- JobsQueueManager->addNewJobsToQueue now checks permission to write new jobs in the queue
- Added statuses for system.tbl_jobstatuses in system/dbupdate_3.3.php
- Added permission access type (read/write) in configuration file application/config/jqm.php
- Renamed method loginAS to loginASByUID in AuthLib.php
- Added new public method loginASByPersonId to AuthLib.php
- Renamed method connect to anonymousConnect in LDAPLib
- Method LDAPLib->connectUsernamePassword now checks both username and password if they are empty strings
- Added new constant LOGINAS_PERSONIDS_BLACKLIST to PermissionLib
- Renamed method isEntitledLoginAS to isEntitledLoginASByUID in PermissionLib
- Added new public method isEntitledLoginASByPersonId to PermissionLib
- Added new private method _inLAPersonIdsBlacklist to PermissionLib
- It contains the following entries:
- List of permissions that are allowed to perform loginAs
- List of permissions that cannot be gained with loginAs
- List of users whose identity cannot be obtained with loginAs
- Removed config entries authentication_loginas_perms and authentication_loginas_blacklist from config file auth.php
- Added constants to PermissionLib: LOGINAS_ALLOWED, LOGINAS_BLACKLIST and LOGINAS_USERS_BLACKLIST
- PermissionLib loads the config file permission.php
- Added public method isEntitledLoginAS to PermissionLib
- Added private methods _inLAUsersBlacklist, _hasLANotAllowedPermissions and _hasLAPermissions to PermissionLib
- Added public method loginAS to AuthLib
- Fixed logout method in AuthLib
- Fixed loginLDAP method in AuthLib
- Added new configuration file ldap.php for LDAP connection
- Added new controller system/Login to manage logins
- Added new controller system/Logout to manage logout
- Added new core model LDAP_Model to manage LDAP connections
- Added new constants in config/constants for authentication
- Added new function getCode to hlp_message_helper
- Now core/Auth_Controller loads the AuthLib as first step
- Now PermissionLib does NOT load anymore the AuthLib
- Removed old logic from PermissionLib
- Now function getAuthUID (hlp_authentication_helper) does not load anymore the AuthLib
- Now REST_Controller loads hlp_message_helper and hlp_common_helper
- core/APIv1_Controller does NOT load anymore hlp_message_helper and hlp_common_helper
- Added new constants to AuthLib
- AuthLib constructor now accept a parameter to enable the authentication immediatly (default)
- AuthLib loads configuration file auth.php and Person_model by default
- Added public methods getAuthObj and logout to AuthLib
- Renamed CheckUserAuthByUsernamePassword to checkUserAuthByUsernamePassword, CheckUserAuthByCode to checkUserAuthByCode and CheckUserAuthByCodeEmail to checkUserAuthByCodeEmail in AuthLib
- Added private methods _createAuthObj, _isLogged, _showInvalidAuthentication, _showError, _checkBTAuthentication, _checkHBALDAPAuthentication, _checkLDAPAuthentication, _checkForeignAuthentication, _storeAuthObj and _authenticate to AuthLib
- Changed the relatives includes
- Changed the controller api/v1/CheckUserAuth to be adapted to the AuthLib changes
- Removed function auth from helpers/hlp_authentication_helper
- Adapted function getAuthUID of helpers/hlp_authentication_helper to the AuthLib changes
- Adapted constructor of PermissionLib to the AuthLib changes
- Added requiredPermissions property to the navigation array in the config navigation.php
- Added constant PERMISSION_NAVIGATION_METHOD to NavigationLib
- Added parameter and array element requiredPermissions to method oneLevel of NavigationLib
- Renamed method _sortArray to _sortNavigationArray in NavigationLib
- Added private method _rmNotAllowedEntries to NavigationLib to remove menu entries that the logged user is not allow to use
This message contains:
- the name of the called controller
- the name of the called method of the called controller
- all the possible permissions and related modes needed to acces to this content
- Removed all the NOT usefull loads of helpers and libraries
- Fixed undefined index in controllers/system/UDF and model system/UDF_model
- APIv1_Controller now loads helper fhcauth
- FHC_Controller now loads ithe fhc and session helpers too
- Added/Fixed comments
- PermissionLib does NOT use anymore the getAuthUID function from the fhcauth helper, now relies on AuthLib directly
- REST_Controller loads directly the AuthLib when is needed
- Renamed method checkPermissions to isEntitled
- isEntitled: if the controller is called from the command line, then is always trusted
- Adapted controllers application/core/APIv1_Controller.php and application/core/FHC_Controller.php
- Added include of PermissionLib in APIv1_Controller
- Added method _isAllowed to APIv1_Controller to call checkPermissions from PermissionLib
- Now the APIv1_Controller constructor requires an array of permissions as parameter
- FHC_Controller includes PermissionLib
- Added new method _isAllowed to FHC_Controller
- Added permission _checkPermissions to FHC_Controller
- Added new constants to PermissionLib
- application/libraries/* -> CS compliant
- FHC_Model isEntitled method now return error() or success()
- Updated all code that uses isEntitled method from FHC_Model
- Removed Squiz.PHP.DisallowSizeFunctionsInLoops from CS ruleset
- Removed depracated method replace from DB_Model
- Removed unused method pgArrayPhp from DB_Model
- Renamed method arrayMergeIndex to _arrayCombine in DB_Model and set as private
- Added method _manageUDFs to DB_Model (a wrapper for UDFLib->manageUDFs)
- All return messages functions are in the message helper and it is loaded by the core classes
- Added the missing constant FHC_NOPK
- Updated all the interested classes with the new permission method
- Updated all the interested classes with the new return message functions
- Extended functionality to others HTTP methods
- Added checking permissions if the requested resource is a library
(permissions are automatically handled by models) using PermissionLib
- Extended PermissionLib
- The function getAuthUID() present in the helper fhcauth_helper.php
now tries to work always with CI session to get the uid
- REST_controller doesn't need anymore to handle the uid
- FHC_Controller and FHC_Model load fhcauth_helper in their constructor,
so any class that extends them now could call the function getAuthUID()
anywhere in the code
- The controllers don't need anymore to pass the uid to the models or to the
libraries
- Library FHC_DB_ACL load fhcauth_helper in its constructor and uses getAuthID()
chfhtw