until it is needed
Nice error if php-ldap is missing instead of http 500.
* Add the same error when ldap is missing to other auth methods.
Not as graceful looking in the authorizers since they do not defer connection.
* Refactored authorizers to classes
* Merge changes for #7335
* ! fix php 5.3 incompatibility
* Update ADAuthorizationAuthorizer.php
* Fix get_user -> getUser
* Rename AuthorizerFactory to Auth, fix interface missing functions
* Add phpdocs to all interface methods and normalize the names a bit.
* Re-work auth_test.php AD bind tests to work properly with the new class.
Reflection is not the nicest tool, but I think it is appropriate here.
Handle exceptions more nicely in auth_test.php
* Restore AD getUseList fix
Not sure how it got removed
* fix auth_test.php style
