bump version: 0.1.12-beta -> 0.1.13-beta

prepare 0.1.13
fix UserChangePasswordView not requiring Login
2019-03-11 11:31:12 +01:00 · 2019-03-11 11:31:06 +01:00 · 2019-03-11 11:25:59 +01:00 · 2019-03-11 11:03:25 +01:00 · 2019-03-11 10:52:50 +01:00 · 2019-03-11 09:51:00 +01:00
296 changed files with 6563 additions and 2507 deletions
--- a/.bumpversion.cfg
+++ b/.bumpversion.cfg
@ -1,5 +1,5 @@
 [bumpversion]
-current_version = 0.0.2-alpha
+current_version = 0.1.13-beta
 tag = True
 commit = True
 parse = (?P<major>\d+)\.(?P<minor>\d+)\.(?P<patch>\d+)\-(?P<release>.*)
@ -9,17 +9,22 @@ tag_name = version/{new_version}
 [bumpversion:part:release]
 optional_value = stable
 first_value = beta
 values = 
 	alpha
 	beta
 	stable
 [bumpversion:file:helm/passbook/values.yaml]
 [bumpversion:file:helm/passbook/Chart.yaml]
 [bumpversion:file:.gitlab-ci.yml]
 [bumpversion:file:passbook/__init__.py]
 [bumpversion:file:passbook/api/__init__.py]
 [bumpversion:file:passbook/core/__init__.py]
 [bumpversion:file:passbook/admin/__init__.py]
@ -30,11 +35,17 @@ values =
 [bumpversion:file:passbook/ldap/__init__.py]
 [bumpversion:file:passbook/lib/__init__.py]
 [bumpversion:file:passbook/hibp_policy/__init__.py]
 [bumpversion:file:passbook/password_expiry_policy/__init__.py]
 [bumpversion:file:passbook/saml_idp/__init__.py]
 [bumpversion:file:passbook/audit/__init__.py]
 [bumpversion:file:passbook/oauth_provider/__init__.py]
-[bumpversion:file:passbook/totp/__init__.py]
+[bumpversion:file:passbook/otp/__init__.py]
--- a/.dockerignore
+++ b/.dockerignore
@ -1,3 +1,4 @@
 env
 helm
 passbook-ui
 static
--- a/.gitignore
+++ b/.gitignore
@ -189,5 +189,5 @@ pyvenv.cfg
 pip-selfcheck.json
 # End of https://www.gitignore.io/api/python,django
-/static/*
+/static/
 local.env.yml
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -8,7 +8,15 @@ stages:
  - test
  - build
  - docs
-image: python:3.5
+  - deploy
 image: python:3.6
 services:
  - postgres:latest
 variables:
  POSTGRES_DB: passbook
  POSTGRES_USER: passbook
  POSTGRES_PASSWORD: 'EK-5jnKfjrGRm<77'
 include:
  - /allauth/.gitlab-ci.yml
@ -44,9 +52,9 @@ package-docker:
    name: gcr.io/kaniko-project/executor:debug
    entrypoint: [""]
  before_script:
-    - echo "{\"auths\":{\"https://docker.$NEXUS_URL/\":{\"username\":\"$NEXUS_USER\",\"password\":\"$NEXUS_PASS\"}}}" > /kaniko/.docker/config.json
+    - echo "{\"auths\":{\"docker.$NEXUS_URL\":{\"auth\":\"$NEXUS_AUTH\"}}}" > /kaniko/.docker/config.json
  script:
-    - /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --destination docker.pkg.beryju.org/passbook:latest --destination docker.pkg.beryju.org/passbook:0.0.2-alpha
+    - /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --destination docker.pkg.beryju.org/passbook:latest --destination docker.pkg.beryju.org/passbook:0.1.13-beta
  stage: build
  only:
    - tags
@ -55,59 +63,36 @@ package-helm:
  stage: build
  script:
    - curl https://raw.githubusercontent.com/helm/helm/master/scripts/get | bash
    - helm init --client-only
    - helm package helm/passbook
-    - ./manage.py nexus_upload --method put --url $NEXUS_URL --user $NEXUS_USER --password $NEXUS_PASS --repo helm *.tgz
+    - ./manage.py nexus_upload --method put --url $NEXUS_URL --auth $NEXUS_AUTH --repo helm *.tgz
  only:
    - tags
    - /^version/.*$/
-# package-3.5:
+package-debian:
-#   before_script:
+  before_script:
-#     - apt update
