Oleg Bulkin
edda690f2c
[FIX] auth_totp: RPC access
* Add res.users logic to prevent RPC access for users with MFA enabled even
when those users have recently logged in
7 years ago
OCA Transbot
110d313a54
OCA Transbot updated translations from Transifex
7 years ago
Oleg Bulkin
74fcce91ee
PR commit
7 years ago
Oleg Bulkin
c8d5b50777
[FIX] auth_totp: Various issues
* Restructure controller and res.users logic to prevent RPC authentication for
users with MFA enabled and add support for multiple simultaneous MFA sessions
* Switch trusted device cookies from using the DB secret to user-level secret
keys, thereby increasing security
* Remove MFA login tokens and trusted device model, which are now redundant
* Add migration logic that generates a trusted device cookie key for every user
with MFA enabled and cleans up device model ir records to prevent warnings
* Update unit tests and remainder of module accordingly
7 years ago
OCA Git Bot
daca284071
[UPD] addons table in README.md
7 years ago
Dave Lasley
58207e6119
Merge pull request #1121 from grindtildeath/10.0_fix_auth_totp_special_chars
[10.0][Fix] Auth_totp: Ensure no special chars are passed to totp.provisioning_uri
7 years ago
Akim Juillerat
e76742a767
Ensure no special chars are passed to totp.provisioning_uri
7 years ago
OCA Git Bot
61650f79c1
[UPD] addons table in README.md
7 years ago
Dave Lasley
98185e6985
[FIX] password_security: No login success with no params
* Default the `login_success` parameter to False instead of True in order to mitigate lack of parameter existence due to unknown module. Fixes OCA#1081
7 years ago
Dave Lasley
3e2546f65d
Merge pull request #1117 from versada/bugfix/10.0/fix-sentry-tests
[10.0][FIX] sentry: fix tests after raven 6.4.0
7 years ago
Naglis Jonaitis
39d27afa5e
[FIX] sentry: Fix SanitizeOdooCookiesProcessor after raven 6.4.0
Closes #1096
7 years ago
OCA Transbot
3bb12bd80c
OCA Transbot updated translations from Transifex
7 years ago
OCA Git Bot
c6796c4d66
[UPD] addons table in README.md
7 years ago
OCA Git Bot
e28dc91f9b
[ADD] setup.py
7 years ago
Brenton Hughes
37dc920c5e
[ADD] base_export_security: Create module ( #917 )
* [ADD] base_export_security: Create module
* Add Export Rights security group, access rights
* Add user rights checks to prevent unauthorized exports and hide
Export menu item from unauthorized users
* Add Export model for logging data export activity
* Add views, menu link for Export Logs
* Add data exports discussion channel, notifications of exports
* [IMP] base_export_security: Make requested changes
* Fix manifest website and depends
* Fix xml structure
* Rename model 'export' -> 'export.event'
* Simplify date calculation
* Use % instead of .format
* Avoid translating variables
* Assign recordsets to variables instead of ids
* Use (6, _, ids) command instead of (4, id, _)
* Clean up syntax redundancies
* Remove unnecessary sort
* Override export_data method with inheritance/super
* [FIX] base_export_security: Fix eslint errors
* Fix prefer-rest-params
* Fix no-prototype-builtins
* Fix comma-dangle
* Fix dot-location
* Fix unnecessary apply
* [IMP] base_export_security: Update readme
* Add three screenshots from PR to readme
7 years ago
Holger Brunn
3632a32454
[FIX] squelch expected error log
7 years ago
Holger Brunn
24d7ebda49
[FIX] install mailserver for tests
7 years ago
Holger Brunn
2e07f3d74c
[FIX] import for safe_eval
7 years ago
OCA Git Bot
505bc6751b
[ADD] setup.py
7 years ago
OCA Git Bot
7cff877f9f
[UPD] addons table in README.md
7 years ago
Miku Laitinen
13d3cc3c46
[MIG] dead_mans_switch_client: Migration to 10.0
7 years ago
OCA Transbot
d338bf03c8
OCA Transbot updated translations from Transifex
7 years ago
OCA Git Bot
8bd6976a4b
[UPD] addons table in README.md
7 years ago
Dave Lasley
dbe3a502b8
Merge pull request #1084 from LasLabs/bugfix/10.0/gh-1083-add-default-reset-time
[FIX] password_security: Default last write date
7 years ago
Dave Lasley
f5d265211f
[FIX] password_security: Default last write date
* Add a default `password_write_date` to circumvent need for immediate password reset, fixing #1083
7 years ago
