mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 12:37:00 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
1655 commits 17 branches 59 tags 246 MiB
Commit graph

165 commits

Author SHA1 Message Date
James Hodgkinson e02328ae8b
Splitting the SPAs (#2219) 
* doing some work for enumerating how the accounts work together
* fixing up build scripts and removing extra things
* making JavaScript as_tag use the struct field names
* making shared.js a module, removing wasmloader.js
* don't compress compressed things
 2023-10-27 06:03:58 +00:00
James Hodgkinson ad3c491d07
Bug chasing (#2257) 
* service-account validity expire-at doesn't accept all time nouns as defined by docs
Fixes #2153
* realised a logic bug
* making clippy happy while I'm here
* returning an empty set from the creds if the creds attribute is not found, which is then handled downstream
 2023-10-27 05:30:38 +00:00
Samuel Cabrero 99ba97088d
cargo fmt + clippy (#2241) 
Signed-off-by: Samuel Cabrero <scabrero@suse.de>
 2023-10-27 04:40:24 +00:00
James Hodgkinson 7dc18e4f9e
adding service account patch methods (#2255) 
* adding service_account PATCH
 2023-10-26 13:40:45 +10:00
Firstyear afe9d28754
20231019 1122 account policy basics (#2245) 
---------

Co-authored-by: James Hodgkinson <james@terminaloutcomes.com>
 2023-10-22 11:16:42 +00:00
Firstyear 6ff9082fd2
20231014 account policy (#2218) 
* Start to prep for unix+ssh keys in credupdate session
 2023-10-19 01:40:06 +00:00
James Hodgkinson 6850a17e8c
Windows build fixes and test coverage (#2220) 
* adding testing for users functions
* turning KanidmClient build error into a ClientError
* removing a redundant closure
 2023-10-17 07:18:07 +00:00
James Hodgkinson eead47aec8
Fixing dependabot and its mistakes (#2232) 
* updating to utoipa 4.0.0
* hi dependabot
 2023-10-16 05:15:53 +00:00
dependabot[bot] 1a36673c46
chore(deps): bump utoipa-swagger-ui from 3.1.5 to 4.0.0 (#2224) 
Bumps [utoipa-swagger-ui](https://github.com/juhaku/utoipa) from 3.1.5 to 4.0.0.
- [Release notes](https://github.com/juhaku/utoipa/releases)
- [Commits](https://github.com/juhaku/utoipa/compare/utoipa-swagger-ui-3.1.5...utoipa-swagger-ui-4.0.0)

---
updated-dependencies:
- dependency-name: utoipa-swagger-ui
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-15 20:45:27 +00:00
James Hodgkinson f28d5cef22
OpenAPI/swagger docs autogen (#2175) 
* always be clippyin'
* pulling oauth2 api things out into their own module
* starting openapi generation
 2023-10-14 12:39:14 +10:00
Firstyear 8bcf1935a5
20231012 346 name deny list (#2214) 
* Migrate to improved system config reload, cleanup acc pol
* Denied names feature
 2023-10-13 08:50:36 +10:00
Firstyear 88da55260a
Add file diagnosis (#2210) 2023-10-12 12:09:54 +10:00
Firstyear fbc62ea51e
fix RUV on startup, improve filter output (#2211) 2023-10-11 21:14:27 +10:00
James Hodgkinson d9da1eeca0
Chasing yaks down dark alleyways (#2207) 
* adding some test coverage because there was some rando panic-inducing thing
* ldap constants
* documenting a macro
* helpful weird errors
* the war on strings continues
* less json more better
* testing things fixing bugs
* idm_domain_reset_token_key wasn't working, added a test and fixed it (we weren't testing it)
* idm_domain_set_ldap_basedn - adding tests
* adding testing for idm_account_credential_update_cancel_mfareg
* warning of deprecation
 2023-10-11 15:44:29 +10:00
dependabot[bot] d538f80fa1
chore(deps): bump axum-auth from 0.4.0 to 0.4.1 (#2200) 
Bumps [axum-auth](https://github.com/owez/axum-auth) from 0.4.0 to 0.4.1.
- [Commits](https://github.com/owez/axum-auth/compare/0.4.0...v0.4.1)