+    - apt update
-#     - apt install -y build-essential debhelper devscripts equivs python3 python3-pip
+    - apt install -y --no-install-recommends build-essential debhelper devscripts equivs python3 python3-dev python3-pip libsasl2-dev libldap2-dev
-#     - cp debian/control-3.5 debian/control
+    - mk-build-deps debian/control
-#     - mk-build-deps debian/control
+    - apt install ./*build-deps*deb -f -y
-#     - apt install ./*build-deps*deb -f -y
+    - python3 -m pip install -U virtualenv pip
-#     - "python3 -m pip install -U virtualenv"
+    - virtualenv env
-#     - "virtualenv env"
+    - source env/bin/activate
-#     - "source env/bin/activate"
+    - pip3 install -U -r requirements.txt -r requirements-dev.txt
-#     - "pip3 install -U -r requirements.txt -r requirements-dev.txt"
+    - ./manage.py collectstatic --no-input
-#   image: debian
+  image: ubuntu:18.04
-#   script:
+  script:
-#     - debuild -us -uc
+    - debuild -us -uc
-#     - cp ../passbook*.deb .
+    - cp ../passbook*.deb .
-#     - python manage.py nexus_upload
+    - ./manage.py nexus_upload --method post --url $NEXUS_URL --auth $NEXUS_AUTH --repo apt passbook*deb
-#   artifacts:
+  artifacts:
-#     paths:
+    paths:
-#     - passbook-python3.5*deb
+    - passbook*deb
-#     expire_in: 2 days
+    expire_in: 2 days
-#   stage: build
+  stage: build
-#   only:
+  only:
-#   - tags
+  - tags
-#   - /^debian/.*$/
+  - /^version/.*$/
 # package-3.6:
 #   before_script:
 #     - apt update
 #     - apt install -y build-essential debhelper devscripts equivs python3 python3-pip
 #     - cp debian/control-3.6 debian/control
 #     - mk-build-deps debian/control
 #     - apt install ./*build-deps*deb -f -y
 #     - "python3 -m pip install -U virtualenv"
 #     - "virtualenv env"
 #     - "source env/bin/activate"
 #     - "pip3 install -U -r requirements.txt -r requirements-dev.txt"
 #   image: debian:buster
 #   script:
 #     - debuild -us -uc
 #     - cp ../passbook*.deb .
 #     - python manage.py nexus_upload
 #   artifacts:
 #     paths:
 #     - passbook-python3.6*deb
 #     expire_in: 2 days
 #   stage: build
 #   only:
 #     - tags
 #     - /^debian/.*$r
 # docs:
 #   stage: docs
@ -129,3 +114,16 @@ package-helm:
 #     - mkdocs build
 #     - 'rsync -avh --delete web/* "beryjuorg@ory1-web-prod-1.ory1.beryju.org:passbook.beryju.org/"'
 #     - 'rsync -avh --delete site/* "beryjuorg@ory1-web-prod-1.ory1.beryju.org:passbook.beryju.org/docs/"'
 # deploy:
 #   environment:
 #     name: production
 #     url: https://passbook-prod.default.k8s.beryju.org/
 #   stage: deploy
 #   only:
 #   - tags
 #   - /^version/.*$/
 #   script:
 #     - curl https://raw.githubusercontent.com/helm/helm/master/scripts/get | bash
 #     - helm init
 #     - helm upgrade passbook-prod helm/passbook --devel
--- a/.prospector.yaml
+++ b/.prospector.yaml
@ -0,0 +1,12 @@
 strictness: medium
 test-warnings: true
 doc-warnings: false
 ignore-paths:
  - env
  - migrations
  - docs
  - node_modules
 uses:
 - django
--- a/29
+++ b/29
@ -1,17 +1,34 @@
-FROM python:3.6-slim-stretch
+FROM python:3.6-slim-stretch as build
 # LABEL version="1.8.8"
 COPY ./passbook/ /app/passbook
 COPY ./static/ /app/static
 COPY ./manage.py /app/
 COPY ./requirements.txt /app/
 WORKDIR /app/
-#RUN apk add --no-cache libffi-dev build-base py2-pip python2-dev libxml-dev && \
