|
fbf64db16e
|
Simple test to check permissions with the new OAuth2 implementation
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-09-02 20:59:45 +02:00 |
|
|
a3fd8ba063
|
Bad paste in comment
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-09-02 20:59:45 +02:00 |
|
|
8be16e7b58
|
Permissions support fully OAuth2 scopes
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-09-02 20:58:05 +02:00 |
|
|
ea092803d7
|
Check permissions per request instead of per user
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-09-02 20:58:05 +02:00 |
|
|
d5ecb72a71
|
Update copyright for 2021
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-06-14 21:45:56 +02:00 |
|
|
56c5fa4057
|
We don't need a session to have permissions
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-03-09 09:41:27 +01:00 |
|
Yohann D'ANELLO
|
b8c3dda95b
|
Replace timezone.now().date() by date.today()
|
2020-08-16 00:35:13 +02:00 |
|
Yohann D'ANELLO
|
e9cbc8e623
|
Fix linters
|
2020-07-30 15:53:23 +02:00 |
|
Yohann D'ANELLO
|
fb775de923
|
Add backdoor to login as other users (in debug mode only)
|
2020-07-30 12:50:48 +02:00 |
|
Yohann D'ANELLO
|
b8a88eeda4
|
Only staff with good permission mask can visit Django Admin
|
2020-07-29 11:38:59 +02:00 |
|
Yohann D'ANELLO
|
84e8b02594
|
🐛 Calculating permissions faster
|
2020-07-28 15:25:08 +02:00 |
|
Yohann D'ANELLO
|
4c29d855d2
|
Fix RolePermissions merge
|
2020-07-25 20:07:45 +02:00 |
|
Yohann D'ANELLO
|
fb5e2578af
|
Merge Role and RolePermissions
|
2020-07-25 19:40:30 +02:00 |
|
Yohann D'ANELLO
|
302f9e752c
|
Create a test to check that permission queries are well formed
|
2020-05-30 15:46:09 +02:00 |
|
Yohann D'ANELLO
|
a9ccf46010
|
Linters
|
2020-05-29 21:43:24 +02:00 |
|
Yohann D'ANELLO
|
716232e27f
|
With distinct permissions, we don't need to check ~ 100 000 permissions to check if someone can log in
|
2020-05-29 21:11:51 +02:00 |
|
Yohann D'ANELLO
|
4108babdb4
|
Permissions can be permanent
|
2020-05-07 21:14:36 +02:00 |
|
ynerant
|
395c52220f
|
Merge branch 'master' into 'tranfer_front'
# Conflicts:
# apps/activity/views.py
# apps/permission/backends.py
# locale/de/LC_MESSAGES/django.po
# locale/fr/LC_MESSAGES/django.po
# static/js/base.js
# templates/base.html
# templates/member/user_list.html
|
2020-05-07 18:48:35 +02:00 |
|
Yohann D'ANELLO
|
b81f186866
|
Add PDF member lists
|
2020-04-23 18:28:16 +02:00 |
|
Yohann D'ANELLO
|
a85a5bf8fe
|
Add initial WEI permissions
|
2020-04-22 13:28:52 +02:00 |
|
Yohann D'ANELLO
|
751147f254
|
Don't display a note that we can't see, fix CI, fix distinct fields on PostgresSQL DB
|
2020-04-10 00:02:22 +02:00 |
|
Pierre-antoine Comby
|
9fbfac7bdb
|
distinct on field not supported by sqlite
|
2020-04-06 11:44:02 +02:00 |
|
Yohann D'ANELLO
|
be42801709
|
The memoization doesn't work when objects don't have a primary key.
|
2020-04-02 14:50:28 +02:00 |
|
Yohann D'ANELLO
|
8ad464ae0c
|
Fix CI
|
2020-04-02 00:42:00 +02:00 |
|
Yohann D'ANELLO
|
5c9c0bbc2a
|
Optimize permissions, use memoization
|
2020-04-02 00:30:22 +02:00 |
|
Yohann D'ANELLO
|
d5b010980b
|
Full membership support
|
2020-04-01 03:42:19 +02:00 |
|
Yohann D'ANELLO
|
bf9789bd9e
|
Restructurate memberships, closes #16
|
2020-03-31 23:54:14 +02:00 |
|
Yohann D'ANELLO
|
dd3b7bd7e5
|
Remove note activities
|
2020-03-31 14:57:44 +02:00 |
|
Yohann D'ANELLO
|
1aae18e6a6
|
Improved permissions, 404 and 403 errors will be more frequent (when we type an invalid URL)
|
2020-03-31 04:16:30 +02:00 |
|
Yohann D'ANELLO
|
e2d2d2cc99
|
Anonymous users have no right
|
2020-03-20 18:23:20 +01:00 |
|
Yohann D'ANELLO
|
24ea4c0a52
|
Comment code
|
2020-03-20 15:58:14 +01:00 |
|
Yohann D'ANELLO
|
091c427707
|
Restructurate code
|
2020-03-20 14:43:35 +01:00 |
|