f89f98e16935b8360297827b03afc6dc0f0bfa9d |
|
11-Dec-2015 |
Brendan Miller <brendan.miller@forgerock.com> |
Only execute the authz filter for external requests. |
a6f11b80f5af07d76c964b2edcc633e33efbaa8f |
|
02-Dec-2015 |
Jake Feasel <jake.feasel@forgerock.com> |
OPENIDM-4705 - Handle action=patch changes properly for authz |
b9370d302d8ebb631ddaf84af98ac6ae3c79ed83 |
|
30-Nov-2015 |
Jake Feasel <jake.feasel@forgerock.com> |
OPENIDM-4299 - Improves behavior when users update their own records via PUT |
64ba371e3cbe8b12b58382cda10ba649bf5e4faa |
|
30-Nov-2015 |
Jake Feasel <jake.feasel@forgerock.com> |
OPENIDM-4298 - Managed/user can use _action=patch instead of PATCH method to update account |
5e06232b13d26983ad66f05a5d5f839d5eb4216c |
|
19-Nov-2015 |
Jake Feasel <jake.feasel@forgerock.com> |
Updates to use forgerock-ui 8.6.0 and forgerock-selfservice
* Includes forgotten username process in admin and enduser UI
* Aligns contractor sample with userQuery stage, and account for double-quotes in userNames passed to queryFilters
* Updates self-service examples
* Support for updating kba questions as part of self-service profile
* Bug with update logic in router-authz
* Support for locales in email |
dc53767f6614db736c8a95a165beae870ac1e3d9 |
|
19-Oct-2015 |
Jake Feasel <jake.feasel@forgerock.com> |
OPENIDM-4289 - Aligns workflow sample with relationships (authzRoles and manager) and refactoring and cleanup of contractorOnBoarding workflow
Uses selfservice reset to set the new contractor's password. |
fe9f72dff43cb29a114d7df94815720bedd2acac |
|
19-Oct-2015 |
Jake Feasel <jake.feasel@forgerock.com> |
OPENIDM-4287 - Updates workflow endpoints to use current user's security context |
0cbb44acdcab0e5a2d60c601698454b6a01bd0b3 |
|
08-Oct-2015 |
Jake Feasel <jake.feasel@forgerock.com> |
OPENIDM-3559 - Moving policy details for managed objects into json schema
Adjusting authz rules for self-service requests (taking CSS-28 into account)
Including kbaInfo in default user schema
Progress with adding new properties to json editor for managed objects
Aligning the Admin UI and authz rules with backend, removing default configs
Using external/email endpoint in access.js authz rule |
d01b29a2b512ef92eede086eb0eec386988c7c12 |
|
08-Oct-2015 |
Jake Feasel <jake.feasel@forgerock.com> |
OPENIDM-3892 - Integrating User Self-Service with the openidm selfservice UI
Bumping up to forgerock-ui 7.2.0
Fixes backgrid layout by including common/structure/backgrid.less
Deleting old registration and reset code, and clearing out a lot of cruft
Fixes to the /admin config screens for self-service:
- for mimeType, ordering, labels, and _id removal
- Updating ui/configuration when self-service features are enabled/disabled
- bug with admin context startup, due to looking at wrong site configuration delegate |
21dcdac963f79c098a5ea1a2c5c5e109429c9786 |
|
19-Sep-2015 |
Brendan Miller <brendan.miller@forgerock.com> |
CHF-68 and CHF-69: move Context, SecurityContext, and AbstractRouter to services package |
e2cd22a6774d3e0685b065c43a4078728bb6e279 |
|
26-Aug-2015 |
Jake Feasel <jake.feasel@forgerock.com> |
Replaces request.resourceName with request.resourcePath in scripts |
548f3b5b60083f72f96392b63841b7311a3a25b7 |
|
28-Jan-2015 |
Laurent Bristiel <laurent.bristiel@forgerock.com> |
OPENIDM-2797 CR-5901 Add some logging in authorization process |
f75ce47181440b11f1b5854c250234085fa31d0c |