+RUN apt-get update && apt-get install build-essential libssl-dev libffi-dev -y && \
-RUN pip install -r requirements.txt && \
+    mkdir /app/static/ && \
    pip install -r requirements.txt && \
    pip install psycopg2 && \
    ./manage.py collectstatic --no-input && \
    apt-get remove --purge -y build-essential && \
    apt-get autoremove --purge -y
 FROM python:3.6-slim-stretch
 COPY ./passbook/ /app/passbook
 COPY ./manage.py /app/
 COPY ./requirements.txt /app/
 COPY --from=build /app/static /app/static/
 WORKDIR /app/
 RUN apt-get update && apt-get install build-essential libssl-dev libffi-dev -y && \
    pip install -r requirements.txt && \
    pip install psycopg2 && \
    adduser --system --home /app/ passbook && \
-    chown -R passbook /app/
+    chown -R passbook /app/ && \
    apt-get remove --purge -y build-essential && \
    apt-get autoremove --purge -y
 USER passbook
--- a/14
+++ b/14
@ -1,14 +0,0 @@
 ## oauth_client
 - Move provider_type logic to own class, not name-based URL matching
 - add provider_type field to Provider Model
 - make Provider inherit core.application
 - Add template for popular services like github, twitter, facebook, etc
 ## saml_idp
 - move certificates to Provider so each provider can have different certificates
 ## admin
 - add testing page where user can supply input and let rules run against it to debug/test
--- a/allauth/allauth_passbook/urls.py
+++ b/allauth/allauth_passbook/urls.py
@ -1,6 +1,5 @@
 """passbook provider"""
 from allauth.socialaccount.providers.oauth2.urls import default_urlpatterns
 from allauth_passbook.provider import PassbookProvider
 urlpatterns = default_urlpatterns(PassbookProvider)
--- a/allauth/allauth_passbook/views.py
+++ b/allauth/allauth_passbook/views.py
@ -1,10 +1,10 @@
 """passbook adapter"""
 import requests
 from allauth.socialaccount import app_settings
 from allauth.socialaccount.providers.oauth2.views import (OAuth2Adapter,
                                                          OAuth2CallbackView,
                                                          OAuth2LoginView)
 from allauth_passbook.provider import PassbookProvider
--- a/debian/changelog
+++ b/debian/changelog
@ -0,0 +1,71 @@
 passbook (0.1.13) stable; urgency=medium
  * bump version: 0.1.11-beta -> 0.1.12-beta
  * Fix DoesNotExist error when running PolicyEngine against None user
  * allow custom email server for helm installs
  * fix UserChangePasswordView not requiring Login
 -- Jens Langhammer <jens.langhammer@beryju.org>  Mon, 11 Mar 2019 10:28:36 +0000
 passbook (0.1.12) stable; urgency=medium
  * bump version: 0.1.10-beta -> 0.1.11-beta
  * rewrite PasswordFactor to use backends setting instead of trying all backends
  * install updated helm release from local folder
  * disable automatic k8s deployment for now
  * fix OAuth Authorization View not requiring authentication
 -- Jens Langhammer <jens.langhammer@beryju.org>  Mon, 11 Mar 2019 08:50:29 +0000
 passbook (0.1.11) stable; urgency=medium
  * add group administration
  * bump version: 0.1.9-beta -> 0.1.10-beta
  * fix helm labels being on deployments and not pods
  * automatically deploy after release
  * use Django's Admin FilteredSelectMultiple for Group Membership
  * always use FilteredSelectMultiple for many-to-many fields
  * Add Group Member policy
  * add LDAP Group Membership Policy
 -- Jens Langhammer <jens.langhammer@beryju.org>  Sun, 10 Mar 2019 18:55:31 +0000
