miguel456
/
rbrecruiter
1
0
Fork 1
Code Issues Pull Requests 1 Projects Releases 2 Wiki Activity
355 Commits 5 Branches 11 Tags 18 MiB
Commit Graph

93 Commits

Author SHA1 Message Date
Miguel Nogueira 14a8e9e9d5
Force users to change password 
This commit applies the password_expiration setting to all users.
Users won't be able to do anything other than update password until it's done.
 2021-01-06 05:03:38 +00:00
Miguel Nogueira aa2bfac3e5
Show current pw policy in register page 
Also adds a warning for when pw policy is set to off
 2021-01-06 03:48:14 +00:00
Miguel Nogueira 42868be96e
Fix 2021-01-06 03:25:19 +00:00
Miguel Nogueira d1142d3e0c
Apply license and password settings 2021-01-06 03:21:53 +00:00
Miguel Nogueira 3b28bf1cfe
Track IP changes 2021-01-06 02:11:47 +00:00
Miguel Nogueira 5cf6b2b241
Selectable game integration 2021-01-06 01:55:22 +00:00
Miguel Nogueira abace4e85b
Setting categorization system 
This categorization system aims to prevent mixing different options together.
 2021-01-06 01:29:01 +00:00
Miguel Nogueira 2ec2a92645
Saveable settings 2021-01-06 00:57:27 +00:00
Miguel Nogueira 1c0eeb4bb0
Added Gate authorization arguments 
Gate Auth arguments were missing for TeamFile and Team controllers.
This means that Gate has no idea where to look for policies, meaning that
the ability passed is perceived literally, causing an Unauthorized error.

Adding the Model with which to authorize the request solved the error since
Gate now knows which policy to look in for permission logic.
 2020-12-21 01:02:05 +00:00
Miguel Nogueira a206782187
Added TeamFile Authorization Policy 2020-12-08 03:09:17 +00:00
Miguel Nogueira 7323ffec2b
Added Team Authorization Policy 2020-12-08 02:58:10 +00:00
Miguel Nogueira 0bdb6cf2fb
Minor fixes 2020-12-07 17:48:15 +00:00
Miguel Nogueira 32c01f6e0b Removed useless feature 2020-11-03 03:00:03 +00:00
Miguel Nogueira d53e8135ee Reverted recent accidental changes 2020-11-02 22:04:57 +00:00
Miguel Nogueira 96aa01b9c6 Recent changes 2020-11-02 21:44:05 +00:00
Miguel Nogueira 06d1e0ad3f RSM-8 Add team files page and ability to download files 2020-10-11 02:54:09 +01:00
Miguel Nogueira 6541e25a39 Apply fixes from StyleCI 2020-10-10 16:30:26 +00:00
Miguel Nogueira 077ead9612 RSM-5 Made Vacancies easily linkable to Teams 2020-10-09 22:27:36 +01:00
Miguel Nogueira 6cc99d2ebe Prevent empty form creation 2020-10-09 00:56:11 +01:00
Miguel Nogueira 596a469e15 Add user invitation facilities RSM-5 
Adds user invitation to teams, and framework for assigning taems
Also adds user acc. deletion.
 2020-10-08 19:19:10 +01:00
Miguel Nogueira 75f4404259 RSM-6 Team features 2020-10-03 21:36:35 +01:00
Miguel Nogueira 0dfb68dba2 Add acceptable "permanent" ban time 2020-09-08 00:05:37 +01:00
Miguel Nogueira 24303052ad Ban validation update 2020-09-07 23:57:50 +01:00
Miguel Nogueira 178bc31a6e Ban datetime format 2020-09-07 23:44:14 +01:00
Miguel Nogueira 95bf7c239e Update ban time logic 2020-09-07 23:38:25 +01:00
Miguel Nogueira 4d2595dd39 Update ban logic 2020-09-07 23:33:35 +01:00
Miguel Nogueira 1319ce6b86 Added more debug logging 2020-09-07 22:56:54 +01:00
Miguel Nogueira bea83b650c Added more debug logging 2020-09-07 22:54:20 +01:00
Miguel Nogueira 8e85e08171 Vacancy tweaks 2020-09-03 02:52:21 +01:00
Miguel Nogueira de3dba3627 Vacancy tweaks 2020-09-03 02:50:19 +01:00
Miguel Nogueira 7e58c3af6b Add more missing translation strings 
Also fixed broken vacancy editor
 2020-09-03 02:20:15 +01:00
Miguel Nogueira 60874c046f Conditionally pre-load Appointment relationship 2020-09-03 00:34:35 +01:00
Miguel Nogueira af96d193a4 Missing login button translation 2020-09-03 00:11:49 +01:00
Miguel Nogueira 9b5e35b241 Missing typehint 2020-09-02 20:52:56 +01:00
Miguel Nogueira a0192cdb02 Added route localization and auto detection 2020-09-02 17:43:27 +01:00
Miguel Nogueira 00cc36246f Minor import change 2020-08-31 19:53:10 +01:00
Miguel Nogueira 41e3e817a2 Added error messages to settings.blade.php 2020-08-31 19:50:58 +01:00
Miguel Nogueira 2afea88846 Added logging to Settings 2020-08-31 19:47:27 +01:00
Miguel Nogueira cd874c5f58 Settings auth checks 2020-08-31 18:36:38 +01:00
Miguel Nogueira a3071dccf9 Update wrong view name 2020-08-31 17:58:07 +01:00
Miguel Nogueira b0cbf65cfc Added missing permissions to roles 2020-08-31 17:55:36 +01:00
Miguel Nogueira ca82f5882d Add settings page 2020-08-30 23:06:01 +01:00
Miguel Nogueira 535a2c3973 Fixed broken banning logic 2020-08-13 22:12:17 +01:00
Miguel Nogueira ad5c3404cc
Update variable 2020-07-25 01:20:43 +01:00
Miguel Nogueira 62b063ee63
Missed variable name 2020-07-23 02:37:08 +01:00
Miguel Nogueira 94d08f1886 Trust Heroku proxies 
This commit also forces the environment into HTTPS when in production.
 2020-07-18 06:33:00 +01:00
Miguel Nogueira 91627decbe Added Heroku Procfile 
Also changed required password length for new users
 2020-07-18 02:45:15 +01:00
Miguel Nogueira 2763f777ab Add password strength requirment 
This commit adds a password strength requirement for new users using 
regular expressions.
Also adds a dismissable alert so users know how to create passwords 
properly.
 2020-07-17 23:13:46 +01:00
Miguel Nogueira d392c0593f Add two factor authentication 2020-07-17 22:44:10 +01:00
Miguel Nogueira 5f1f92a9ce Code review 
This commit fixes some superficial instances of Broken Access Control 
(https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/Top_10-2017_A5-Broken_Access_Control).
There may be some more instances of this, as authorization was only done 
after most of the controllers were done (big mistake).

Some refactoring was also performed, where Route Model Binding with DI 
(dependency injection) was used whenever possible, to increase 
testability of the codebase.
Some reused code was also moved to Helper classes as to enforce DRY; 
There may be some lines of code that are still copy-pasted from other 
parts of the codebase for reuse.

Non-breaking refactoring changes were made, but the app as a whole still 
needs full manual testing, and customised responses to HTTP 500 
responses. Some errors are also not handled gracefully and this wasn't 
checked in this commit.
 2020-07-16 21:21:28 +01:00