|
11-Dec-2014 |
omebold <omebold@localhost> |
[OPENIDM-2580] CR-5617 Fixing bug in checking user access rights when starting a workflow |
280f5f217c81e0b90c2b526a8a03849c1371545c |
|
08-Sep-2014 |
Brendan Mmiller <brendan.miller@forgerock.com> |
OPENIDM-2180 (CR-4447) Disallow ?_action=command on repo via HTTP |
19a49ac2483aa88f728c6ffbdc4d6763750bada1 |
|
08-May-2014 |
Jake Feasel <jake.feasel@forgerock.com> |
CR-3494 - OPENIDM-1825
Relax restrictions on GET requests, so that the presence of a custom header isn't necessary |
768b89b44a1108780a6731ba267fafb2e823502f |
|
19-Feb-2014 |
Brendan Mmiller <brendan.miller@forgerock.com> |
Since caller, if defined, will always have .external and it will
always been boolean, simplify the expression with "truthiness". |
b79e4b9e47c9ca17acb36d1cd4cacc78b03d526e |
|
19-Feb-2014 |
Chad Kienle <chad.kienle@forgerock.com> |
Fixed managedUserRestrictedToAllowedProperties() function to correctly get patch operations from an ACTION/patch request. |
95a278acb3e120f22ba984c0578f65eb0d860d3d |
|
18-Feb-2014 |
Brendan Mmiller <brendan.miller@forgerock.com> |
IDME-122 (CR-3020)
Align internal context changes from CREST-142/IDME-121/IDME-123
Reverts part of r2848 to allow policy service _validateObject action from
policyFilter.js to be viewed "external" without extra param hook. |
4c50f129b49781374cbf91f49eeb5c97546ce492 |
|
18-Feb-2014 |
Jake Feasel <jake.feasel@forgerock.com> |
http://sources.forgerock.org/cru/CR-3014 - Adding CORS and GZIP servlet filters
https://bugster.forgerock.org/jira/browse/OPENIDM-1145 |
6e68db58e3aa69086437f78b9bcd164dcb3dc09a |
|
11-Feb-2014 |
Jake Feasel <jake.feasel@forgerock.com> |
http://sources.forgerock.org/cru/CR-2981 - FR-UI - Dialog transition problems, improved default value support, and IDM enduser UI alignment |
cb8b8ead63db27ce2eaae3584deb6b6d35366678 |
|
03-Feb-2014 |
Jake Feasel <jake.feasel@forgerock.com> |
http://sources.forgerock.org/cru/FR-62 - Aligning scripts in CREST branch to use new request and context variables, and updates to workflow UI
Resolves IDME-108 |
1efcf1f855dad06a6ee70d96ffa9ea8145e6fc9b |
|
31-Jan-2014 |
Brendan Mmiller <brendan.miller@forgerock.com> |
Bulk update to update to forgerock-rest-2.2.1 and forgerock-script-1.1.1 in order to resolve
CREST-138 - UpdateRequest#getNewContent -> UpdateRequest#getContent
CREST-139 - ActionRequest#getAdditionalActionParameters -> ActionRequest#getAdditionalParamters
QueryRequest#getAdditionalQueryParameters -> QueryRequest#getAdditionalParamters
OPENIDM-1617 - revert request member "method" back to "type" and use lowercase values
IDME-72 - Allow javascript to set element at variable[0] |
cbb4911a34ac36b93294fda2b5936a32ddd2ecd0 |
|
29-Jan-2014 |
Brendan Mmiller <brendan.miller@forgerock.com> |
Update javascript to use new request/context bindings. Retool PolicyService
to pass CREST Request objects on through rather than build custom maps
(for the old javacript) |
7c46e67625712e94487c8a4354fe647faf63d6ca |
|
22-Jan-2014 |
Jake Feasel <jake.feasel@forgerock.com> |
http://sources.forgerock.org/cru/FR-47 - Updates to UI and script to align with recent script query changes and merging in list-based role updates from trunk |
b0fda3084c76621b5c86f24ffe4b70e864181290 |
|
07-Jan-2014 |
Jake Feasel <jake.feasel@forgerock.com> |
http://sources.forgerock.org/cru/FR-29 - OpenIDM UI changes for CREST branch - aligning with API and commons-ui |
