fusiondirectory issueshttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues2024-03-28T10:51:25Zhttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6309Support SSHA512 password if overlay pw-sha2 is installed2024-03-28T10:51:25ZJonathan SwaelensSupport SSHA512 password if overlay pw-sha2 is installedHello @tdockx
We need to support SSHA512 password type when pw-sha2 is installed.
FusionDirectory must be able to accept SSHA512 type of password and also to generate them.
CheersHello @tdockx
We need to support SSHA512 password type when pw-sha2 is installed.
FusionDirectory must be able to accept SSHA512 type of password and also to generate them.
CheersFusionDirectory 1.4.1dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6299Adapt the ci to the reorganisation of the dev-tools and fixing the trigger do...2023-10-03T12:41:22ZbmortierAdapt the ci to the reorganisation of the dev-tools and fixing the trigger downstream pipelinesFusionDirectory 1.4.1bmortierbmortierhttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6291[Template] – Enhance current template in order to allow macro on every attrib...2023-10-03T12:35:42Zdockx thibault[Template] – Enhance current template in order to allow macro on every attributes[Template] – Enhance current template in order to allow macro on every attributes
The idea is to create within the backend configuration a table allowing creation of custom attributes name.
These attributes would be present within the u...[Template] – Enhance current template in order to allow macro on every attributes
The idea is to create within the backend configuration a table allowing creation of custom attributes name.
These attributes would be present within the user template.
The concept is therefore to use those attributes to fulfill the "real" attributes, allowing macro to run on them.
The problem we have today, such an SN and GivenName is that macro cannot run upon themselves.
This would allow better attributes nomenclature management, removing the need of passing by third party tools such as LSC.
Another benefits is also to remove potentials entries errors by fulfilling wrongly (a typo E.g) within an attribute field.
1. Backend configuration to allow creation of custom attributes.
2. Modifying current template, adding a simple tabs with the new attributes. (They can all stay as type : String, verification will be performed upon save on the real attributes).
3. %askme% would therefore be placed on those custom attributes within the template.FusionDirectory 1.4.1dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6289[Core] - LDAP search methods are triggered when user is created reporting an ...2023-10-03T12:35:32Zdockx thibault[Core] - LDAP search methods are triggered when user is created reporting an error within logs### Description
[Core] - LDAP search methods are triggered when user is created reporting an error within logs
### Distribution Name and Version
Debian 11
### FusionDirectory Version
Repo
### PHP version used
7.4
### Origin of ph...### Description
[Core] - LDAP search methods are triggered when user is created reporting an error within logs
### Distribution Name and Version
Debian 11
### FusionDirectory Version
Repo
### PHP version used
7.4
### Origin of php packages
Repo
### Steps to Reproduce
Simply create a new user and inspect syslog
**Expected behavior:**
No error
**Actual behavior:**
**Jul 3 06:30:31 debian11-fd-vm slapd[2691]: conn=1049 op=2 do_search: invalid dn: "new"**
Jul 3 06:30:31 debian11-fd-vm php: FusionDirectory [fd-admin]: (create) uid=thibault,ou=people,dc=nodomain of type plugin/user objectClass,cn,sn,givenName,uid,userPassword: Success
Jul 3 06:30:31 debian11-fd-vm php: FusionDirectory [fd-admin]: (create) uid=thibault,ou=people,dc=nodomain of type plugin/userRoles objectClass: Success
**Reproduces how often:**
100%
### Additional Information
Does not occur on groups / departments or others save such as tasks.
Seems focused on Users creation.FusionDirectory 1.4.1dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6288Make password mandatory based on hash method2023-10-03T12:39:12ZJonathan SwaelensMake password mandatory based on hash methodHello @tdockx
The password is not mandatory by default, it can be seen if we make a template and set the hash method to ssha for example.
There is no `*`. It would be better if we can set it as mandatory based on the hash method.
Righ...Hello @tdockx
The password is not mandatory by default, it can be seen if we make a template and set the hash method to ssha for example.
There is no `*`. It would be better if we can set it as mandatory based on the hash method.
Right now the workaround is to use an `%askme%` macro.
