604549e06a284a3959b909a550eea36d13e70655 |
|
09-Dec-2015 |
Jake Feasel <jake.feasel@forgerock.com> |
OPENIDM-4820 - updating to forgerock-ui 10.0.4 and fixing various validation bugs |
6fc66c9c25e5e5831e0edfc88aa0e15f233f43ba |
|
08-Dec-2015 |
Jake Feasel <jake.feasel@forgerock.com> |
OPENIDM-4685 - Using policy service to validate self-service pages |
5e06232b13d26983ad66f05a5d5f839d5eb4216c |
|
19-Nov-2015 |
Jake Feasel <jake.feasel@forgerock.com> |
Updates to use forgerock-ui 8.6.0 and forgerock-selfservice
* Includes forgotten username process in admin and enduser UI
* Aligns contractor sample with userQuery stage, and account for double-quotes in userNames passed to queryFilters
* Updates self-service examples
* Support for updating kba questions as part of self-service profile
* Bug with update logic in router-authz
* Support for locales in email |
2b4b1796b6a65b9c878e4909f2337238bec8a1a5 |
|
16-Nov-2015 |
Chad Kienle <chad.kienle@forgerock.com> |
[OPENIDM-4588] Fixed bug with managed object policies. |
8e7582759e82872064912c398be2143f5f016c57 |
|
19-Oct-2015 |
Chad Kienle <chad.kienle@forgerock.com> |
[OPENIDM-4199] Added support for conditional policies with optional
dependencies and fallback policies. |
dc53767f6614db736c8a95a165beae870ac1e3d9 |
|
19-Oct-2015 |
Jake Feasel <jake.feasel@forgerock.com> |
OPENIDM-4289 - Aligns workflow sample with relationships (authzRoles and manager) and refactoring and cleanup of contractorOnBoarding workflow
Uses selfservice reset to set the new contractor's password. |
fe9f72dff43cb29a114d7df94815720bedd2acac |
|
19-Oct-2015 |
Jake Feasel <jake.feasel@forgerock.com> |
OPENIDM-4287 - Updates workflow endpoints to use current user's security context |
0cbb44acdcab0e5a2d60c601698454b6a01bd0b3 |
|
08-Oct-2015 |
Jake Feasel <jake.feasel@forgerock.com> |
OPENIDM-3559 - Moving policy details for managed objects into json schema
Adjusting authz rules for self-service requests (taking CSS-28 into account)
Including kbaInfo in default user schema
Progress with adding new properties to json editor for managed objects
Aligning the Admin UI and authz rules with backend, removing default configs
Using external/email endpoint in access.js authz rule |
21dcdac963f79c098a5ea1a2c5c5e109429c9786 |
|
19-Sep-2015 |
Brendan Miller <brendan.miller@forgerock.com> |
CHF-68 and CHF-69: move Context, SecurityContext, and AbstractRouter to services package |
e2cd22a6774d3e0685b065c43a4078728bb6e279 |
|
26-Aug-2015 |
Jake Feasel <jake.feasel@forgerock.com> |
Replaces request.resourceName with request.resourcePath in scripts |
c530b621413be174f6d4a9f0929f1541f05633a5 |
|
08-Jun-2015 |
Chris Drake <chris.drake@forgerock.com> |
OPENIDM-3223 CR-7161 Implement policy to prevent duplicate Managed User role assignments |
75957d179c2d8ae87bbed183962ec6f458bbeab7 |
|
18-Dec-2014 |
Chris Drake <chris.drake@forgerock.com> |
OPENIDM-2708 CR-5735 Fix issue whereby a create of a managed object within an explicit table returns the resulting JSON object with an invalid (qualified) id instead of the expected unqualified id. Also switched to using queryFilter within policy.js instead of invoking the legacy get-by-field-value query which does not have a functional version for explicit tables. |
293ee1fa8c40a5cdfeb3606b4723aa151c108454 |
|
31-Jul-2014 |
Nicolas Philippe <nicolas.philippe@forgerock.com> |
OPENIDM-2079 : CR-4125. Checked in the changes for Chad.There are places in the policy.js script where it is expecting request.resourceName to not be encoded so that the resourceId can be extracted from it. Issue addressed by making ResourceName object available to scripts and logic was updated in policy.js to use ResourceName.leaf() to get the decoded resourceId. |
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0 |
|
14-May-2014 |
Brendan Mmiller <brendan.miller@forgerock.com> |
OPENIDM-1735 / OPENIDM-1134 (CR-3503)
Provide additional detail on sync failures from managed object CRUD operations.