4098d8e8496291ef7a21f5f36fabd292d12f8cdb |
|
12-Dec-2013 |
Jake Feasel <jake.feasel@forgerock.com> |
http://sources.forgerock.org/cru/FR-20 - Pulling in numerous updates to common ui from bridge work
http://sources.forgerock.org/cru/FR-22 - Updates to pass-through auth config and script to be more flexible with choice of ldap backend |
ec5c0422351c91b9c6d27e86ef376a2e040df693 |
|
22-Nov-2013 |
Chad Kienle <chad.kienle@forgerock.com> |
Removed a System.out comment. |
e792453c18b3f58c9cb679cc4f55a256b266b69e |
|
08-Nov-2013 |
Chad Kienle <chad.kienle@forgerock.com> |
Added patch operations to the "request" for scripted filters. Updated the managedUserRestrictedToAllowedProperties function to use new PatchOperation format. |
b47cebc1f63ebddfe068c3ae1e7e9893820fdfd1 |
|
18-Oct-2013 |
Chad Kienle <chad.kienle@forgerock.com> |
Updated the router-authz.js script to correctly pull the "id" property from the request.security map. |
9fef165933ea6e9a2504d4c73bd661a3c8dc5de8 |
|
06-Sep-2013 |
Phill Cunnington <phill.cunnington@forgerock.com> |
Updating all thrown exceptions in js script to use 'code' to specify the http code instead of 'openidmCode' |
3dd5d81f98722756d0c355863f82ba215a35b1af |
|
15-Aug-2013 |
Andi Egloff <andi.egloff@forgerock.com> |
To go along with r2395, if the statement gets removed remove the comment that goes with it |
e872775192b1ba14dd52ea258628cae6877280f2 |
|
14-Aug-2013 |
Chad Kienle <chad.kienle@forgerock.com> |
Removed a System.out.println statement. |
4b203af8c8ae29cad34923504aa6041c69ee92af |
|
08-Aug-2013 |
Chad Kienle <chad.kienle@forgerock.com> |
Added request.action property containing the action name of an ActionRequest, for script consumption. |
f7b61e179055c42fd8f76b33d0b2e482d79ff85a |
|
31-Jul-2013 |
Chad Kienle <chad.kienle@forgerock.com> |
Initial fixes to get Scheduler service create/read working and scripted scheduled jobs executing. Added modifications to the "security" object in scripts to fix errors with retrieving roles. |
6df8dfdece0d7d39692a42337fc5141bc74b93c6 |
|
18-May-2013 |
Chad Kienle <chad.kienle@forgerock.com> |
[OPENIDM-1325][CR-1703] Changed load() function call in router-authz.js script to pass along "this" for access to "openidm" from the loaded script. |
5a755758adb482bf6e06fc184e9e55d292c48373 |
|
22-Feb-2013 |
Jake Feasel <jake.feasel@forgerock.com> |
UI is inoperable in IE8 due to lowercase request headers
https://bugster.forgerock.org/jira/browse/OPENIDM-1208 |
edcfe5ddb24309b8c847d12ea434dfecba10d540 |
|
23-Jan-2013 |
Chad Kienle <chad.kienle@forgerock.com> |
[OPENIDM-1113][CR-1210] Expanded IndentityServer methods accessible from scripts to include getters for the working, project, and install locations of OpenIDM. Updated router-authz.js to use the project location when loading access.js. |
1e8763e3f77ad5789555ac375f3c8469a935547e |
|
22-Jan-2013 |
Jake Feasel <jake.feasel@forgerock.com> |
https://bugster.forgerock.org/jira/browse/OPENIDM-1118
http://sources.forgerock.org/cru/CR-1198 |
0f98fcec84c953d042aea98ce3a4137d9cbb1f35 |
|
17-Jan-2013 |
Jake Feasel <jake.feasel@forgerock.com> |
https://bugster.forgerock.org/jira/browse/OPENIDM-1118
http://sources.forgerock.org/cru/CR-1183 |
759cbe36aeb56cbe1e788d90fbaa7f1a7e797f5d |
|
15-Jan-2013 |
Jake Feasel <jake.feasel@forgerock.com> |
Using JSLint to validate server-side JavaScript code as part of the maven build process.