 passbook (0.1.10) stable; urgency=high
  * bump version: 0.1.7-beta -> 0.1.8-beta
  * consistently using PolicyEngine
  * add more Verbosity to PolicyEngine, rewrite SAML Authorisation check
  * slightly refactor Factor View, add more unittests
  * add impersonation middleware, add to templates
  * bump version: 0.1.8-beta -> 0.1.9-beta
  * fix k8s service routing http traffic to workers
  * Fix button on policy test page
  * better show loading state when testing a policy
 -- Jens Langhammer <jens.langhammer@beryju.org>  Sun, 10 Mar 2019 14:52:40 +0000
 passbook (0.1.7) stable; urgency=medium
  * bump version: 0.1.3-beta -> 0.1.4-beta
  * implicitly add kubernetes-healthcheck-host in helm configmap
  * fix debian build (again)
  * add PropertyMapping Model, add Subclass for SAML, test with AWS
  * add custom DynamicArrayField to better handle arrays
  * format data before inserting it
  * bump version: 0.1.4-beta -> 0.1.5-beta
  * fix static files missing for debian package
  * fix password not getting set on user import
  * remove audit's login attempt
  * add passing property to PolicyEngine
  * fix captcha factor not loading keys from Factor class
  * bump version: 0.1.5-beta -> 0.1.6-beta
  * fix MATCH_EXACT not working as intended
  * Improve access control for saml
 -- Jens Langhammer <jens.langhammer@beryju.org>  Fri, 08 Mar 2019 20:37:05 +0000
 passbook (0.1.4) stable; urgency=medium
  * initial debian package release
 -- Jens Langhammer <jens.langhammer@beryju.org>  Wed, 06 Mar 2019 18:22:41 +0000
--- a/debian/compat
+++ b/debian/compat
@ -0,0 +1 @@
 10
--- a/debian/config
+++ b/debian/config
@ -0,0 +1,20 @@
 #!/bin/sh
 # config maintainer script for passbook
 set -e
 # source debconf stuff
 . /usr/share/debconf/confmodule
 dbc_first_version=1.0.0
 dbc_dbuser=passbook
 dbc_dbname=passbook
 # source dbconfig-common shell library, and call the hook function
 if [ -f /usr/share/dbconfig-common/dpkg/config.pgsql ]; then
    . /usr/share/dbconfig-common/dpkg/config.pgsql
    dbc_go passbook "$@"
 fi
 #DEBHELPER#
 exit 0
--- a/debian/control
+++ b/debian/control
@ -0,0 +1,14 @@
 Source: passbook
 Section: admin
 Priority: optional
 Maintainer: BeryJu.org <support@beryju.org>
 Uploaders: Jens Langhammer <jens@beryju.org>, BeryJu.org <support@beryju.org>
 Build-Depends: debhelper (>= 10), dh-systemd (>= 1.5), dh-exec, wget, dh-exec, python3 (>= 3.5) | python3.6 | python3.7
 Standards-Version: 3.9.6
 Package: passbook
 Architecture: all
 Recommends: mysql-server, redis-server
 Pre-Depends: adduser, libldap2-dev, libsasl2-dev
 Depends: python3 (>= 3.5) | python3.6 | python3.7, python3-pip, dbconfig-pgsql | dbconfig-no-thanks, ${misc:Depends}
 Description: Authentication Provider/Proxy supporting protocols like SAML, OAuth, LDAP and more.
--- a/debian/copyright
+++ b/debian/copyright
@ -0,0 +1,22 @@
 MIT License
 Copyright (c) 2019 BeryJu.org
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
 in the Software without restriction, including without limitation the rights
 to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 copies of the Software, and to permit persons to whom the Software is
 furnished to do so, subject to the following conditions:
 The above copyright notice and this permission notice shall be included in all
 copies or substantial portions of the Software.
 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 SOFTWARE.
