Elgato_dark/zammad
1
0
Fork 0
mirror of https://github.com/zammad/zammad synced 2026-05-24 09:48:36 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
19102 commits 52 branches 108 tags 1 GiB
Commit graph

74 commits

Author SHA1 Message Date
renovatebot
ffa58e4aeb Maintenance: Update dependency rubocop to v1.86.2 2026-05-18 16:58:59 +02:00
Stephan Eberle
6bd1ff8c93
Fixes #4820 - OAuth: redirect_uri lost after login when user has no active session. 
Closes #6034.
 2026-05-06 15:16:31 +02:00
Florian Liebe
60b079a94c Maintenance: Improve SSO mechanism. 2026-04-07 09:37:48 +02:00
Mantas Masalskis
a1b9ef2bbb Maintenance: Update copyright information. 2026-01-02 15:41:09 +02:00
Florian Liebe
84d0b4fc65 Maintenance: Update WebAuthn configuration. 2025-11-26 10:57:30 +01:00
Dusan Vuckovic
f554b7e928 Maintenance: Improve 2FA endpoints. 
Co-authored-by: Mantas Masalskis <mm@zammad.com>
Co-authored-by: Dusan Vuckovic <dv@zammad.com>
 2025-02-14 09:36:02 +01:00
Mantas Masalskis
10f627cb69 Maintenance: Update copyright information 2025-01-01 17:39:43 +02:00
Mantas Masalskis
daad6ef75d Maintenance: Unify permissions check in frontend and backend 
This change allows to check if user has multiple permissions in one run. For example user.permissions?("permission1+permission2").
 2024-06-22 21:09:05 +02:00
Mantas Masalskis
4c98b08130 Maintenance: Improve Two-Factor disabled methods handling. 
1) When Two-Factor default method is disabled, it will pick the next enabled and configured method.

2) Make it clear in specs that it's fine to not require Two-Factor when logging in if only configured method is disabled.

