korenstin
|
abc4f14bd1
|
Merge branch '404_or_403' into 'beta'
fix #65 Returning 403 when you don't have enough permissions
See merge request bde/nk20!259
|
2024-08-07 21:54:54 +02:00 |
|
korenstin
|
cbf92651f0
|
Returning 403 when you don't have enough permissions
|
2024-08-04 21:58:57 +02:00 |
|
|
b0c7d43a50
|
De l'inclusif, partout
Signed-off-by: Emmy D'ANELLO <ynerant@crans.org>
|
2024-07-30 16:28:47 +02:00 |
|
charliep
|
a6b479db19
|
Update 131 files
- /apps/activity/api/serializers.py
- /apps/activity/api/urls.py
- /apps/activity/api/views.py
- /apps/activity/tests/test_activities.py
- /apps/activity/__init__.py
- /apps/activity/admin.py
- /apps/activity/apps.py
- /apps/activity/forms.py
- /apps/activity/tables.py
- /apps/activity/urls.py
- /apps/activity/views.py
- /apps/api/__init__.py
- /apps/api/apps.py
- /apps/api/serializers.py
- /apps/api/tests.py
- /apps/api/urls.py
- /apps/api/views.py
- /apps/api/viewsets.py
- /apps/logs/signals.py
- /apps/logs/apps.py
- /apps/logs/__init__.py
- /apps/logs/api/serializers.py
- /apps/logs/api/urls.py
- /apps/logs/api/views.py
- /apps/member/api/serializers.py
- /apps/member/api/urls.py
- /apps/member/api/views.py
- /apps/member/templatetags/memberinfo.py
- /apps/member/__init__.py
- /apps/member/admin.py
- /apps/member/apps.py
- /apps/member/auth.py
- /apps/member/forms.py
- /apps/member/hashers.py
- /apps/member/signals.py
- /apps/member/tables.py
- /apps/member/urls.py
- /apps/member/views.py
- /apps/note/api/serializers.py
- /apps/note/api/urls.py
- /apps/note/api/views.py
- /apps/note/models/__init__.py
- /apps/note/static/note/js/consos.js
- /apps/note/templates/note/mails/negative_balance.txt
- /apps/note/templatetags/getenv.py
- /apps/note/templatetags/pretty_money.py
- /apps/note/tests/test_transactions.py
- /apps/note/__init__.py
- /apps/note/admin.py
- /apps/note/apps.py
- /apps/note/forms.py
- /apps/note/signals.py
- /apps/note/tables.py
- /apps/note/urls.py
- /apps/note/views.py
- /apps/permission/api/serializers.py
- /apps/permission/api/urls.py
- /apps/permission/api/views.py
- /apps/permission/templatetags/perms.py
- /apps/permission/tests/test_oauth2.py
- /apps/permission/tests/test_permission_denied.py
- /apps/permission/tests/test_permission_queries.py
- /apps/permission/tests/test_rights_page.py
- /apps/permission/__init__.py
- /apps/permission/admin.py
- /apps/permission/backends.py
- /apps/permission/apps.py
- /apps/permission/decorators.py
- /apps/permission/permissions.py
- /apps/permission/scopes.py
- /apps/permission/signals.py
- /apps/permission/tables.py
- /apps/permission/urls.py
- /apps/permission/views.py
- /apps/registration/tests/test_registration.py
- /apps/registration/__init__.py
- /apps/registration/apps.py
- /apps/registration/forms.py
- /apps/registration/tables.py
- /apps/registration/tokens.py
- /apps/registration/urls.py
- /apps/registration/views.py
- /apps/treasury/api/serializers.py
- /apps/treasury/api/urls.py
- /apps/treasury/api/views.py
- /apps/treasury/templatetags/escape_tex.py
- /apps/treasury/tests/test_treasury.py
- /apps/treasury/__init__.py
- /apps/treasury/admin.py
- /apps/treasury/apps.py
- /apps/treasury/forms.py
- /apps/treasury/signals.py
- /apps/treasury/tables.py
- /apps/treasury/urls.py
- /apps/treasury/views.py
- /apps/wei/api/serializers.py
- /apps/wei/api/urls.py
- /apps/wei/api/views.py
- /apps/wei/forms/surveys/__init__.py
- /apps/wei/forms/surveys/base.py
- /apps/wei/forms/surveys/wei2021.py
- /apps/wei/forms/surveys/wei2022.py
- /apps/wei/forms/surveys/wei2023.py
- /apps/wei/forms/__init__.py
- /apps/wei/forms/registration.py
- /apps/wei/management/commands/export_wei_registrations.py