What do you think @bmortier ?FusionDirectory 1.4.1dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6287Change version to 1.4-fixes2023-10-03T12:37:39ZbmortierChange version to 1.4-fixesHello,
we need to change the version to 1.4-fixes
CheersHello,
we need to change the version to 1.4-fixes
CheersFusionDirectory 1.4.1bmortierbmortierhttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6239Update include/variables_common.inc for 1.3.1-fixes2023-01-12T14:11:38ZbmortierUpdate include/variables_common.inc for 1.3.1-fixesHello,
we need to Update include/variables_common.inc for 1.3.1-fixes
CheersHello,
we need to Update include/variables_common.inc for 1.3.1-fixes
CheersFusionDirectory 1.3.2bmortierbmortierhttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6233update the php min version2022-10-12T11:02:15Zbmortierupdate the php min versionHello,
the php min version has changed for 1.3 so we need to update the file include/variables_common.inc :
* define('PHP_MIN_VERSION', '7.3.0');Hello,
the php min version has changed for 1.3 so we need to update the file include/variables_common.inc :
* define('PHP_MIN_VERSION', '7.3.0');FusionDirectory 1.3.1bmortierbmortierhttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6230add authors to authors.md for 1.3.12022-09-08T15:48:35Zbmortieradd authors to authors.md for 1.3.1Hello,
we need to add the contributors for 1.3.1 in Authors.md
CheersHello,
we need to add the contributors for 1.3.1 in Authors.md
CheersFusionDirectory 1.3.1bmortierbmortierhttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6223remove all reference to stretch registry images2023-06-23T20:02:42Zbmortierremove all reference to stretch registry imagesHello,
we need to remove all reference to stretch images in the registry
CheersHello,
we need to remove all reference to stretch images in the registry
CheersFusionDirectory 1.3.1bmortierbmortierhttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6222[1.3.1] - Fixing LDAP Search filter code style2022-09-12T13:32:18Zbmortier[1.3.1] - Fixing LDAP Search filter code style### Description
A bug was introduced during the codestyle changes for core.
ldap filter are falty.
### Distribution Name and Version
Debian Buster
### FusionDirectory Version
1.3.1
### PHP version used
7.3 (official buster)
### O...### Description
A bug was introduced during the codestyle changes for core.
ldap filter are falty.
### Distribution Name and Version
Debian Buster
### FusionDirectory Version
1.3.1
### PHP version used
7.3 (official buster)
### Origin of php packages
Distro
### Steps to Reproduce
Try to setup fusiondirectory for its first installation.
**Expected behavior:**
Installation successful
**Actual behavior:**
Error during setup of FD
**Reproduces how often:**
100 percent
### Additional Information
NoneFusionDirectory 1.3.1bmortierbmortier2022-07-28https://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6221[Enhancement] - Change CI 1.3.1 - CodeStyle to refelect 1.4 rules2022-09-12T13:33:03Zbmortier[Enhancement] - Change CI 1.3.1 - CodeStyle to refelect 1.4 rules### Requirements
* Filling out the template is required. Any Enhancement request that does not include enough information to be reviewed in a timely manner may be closed at the maintainers' discretion.
* All new code requires tests to e...### Requirements
* Filling out the template is required. Any Enhancement request that does not include enough information to be reviewed in a timely manner may be closed at the maintainers' discretion.
* All new code requires tests to ensure against regressions
## Descriptive title for this enhancement
1.3.1 uses an old codestyle and it has been agreed to change it to correspond to 1.4 (actual version to date).
### Actual behavior
Old codestyle is being used
### Expected behavior
New codestyle is being used
### Step by step description of new behaviour
```yaml
# PHP codesniffer
create_php_code_sniffer_rapport:
image: registry.fusiondirectory.org/fusiondirectory/fd/phpcodesniffer-cli:stretch
stage: codestyle
only:
- branches
script:
- test -d ../dev-tools/ && rm -Rf ../dev-tools/
- git clone --depth 1 https://gitlab.fusiondirectory.org/fusiondirectory/dev-tools.git -b 1.3 ../dev-tools
- find . -type f -name '*.php' -o -name '*.inc' > ./filelist
- phpcs --standard=../dev-tools/php-codesniffer-rules/FDStandard/ruleset.xml --file-list=./filelist
```
change the git clone with proper updated branch reflecting latest up to date branch.
### Benefits
Code style will be aligned everywhere.
### Possible Drawbacks
Possible risk of automated-testing reporting issues for mistakes introduced during code style changes.
No php lint errors must be reported prior of changing the CI.
### Applicable Issues
NoneFusionDirectory 1.3.1bmortierbmortierhttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6220[CodeStyle] - 1.3.1 Requires adaptation to align code style with 1.42022-09-12T13:31:21Zbmortier[CodeStyle] - 1.3.1 Requires adaptation to align code style with 1.4Current customer release 1.3.1 (1.3-fixes) uses old PHP code style, which requires updates to have equivalence with release 1.4-dev.
This will allow uniformization between the two releases.Current customer release 1.3.1 (1.3-fixes) uses old PHP code style, which requires updates to have equivalence with release 1.4-dev.
This will allow uniformization between the two releases.FusionDirectory 1.3.1bmortierbmortierhttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6219[security] - Cookie session is not renewed or set after authentification2022-09-12T13:26:33Zbmortier[security] - Cookie session is not renewed or set after authentification### Requirements
The session cookie is being set on the login page prior to user being authenticated.
It is wise to either renew it after authentication or to only set it up after logged in.
## Descriptive title for this enhancement...### Requirements
The session cookie is being set on the login page prior to user being authenticated.
It is wise to either renew it after authentication or to only set it up after logged in.
## Descriptive title for this enhancement
[security] - Cookie session is not renewed or set after authentification
### Actual behavior
Session cookie is being set prior to user authentication.