Provide example compensation script to compensate for sync failures. |
510781801288e3b0d2da6589b05c9d38d6ea0e34 |
|
02-May-2014 |
Jake Feasel <jake.feasel@forgerock.com> |
CR-3300 - OPENIDM-1748 Confusing policy validation display for passwords in the UI
Updating several of the policy functions to check to see if the "REQUIRED" requirement
has been specified, using a sort of policy function "chaining" mechanism. |
6fb68c54d2b47bb74c480d298737d178376b9bec |
|
19-Mar-2014 |
Jake Feasel <jake.feasel@forgerock.com> |
http://sources.forgerock.org/cru/CR-3209 - OpenIDM various policy validation clean-up |
99913b70c5ebb221b49e8784158cdd2bc8b7a871 |
|
04-Mar-2014 |
Jake Feasel <jake.feasel@forgerock.com> |
http://sources.forgerock.org/cru/CR-3109 - IDME-49: Fix additional reauth errors
Also an update to http://sources.forgerock.org/cru/FR-89 to better support checking the array container |
fc84de894ce80f90062b6bb404eb941c3b7d6642 |
|
20-Feb-2014 |
Brendan Mmiller <brendan.miller@forgerock.com> |
IDME-122 (CR-3057)
Revert changes to use current contet in policyFilter, but instead use special
parameter to trigger reauth policy when necessary (patch operation). |
85a9e5498e4a8dfa316c914a973b23ff1fb33be3 |
|
19-Feb-2014 |
Brendan Mmiller <brendan.miller@forgerock.com> |
IDME-127 (CR-3047)
Enhance isEncrypted to return false on null or undefined arguments so
javascript doesn't have to precheck arguments. |
d08a92e3e8c34e85f1b42c07f04af5235d8da579 |
|
18-Feb-2014 |
Jake Feasel <jake.feasel@forgerock.com> |
https://bugster.forgerock.org/jira/browse/IDME-127 - ReAuthentication fails with error in policy.js about isEncrypted function
Also, http://sources.forgerock.org/cru/FR-89 - Support for policies on array elements |
5860f4705b1969504733405d4c828e498aa1d284 |
|
18-Feb-2014 |
Brendan Mmiller <brendan.miller@forgerock.com> |
IDME-122 (CR-3020)
The type is now boolean, and we do not need the extra local variable. |
95a278acb3e120f22ba984c0578f65eb0d860d3d |
|
18-Feb-2014 |
Brendan Mmiller <brendan.miller@forgerock.com> |
IDME-122 (CR-3020)
Align internal context changes from CREST-142/IDME-121/IDME-123
Reverts part of r2848 to allow policy service _validateObject action from
policyFilter.js to be viewed "external" without extra param hook. |
b16c09bce4e9a653f353e856d4c79cebd2dff628 |
|
11-Feb-2014 |
Chad Kienle <chad.kienle@forgerock.com> |
Fix for reauth policy when patching managed objects |
1efcf1f855dad06a6ee70d96ffa9ea8145e6fc9b |
|
31-Jan-2014 |
Brendan Mmiller <brendan.miller@forgerock.com> |
Bulk update to update to forgerock-rest-2.2.1 and forgerock-script-1.1.1 in order to resolve
CREST-138 - UpdateRequest#getNewContent -> UpdateRequest#getContent
CREST-139 - ActionRequest#getAdditionalActionParameters -> ActionRequest#getAdditionalParamters
QueryRequest#getAdditionalQueryParameters -> QueryRequest#getAdditionalParamters
OPENIDM-1617 - revert request member "method" back to "type" and use lowercase values
IDME-72 - Allow javascript to set element at variable[0] |
62f6b310a56972f2a13ad5d148dadd270ff55e9d |
|
29-Jan-2014 |
Chad Kienle <chad.kienle@forgerock.com> |
Fixes for "reauthenticate" not working from policy script. |
cbb4911a34ac36b93294fda2b5936a32ddd2ecd0 |
|
29-Jan-2014 |
Brendan Mmiller <brendan.miller@forgerock.com> |
Update javascript to use new request/context bindings. Retool PolicyService
to pass CREST Request objects on through rather than build custom maps
(for the old javacript) |
b6b4de3917c3bdf0b6744c45f11a42483104b956 |
|
04-Sep-2013 |
Chad Kienle <chad.kienle@forgerock.com> |
Fixed an issue where a read on openidm/policy was not correctly returning the configured policies. |
d6e4972437e554d4f59b1709d2a8588c9519ee4e |
|
01-Aug-2013 |
Chad Kienle <chad.kienle@forgerock.com> |
Cleaned up some debug messages. |
188107c71a85a55e251c6a0dce7b2f326c3b5ada |
|
24-Jul-2013 |
Chad Kienle <chad.kienle@forgerock.com> |
Policy service and script updates to get actions and reads working. |