- /apps/wei/management/commands/import_scores.py
- /apps/wei/management/commands/wei_algorithm.py
- /apps/wei/templates/wei/weilist_sample.tex
- /apps/wei/tests/test_wei_algorithm_2021.py
- /apps/wei/tests/test_wei_algorithm_2022.py
- /apps/wei/tests/test_wei_algorithm_2023.py
- /apps/wei/tests/test_wei_registration.py
- /apps/wei/__init__.py
- /apps/wei/admin.py
- /apps/wei/apps.py
- /apps/wei/tables.py
- /apps/wei/urls.py
- /apps/wei/views.py
- /note_kfet/settings/__init__.py
- /note_kfet/settings/base.py
- /note_kfet/settings/development.py
- /note_kfet/settings/secrets_example.py
- /note_kfet/static/js/base.js
- /note_kfet/admin.py
- /note_kfet/inputs.py
- /note_kfet/middlewares.py
- /note_kfet/urls.py
- /note_kfet/views.py
- /note_kfet/wsgi.py
- /entrypoint.sh
|
2024-02-07 02:26:49 +01:00 |
|
|
9b26207515
|
Rework templates for OAuth2
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-09-02 20:59:43 +02:00 |
|
|
7ea36a5415
|
[oauth2] Add view to generate authorization link per application with given scopes
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-09-02 20:59:33 +02:00 |
|
|
ea092803d7
|
Check permissions per request instead of per user
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-09-02 20:58:05 +02:00 |
|
|
d5ecb72a71
|
Update copyright for 2021
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-06-14 21:45:56 +02:00 |
|
Yohann D'ANELLO
|
016ab5a9c9
|
Remove dead code, don't try to cover unnecessary things
Signed-off-by: Yohann D'ANELLO <yohann.danello@gmail.com>
|
2020-12-23 18:45:05 +01:00 |
|
Yohann D'ANELLO
|
051591cb7a
|
Don't see user detail in update form
|
2020-10-25 21:49:16 +01:00 |
|
Yohann D'ANELLO
|
9b090a145c
|
All transactions are now atomic
|
2020-09-11 22:52:16 +02:00 |
|
Yohann D'ANELLO
|
fa3c723140
|
The BDE offers 80 € to each new member that registers to the Société générale
|
2020-09-07 21:33:23 +02:00 |
|
Yohann D'ANELLO
|
a9da4a38e1
|
Order superusers by last name
|
2020-08-31 21:15:09 +02:00 |
|
Yohann D'ANELLO
|
b8c1cfba40
|
Display superusers in rights list
|
2020-08-31 21:11:00 +02:00 |
|
Yohann D'ANELLO
|
7d539d44e5
|
Display form error when a permission is missing rather than display a 403 page
|
2020-08-30 16:23:55 +02:00 |
|
Yohann D'ANELLO
|
b8c3dda95b
|
Replace timezone.now().date() by date.today()
|
2020-08-16 00:35:13 +02:00 |
|
Yohann D'ANELLO
|
4997a37058
|
Ensure that the user is authenticated before that it has the permission to see page
|
2020-08-15 23:27:58 +02:00 |
|
Yohann D'ANELLO
|
c466715e8a
|
Raise permission denied on CreateView if you don't have the permission to create a sample instance, see #53
|
2020-08-13 15:20:15 +02:00 |
|
Yohann D'ANELLO
|
24ac3ce45f
|
Display users that have surnormal roles
|
2020-08-05 21:07:31 +02:00 |
|
Yohann D'ANELLO
|
2f018f8c9d
|
Always query distinct objects
|
2020-08-02 08:57:16 +02:00 |
|
Yohann D'ANELLO
|
ae629b55ad
|
Add HTML titles
|
2020-07-30 17:30:21 +02:00 |
|
Yohann D'ANELLO
|
fb5e2578af
|
Merge Role and RolePermissions
|
2020-07-25 19:40:30 +02:00 |
|
Yohann D'ANELLO
|
2eb601bd66
|
💥 Improve performances
|
2020-07-25 17:25:57 +02:00 |
|
Yohann D'ANELLO
|
f567b1a343
|
Activity list is displayed in the right order
|
2020-05-29 21:37:44 +02:00 |
|
Yohann D'ANELLO
|
a83ab4bf85
|
Add a public rights page to view which permissions are granted to which role, update Font Awesome to 5.13
|
2020-04-26 01:20:46 +02:00 |
|
Yohann D'ANELLO
|
0c9409fd4b
|
Improve WEI UI
|
2020-04-18 03:27:12 +02:00 |
|
Yohann D'ANELLO
|
1aae18e6a6
|
Improved permissions, 404 and 403 errors will be more frequent (when we type an invalid URL)
|
2020-03-31 04:16:30 +02:00 |
|