Stefan Rijnhart (Opener)
9f5c678c2f
Merge pull request #1024 from acsone/10.0-imp_base_user_role_default_user-bwi
[IMP] Use default user to define default roles to create for a new user
7 years ago
Benjamin Willig
0e50f775c6
[IMP] Use default user to define default roles to create for a new user
7 years ago
OCA Transbot
4b1cd222f7
OCA Transbot updated translations from Transifex
7 years ago
OCA Git Bot
b3e48fa986
[UPD] addons table in README.md
7 years ago
Pedro M. Baeza
71b23d8687
Merge pull request #916 from multidadosti-erp/develop-mass-mail-upgrade-button
[FIX] Remove mass mail upgrade button
7 years ago
Pedro M. Baeza
5bf89f45ba
Merge pull request #1077 from StefanRijnhart/fix/10.0/password_security/underscore
[FIX] Underscore is a special character
7 years ago
OCA Git Bot
94c6ea1e64
[UPD] addons table in README.md
7 years ago
Stefan Rijnhart
b039d37ffa
[FIX] Underscore is a special character
7 years ago
Daniel Masi
8d4ef5a607
corrects AttributeError: 'HttpRequest' object has no attribute 'http' ( #1070 )
* corrects AttributeError: 'HttpRequest' object has no attribute 'http'
* updates the module version number for pull request #1070
7 years ago
Stefan Rijnhart (Opener)
1d715f02b4
Merge pull request #1069 from acsone/10.0-fix-return-ape
[FIX] server_environment_ir_config_parameter: missing return.
7 years ago
Adrien Peiffer (ACSONE)
3446845bd1
[FIX] server_environment_ir_config_parameter: missing return.
7 years ago
OCA Git Bot
a5cc2c073c
[UPD] addons table in README.md
7 years ago
Pedro M. Baeza
eae0d9530c
Merge pull request #1055 from StefanRijnhart/fix/password_security/10.0-erp_manager_reset_password
[FIX] As an ERP manager, allow to reset users' passwords
7 years ago
Stefan Rijnhart
7351c764d7
[FIX] As an ERP manager, allow to reset users' passwords
7 years ago
Holger Brunn
a59070f12c
[FIX] warning about dynamic context
7 years ago
OCA Git Bot
ab1e2678ae
[ADD] setup.py
7 years ago
OCA Git Bot
8fa0e0d4e8
[UPD] addons table in README.md
7 years ago
Dave Lasley
140f14148e
Merge pull request #996 from LasLabs/bugfix/10.0/LABS-474-password_security_auth_totp_compatibility
[10.0][ADD][FIX] auth_totp and password_security compatibility
7 years ago
Pedro M. Baeza
cbf074750f
Merge pull request #580 from LasLabs/release/10.0/auth_session_timeout
[MIG][10.0] auth_session_timeout
7 years ago
Dave Lasley
00e79300e3
[IMP] auth_session_timeout: Deprecate backwards compat + improve
* Deprecate backwards compatibility methods that were retained during v9 rework
* Upgrade API and rename a few things for PEP-8
* Switch to HttpCase for tests
* Switch to isolated build
7 years ago
jmorgannz
2fda45fdfd
Module auth_session_timeout: Pluggability ( #887 )
* Module auth_session_timeout:
---------------------------
* Refactor to allow other modules to inherit and augment or override the following:
** Session expiry time (deadline) calculation
** Ignored URLs
** Final session expiry (with possibility to late-abort)
* Re-ordered functionality to remove unnecessary work, as this code is called very often.
* Do not expire a session if delay gets set to zero (or unset / false)
* WIP
* Fixed flake8 lint errors
* Fixed flake8 lint errors
* WIP
* WIP
* WIP
* WIP
* WIP
* WIP
* Module: auth-session-timeout: Refactor ResUser tests to use `unittest.mock` patching
* Module: auth_session_timeout: Fixed flake8 lint errors
* Module: auth_session_timeout: Fixed flake8 lint errors
7 years ago
Dave Lasley
ac4301bb01
[MIG] auth_session_timeout: Migrate to v10
* Bump versions
* Installable to True
* Add Usage section to ReadMe w/ Runbot link
* `_crypt_context` now directly exposes the `CryptContext`
* Change all instances of openerp to odoo
* Add test coverage to IrConfigParameter
* Add test coverage for res.users
* Remove db from `get_session_parameters` method call
* Remove deprecated skiparg for ormcache
* Fix tests & lint
* Switch cache to use self.cr.dbname
* Fix ormcache
8 years ago
OCA Transbot
893b12e072
OCA Transbot updated translations from Transifex
7 years ago
OCA Git Bot
d71c6deadd
[ADD] setup.py
7 years ago
OCA Git Bot
dc2d1d6b0f
[UPD] addons table in README.md
7 years ago