Commit graph

81 commits

Author SHA1 Message Date
05cbc7163a Merge pull request 'Dust off the codebase.' (#8) from q3k/dustoff into master
Reviewed-on: #8
2024-07-08 12:10:23 +00:00
1f51fbea85 *: blacken 2024-07-07 21:46:29 +02:00
f4c6620007 ci.sh: create 2024-07-07 21:45:55 +02:00
c6688ec8cb *: type annotate 2024-07-07 21:45:54 +02:00
e84974ac74 Merge pull request 'papertrail, admin mifarehashid, protected groups' (#7) from papertrail into master
Reviewed-on: #7
2024-07-07 15:54:53 +00:00
a01336216d
admin: clean up mifareidhash modification 2023-11-23 20:07:26 +01:00
9e5c7a3fcb
admin: disallow changing mifareidhash for protected users 2023-11-23 19:54:38 +01:00
49bb6279de
admin: send papertrail when adding/deleting mifareidhash 2023-11-23 19:46:16 +01:00
5c29c003b2
config: update default protected groups 2023-11-23 19:42:21 +01:00
99e2bfb9da
admin: delete mifareidhash from admin ui 2023-11-23 19:42:12 +01:00
984916ba04
admin: add mifare hash id via admin ui 2023-11-23 19:00:34 +01:00
bcc23d5055
admin: add "protected" callouts 2023-11-23 17:54:50 +01:00
365d404438
config: add protected groups + clean up 2023-11-23 17:41:28 +01:00
2816cb245d
Improve README 2023-11-23 17:35:52 +01:00
ed7a028196
Add papertrail (email alerts) module 2023-11-23 17:26:12 +01:00
60d6f2e9d5 Admin: tighter user list layout 2023-10-29 19:36:56 +01:00
34d897ff78 Merge pull request 'Gravatar etc.' (#6) from gravatar into master
Reviewed-on: #6
2023-10-29 18:36:06 +00:00
d29a57233f Admin: Important avatar changes lmao 2023-10-28 15:36:19 +02:00
564b3e9888 vcard: fix avatar preview 2023-10-24 10:21:10 +02:00
f59886c33f ldaputils: allow dot in names
turns out we have 3 users with dots in their uid ¯\_(ツ)_/¯
2023-10-23 19:50:30 +02:00
6f51489194 Add Gravatar-style avatar endpoint, rename user-based requests to /avatar/user/<uid> 2023-10-23 19:48:03 +02:00
0ae77291cc Merge pull request 'Avatar vcard field - show / delete / upload + avatar serving improvements' (#2) from avatar-upload into master
Reviewed-on: #2
2023-10-20 19:58:12 +00:00
20acdee93c avatar: remove expired cache entries 2023-10-14 16:03:39 +02:00
b10f6478da avatar: don't generate avatars for non-users 2023-10-14 16:02:47 +02:00
a6cc147595 avatar: move timeout to config 2023-10-14 15:59:55 +02:00
fede3f68e5 preprocess avatar when uploading 2023-10-14 15:53:06 +02:00
e01267c49f upload avatar 2023-10-14 15:32:20 +02:00
92a5ebac2f delete user avatar 2023-10-14 15:31:27 +02:00
a38c451c66 show user avatar in /vcard 2023-10-14 14:35:32 +02:00
7afee30c14 clean up vcard template 2023-10-13 23:05:05 +02:00
4b85ce466e Improve README 2023-10-13 20:46:38 +02:00
a435e15698 Implement LDAP avatar serving
This adds a /avatar/<uid> endpoint which serves any jpegPhoto associated
with a given user account.

In true 'lol ldap' fashion, only `photo` and `jpegPhoto` fields are
defined. The first one is for G3 photos (a fax format!). The latter is
technically for JPEG. But we expect to abuse this and basically contain
_any_ sensible photo format in there, as long as Python's PIL can parse
it.

The serving function always resamples images to a 256x256 PNG. This
makes sure people don't leak EXIF and lets us depend on square avatars.

This entire code assumes that it is safe to PIL.Image.open untrusted
user data. My understanding is that it is, bar some DoS for very large
images. We limit the potential for DoS by storing the images in LDAP,
which I hope has some kind of field length limit...

Oh, and this also adds a 'default avatar' functionality which serves
simple generative mermaid art for any user who doesn't have an explicit
avatar set. To prevent leaking the existence of users who don't have an
avatar set, we serve such a generated avatar for all UIDs, including
UIDs which don't exist.
2023-10-08 18:14:00 +02:00
3752e0c558 rename config.py.dist to config.py 2023-09-23 18:28:02 +02:00
bdd0de0b53 admin: add group list and group details pages 2023-09-23 18:25:37 +02:00
dc2bb81f61 config and ldap handling refactor 2023-09-23 15:56:06 +02:00
64d62692d4 clean up python2 syntax 2023-09-23 11:23:28 +02:00
78458f6211 tweaks to vcard 2023-09-23 10:55:17 +02:00
e358bafcca clean up 2023-09-23 10:45:52 +02:00
3fd36123de split views into blueprints 2023-09-23 10:30:58 +02:00
f82e60e277 remove dead code 2023-09-23 10:04:46 +02:00
26c945a91d Merge branch 'admin' 2023-09-22 22:35:36 +02:00
b4e185ff31 tweaks based on q3k's feedback 2023-09-22 22:35:14 +02:00
def69fb5d3 ldap user: show groups 2023-09-22 21:58:49 +02:00
84abc355b9 remove dead code 2023-09-22 21:18:53 +02:00
bdfefcb234 require admin for /admin/* paths 2023-09-22 21:15:02 +02:00
3fcb7d2a4f link from admin user profile to kasownik 2023-09-20 23:12:13 +02:00
4732fb7066 render barebones ldap profile of any user 2023-09-20 23:02:56 +02:00
a94c138829 render list of all ldap users 2023-09-20 22:00:23 +02:00
e876fd65a5 show "admin" link if user is ldap admin 2023-09-20 20:51:47 +02:00
ccdacec835 deps: update flask to latest 2023-09-19 22:42:12 +02:00