Switch to dedicated add/remove endpoints.
Allow setting max cache age to None for infinite.
Apparently patch has issues.
Thanks @TargetZ3R0 and Discord devs <3
Closes#968
(cherry picked from commit 99b136b824d831f57a4000bb6813608083f1e4b5)
Create new roles with desired attributes in one call.
(cherry picked from commit ae4116c0f6a31997966505114f61b87745575dc1)
Use django-redis-cache backend for locking get_or_set
No longer require group-related tasks to be locked to one simultaneous execution.
Remove legacy service group cache models.
Truncate Discord nicknames to 32 characters
Correct Discourse group name extension using only valid leading characters.
Prevent name slicing from ending with illegal character
Closes#801Closes#847Closes#835Closes#852
* Do not attempt to change user email on SeAT if unchanged.
This prevents HTTP422 from being raised on password resets.
*Delete users on deactivation.
The existing disable user logic does nothing and results in a HTTP500.
It's safe to delete users entirely - the API keys are retained.
Fixes#844
Added discord too many requests handling decorator
Added tests for core Discord manager functions
Added discord backoff retry for celery
Added tests for update groups backoff
Support per-route and global rate limiting
Manager function tidyup
Hopefully improved the key sync function, at least it should be easier to follow whats happening now.
Remove partial logging of unhashed passwords
Added user feedback
* Correct duplicate error and success messages to user
* Read out all buffer bytes before sending command
* Convert ts3 manager to use a single connection
Each instance of the class will now use a single connection and should
be cleanly disconnected when finished.
Compatible with `with` clauses and will automatically disconnect from
the TS3 server when it exits the `with` block.
* Update TS3 manager consumers to use new style
* Update unit tests to use new style manager
Force bcrypt 2y for PHP apps
2b isn't supported by older versions of PHP supplied by e.g. Ubuntu
14.04. 2a is insecure.
Remove plaintext warning
No services store plaintext passwords anymore.
Switch form to password field
Insecure, but 2b is not supported by IPS4 according to user reports. This manager needs to be changed to use the IPS4 API at some point anyway, so really a stop gap measure.
* Add service access permissions and migration
`ENABLE_AUTH_<servicename> = True` will have the new permission applied
to the settings configured `DEFAULT_AUTH_GROUP` group or `Member` if
none is configured.
`ENABLE_BLUE_<servicename> = True` will have the new permission applied
to the settings configured `DEFAULT_BLUE_GROUP` group or `Blue` if none
is configured.
* Move views and hooks to permissions based access
* Remove access restriction to services view
Hypothetically non-member/blues could be granted permission to access
services manually as desired now. A user that has no permissions to
access any services will see a blank services list.
* Remove obsolete service settings
* Remove references to obsolete settings
* Adjusted tests to support permissions based access
* Fix incorrectly named permissions
* Add simple get_services generator function
* Added signals for user and groups perm changes
* Update validate_services to support permissions
deactivate_services removed as its surplus to requirements.
* Removed state parameter from validate_services calls
* Update tests to support signals changes
* Fix incorrect call to validate_services task
* Fix validate_services and test
* Add validate_user to changed user groups signal
* Added tests for new signals
* Remove unnecessary post_add signals
* Added documentation for service permissions
* Added detection for members with service active
If there are any service users in the Member or Blue groups active, then
the permission will be added to the respective Member or Blue group.
This means its no longer necessary to maintain the service enablesettings to migrate to permissions based service.
Remove obsolete state based status checking
* SeAT service in modular service app format
* Replace string concatenation with formatters
* Fix incorrect references to user
* Fix exception when user doesn't have seat active
* Prevent deletion of seat API keys by default
* Improve api response error handling
* Corrected notification message
* Added missing view returns
* Update SeAT to use permissions based access
* Update password generator to new style
* Correct logging message
* Fix seat role update tasks
* Correct validate user logic
* Add seat test settings
* Added basic seat unit tests
* Added add permissions function from other branch
* Remove obsolete settings references
Added transition to bcrypt-sha256 hashing for mumble passwords.
All new passwords will be hashed by bcrypt-sha256. The existing SHA-1
hashes will continue to work as a fallback for legacy password hashes.
* Hooks registration, discovery and retrieval module
Will discover @hooks.register decorated functions inside
the auth_hooks module in any installed django app.
