Part-DB.Part-DB-server

mirror of https://github.com/Part-DB/Part-DB-server.git synced 2025-06-23 10:18:56 +02:00

Author	SHA1	Message	Date
Jan Böhmer	f9fd015ecb	Show configured and effective maximum file size in server info page.	2023-03-03 23:42:02 +01:00
Jan Böhmer	27de5ae387	Fixed static analysis issue	2023-03-02 23:57:32 +01:00
Jan Böhmer	4f43f10672	Bumped version to 1.0.3	2023-03-02 23:53:38 +01:00
Jan Böhmer	fb45ef432e	Added documentation for MAX_ATTACHMENT_FILE_SIZE env	2023-03-02 23:53:16 +01:00
Jan Böhmer	d0a8e33bf2	Updated dependencies	2023-03-02 23:48:52 +01:00
Jan Böhmer	5a19024bec	Use 10 based prefixes for byte sizes instead of 2-based This way we are consistent with the way symfony interprets the prefixes	2023-03-02 23:39:12 +01:00
Jan Böhmer	e0635f7ead	Show maximum allowed file size below the upload field for attachments	2023-03-02 23:38:23 +01:00
Jan Böhmer	6fa5efc4ca	Increased the maximum file size from 16M to 100M and make it configurable This fixes issue #228	2023-03-02 23:08:14 +01:00
Jan Böhmer	7394a23a83	Fixed infinite loop when an element gets assigned itself as parent This fixes issue #230	2023-03-02 22:55:22 +01:00
Jan Böhmer	bbe4de996a	Added documentation about the SAML_UPDATE_GROUP_ON_LOGIN env	2023-03-01 15:24:47 +01:00
Jan Böhmer	7030e752fc	Added documentation about permission mapping.	2023-03-01 14:56:05 +01:00
Jan Böhmer	d845f8b7e3	Added documentation about the convert-to-saml-user command	2023-03-01 14:36:46 +01:00
Jan Böhmer	8a18951562	Fixed static analysis issue.	2023-02-28 17:03:57 +01:00
Jan Böhmer	cb9433902c	Added SAML configuration options to docs	2023-02-28 16:34:51 +01:00
Jan Böhmer	472e1ce0a3	Added documentation on how to setup SAML.	2023-02-28 00:28:31 +01:00
Jan Böhmer	5e85c52a57	Allow to automatically assign SAML users to a group based on SAML attributes	2023-02-27 23:47:42 +01:00
Jan Böhmer	6a06a24296	Improved translations	2023-02-27 22:29:19 +01:00
Jan Böhmer	99f04d71af	Revert "Moved all user info updating logic into SAMLUserFactory" This reverts commit `960ee342e4`.	2023-02-27 22:28:23 +01:00
Jan Böhmer	d1b8a36b93	Update SECURITY.md	2023-02-26 19:23:58 +01:00
Jan Böhmer	f20da0f049	Bumped version to 1.0.2	2023-02-26 18:58:34 +01:00
Jan Böhmer	5d3ab01176	Updated dependencies.	2023-02-26 18:57:35 +01:00
Jan Böhmer	83cd91f1d1	Fixed potential XSS injection vectors in datatables columns	2023-02-26 01:23:36 +01:00
Jan Böhmer	5f39d8e594	Properly escape user provided data in trans with data to prevent possible XSS attack vectors.	2023-02-26 00:52:00 +01:00
Jan Böhmer	6ff60e556e	Properly escape user provided data in trans with data to prevent possible XSS attack vectors.	2023-02-26 00:41:08 +01:00
Jan Böhmer	5b7f44f4ea	Merge pull request #225 from sascha988/patch-2 vulnerability XSS fix	2023-02-25 23:47:48 +01:00
Sascha Lenk	dc906bfb0f	vulnerability XSS fix The "trans with" command is not automatically escaping the string, so this is a XSS (Cross-Site Scripting) vulnerability. Tested string: https://URL-TO-PART-DB-SERVER/de/parts/search?keyword=%22'%3E%3Cqss%20a%3D X147208852Y1_1Z%3E QUALYS Enterprise WAS Scan Report classifies this as level 5 security risk	2023-02-25 22:42:03 +01:00