--- a/debian/dirs
+++ b/debian/dirs
@ -0,0 +1,4 @@
 etc/passbook/
 etc/passbook/config.d/
 var/log/passbook/
 usr/share/passbook/
--- a/debian/etc/passbook/config.yml
+++ b/debian/etc/passbook/config.yml
@ -0,0 +1,44 @@
 debug: false
 http:
    host: 0.0.0.0
    port: 8000
 secret_key_file: /etc/passbook/secret_key
 log:
    level:
        console: INFO
        file: DEBUG
    file: /var/log/passbook/passbook.log
 # Error reporting, disabled by default
 # error_report_enabled: true
 # Set this to the server's external address.
 # This is used to generate external URLs
 external_url: http://image.example.com
 # This dictates how the Path is generated
 # can be either of:
 # - view_sha512_short
 # - view_md5
 # - view_sha256
 # - view_sha512
 default_return_view: view_sha256
 # Set this to true if you only want to use external authentication
 external_auth_only: false
 # If this is true, images are automatically claimed if the windows user exists
 # in django
 auto_claim_enabled: true
 # LDAP Authentication
 # ldap:
 #     enabled: false
 #     server:
 #         uri: 'ldap://dc1.example.com'
 #         tls: false
 #     bind:
 #         dn: ''
 #         password: ''
 #     search_base: ''
 #     filter: '(sAMAccountName=%(user)s)'
 #     require_group: ''
--- a/debian/gbp.conf
+++ b/debian/gbp.conf
@ -0,0 +1,2 @@
 [buildpackage]
 export-dir=../build-area
--- a/debian/install
+++ b/debian/install
@ -0,0 +1,8 @@
 passbook		/usr/share/passbook/
 static			/usr/share/passbook/
 manage.py		/usr/share/passbook/
 passbook.sh		/usr/share/passbook/
 vendor			/usr/share/passbook/
 debian/etc/passbook								/etc/
 debian/templates/database.yml					/usr/share/passbook/
--- a/passbook/totp/tests/init.py
+++ b/passbook/totp/tests/init.py
--- a/debian/passbook-worker.service
+++ b/debian/passbook-worker.service
@ -0,0 +1,14 @@
 [Unit]
 Description=passbook - Authentication Provider/Proxy (Background worker)
 After=network.target
 Requires=network.target
 [Service]
 User=passbook
 Group=passbook
 WorkingDirectory=/usr/share/passbook
 Type=simple
 ExecStart=/usr/share/passbook/passbook.sh worker
 [Install]
 WantedBy=multi-user.target
--- a/debian/passbook.service
+++ b/debian/passbook.service
@ -0,0 +1,14 @@
 [Unit]
 Description=passbook - Authentication Provider/Proxy
 After=network.target
 Requires=network.target
 [Service]
 User=passbook
 Group=passbook
 WorkingDirectory=/usr/share/passbook
 Type=simple
 ExecStart=/usr/share/passbook/passbook.sh web
 [Install]
 WantedBy=multi-user.target
--- a/debian/postinst
+++ b/debian/postinst
@ -0,0 +1,36 @@
 #!/bin/bash
 set -e
 . /usr/share/debconf/confmodule
 . /usr/share/dbconfig-common/dpkg/postinst.pgsql
 # you can set the default database encoding to something else
 dbc_pgsql_createdb_encoding="UTF8"
 dbc_generate_include=template:/etc/passbook/config.d/database.yml
 dbc_generate_include_args="-o template_infile=/usr/share/passbook/database.yml"
 dbc_go passbook "$@"
 if [ -z "`getent group passbook`" ]; then
 	addgroup --quiet --system passbook
 fi
 if [ -z "`getent passwd passbook`" ]; then
 	echo " * Creating user and group passbook..."
