fusiondirectory issueshttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues2020-04-21T19:29:43Zhttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6046Add a security tab on users2020-04-21T19:29:43ZbmortierAdd a security tab on users
## Descriptive title for this enhancement
Put a security tab on the users
### Actual behavior
No possibility to know the last session, or action made by the user itself on his account
### Expected behavior
Have a security tab on t...
## Descriptive title for this enhancement
Put a security tab on the users
### Actual behavior
No possibility to know the last session, or action made by the user itself on his account
### Expected behavior
Have a security tab on the user that show :
* The last login on fusionDirectory
* Active session
* Logs of authentication events
### Step by step description of new behaviour
look at attached pictures for an idea
![github-two-factor-backend-sessions](/uploads/74410d768bf74bc5feb075d2eacb3e13/github-two-factor-backend-sessions.png)
![github-two-factor-backend-security-history](/uploads/af867d7838fd51734a5a4aecd2e65e3d/github-two-factor-backend-security-history.png)
### Benefits
The user can check what happened to his account, important for high privileges account but also to reinforce the security aspect of fusiondirectory
### Possible Drawbacks
need to design own objectclass and attributes
### Applicable Issues
SecurityFusionDirectory 1.4bmortierbmortierhttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/5995Audit events DN are too long2021-07-30T12:34:23ZbmortierAudit events DN are too longRelated to fd-plugins#5825
Audit events do not include fdAuditId because create_unique_dn only accepts string values.
Also, having the microseconds it the timestamp would be good because it gives more information (especially order of e...Related to fd-plugins#5825
Audit events do not include fdAuditId because create_unique_dn only accepts string values.
Also, having the microseconds it the timestamp would be good because it gives more information (especially order of events) and helps having unique DNs.FusionDirectory 1.3.1bmortierbmortierhttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/5931Use date HTML5 input type for DateAttribute2021-01-29T20:49:02ZbmortierUse date HTML5 input type for DateAttributeFrom #5910
> The hard decision is whether to replace our date input by the type=date HTML5 input. Here is the support matrix: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input/date#Browser_compatibility
>
> All major bro...From #5910
> The hard decision is whether to replace our date input by the type=date HTML5 input. Here is the support matrix: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input/date#Browser_compatibility
>
> All major browsers seem to support it, and I expect most of them will have a better interface than our old fashion datepicker. It would mean switching from d.m.Y to YYYY-MM-DD format for POST value. We may keep d.m.Y as internal value to avoid confusing webservice and internal code (but I do think YYYY-MM-DD is a better and more widely used format).
>
> For outdated browser, they would in this case show a text input field and users would have to "guess" they need to enter YYYY-MM-DD format. We can detect this case in javascript and maybe add a text to explain this, or even try to add the old datepicker (but that means adapt its code to support YYYY-MM-DD format). We can use pattern attribute to force NNNN-NN-NN format (with N an integer), which is more widely supported (IE>=10).
I think we should migrate DateAttribute to HTML5 and to `YYYY-MM-DD` internal format. It may break external tools relying on the webservice.
It could break some internal features but this seems unlikely.
I think we should drop the JS datepicker entirely.
This should be done in a major release, so either %"FusionDirectory 1.4" or 1.5.FusionDirectory 1.4bmortierbmortierhttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/5821Error when deleting more than 2 groups in the Webinterface/GUI2018-08-08T20:40:09ZbmortierError when deleting more than 2 groups in the Webinterface/GUI### Description
When deleting more than 2 groups on the GUI, FD throws an error, but deletes the groups.
The error message:
"Failed to compute DN for object: Failed to create a unique DN"
### Distribution Name and Version
Whatever is...### Description
When deleting more than 2 groups on the GUI, FD throws an error, but deletes the groups.
The error message:
"Failed to compute DN for object: Failed to create a unique DN"
### Distribution Name and Version
Whatever is on demo, demo-fixes
### FusionDirectory Version
1.2, 1.2 fixes.
### PHP version used
Whatever is on demo, demo-fixes
### Origin of php packages
Whatever is on demo, demo-fixes
### Steps to Reproduce
1. Select 3 groups by ticking off the boxes to the left of them
2. Delete them all by going to Actions -> Remove
3. Observe error message
**Expected behavior:**
Any number of groups should be deletable with no error being thrown.
**Actual behavior:**
Error is thrown when deleting more than 2 groups at once.
Error message: "Failed to compute DN for object: Failed to create a unique DN"
I think the message is different across versions of FD.
**Reproduces how often:**
100%FusionDirectory 1.3bmortierbmortierhttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/5817Unique DN creation may fail for audit plugin2018-07-18T07:40:14ZbmortierUnique DN creation may fail for audit plugin### Description
<!-- Required -->
<!-- Description of the issue -->
See #5800 and fd-plugins#5802
It seems when deleting an object the log of removing each tab creates a lot of audit event at the same second which may collide and fail ...### Description
<!-- Required -->
<!-- Description of the issue -->
See #5800 and fd-plugins#5802
It seems when deleting an object the log of removing each tab creates a lot of audit event at the same second which may collide and fail DN creation.FusionDirectory 1.3bmortierbmortierhttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/5795Activating audit for action 'security' causes error at login2018-03-26T15:12:14ZbmortierActivating audit for action 'security' causes error at loginSee fd-plugins#5794See fd-plugins#5794FusionDirectory 1.2.1bmortierbmortierhttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/5784Activating audit for action 'security' causes error at login2018-03-15T08:50:24ZbmortierActivating audit for action 'security' causes error at login### Description
After a successful login, the error "The required field 'Object' is empty!" appears (see attached screenshot).
[Screen_Shot_2018-03-04_at_09.29.44](/uploads/ffe7da2b64724db446e02629e0791556/Screen_Shot_2018-03-04_at_09....### Description
After a successful login, the error "The required field 'Object' is empty!" appears (see attached screenshot).
[Screen_Shot_2018-03-04_at_09.29.44](/uploads/ffe7da2b64724db446e02629e0791556/Screen_Shot_2018-03-04_at_09.29.44.png)
### Distribution Name and Version
Ubuntu 14.04.5
### FusionDirectory Version
1.2-1
### PHP version used
5.5.9+dfsg-1ubuntu4.23
### Origin of php packages
`deb http://repos.fusiondirectory.org/fusiondirectory-extra/debian-jessie jessie main`
### Steps to Reproduce
1. Log in
2. Error appears
3. Click ok and everything seemingly works
**Expected behavior:**
No error is expected to display.
**Actual behavior:**
Error displays.
**Reproduces how often:**
Happens in 100% of the successful logins.
### Additional Information
The following modules are installed:
```
ii fusiondirectory 1.2-1 all Web Based LDAP Administration Program
ii fusiondirectory-plugin-alias-schema 1.2-1 all LDAP schema for FusionDirectory alias plugin
ii fusiondirectory-plugin-audit 1.2-1 all audit plugin for FusionDirectory
ii fusiondirectory-plugin-audit-schema 1.2-1 all LDAP schema for FusionDirectory audit plugin
ii fusiondirectory-plugin-mail 1.2-1 all base mail plugin for FusionDirectory
ii fusiondirectory-plugin-mail-schema 1.2-1 all LDAP schema for FusionDirectory mail plugin
ii fusiondirectory-plugin-posix 1.2-1 all posix account and group plugin for FusionDirectory
ii fusiondirectory-schema 1.2-1 all LDAP schema for FusionDirectory
ii fusiondirectory-smarty3-acl-render 1.2-1 all Provide FusionDirectory ACL based rendering for Smarty3
```FusionDirectory 1.3bmortierbmortier