---
updated-dependencies:
- dependency-name: axum-auth
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-08 21:26:48 +00:00
Firstyear a91bf55471
20231008 remove expect used (#2191) 
* Stop using expect on some tasks
 2023-10-08 17:39:00 +10:00
James Hodgkinson 19f9fde012
Thread naming and display (#2190) 
* sometimes handlers fail
* enums are better than strings
* clippyisms
 2023-10-08 13:08:46 +10:00
James Hodgkinson 48979b8e1a
Replication tweaks - try the most recent successful one and error less (#2189) 
* made an error less error-y and also found a way to try the last-most-working repl peer
 2023-10-07 13:09:42 +10:00
James Hodgkinson 0adc3e0dd9
Chasing wooly quadrapeds again (#2163) 
* I really like well-tended yaks
* documenting yaks
* spellink
* less surprise more good
* schema test fix
* clippyisms
 2023-10-05 12:30:46 +10:00
Firstyear f6d2bcb44b
68 20230929 replication finalisation (#2160) 
Replication is now ready for test deployments!
 2023-10-05 11:11:27 +10:00
James Hodgkinson e7f594a1c1
In-system image storage (#2112) 
* In-system image storage refers to #2057
* adding multipart feature to axum
* thanks to @Firstyear for fixing my bufs
* fixing coverage test things
* clippy-calming
* more tests, jpg acropalypse tests, benches
* spelling
* lockfile updates
* linting
 2023-10-04 17:24:12 +10:00
Firstyear cb985a2fd0
fix credential update intent defaults (#2162) 2023-09-30 20:06:44 +10:00
Firstyear 3e345174b6
68 20230919 replication configuration (#2131) 2023-09-29 12:02:13 +10:00
James Hodgkinson c7a269575c
Enforce TLS key size minimums (#2145) 
* Enforce TLS key size minimums - Fixes #2144
* at some point clippy got mad
 2023-09-26 09:59:00 +10:00
James Hodgkinson c998a1eda5
bindaddress default doesn't match documentation (#2150) 
Fixes #2147
 2023-09-26 09:38:07 +10:00
James Hodgkinson d5ed335b52
Cinco de yakko (#2108) 
* there are always more yaks
* see? ldap yaks.
* fixing stupid radius container build thing
 2023-09-16 12:11:06 +10:00
Firstyear 77da40d528
68 20230912 session consistency (#2110) 
This adds support for special-casing sessions in replication to allow them to internally trim and merge so that session revocations and creations are not lost between replicas.
 2023-09-16 09:22:11 +10:00
James Hodgkinson 383592d921
Schema dooby doo ... yon (#2103) 
Refers #1987

Notable changes:

- in server/lib/src/entry.rs - aiming to pass the enum instead of the strings
    - changed signature of add_ava to take Attribute instead of &str (which is used in the entry_init macro... which was fun)
    - set_ava<T> now takes Attribute
- added TryFrom<&AttrString> for Attribute
 2023-09-12 11:47:24 +10:00
Firstyear b3aed1df34
68 20230908 replication attrunique (#2086) 
Co-authored-by: James Hodgkinson <james@terminaloutcomes.com>
 2023-09-12 08:50:51 +10:00
James Hodgkinson d3d80e7364
Schema-dooby-doo-part-trois (#2082) 
* adding extra_attributes field to BuiltinGroup, migrating more things.
* checkpoint 3 - ACP, easy as 1,2,3
* codespell
* now throwing error on dyngroup with defined members
 2023-09-09 09:38:47 +10:00
James Hodgkinson 4b7563adc8
CLI and test things (#2080) 
* testing things actually run is handy
* adding build mode to scripts
* uh, so I started messing with handling exit codes...
 2023-09-09 09:35:59 +10:00
Firstyear 61c59d5a5a
68 20230907 replication (#2081) 
* Test replication when nodes are valid beyond cl trim
 2023-09-08 08:59:06 +10:00
James Hodgkinson 2f312e6b2d
Removing default features from git2 package (#2078) 
* don't need ssh or https in git2 - saves 50.69s

