Add new setting to specify if user roles will be set at login or not.
Without this setting enabled, roles are only set when the user is first created and never after that. If roles set via Filter-ID attribute or radius.default_roles change, they will never be reflected on existing users.
For that reason, the default is set to enabled. Historically, radius did not enforce roles.
* Install bouncer
* Seeder and level migration
* Display and edit roles
* remove unused deluser page
* Update Radius and SSO to assign roles
* update AlertUtil direct level check to use roles instead
* rewrite ircbot auth handling
* Remove legacy auth getUserlist and getUserlevel methods, add getRoles
Set roles in LegacyUserProvider
* Small cleanups
* centralize role sync code
show roles on user preferences page
* VueSelect component WIP and a little docs
* WIP
* SelectControllers id and text fields.
* LibrenmsSelect component extracted from SettingSelectDynamic
* Handle multiple selections
* allow type coercion
* full width settings
* final style adjustments
* Final compiled assets update
* Style fixes
* Fix SSO tests
* Lint cleanups
* small style fix
* don't use json yet
* Update baseline for usptream package issues
* Change schema, not 100% sure it is correct
not sure why xor doesn't work
* Update Radius-Auth to accept permission attribute
* Update Radius-Auth to accept permission attribute
* Fixed list of strings
* Swapped " with ' in switch statement
* Added whitespace to satisfy styleCI bot
* Yet another whitespace...
* Removed two blank lines....
* Fixed missing "s"
* Try to satisfy linter - fixed a stupid mistake
Had put the code for mapping attributes inside the if statement that states that user exists in librenms. It has to be done before testing of user exists, and after radius auth is true.
* Comments was skewed
* Stylefix
* Update LibreNMS/Authentication/RadiusAuthorizer.php
Murrant's edit
Co-authored-by: Tony Murray <murraytony@gmail.com>
* Added 0 on line 54 to satisfy test.
* StyleFix
* Stylefix2
* Style test complained about whitespaces, i guess..
* Update Authentication.md
* Update Authentication.md
Co-authored-by: Tony Murray <murraytony@gmail.com>
* Remove $debug global
and $vdebug global
makes these variables more accessible and protects from collisions.
* the on boot set sends application as the first parameter, just handle that
* Relocate other debug related functions
* Log debug to stdout
* Wrong output
* remove stupid constants
* Fix lint and style issues
* Share code between all mysql based authorizers
I plan to update the mysql password encryption and this will allow the code to be changed in a single location.
It also reduces a lot of duplication.
* Fix tests, I suspect reauthenticate will work for these...
Do not allow password updates for several authorizers
* Refactored authorizers to classes
* Merge changes for #7335
* ! fix php 5.3 incompatibility
* Update ADAuthorizationAuthorizer.php
* Fix get_user -> getUser
* Rename AuthorizerFactory to Auth, fix interface missing functions
* Add phpdocs to all interface methods and normalize the names a bit.
* Re-work auth_test.php AD bind tests to work properly with the new class.
Reflection is not the nicest tool, but I think it is appropriate here.
Handle exceptions more nicely in auth_test.php
* Restore AD getUseList fix
Not sure how it got removed
* fix auth_test.php style