* Class to register modular service apps
* Register service modules URLs
* Example service module
* Refactor services into modules
Each service type has been split out into its own django app/module. A
hook mechanism is provided to register a subclass of the ServiceHook
class. The modules then overload functions defined in ServiceHook as
required to provide interoperability with alliance auth. Service modules
provide their own urls and views for user registration and account
management and a partial template to display on the services page. Where
possible, new modules should provide their own models for local data
storage.
* Added menu items hooks and template tags
* Added menu item hook for broadcasts
* Added str method to ServicesHook
* Added exception handling to hook iterators
* Refactor mumble migration and table name
Upgrading will require `migrate mumble --fake-initial` to be run first
and then `migrate mumble` to rename the table.
* Refactor teamspeak3 migration and rename table
Upgrading will require `migrate teamspeak3 --fake-initial`
* Added module models and migrations for refactoring AuthServicesInfo
* Migrate AuthServiceInfo fields to service modules models
* Added helper for getting a users main character
* Added new style celery instance
* Changed Discord from AuthServicesInfo to DiscordUser model
* Switch celery tasks to staticmethods
* Changed Discourse from AuthServicesInfo to DiscourseUser model
* Changed IPBoard from AuthServicesInfo to IpboardUser model
* Changed Ips4 from AuthServicesInfo to Ips4User model
Also added disable service task.
This service still needs some love though. Was always missing a
deactivate services hook (before refactoring) for reasons I'm unsure of
so I'm reluctant to add it without knowing why.
* Changed Market from AuthServicesInfo to MarketUser model
* Changed Mumble from AuthServicesInfo to MumbleUser model
Switched user foreign key to one to one relationship.
Removed implicit password change on user exists.
Combined regular and blue user creation.
* Changed Openfire from AuthServicesInfo to OpenfireUser model
* Changed SMF from AuthServicesInfo to SmfUser model
Added disable task
* Changed Phpbb3 from AuthServicesInfo to Phpbb3User model
* Changed XenForo from AuthServicesInfo to XenforoUser model
* Changed Teamspeak3 from AuthServicesInfo to Teamspeak3User model
* Remove obsolete manager functions
* Standardise URL format
This will break some callback URLs
Discord changes from /discord_callback/ to /discord/callback/
* Removed unnecessary imports
* Mirror upstream decorator change
* Setup for unit testing
* Unit tests for discord service
* Added add main character helper
* Added Discourse unit tests
* Added Ipboard unit tests
* Added Ips4 unit tests
* Fix naming of market manager, switch to use class methods
* Remove unused hook functions
* Added market service unit tests
* Added corp ticker to add main character helper
* Added mumble unit tests
* Fix url name and remove namespace
* Fix missing return and add missing URL
* Added openfire unit tests
* Added missing return
* Added phpbb3 unit tests
* Fix SmfManager naming inconsistency and switch to classmethods
* Added smf unit tests
* Remove unused functions, Added missing return
* Added xenforo unit tests
* Added missing return
* Fixed reference to old model
* Fixed error preventing groups from syncing on reset request
* Added teamspeak3 unit tests
* Added nose as test runner and some test settings
* Added package requirements for running tests
* Added unit tests for services signals and tasks
* Remove unused tests file
* Fix teamspeak3 service signals
* Added unit tests for teamspeak3 signals
Changed other unit tests setUp to inert signals
* Fix password gen and hashing python3 compatibility
Fixes#630
Adds unit tests to check the password functions run on both platforms.
* Fix unit test to not rely on checking url params
* Add Travis CI settings file
* Remove default blank values from services models
* Added dynamic user model admin actions for syncing service groups
* Remove unused search fields
* Add hook function for syncing nicknames
* Added discord hook for sync nickname
* Added user admin model menu actions for sync nickname hook
* Remove obsolete code
* Rename celery config app to avoid package name clash
* Added new style celerybeat schedule configuration
periodic_task decorator is depreciated
* Added string representations
* Added admin pages for services user models
* Removed legacy code
* Move link discord button to correct template
* Remove blank default fields from example model
* Disallow empty django setting
* Fix typos
* Added coverage configuration file
* Add coverage and coveralls to travis config
Should probably use nose's built in coverage, but this works for now.
* Replace AuthServicesInfo get_or_create instances with get
Reflects upstream changes to AuthServicesInfo behaviour.
* Update mumble user table name
* Split out mumble authenticator requirements
zeroc-ice seems to cause long build times on travis-ci and isn't
required for the core projects functionality or testing.