Jan Böhmer	b70c9d4f00	Merge pull request #223 from sascha988/patch-1 Translated parts_list.search.searching_for	2023-02-25 21:06:44 +01:00
Sascha	03e0584279	Translated parts_list.search.searching_for Translated english text string parts_list.search.searching_for into german.	2023-02-25 21:05:00 +01:00
Jan Böhmer	960ee342e4	Moved all user info updating logic into SAMLUserFactory	2023-02-24 00:12:44 +01:00
Jan Böhmer	f5a5114999	Fixed PHPunit tests	2023-02-23 23:43:01 +01:00
Jan Böhmer	e6d9237bda	Allow to specify a user by username or email with set-password commannd	2023-02-23 23:39:29 +01:00
Jan Böhmer	c831d57614	Added an console command to convert local to SAML users and vice versa	2023-02-23 23:36:40 +01:00
Jan Böhmer	c5904303e3	Allow to configure SAML via env variables	2023-02-22 00:50:51 +01:00
Jan Böhmer	586a57c2c9	Allow X500 attributes for user info and added some tests	2023-02-21 23:41:02 +01:00
Jan Böhmer	91fb861fd3	Use login form page to show error messages on Part-DB side	2023-02-21 23:11:16 +01:00
Jan Böhmer	b13655e951	Prevent login of local users via SSO with the same username	2023-02-21 22:36:43 +01:00
Jan Böhmer	e064ee4263	Prevent change of password of SAML users via CLI	2023-02-21 21:58:27 +01:00
Jan Böhmer	60f926924b	Add a specific role to SAML user	2023-02-21 00:42:03 +01:00
Jan Böhmer	97c3b9002a	Mark SAML users as so in database and disable local password changing then.	2023-02-21 00:29:50 +01:00
Jan Böhmer	78ec0f1ea3	Create a new DB user when somebody logs in using SAML	2023-02-20 23:04:20 +01:00
Jan Böhmer	c0b74d83a5	Started to work on interfacing with keycloak	2023-02-20 22:10:24 +01:00
Jan Böhmer	9dd172df98	Bumped version to 1.0.1 release	2023-02-20 12:26:23 +01:00
Jan Böhmer	d3659858eb	Updated dependencies	2023-02-20 00:57:00 +01:00
Jan Böhmer	b637f5c3dd	Exempt label dialog PDF preview from darkmode blending It should show real colors, instead of the darkmode	2023-02-20 00:26:56 +01:00
Jan Böhmer	05ab3c3b7b	Fixed image display style for odd shaped (very small) images.	2023-02-20 00:24:12 +01:00
Jan Böhmer	f9d5a9a3b5	Fixed problem with failing foreign key constraints on preview pic (2/2)	2023-02-20 00:09:23 +01:00
Jan Böhmer	82aec6f1ee	Fixed problem with failing foreign key constraints on preview pic (1/2)	2023-02-20 00:06:00 +01:00
Jan Böhmer	c39a9a4da7	Added checkbox in parts table header to quickly select/unselect all parts	2023-02-19 23:04:51 +01:00
Jan Böhmer	9d1cd0477a	Fixed problems with non-unique prototype names when using nested collection type, which prevented to create nested entries with mulitple new sub entries. We now use a unique prototype name for every collection field. This fixes issue #219	2023-02-19 22:39:26 +01:00
Jan Böhmer	1e998fccbb	Put delete option on multiaction select in its own optgroups so it does not look like it belongs to the project optgroup	2023-02-19 21:58:55 +01:00

... 14 15 16 17 18 ...

2998 commits