Updates to server-side JavaScript to pass JSLint validation rules.
http://sources.forgerock.org/cru/CR-1175 |
2e36d8e60ec1acc656396fbd2d86ae01bcea0d57 |
|
14-Dec-2012 |
Jake Feasel <jake.feasel@forgerock.com> |
http://sources.forgerock.org/cru/CR-1107#CFR-20620 - Granting patch for managed/user/password to openidm-cert users.
https://bugster.forgerock.org/jira/browse/OPENIDM-988 - OpenDJ Password Synchronization Plugin raising error on password change in OpenDJ |
245d622535c32563b59ef5027b1171167ba9b451 |
|
12-Dec-2012 |
Jake Feasel <jake.feasel@forgerock.com> |
merging trunk r1735-1772 |
19b72d96fd51e6080be5ebe459a13011fc120fe0 |
|
11-Dec-2012 |
Jake Feasel <jake.feasel@forgerock.com> |
http://sources.forgerock.org/cru/CR-1083 - OpenIDM - fix whitelist to support complex attributes
https://bugster.forgerock.org/jira/browse/OPENIDM-1006#comment-17456 - further testing by Laurent, specifically on complex attributes |
bd040ebb8e96fb1d0bfd1a3445a649dd9c6f8120 |
|
07-Dec-2012 |
Jake Feasel <jake.feasel@forgerock.com> |
Whitelist for attributes users are allowed to modify on their account
http://sources.forgerock.org/cru/CR-1043
https://bugster.forgerock.org/jira/browse/OPENIDM-1006 |
b3ec0fd47cdcf8f64148a88ac62a7a68411c5c89 |
|
07-Dec-2012 |
Jake Feasel <jake.feasel@forgerock.com> |
Whitelisting user attributes - http://sources.forgerock.org/cru/CR-1043
Changing default behavior in mysql to be case-sensitive for usernames, as in OrientDB - http://sources.forgerock.org/cru/CR-1039 |
af7c06901549f25ce234c09be711b305cc478667 |
|
29-Nov-2012 |
Chad Kienle <chad.kienle@forgerock.com> |
[OPENIDM-962] Added logic to ingore case on method and action matching. |
94bf3f92ee8bb97dc3d2dbd9993c8a7f0c829e33 |
|
28-Nov-2012 |
Jake Feasel <jake.feasel@forgerock.com> |
For changes to access.js:
https://bugster.forgerock.org/jira/browse/OPENIDM-936
http://sources.forgerock.org/cru/CR-970
For changes to router-authz.js:
https://bugster.forgerock.org/jira/browse/OPENIDM-935
http://sources.forgerock.org/cru/CR-969 |
27454931400c5bb9a7e04889083d3cd49490fb60 |
|
28-Nov-2012 |
Jake Feasel <jake.feasel@forgerock.com> |
Restoring disallowQueryExpression customAuthz
https://bugster.forgerock.org/jira/browse/OPENIDM-935 |
aace62dc1d1c24b5d59eab3adc027843e28cacb8 |
|
22-Nov-2012 |
Chad Kienle <chad.kienle@forgerock.com> |
[OPENIDM-936] Added support for an "excludePatterns" field in httpAccessConfig entries. |
68b5e9406aedda79c0aade622122c40196231229 |
|
21-Nov-2012 |
Chad Kienle <chad.kienle@forgerock.com> |
[OPENIDM-922] Renamed accessConfig object to httpAccessConfig and adjusted the comments. |
02756b6ea45125f8f83409870493fff95a5b6a2e |
|
21-Nov-2012 |
Chad Kienle <chad.kienle@forgerock.com> |
[OPENIDM-922] Added access to Rhino shell commands in OpenIDM scripts. Separated enforcement and helper logic of router authorization script. Moved router-authz.js to bin/defaults. |