Commit Graph

106 Commits

Author SHA1 Message Date
Miguel Nogueira b68449d3bf RSM-3 Add team functionality to users 2020-09-10 19:05:26 +01:00
Miguel Nogueira 937a0206a5 Added existing account check to logs 2020-09-08 01:38:56 +01:00
Miguel Nogueira 3598a32ecf Added existing account check to logs 2020-09-08 01:37:33 +01:00
Miguel Nogueira ac8b303e2c Update to logauthfailure 2020-09-08 01:34:47 +01:00
Miguel Nogueira e93abd2ab7 Added logging for successful authentication attempts 2020-09-08 01:31:09 +01:00
Miguel Nogueira 20ab381076 Added logging for failed authentication attempts 2020-09-08 01:26:27 +01:00
Miguel Nogueira e566e40404 Update target user in logs 2020-09-08 00:07:50 +01:00
Miguel Nogueira b0a935b8b3 Add acceptable "permanent" ban time 2020-09-08 00:06:27 +01:00
Miguel Nogueira 0dfb68dba2 Add acceptable "permanent" ban time 2020-09-08 00:05:37 +01:00
Miguel Nogueira 24303052ad Ban validation update 2020-09-07 23:57:50 +01:00
Miguel Nogueira 178bc31a6e Ban datetime format 2020-09-07 23:44:14 +01:00
Miguel Nogueira 98e557a840 Update ban dates 2020-09-07 23:42:09 +01:00
Miguel Nogueira 95bf7c239e Update ban time logic 2020-09-07 23:38:25 +01:00
Miguel Nogueira 4d2595dd39 Update ban logic 2020-09-07 23:33:35 +01:00
Miguel Nogueira 4e81a41210 Updated installation process 2020-09-07 23:22:25 +01:00
Miguel Nogueira 1319ce6b86 Added more debug logging 2020-09-07 22:56:54 +01:00
Miguel Nogueira bea83b650c Added more debug logging 2020-09-07 22:54:20 +01:00
Miguel Nogueira 675cc3c329 Import missing facade 2020-09-07 22:35:42 +01:00
Miguel Nogueira e8119b763c Register Application observers 2020-09-07 21:43:48 +01:00
Miguel Nogueira 87f8e63b24 Force new users to verify email 2020-09-03 20:06:29 +01:00
Miguel Nogueira 8e85e08171 Vacancy tweaks 2020-09-03 02:52:21 +01:00
Miguel Nogueira de3dba3627 Vacancy tweaks 2020-09-03 02:50:19 +01:00
Miguel Nogueira 7e58c3af6b Add more missing translation strings
Also fixed broken vacancy editor
2020-09-03 02:20:15 +01:00
Miguel Nogueira 60874c046f Conditionally pre-load Appointment relationship 2020-09-03 00:34:35 +01:00
Miguel Nogueira e9dd1567b8 Appointment model tweaks 2020-09-03 00:23:09 +01:00
Miguel Nogueira af96d193a4 Missing login button translation 2020-09-03 00:11:49 +01:00
Miguel Nogueira 9b5e35b241 Missing typehint 2020-09-02 20:52:56 +01:00
Miguel Nogueira a0192cdb02 Added route localization and auto detection 2020-09-02 17:43:27 +01:00
Miguel Nogueira 17fb0e236f Make notifications cancellable
This commit makes certain notifications cancellable. This enables notifications to be sent conditionally based on the user's choice.
2020-08-31 22:06:00 +01:00
Miguel Nogueira 27b1f3170b Update settings log level 2020-08-31 20:02:30 +01:00
Miguel Nogueira 00cc36246f Minor import change 2020-08-31 19:53:10 +01:00
Miguel Nogueira 41e3e817a2 Added error messages to settings.blade.php 2020-08-31 19:50:58 +01:00
Miguel Nogueira 2afea88846 Added logging to Settings 2020-08-31 19:47:27 +01:00
Miguel Nogueira ea96cbc1f5 Options: return value instead of whole model 2020-08-31 18:54:33 +01:00
Miguel Nogueira 2996e66c8b Add missing query builder statement for options 2020-08-31 18:51:35 +01:00
Miguel Nogueira cd874c5f58 Settings auth checks 2020-08-31 18:36:38 +01:00
Miguel Nogueira a3071dccf9 Update wrong view name 2020-08-31 17:58:07 +01:00
Miguel Nogueira b0cbf65cfc Added missing permissions to roles 2020-08-31 17:55:36 +01:00
Miguel Nogueira 6be5e241d4 Add permission and provider imports 2020-08-31 16:41:01 +01:00
Miguel Nogueira ca82f5882d Add settings page 2020-08-30 23:06:01 +01:00
Miguel Nogueira 535a2c3973 Fixed broken banning logic 2020-08-13 22:12:17 +01:00
Miguel Nogueira ad5c3404cc
Update variable 2020-07-25 01:20:43 +01:00
Miguel Nogueira 62b063ee63
Missed variable name 2020-07-23 02:37:08 +01:00
Miguel Nogueira 94d08f1886 Trust Heroku proxies
This commit also forces the environment into HTTPS when in production.
2020-07-18 06:33:00 +01:00
Miguel Nogueira 91627decbe Added Heroku Procfile
Also changed required password length for new users
2020-07-18 02:45:15 +01:00
Miguel Nogueira 2763f777ab Add password strength requirment
This commit adds a password strength requirement for new users using 
regular expressions.
Also adds a dismissable alert so users know how to create passwords 
properly.
2020-07-17 23:13:46 +01:00
Miguel Nogueira d392c0593f Add two factor authentication 2020-07-17 22:44:10 +01:00
Miguel Nogueira 5f1f92a9ce Code review
This commit fixes some superficial instances of Broken Access Control 
(https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/Top_10-2017_A5-Broken_Access_Control).
There may be some more instances of this, as authorization was only done 
after most of the controllers were done (big mistake).

Some refactoring was also performed, where Route Model Binding with DI 
(dependency injection) was used whenever possible, to increase 
testability of the codebase.
Some reused code was also moved to Helper classes as to enforce DRY; 
There may be some lines of code that are still copy-pasted from other 
parts of the codebase for reuse.

Non-breaking refactoring changes were made, but the app as a whole still 
needs full manual testing, and customised responses to HTTP 500 
responses. Some errors are also not handled gracefully and this wasn't 
checked in this commit.
2020-07-16 21:21:28 +01:00
Miguel Nogueira 4a766620ff Fix appointment policy not being called correctly
This commit fixes the appointment policy being called at the wrong time, with the wrong arguments.
It also fixes wrong references on the auth service provider, also fixing other issues with poliy usage.

Fixes #3 and SPACEJEWEL-HOSTING-59.
2020-07-16 05:24:00 +01:00
Miguel Nogueira bca6020ab0 Add ability to edit forms and add new fields
This commit adds the ability to edit and modify existing forms.
On the technical side, it also adds a new reusable validation Facade which helps reduce duplicated code.
2020-07-15 06:48:49 +01:00