YunoHost/SSOwat
1
0
Fork 0
mirror of https://github.com/YunoHost/SSOwat.git synced 2024-09-03 20:06:27 +02:00
Code Issues Projects Releases Packages Wiki Activity
882 commits 8 branches 113 tags 3.6 MiB
Commit graph

149 commits

Author SHA1 Message Date
Alexandre Aubin
8faa8057f0 security: rework previous fixes to use the new use_remote_user_var_in_nginx_conf in ssowat conf introduced in yunohost 11.1.2 2023-01-10 00:03:25 +01:00
selfhoster1312
5e378e5c2b Authentication headers are ONLY set when user is logged in and has access to app 
Prevents impersonating users on public applications where the auth headers were not cleared
 2023-01-09 15:47:45 +01:00
ljf
ca2a605dce [fix] Typo json 2021-06-29 18:57:06 +02:00
ljf
89d78ab312 [enh] Avoid to list hidden files 2021-06-29 18:50:05 +02:00
ljf
b3741580da [fix] dash filename, mime types, ynh_userinfo.json 2021-06-29 18:34:40 +02:00
Kay0u
384889ae11
match the beginning of url permissions 2021-01-20 01:28:08 +01:00
Titoko
1747da0571 Update access.lua 2020-12-17 20:12:22 +01:00
Alexandre Aubin
06f1f30226
Update access.lua 
Co-authored-by: Kayou <pierre@kayou.io>
 2020-09-21 14:40:37 +02:00
Alexandre Aubin
41ed91bbcb Misc cosmetics / debug tweaks 2020-09-20 18:00:49 +02:00
Alexandre Aubin
dcbf66d4e4 Rework/simplify code that effectively apply the permission 2020-09-20 18:00:37 +02:00
Alexandre Aubin
a11d8f0d87 Move identification of relevant permission from helpers.lua to access.lua 2020-09-20 17:58:26 +02:00
Alexandre Aubin
abc38bbffe Move handling of login through HTTP headers to is_logged_in helper 2020-09-20 17:53:18 +02:00
Alexandre Aubin
b2b9b9c8e3 Refactor/move handling of portal assets 2020-09-20 17:47:24 +02:00
Kay0u
41ac2e5bf8
Merge remote-tracking branch 'origin/dev' into permission_protection 2020-09-01 20:56:20 +02:00
Kay0u
b5a1d8dfed
find recursively relative to the theme directory 2020-06-18 15:20:11 +02:00
Kay0u
20de3f5f37
fix theme loading 2020-06-18 14:49:26 +02:00
Kay0u
720e35df4e
do not reauth if we are already logged in 2020-05-21 22:56:52 +02:00
Kay0u
24b3f7dc3a
HTTP Auth before permissions managment 2020-05-21 21:53:04 +02:00
Kay0u
400f88e6ca
fix the redirect loop \o/ 2020-05-21 21:51:55 +02:00
Kayou
0f1eea3306
Merge branch 'stretch-unstable' into permission_protection 2020-05-21 21:17:36 +02:00
Alexandre Aubin
09e0fa37aa Alex made a drunk copypasta that broke everything lul - var user not defined ... In fact we don't need this debug line 'cause it's already done in redirect() itself 2020-04-15 01:42:47 +02:00
Kayou
6ee3486783
Merge branch 'stretch-unstable' into permission_protection 2020-04-09 21:34:38 +02:00
Alexandre Aubin
286eb771a7
Merge pull request #158 from YunoHost/dont_set_header_unallowed_users 
Don't set header if user don't have access
 2020-04-01 02:36:58 +02:00
Kay0u
0fc89d0fc9
Rework access 2020-04-01 00:43:59 +02:00
Kay0u
d8c74604c0
portal with the new config file 2020-03-31 02:20:40 +02:00
Kay0u
8cc2bd4b28
Avoid unnecessarily reloading the config file 2020-03-29 18:02:49 +02:00
Josué Tille
ef3d6af9e0
Dont't set header but serve ynhpanel 2020-03-27 15:38:41 +01:00
Josué Tille
b1080c1e1a
Don't set header if user don't have access 2020-03-27 15:30:52 +01:00
Alexandre Aubin
77afe5cf09 Check if the user has access was done right before, no need to redo it 2020-03-24 19:52:33 +01:00
Kay0u
eb2872d5ed
Test if we should skip or unprotect the url 2020-03-05 00:24:06 +01:00
Kay0u
af892991af
refactor legacy url protections 2020-02-13 10:06:32 +07:00
Kay0u
9628d51d2d
check permission after unprotected 2020-01-29 18:24:51 +07:00
Kay0u
19ae10200d
fix string.match 2020-01-17 14:56:32 +07:00
Alexandre Aubin
247847a203 Check skipped_urls before protected_urls 2019-12-02 18:13:19 +01:00
Alexandre Aubin
a13a2fee1e More extensive check between allowed rules vs. protected rules 2019-10-03 23:11:52 +02:00
Alexandre Aubin
1eb322df17 Many tweaks in log system + implement many log messages in low-level functions 2019-10-03 20:42:01 +02:00
Alexandre Aubin
7cb61f1619 Merge branch 'logging' into logging-reloaded 2019-09-24 17:27:44 +02:00
Geoff Montel
1161367d0e Fixed: bug serving files because of LUA exception 
"Interrupted system call" during PWDIR change on "popen" function
Restored by removing FIND's wildcard which could yield fo emptiness
(example : `mydir/` is empty; making `cd mydir && find *` yielding
to non argumented FIND function.

Tested on Stretch with nginx (1.10.3-1+deb9u2) and lua5.1 (5.1.5-8.1+b2).

Note that this could lead to bugs, code refactor should enclose lua-filesystem (1.6.3-1),
but I'm a rookie in LUA.
 2019-07-14 14:30:37 +02:00
Josué Tille
b0756e2494
Allow access in portail in other domain than main domain 2019-05-17 22:42:52 +02:00
chateau
13257e4de0 allow to redirect sso pages the same way than apps urls (from login page) 2019-03-20 03:17:17 +01:00
Alexandre Aubin
32a9229ef4 Enable cache for 1 hour for static assets 2019-03-19 16:52:43 +01:00
Alexandre Aubin
23e78c2c39 This TODO is done 2019-03-19 15:08:09 +01:00
Alexandre Aubin
0c377c3363 Rename css/js files for semantic + explain their purpose 2019-03-19 00:17:53 +01:00
Alexandre Aubin
67e253211c This ynhpanel.json has never been used by anything ... 2019-03-18 18:24:49 +01:00
Alexandre Aubin
328c0b73f0 Misc fixes + note about stuff to fix 2019-03-14 17:41:31 +01:00
chateau
9845d99398 Make files in current theme's directory accessibles under "https://server.tld/ynhtheme/". 2019-03-09 11:21:12 +01:00
Alexandre Aubin
2f24e82f38 Add trick to access.lua to be able to inject custom/theme css and js when in apps as well 2019-02-23 04:20:01 +01:00
Alexandre Aubin
7dc84973df
Improve comment 2018-12-14 00:31:54 +01:00
ljf (zamentur)
c3a9380361
[fix] PCRE choice if no %. in url regex 2018-12-13 23:23:10 +01:00
ljf
b90153a5ca [enh] Add comment about lua pattern deprecated 2018-06-24 20:44:28 +02:00