 	adduser --quiet --system --home /usr/share/passbook --shell /bin/false --ingroup passbook --disabled-password --disabled-login --gecos "passbook User" passbook  >> /var/log/passbook/passbook.log 2>&1
 fi
 echo " * Updating binary packages (psycopg2)"
 python3 -m pip install --target=/usr/share/passbook/vendor/ --no-cache-dir --upgrade --force-reinstall psycopg2 >> /var/log/passbook/passbook.log 2>&1
 if [ ! -f '/etc/passbook/secret_key' ]; then
 	echo " * Generating Secret Key"
 	python3 -c 'import random; result = "".join([random.choice("abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*(-_=+)") for i in range(50)]); print(result)' > /etc/passbook/secret_key 2> /dev/null
 fi
 chown -R passbook: /usr/share/passbook/
 chown -R passbook: /etc/passbook/
 chown -R passbook: /var/log/passbook/
 chmod 440 /etc/passbook/secret_key
 echo " * Running Database Migration"
 /usr/share/passbook/passbook.sh migrate
 echo " * A superuser can be created with this command '/usr/share/passbook/passbook.sh createsuperuser'"
 echo " * You should probably also adjust your settings in '/etc/passbook/config.yml'"
 #DEBHELPER#
--- a/debian/postrm
+++ b/debian/postrm
@ -0,0 +1,24 @@
 #!/bin/sh
 set -e
 if [ -f /usr/share/debconf/confmodule ]; then
    . /usr/share/debconf/confmodule
 fi
 if [ -f /usr/share/dbconfig-common/dpkg/postrm.pgsql ]; then
    . /usr/share/dbconfig-common/dpkg/postrm.pgsql
    dbc_go passbook "$@"
 fi
 if [ "$1" = "purge" ]; then
    if which ucf >/dev/null 2>&1; then
        ucf --purge /etc/passbook/config.d/database.yml
        ucfr --purge passbook /etc/passbook/config.d/database.yml
    fi
    rm -rf /etc/passbook/
    rm -rf /usr/share/passbook/
 fi
 #DEBHELPER#
--- a/debian/prerm
+++ b/debian/prerm
@ -0,0 +1,10 @@
 #!/bin/sh
 set -e
 . /usr/share/debconf/confmodule
 . /usr/share/dbconfig-common/dpkg/prerm.pgsql
 dbc_go passbook "$@"
 #DEBHELPER#
--- a/debian/rules
+++ b/debian/rules
@ -0,0 +1,27 @@
 #!/usr/bin/make -f
 # Uncomment this to turn on verbose mode.
 # export DH_VERBOSE=1
 %:
 	dh $@ --with=systemd
 build-arch:
 	python3 -m pip install setuptools
 	python3 -m pip install --target=vendor/ -r requirements.txt
 override_dh_strip:
 	dh_strip --exclude=psycopg2
 override_dh_shlibdeps:
 	dh_shlibdeps --exclude=psycopg2
 override_dh_installinit:
 	dh_installinit --name=passbook
 	dh_installinit --name=passbook-worker
 	dh_systemd_enable --name=passbook
 	dh_systemd_enable --name=passbook-worker
 	dh_systemd_start
 # override_dh_usrlocal to do nothing
 override_dh_usrlocal:
--- a/debian/source/format
+++ b/debian/source/format
@ -0,0 +1 @@
 3.0 (native)
--- a/debian/templates/database.yml
+++ b/debian/templates/database.yml
@ -0,0 +1,8 @@
 databases:
  default:
    engine: django.db.backends.postgresql
    name: _DBC_DBNAME_
    user: _DBC_DBUSER_
    password: _DBC_DBPASS_
    host: _DBC_DBSERVER_
    port: _DBC_DBPORT_
--- a/helm/passbook/Chart.yaml
+++ b/helm/passbook/Chart.yaml
@ -1,6 +1,6 @@
 apiVersion: v1
-appVersion: "0.0.2-alpha"
+appVersion: "0.1.13-beta"
 description: A Helm chart for passbook.
 name: passbook
-version: 1.0.0
+version: "0.1.13-beta"
 icon: https://passbook.beryju.org/images/logo.png
--- a/helm/passbook/templates/passbook-configmap.yaml
+++ b/helm/passbook/templates/passbook-configmap.yaml
@ -22,7 +22,7 @@ data:
        host: 127.0.0.1
        port: 514
    email:
-      host: localhost
+      host: {{ .Values.config.email.host }}
      port: 25
      user: ''
      password: ''
@ -36,7 +36,7 @@ data:
    debug: false
    secure_proxy_header:
      HTTP_X_FORWARDED_PROTO: https
-    redis: {{ .Release.Name }}-redis
+    redis: ":{{ .Values.redis.password }}@{{ .Release.Name }}-redis-master"
    # Error reporting, sends stacktrace to sentry.services.beryju.org
    error_report_enabled: {{ .Values.config.error_reporting }}
@ -50,6 +50,7 @@ data:
        {{- range .Values.ingress.hosts }}
        - {{ . | quote }}
        {{- end }}
        - kubernetes-healthcheck-host
    passbook:
      sign_up:
@ -105,10 +106,9 @@ data:
        email: mail # or userPrincipalName
      user_attribute_map:
        active_directory:
-          sAMAccountName: username
+          username: "%(sAMAccountName)s"
-          mail: email
+          email: "%(mail)s"
-          given_name: first_name
+          name: "%(displayName)"
          name: last_name
      # # Create new users in LDAP upon sign-up
      # create_users: true
      # # Reset LDAP password when user reset their password
@ -131,6 +131,7 @@ data:
      # List of python packages with provider types to load.
      types:
        - passbook.saml_idp.processors.generic
        - passbook.saml_idp.processors.aws
        - passbook.saml_idp.processors.gitlab
        - passbook.saml_idp.processors.nextcloud
        - passbook.saml_idp.processors.salesforce
--- a/helm/passbook/templates/passbook-web-deployment.yaml
+++ b/helm/passbook/templates/passbook-web-deployment.yaml
@ -18,6 +18,7 @@ spec:
      labels:
        app.kubernetes.io/name: {{ include "passbook.name" . }}
        app.kubernetes.io/instance: {{ .Release.Name }}
        passbook.io/component: web
    spec:
      volumes:
        - name: config-volume
--- a/helm/passbook/templates/passbook-web-service.yaml
+++ b/helm/passbook/templates/passbook-web-service.yaml
@ -17,3 +17,4 @@ spec:
  selector:
    app.kubernetes.io/name: {{ include "passbook.name" . }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    passbook.io/component: web
--- a/helm/passbook/templates/passbook-worker-deployment.yaml
+++ b/helm/passbook/templates/passbook-worker-deployment.yaml
@ -18,6 +18,7 @@ spec:
      labels:
        app.kubernetes.io/name: {{ include "passbook.name" . }}
        app.kubernetes.io/instance: {{ .Release.Name }}
        passbook.io/component: worker
    spec:
      volumes:
        - name: config-volume
--- a/helm/passbook/values.yaml
+++ b/helm/passbook/values.yaml
@ -5,7 +5,7 @@
 replicaCount: 1
 image:
-  tag: latest
+  tag: 0.1.13-beta
 nameOverride: ""
@ -14,6 +14,8 @@ config:
  # secret_key: _k*@6h2u2@q-dku57hhgzb7tnx*ba9wodcb^s9g0j59@=y(@_o
  # Enable error reporting
  error_reporting: true
  email:
    host: localhost
 postgresql:
    postgresqlDatabase: passbook
--- a/passbook.sh
+++ b/passbook.sh
@ -0,0 +1,7 @@
 #!/bin/bash
 # Check if this file is a symlink, if so, read real base dir
 BASE_DIR=$(dirname $(readlink -f ${BASH_SOURCE[0]}))
 cd $BASE_DIR
 PYTHONPATH="${BASE_DIR}/vendor/" python3 manage.py $@
--- a/passbook/init.py
+++ b/passbook/init.py
@ -1,2 +1,2 @@
 """passbook"""
-__version__ = '0.0.2-alpha'
+__version__ = '0.1.13-beta'
--- a/passbook/admin/init.py
+++ b/passbook/admin/init.py
@ -1,2 +1,2 @@
 """passbook admin"""
-__version__ = '0.0.2-alpha'
+__version__ = '0.1.13-beta'
--- a/passbook/admin/api/urls.py
+++ b/passbook/admin/api/urls.py
@ -0,0 +1,6 @@
 """Versioned Admin API Urls"""
 from django.conf.urls import include, url
 urlpatterns = [
    url(r'^v1/', include('passbook.admin.api.v1.urls', namespace='v1')),
 ]
--- a/passbook/admin/api/v1/applications.py
+++ b/passbook/admin/api/v1/applications.py
@ -0,0 +1,22 @@
 """passbook admin application API"""
 from rest_framework.permissions import IsAdminUser
 from rest_framework.serializers import ModelSerializer
 from rest_framework.viewsets import ModelViewSet
 from passbook.core.models import Application
 class ApplicationSerializer(ModelSerializer):
    """Application Serializer"""
    class Meta:
        model = Application
        fields = '__all__'
 class ApplicationViewSet(ModelViewSet):
    """Application Viewset"""
    permission_classes = [IsAdminUser]
    serializer_class = ApplicationSerializer
    queryset = Application.objects.all()
--- a/passbook/admin/api/v1/urls.py
+++ b/passbook/admin/api/v1/urls.py
@ -1,9 +1,33 @@
 """passbook admin API URLs"""
 from django.urls import path
 from drf_yasg import openapi
 from drf_yasg.views import get_schema_view