### Expected behavior
Session cookie renewed or set after logged in method.
### Step by step description of new behavior
1.Login
2.Session cookie set or renewed
### Benefits
Avoid what we call a Session_Fixation security issue.
### Possible Drawbacks
Possible re-writing on how sessions are initiated.
### Applicable Issues
NoneFusionDirectory 1.3.1bmortierbmortier2022-07-07https://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6217[Security] - Set Cookie settings to TRUE for option "HttpOnly"2022-09-12T13:30:01Zbmortier[Security] - Set Cookie settings to TRUE for option "HttpOnly"### Requirements
Security enhancement - it is desirable to set the cookie (upon login page) settings to TRUE for attribute HttpOnly.
"HttpOnly" option makes sure that XSS code injected though JavaScript will be refused by the browser.
...### Requirements
Security enhancement - it is desirable to set the cookie (upon login page) settings to TRUE for attribute HttpOnly.
"HttpOnly" option makes sure that XSS code injected though JavaScript will be refused by the browser.
To be integrated within 1.3-fixes and 1.4-dev.
## Descriptive title for this enhancement
[Security] - Set Cookie settings to TRUE for option "HttpOnly">
### Actual behavior
Cookie HttpOnly is set to FALSE
### Expected behavior
HttpOnly set to TRUE
### Step by step description of new behaviour
Update php.ini to set HttpOnly cookie option to TRUE.
### Benefits
Less possible attack coming from inject of javascript XSS
### Possible Drawbacks
None
### Applicable Issues
NoneFusionDirectory 1.3.1bmortierbmortier2022-07-07https://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6173PHP error: Array to string conversion in class_fiInventory.inc:1992022-09-01T09:37:10ZbmortierPHP error: Array to string conversion in class_fiInventory.inc:199Only in 1.3 branch:
```
=== Error ===
PHP error: Array to string conversion
(/usr/share/fusiondirectory/plugins/admin/systems/fusioninventory/class_fiInventory.inc,
line 199)
=== /Error ===
=== Trace ===
Trace[1]:function implode
Fil...Only in 1.3 branch:
```
=== Error ===
PHP error: Array to string conversion
(/usr/share/fusiondirectory/plugins/admin/systems/fusioninventory/class_fiInventory.inc,
line 199)
=== /Error ===
=== Trace ===
Trace[1]:function implode
File :
/usr/share/fusiondirectory/plugins/admin/systems/fusioninventory/class_fiInventory.inc
Line : 199
Type : -
")(macAddress=",array(array("96:00:00:14:4b:82"))
```FusionDirectory 1.3.1bmortierbmortierhttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6152Add subscription screen2023-06-23T20:02:17ZbmortierAdd subscription screenThe idea is to have a «Subscription» page in the menu (with its own ACLs), showing either information about how to get a subscription, or information about the subscription stored in the LDAP.
It must be able to import this information f...The idea is to have a «Subscription» page in the menu (with its own ACLs), showing either information about how to get a subscription, or information about the subscription stored in the LDAP.
It must be able to import this information from a file sent to subscribers, not sure yet if it should be LDIF or JSON. Apart from the import field, information is read-only.
The information is stored under ou=fusiondirectory.FusionDirectory 1.3.1bmortierbmortierhttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6142The filter for configuration is wrong in fusiondirectory-setup2021-03-23T10:27:22ZbmortierThe filter for configuration is wrong in fusiondirectory-setupWhen creating an admin user, fusiondirectory-setup uses the filter `(&(objectClass=fusionDirectoryConf)(cn=fusiondirectory))` but the configuration cn is `config` and not `fusiondirectory`.
It should use the `my $configrdn = "cn=config...When creating an admin user, fusiondirectory-setup uses the filter `(&(objectClass=fusionDirectoryConf)(cn=fusiondirectory))` but the configuration cn is `config` and not `fusiondirectory`.
It should use the `my $configrdn = "cn=config,ou=fusiondirectory"; var` instead.FusionDirectory 1.3.1bmortierbmortierhttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6139Add a security.md for github compliance2022-09-09T08:24:57ZbmortierAdd a security.md for github complianceHello,
we need a security.md for github compliance
we can use https://www.fusiondirectory.org/en/security/
CheersHello,
we need a security.md for github compliance
we can use https://www.fusiondirectory.org/en/security/
CheersFusionDirectory 1.3.1bmortierbmortierhttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6122Problems with FD web setup2021-08-25T18:13:38ZbmortierProblems with FD web setupThe «Installation check» page fails to load checks at first load, and only shows two empty warning checks.
Also the right section shows «PHP setup configuration (<a href="?info" target="_blank">show information</a>)» as title, the html ...The «Installation check» page fails to load checks at first load, and only shows two empty warning checks.
Also the right section shows «PHP setup configuration (<a href="?info" target="_blank">show information</a>)» as title, the html link is escaped.FusionDirectory 1.3.1bmortierbmortier