- 🇬🇧United Kingdom mrhorse
Reroll for 2.x branch (based on 2.0.0-rc1).
- Assigned to elc
- 🇦🇺Australia elc
Update target branch. The 8.x-1.x branch is no longer supported.
Added tasks as this needs tests and an update for existing installs.
- Merge request !10Issue #3092289 by ELC, Rob230, mrhorse: Restrict CAS login by role → (Merged) created by elc
- 🇦🇺Australia elc
Patch prevent anon users from accessing login when providing a service which would have been a large breakage for most situations. Kept that check there, but wrapped it to only check for auth users, and then adding a new check during login pre-auth.
Fixed existing tests by adding the required permission but should review to see there are more to add permissions based tests to.
- Status changed to Needs review
10 months ago 4:44am 29 January 2024 - 🇦🇺Australia elc
Greater test coverage.
Needs review and confirmation on the anon user access check. This diverges from the original patch in many ways, but functionally the huge difference is that it doesn't access check anonymous users. Access checking anon users seems to have been a bug as it breaks CAS functionality.
NB Failed tests: These will need to be re-run once testing infrastructure is up and running again. Database server appears to be rejecting connections at present.
- Merge request !14Issue #3092289 by ELC, Rob230, mrhorse: Restrict CAS login by role → (Merged) created by elc
- Status changed to Needs work
8 months ago 2:53pm 28 March 2024 - 🇦🇺Australia elc
Test failure is caused by random label not being shown in options list.
Options list:
(~o)>
Label is:(~o)>&{{ - Status changed to Fixed
8 months ago 3:54pm 30 March 2024 - 🇦🇺Australia elc
Adds the role restriction feature:
✨ Restrict CAS log in to roles Needs review
An update keeps existing behaviour of all accounts being able to access all services.
--
Still @todo: Merge into 2.1.x branch
- Issue was unassigned.
Automatically closed - issue fixed for 2 weeks with no activity.