8f14c8a5b6fd890fca3ae089b6d23d082147ac8d |
|
19-Mar-2013 |
Jake Feasel <jake.feasel@forgerock.com> |
Reverting r2048 - change was mistakenly made, I was confused by configuration options. |
84c687523621521b6ff78d19c872854e21146590 |
|
18-Mar-2013 |
Jake Feasel <jake.feasel@forgerock.com> |
https://bugster.forgerock.org/jira/browse/OPENIDM-1256 - additionalPolicies option in policy.json not working
http://sources.forgerock.org/cru/CR-1436 |
d8f7acffba2e12c991ba2c3edeef918775e2ba48 |
|
08-Mar-2013 |
Chad Kienle <chad.kienle@forgerock.com> |
[OPENIDM-1247][CR-1385] Added null check before validation call when executing the validateProperty action. |
ba00d6c6d80fd8f9fbfa4d0ad7ccc81c170cd88c |
|
31-Jan-2013 |
Jake Feasel <jake.feasel@forgerock.com> |
http://sources.forgerock.org/cru/CR-1237 - bugs from JSLint refactoring
Resolves:
https://bugster.forgerock.org/jira/browse/OPENIDM-1150
https://bugster.forgerock.org/jira/browse/OPENIDM-1149 |
01a70b70b1712aee86b957f39c07ee259adfb3b1 |
|
22-Jan-2013 |
Jake Feasel <jake.feasel@forgerock.com> |
Fixing bug with policy.js which was missing the case where managed objects were configured without specifying any properties. |
759cbe36aeb56cbe1e788d90fbaa7f1a7e797f5d |
|
15-Jan-2013 |
Jake Feasel <jake.feasel@forgerock.com> |
Using JSLint to validate server-side JavaScript code as part of the maven build process.
Updates to server-side JavaScript to pass JSLint validation rules.
http://sources.forgerock.org/cru/CR-1175 |
ca67694845f39bb124ebac5d8d9722d71116a0c4 |
|
04-Jan-2013 |
Jake Feasel <jake.feasel@forgerock.com> |
http://sources.forgerock.org/cru/CR-1157 - Commons UI: Updating patch actions to try using add when replace fails
These changes allow for the possibility of a non-existent password property on the managed/user object as a valid state. This could arise when, for example, a record was create via recon from a source system which doesn't expose a cleartext password. Code changes to policy and onCreate script to make this more sensible, and within the UI code to do an "add"-type of patch rather than a "replace" patch (which would fail, since the property doesn't exist). |
e82e853c4e62751f0adbacd5deaef860ce9a55e0 |
|
13-Dec-2012 |
Jake Feasel <jake.feasel@forgerock.com> |
merging trunk 1773-1783 |
bf253280a5e6f2c2dc61030e69d5825596d5cdae |
|
13-Dec-2012 |
Chad Kienle <chad.kienle@forgerock.com> |
[OPENIDM-1036] Reworked and moved exceptRoles logic to its own function and cleaned up the usage, also created a getSecurityContext function for finding the security context. |
245d622535c32563b59ef5027b1171167ba9b451 |
|
12-Dec-2012 |
Jake Feasel <jake.feasel@forgerock.com> |
merging trunk r1735-1772 |
49d1ddfb04571dd85218ee6c053e0dadba289283 |
|
11-Dec-2012 |
Jake Feasel <jake.feasel@forgerock.com> |
https://bugster.forgerock.org/jira/browse/OPENIDM-1031 - Username can be exploited with arbitrary HTML code
http://sources.forgerock.org/cru/CR-1073 - OpenIDM - prevent embedded HTML from rendering in the UI |
b412f3c08f7621383d949c49539fa6c0a1644bf3 |
|
08-Dec-2012 |
Jake Feasel <jake.feasel@forgerock.com> |
New sample workflow: http://sources.forgerock.org/cru/CR-1055
Also included is an update to most recent changes to policy.js, fixing issue discovered with workflow testing. |
552cd67292876f5fca178b57af857da75e3a750f |
|
08-Dec-2012 |
Jake Feasel <jake.feasel@forgerock.com> |
OpenIDM Fix reauth policy to not fail when value has not changed
http://sources.forgerock.org/cru/CR-1057
Calls to patch were failing now that validation is properly being applied to patch calls. The failure was due to the fact that the whole object was being validated, and some properties in the object were requiring reauth. So even if you were not changing a property which required reauth, the reauth validation rule was being raised. This fixed the problem by not raising the failure if the value being evaluated is the same as the current value for the object.