* codespell
 2023-09-06 08:25:29 +10:00
Firstyear d1fe7b9127
68 20230829 replication referential integrity (#2048) 
* Member of works!
* Hooray, refint over replication works.
 2023-09-05 21:30:51 +10:00
James Hodgkinson d5d76d1a3c
Schema dooby doo part two (#2071) 
* scim strings!
* mapmapmap
* mapmapmap -comments and map
* updating delete teest
* fixing some tests
 2023-09-05 16:58:42 +10:00
Firstyear 538429838d
When an empty body was returned, do request would error incorrectly (#2074) 2023-09-05 14:14:00 +10:00
James Hodgkinson 1d88cede1b
Yak hassling (#2059) 
* trying this query thing again
* if error show error not panic
* clippyism
* moving dependencies around and fixing log messages for healthcheck
* cleaning up some comment mess
* fixing the "debug thing breaks packaging" issue and test failures
 2023-09-05 11:50:51 +10:00
dependabot[bot] 07c9a9078e
chore(deps): bump tower-http from 0.4.3 to 0.4.4 (#2064) 
Bumps [tower-http](https://github.com/tower-rs/tower-http) from 0.4.3 to 0.4.4.
- [Release notes](https://github.com/tower-rs/tower-http/releases)
- [Commits](https://github.com/tower-rs/tower-http/compare/tower-http-0.4.3...tower-http-0.4.4)

---
updated-dependencies:
- dependency-name: tower-http
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-03 21:04:53 +00:00
Sebastiano Tocci f2e9c8a16e
Add tests for X-Forwarded-For header (kinda) (#1957) 
* Add tests for X-Forwarded-For header (kinda)
* testing for invalid header format
* added debug endpoint and got tests working
* various fixing here and there
 2023-08-31 09:31:16 +08:00
Firstyear 5bd69b81b8
Clear cache before verify on some low-level tests (#2044) 2023-08-29 12:26:29 +10:00
Firstyear 0f977d33b9
68 20230828 replication of schema (#2045) 2023-08-29 12:20:27 +10:00
Firstyear da56738dea
pam multistep auth state machine (#2022) 
Himmelblau needs to maintain some data about the state of an authentication across the course of pam exchanges.

Signed-off-by: David Mulder <dmulder@samba.org>
Co-authored-by: David Mulder <dmulder@samba.org>
 2023-08-28 09:27:29 +10:00
Samuel Cabrero 9dda8b1ad3
Authentication shortcut to get a RW session (#1993) 
* auth: Add a privileged flag to AuthStep::Init2 step to request a rw session

The privileged flag is defined as Option<bool> for compatibility with
existing clients.
 2023-08-24 09:54:33 +10:00
Sebastiano Tocci 47e953bfd2
wopsies, missing imports (#2023) 
* wopsies, missing imports
* more clippy and fmt
* adding test build for kanidm with idv-tui feature
* making codespell happy

---------

Co-authored-by: James Hodgkinson <james@terminaloutcomes.com>
 2023-08-23 22:40:25 +10:00
Sebastiano Tocci 70b19f0630
idv cli (#2001) 2023-08-23 20:51:24 +10:00
James Hodgkinson def4420c4c
pykanidm updoots (#2019) 
* fixing some derpitude in headers and auth, adding tests
* dox fox
* cleaning up typing
 2023-08-23 13:55:08 +10:00
Firstyear 2355dbfead
68 20230821 replication (#2020) 
* Resolve spn incremental replication
 2023-08-23 11:17:13 +10:00
Sebastiano Tocci eb7527379b
Configurable session timeouts (#1965) 
* added `auth_session_expiry` and `auth_privilege_expiry`
* Added `AcountPolicy` struct
* spelling and stuff
* added cli tools
 2023-08-22 11:00:43 +10:00
James Hodgkinson 05b35df413
Less human strings more enums (#1989) 
* statics or enums you choose
* acp rewrite, defined SchemaAcp as a test
* macros and targetscopes and filters oh my
 2023-08-21 17:16:43 +10:00
dependabot[bot] 75263c6214
chore(deps): bump gloo-timers from 0.2.6 to 0.3.0 (#2011) 
Bumps [gloo-timers](https://github.com/rustwasm/gloo) from 0.2.6 to 0.3.0.
- [Release notes](https://github.com/rustwasm/gloo/releases)
- [Changelog](https://github.com/rustwasm/gloo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rustwasm/gloo/compare/gloo-timers-v0.2.6...0.3.0)

---
updated-dependencies:
- dependency-name: gloo-timers
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-08-20 23:40:42 +00:00