Commit Graph

144 Commits

Author SHA1 Message Date
Miguel Nogueira 93fb7a8432 Merge remote-tracking branch 'origin/master' into master 2020-09-01 23:18:53 +01:00
Miguel Nogueira 6bf0d9f373 Remove Heredoc from messages for better compatibility 2020-09-01 23:18:38 +01:00
Miguel Nogueira 4f1935fbf2
Update README.md 2020-09-01 21:08:12 +01:00
Miguel Nogueira b80e168dfb Add side menu localization options
This commit also adds the option to specify your own logo, from the .env configuration file.
2020-09-01 20:30:17 +01:00
Miguel Nogueira 9b469c434b Add app render localization options 2020-09-01 19:30:28 +01:00
Miguel Nogueira ca3a06f248 Add directory localization options 2020-09-01 18:49:08 +01:00
Miguel Nogueira 1e2f331778 Add profile localization options 2020-09-01 17:46:27 +01:00
Miguel Nogueira 4a09fa581d Add application management localization options 2020-09-01 14:40:41 +01:00
Miguel Nogueira c58b5b56d7 Add administration localization options 2020-09-01 12:43:39 +01:00
Miguel Nogueira bf5d4058ad Add auth localization options 2020-09-01 01:01:32 +01:00
Miguel Nogueira f871e14307 Add homepage localization options 2020-09-01 00:29:58 +01:00
Miguel Nogueira 1e78a8e6d9 Use app name 2020-08-31 23:20:53 +01:00
Miguel Nogueira 17fb0e236f Make notifications cancellable
This commit makes certain notifications cancellable. This enables notifications to be sent conditionally based on the user's choice.
2020-08-31 22:06:00 +01:00
Miguel Nogueira 27b1f3170b Update settings log level 2020-08-31 20:02:30 +01:00
Miguel Nogueira 00cc36246f Minor import change 2020-08-31 19:53:10 +01:00
Miguel Nogueira 41e3e817a2 Added error messages to settings.blade.php 2020-08-31 19:50:58 +01:00
Miguel Nogueira 2afea88846 Added logging to Settings 2020-08-31 19:47:27 +01:00
Miguel Nogueira ea96cbc1f5 Options: return value instead of whole model 2020-08-31 18:54:33 +01:00
Miguel Nogueira 2996e66c8b Add missing query builder statement for options 2020-08-31 18:51:35 +01:00
Miguel Nogueira a32af7c464
Delete unused workflow 2020-08-31 18:38:49 +01:00
Miguel Nogueira cd874c5f58 Settings auth checks 2020-08-31 18:36:38 +01:00
Miguel Nogueira 42de40e320 Added CSRF protection to settings 2020-08-31 18:34:09 +01:00
Miguel Nogueira faa3a65e2b Added unchecked checkbox workaround 2020-08-31 18:32:08 +01:00
Miguel Nogueira ba3a139d1c Wrapped settings with form-check 2020-08-31 18:13:44 +01:00
Miguel Nogueira 25ddf81118 Added form control buttons
Also improved form styling
2020-08-31 18:11:00 +01:00
Miguel Nogueira 9431eb5036 Updated options rendering 2020-08-31 18:03:20 +01:00
Miguel Nogueira a3071dccf9 Update wrong view name 2020-08-31 17:58:07 +01:00
Miguel Nogueira b0cbf65cfc Added missing permissions to roles 2020-08-31 17:55:36 +01:00
Miguel Nogueira 6be5e241d4 Add permission and provider imports 2020-08-31 16:41:01 +01:00
Miguel Nogueira d6c49a5cf0 Add missing migration 2020-08-30 23:27:06 +01:00
Miguel Nogueira 075617fd32 Merge remote-tracking branch 'origin/master' into master 2020-08-30 23:17:28 +01:00
Miguel Nogueira da73c91b4a Update DB seeder 2020-08-30 23:17:06 +01:00
Miguel Nogueira ca82f5882d Add settings page 2020-08-30 23:06:01 +01:00
Miguel Nogueira 88c36dd3f8
Updated Readme 2020-08-16 16:11:45 +01:00
Miguel Nogueira 535a2c3973 Fixed broken banning logic 2020-08-13 22:12:17 +01:00
Miguel Nogueira ad5c3404cc
Update variable 2020-07-25 01:20:43 +01:00
Miguel Nogueira 64d418c590
Add heroku action 2020-07-25 00:28:44 +01:00
Miguel Nogueira 62b063ee63
Missed variable name 2020-07-23 02:37:08 +01:00
Miguel Nogueira 2c0c404d73
Change wrong param name 2020-07-19 06:01:46 +01:00
Miguel Nogueira 168f08bd96 Remove deprecated SubmenuFilter class 2020-07-18 19:58:49 +01:00
Miguel Nogueira 94d08f1886 Trust Heroku proxies
This commit also forces the environment into HTTPS when in production.
2020-07-18 06:33:00 +01:00
Miguel Nogueira 0cf6208577 Add embarassing missing comma 2020-07-18 03:57:56 +01:00
Miguel Nogueira 9255a6c88d Rewrote lock file 2020-07-18 03:55:31 +01:00
Miguel Nogueira 098205a969 Updated required extension name 2020-07-18 03:51:57 +01:00
Miguel Nogueira bf426e3bdd Updated package lock and added postinstall 2020-07-18 03:45:31 +01:00
Miguel Nogueira 02059bbcb0 Updated dependency lock file
Also added Imagemagick as a required extension for 2FA
2020-07-18 03:21:49 +01:00
Miguel Nogueira 91627decbe Added Heroku Procfile
Also changed required password length for new users
2020-07-18 02:45:15 +01:00
Miguel Nogueira 2763f777ab Add password strength requirment
This commit adds a password strength requirement for new users using 
regular expressions.
Also adds a dismissable alert so users know how to create passwords 
properly.
2020-07-17 23:13:46 +01:00
Miguel Nogueira d392c0593f Add two factor authentication 2020-07-17 22:44:10 +01:00
Miguel Nogueira 5f1f92a9ce Code review
This commit fixes some superficial instances of Broken Access Control 
(https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/Top_10-2017_A5-Broken_Access_Control).
There may be some more instances of this, as authorization was only done 
after most of the controllers were done (big mistake).

Some refactoring was also performed, where Route Model Binding with DI 
(dependency injection) was used whenever possible, to increase 
testability of the codebase.
Some reused code was also moved to Helper classes as to enforce DRY; 
There may be some lines of code that are still copy-pasted from other 
parts of the codebase for reuse.

Non-breaking refactoring changes were made, but the app as a whole still 
needs full manual testing, and customised responses to HTTP 500 
responses. Some errors are also not handled gracefully and this wasn't 
checked in this commit.
2020-07-16 21:21:28 +01:00