https://bugster.forgerock.org/jira/browse/OPENIDM-1011 |
168438025174c69ccbe51b59ffc800eabbeafc2d |
|
07-Dec-2012 |
Chad Kienle <chad.kienle@forgerock.com> |
[OPENIDM-990] Fixed bug in re-authentication policy function and added a new "_isDirectHttp" flag to indicate an "http" request type. |
cc1ea11bc48ff93fc5ce56a8255269bf11ec493d |
|
06-Dec-2012 |
Jake Feasel <jake.feasel@forgerock.com> |
Merging trunk r1688-1715 |
8c8595e7a24db0c4f44c6b75055ce1a2c4c623bb |
|
05-Dec-2012 |
Chad Kienle <chad.kienle@forgerock.com> |
[OPENIDM-984] Fixed code in the mergePolicies() function that was causing configs in manage.json to overwrite configs in policy.json. |
f53e8bf374334553495526c75f961fd0684de0af |
|
28-Nov-2012 |
Jake Feasel <jake.feasel@forgerock.com> |
merging ui branch r1634-1654
Using new validateOnlyIfPresent flag to solve https://bugster.forgerock.org/jira/browse/OPENIDM-934
Modifying apache configuration to reverse proxy for all requests to openidm/ rather than just to openidm/managed
misc trivial cleanup |
1daba77a2baea6f319d9a16e348e733a5f1484f1 |
|
28-Nov-2012 |
Jake Feasel <jake.feasel@forgerock.com> |
Reverting "checkIfRequiredApplies" in favor of "validateOnlyIfPresent"
Deleting unnecessary hard-coded addition of properties in admin user create screen |
e36e4cfe796d1ed44869e37f8fb9f9266d48c8c9 |
|
28-Nov-2012 |
Jake Feasel <jake.feasel@forgerock.com> |
Changes to policy code to use new "context" idea |
456730294584412dcb92e3892a14bb2941688be8 |
|
22-Nov-2012 |
Chad Kienle <chad.kienle@forgerock.com> |
[OPENIDM-938] Added "validateOnlyIfPresent" option to the policy configurations. |
9231fbf30902ec4bff16fd5f0a16ff9ecc34dab9 |
|
22-Nov-2012 |
Andi Egloff <andi.egloff@forgerock.com> |
OPENIDM-937 Fix null check for value |
01abc9a654374929e6b0cf48e50e4f859db9eafc |
|
22-Nov-2012 |
Chad Kienle <chad.kienle@forgerock.com> |
[OPENIDM-937] Added a null check on when traversing parent requests in the requiredIfConfigured policy function. |
923784d59ac065eee98b208dfacda6fbc24c71d6 |
|
20-Nov-2012 |
Jake Feasel <jake.feasel@forgerock.com> |
Merging trunk r1582-1607
http://sources.forgerock.org/cru/CR-912
Tag, you're it QA! |
00fa0366fa6d26fae02e8bfff5cc20c9992f80d9 |
|
19-Nov-2012 |
Jake Feasel <jake.feasel@forgerock.com> |
Fixing requiredIfConfigured to no longer use _caller attribute of request, since this appears to not work any more? |
f6c209a1011f21b03b3ea0b47423cd9b6c81f552 |
|
19-Nov-2012 |
Jake Feasel <jake.feasel@forgerock.com> |
Merging trunk r1596-1602 |
6cf8d7d89259093200daf869294f7c1d82202bd3 |
|
19-Nov-2012 |
Chad Kienle <chad.kienle@forgerock.com> |
[OPENIDM-904] Added an addPolicy() function to the policy.js script for supporting the adding of policy configs (from custom policy scripts) without modifying the policy.js file. |
670278dfaf67fd67aab6b0c6175610b0b425263d |
|
19-Nov-2012 |
Jake Feasel <jake.feasel@forgerock.com> |
Reverting change made in r1584, improving check for internal user conflict |
f8eb547a5996303c92e9482cf659642871c7252c |
|
19-Nov-2012 |
mbilski <mbilski@localhost> |
removed @license from licenses, changed © to (c) |
ac8f468f3e5637c6db0e1a1c878ddde6cd65bc22 |
|
19-Nov-2012 |
Jake Feasel <jake.feasel@forgerock.com> |
Fixing policy to look for security context more flexibly; necessary now that we are using POST+_action=patch, as apparently this builds a different structure than simply PATCH |
8f220d108ad175faa59d95e26138ce0e0518e16d |
|
18-Nov-2012 |
Jake Feasel <jake.feasel@forgerock.com> |
Removing extraneous values leftover from copy/paste |
0f2f4d5fa99181611e0625ed2e446e92511a1bd9 |
|
18-Nov-2012 |
Jake Feasel <jake.feasel@forgerock.com> |
Adding policy to prevent managed users from having the same names as internal users |
35d8f970e25366e2703f1dacbf8fe3f55b494be1 |
|
15-Nov-2012 |
Jake Feasel <jake.feasel@forgerock.com> |
Moving scripts to bin/defaults and updating references in conf |