3) Allow to remove disabled Two-Factor methods.
 2024-05-05 19:59:43 +02:00
Dusan Vuckovic
336f823f1c Fixes #5156 - User login flow is interrupted when two-factor authentication method security keys is used. 2024-05-01 17:13:28 +02:00
Benjamin Scharf
8ad0fd4087 Feature: Desktop view - Implement Two-factor Authentication personal setting. 
Co-authored-by: Benjamin Scharf <bs@zammad.com>
Co-authored-by: Dominik Klein <dk@zammad.com>
Co-authored-by: Dusan Vuckovic <dv@zammad.com>
Co-authored-by: Mantas Masalskis <mm@zammad.com>
Co-authored-by: Martin Gruner <mg@zammad.com>
 2024-05-01 11:19:02 +02:00
Martin Gruner
af40ea76ee Maintenance: Fix typo. 2024-01-29 19:07:33 +01:00
Dominik Klein
e054d6ca79 Maintenance: Update copyright information. 2024-01-02 11:55:19 +01:00
Martin Gruner
4297cb86ba Maintenance: Add quoting for SQL LIKE bind parameters. 2023-09-09 16:20:05 +02:00
Dominik Klein
7e1d8fcfbf Maintenance: Improved graphql enum sorting for two factor methods. 2023-08-29 11:43:03 +00:00
Rolf Schmidt
f74037b799 Performance: Add request cache for group_access function to speed up object manager attributes (#4754). 
Co-authored-by: Florian Liebe <fl@zammad.com>
 2023-08-10 11:28:20 +02:00
Rolf Schmidt
770c788435 Performance: Improve object permission cache. 
Co-authored-by: Florian Liebe <fl@zammad.com>
 2023-08-09 12:45:45 +02:00
Dominik Klein
ae9d4fe779 Follow up - ef546f54 - Fixes #4620 - Add recovery code hashing for saving in database. 
Co-authored-by: Dominik Klein <dk@zammad.com>
Co-authored-by: Florian Liebe <fl@zammad.com>
 2023-06-01 17:15:39 +02:00
Dusan Vuckovic
339c8e2d4a Fixes - Adding multiple security keys does not seem to work. 2023-06-01 11:59:52 +00:00
Florian Liebe
e3d3463ead Fixes #4616 - Two-factor authentication (2FA): Security Keys 
Co-authored-by: Florian Liebe <fl@zammad.com>
Co-authored-by: Vladimir Sheremet <vs@zammad.com>
Co-authored-by: Dusan Vuckovic <dv@zammad.com>
 2023-06-01 09:26:46 +02:00
Dominik Klein
0c307e8bee Fixes #4620 - Two-factor authentication (2FA): Recovery Codes 
Co-authored-by: Mantas Masalskis <mm@zammad.com>
Co-authored-by: Vladimir Sheremet <vs@zammad.com>
Co-authored-by: Dominik Klein <dk@zammad.com>
 2023-05-31 11:54:14 +02:00
Florian Liebe
7911ca2b34 Maintenance: Improve performance of 2FA backend. 2023-05-25 08:28:31 +02:00
Florian Liebe
54f06204fd Fixes #4595 - 2FA: Authenticator App 
Co-authored-by: Dominik Klein <dk@zammad.com>
Co-authored-by: Dusan Vuckovic <dv@zammad.com>
Co-authored-by: Florian Liebe <fl@zammad.com>
Co-authored-by: Mantas Masalskis <mm@zammad.com>
Co-authored-by: Martin Gruner <mg@zammad.com>
Co-authored-by: Rolf Schmidt <rolf.schmidt@zammad.com>
Co-authored-by: Tobias Schäfer <ts@zammad.com>
Co-authored-by: Vladimir Sheremet <vs@zammad.com>
 2023-05-19 16:29:47 +02:00
Florian Liebe
9dfc232536 Maintenance: Update copyright information. 2023-01-02 16:19:55 +01:00
Mantas Masalskis
8c3ac55156 Maintenance: Pundit policies always returns false 2022-10-25 20:34:48 +02:00
Rolf Schmidt
fd444996c4 Fixes #3141 - Multiple LDAP server configurations. 2022-05-30 09:49:39 +02:00
Mantas Masalskis
f827174474 Maintenance: Improved handling of long passwords. 2022-04-20 07:28:46 +00:00
Martin Gruner
d7b8b3662f Maintenance: Updated to Rails 6.1. 2022-03-22 10:14:09 +01:00
Martin Gruner
24c3bdfd87 Maintenance: Update copyright header. 2022-01-01 14:38:12 +01:00
Dominik Klein
614724aa62 Maintenance: Improved authentication helper for developers. 2021-10-28 10:02:00 +00:00
Martin Gruner
26db9dbc24 Maintenance: Inclusive language 2021-08-17 14:10:02 +02:00
Dominik Klein
467bc03224 Fixes #2389 - Enhance LDAP login to not affect "failed logins". 2021-08-16 08:49:32 +02:00
Thorsten Eckel
5243efbc25 Maintenance: Activated rubocop Style/MethodCallWithoutArgsParentheses. 2021-07-19 15:31:14 +02:00
Thorsten Eckel
ca56de3648 Maintenance: Updated to Rails 6.0.4 and the new Zeitwerk autoloader. 
This changes the minimum supported version of PostgreSQL to 9.3.
 2021-06-23 11:35:27 +00:00
Martin Gruner
5df98684da Maintenance: Update copyright information and add a new rubocop cop to watch over it. 2021-06-01 12:20:20 +00:00
Thorsten Eckel
876c0b18fd Fixes issue #2983 - HTTP 401 responses causing issues with Basic Authentication. 2021-02-04 09:28:41 +01:00
Rolf Schmidt
4014839242 Fixes issue #2907 - Password strength settings are ignored when creating new customer accounts. Make login available to verified users only. 2020-06-10 13:39:53 +02:00
Thorsten Eckel
9af50f2a4e Updated rubocop to latest version (0.59.2) and applied required changes. 2018-10-09 08:17:41 +02:00
Thorsten Eckel
5f3c793f37 Refactoring: Fixed autoloading issues and workarounds by doing dependency requirement the "Rails Way". 
- Removed unneeded `require`s
- Replaced needed `require`s with `require_dependency`
- Replaced `load` with Concers
- Kept gem and core `require`s

Read more about ``nrequire_dependency here: http://guides.rubyonrails.org/autoloading_and_reloading_constants.html#require-dependency

Read more about Concerns here: http://api.rubyonrails.org/v5.1/classes/ActiveSupport/Concern.html
 2018-04-26 10:58:16 +02:00
Thorsten Eckel
c66e22bef9 Fixed issue #1764 - LDAP login not possible since change to objectguid. 2018-01-22 16:54:07 +01:00
Thorsten Eckel
705487154c Applied changes for Rubocop 0.51. 2017-11-23 09:09:44 +01:00
Thorsten Eckel
c9b2255e4f Initial version of LDAP user sync support. 2017-04-19 12:09:54 +02:00
Thorsten Eckel
0862bf7e6a Improved password security by using proper password hash module backed by Argon2 (official winner of the Password Hashing Competition) - thanks to @nomoketo and @benbe. 2017-01-27 09:17:03 +01:00
Martin Edenhofer
c71b0d36d4 Updated copyright. 2016-10-19 05:11:36 +02:00
Martin Edenhofer
30fe8aef36 Applied rubocop. 2016-06-30 22:04:48 +02:00
Martin Edenhofer
6df9dad5b4 Do only local auth checks (do ldap tests via integration tests). 2016-02-27 17:00:04 +01:00
Martin Edenhofer
0d940d6460 Removed not longer needed otrs runtime auth backend. 2016-01-13 22:38:08 +01:00
Martin Edenhofer
d2b1e69326 Improved error handling. 2015-05-25 10:42:58 +02:00
Thorsten Eckel
b6c2b6750a Corrected with rubocop cop 'Lint/RescueException'. 2015-05-08 16:09:24 +02:00
Thorsten Eckel
12c0ae1150 Replaced old Import::OTRS with new Import::OTRS2. 2015-05-07 13:57:19 +02:00