 from rest_framework import permissions
 from rest_framework.routers import DefaultRouter
 from passbook.admin.api.v1.applications import ApplicationViewSet
 from passbook.admin.api.v1.groups import GroupViewSet
 from passbook.admin.api.v1.users import UserViewSet
 router = DefaultRouter()
-router.register(r'groups', GroupViewSet)
+router.register('applications', ApplicationViewSet)
 router.register('groups', GroupViewSet)
 router.register('users', UserViewSet)
-urlpatterns = router.urls
+SchemaView = get_schema_view(
    openapi.Info(
        title="passbook Administration API",
        default_version='v1',
        description="Internal passbook API for Administration Interface",
        contact=openapi.Contact(email="contact@snippets.local"),
        license=openapi.License(name="MIT License"),
    ),
    public=True,
    permission_classes=(permissions.IsAdminUser,),
 )
 urlpatterns = router.urls + [
    path('swagger.yml', SchemaView.without_ui(cache_timeout=0), name='schema-json'),
    path('swagger/', SchemaView.with_ui('swagger', cache_timeout=0), name='schema-swagger-ui'),
 ]
 app_name = 'passbook.admin'
--- a/passbook/admin/api/v1/users.py
+++ b/passbook/admin/api/v1/users.py
@ -0,0 +1,23 @@
 """passbook admin user API"""
 from rest_framework.permissions import IsAdminUser
 from rest_framework.serializers import ModelSerializer
 from rest_framework.viewsets import ModelViewSet
 from passbook.core.models import User
 class UserSerializer(ModelSerializer):
    """User Serializer"""
    class Meta:
        model = User
        fields = ['is_superuser', 'username', 'name', 'email', 'date_joined',
                  'uuid']
 class UserViewSet(ModelViewSet):
    """User Viewset"""
    permission_classes = [IsAdminUser]
    serializer_class = UserSerializer
    queryset = User.objects.all()
--- a/passbook/admin/apps.py
+++ b/passbook/admin/apps.py
@ -8,3 +8,4 @@ class PassbookAdminConfig(AppConfig):
    name = 'passbook.admin'
    label = 'passbook_admin'
    mountpoint = 'administration/'
    verbose_name = 'passbook Admin'
--- a/passbook/admin/forms/policies.py
+++ b/passbook/admin/forms/policies.py
@ -4,7 +4,7 @@ from django import forms
 from passbook.core.models import User
-class RuleTestForm(forms.Form):
+class PolicyTestForm(forms.Form):
-    """Form to test rule against user"""
+    """Form to test policies against user"""
    user = forms.ModelChoiceField(queryset=User.objects.all())
--- a/passbook/admin/forms/source.py
+++ b/passbook/admin/forms/source.py
@ -1,6 +1,6 @@
 """passbook core source form fields"""
 # from django import forms
-SOURCE_FORM_FIELDS = ['name', 'slug', 'enabled']
+SOURCE_FORM_FIELDS = ['name', 'slug', 'enabled', 'policies']
 # class SourceForm(forms.Form)
--- a/passbook/admin/forms/users.py
+++ b/passbook/admin/forms/users.py
@ -0,0 +1,17 @@
 """passbook administrative user forms"""
 from django import forms
 from passbook.core.models import User
 class UserForm(forms.ModelForm):
    """Update User Details"""
    class Meta:
        model = User
        fields = ['username', 'name', 'email', 'is_staff', 'is_active']
        widgets = {
            'name': forms.TextInput
        }
--- a/passbook/admin/middleware.py
+++ b/passbook/admin/middleware.py
@ -0,0 +1,25 @@
 """passbook admin Middleware to impersonate users"""
 from passbook.core.models import User
 def impersonate(get_response):
    """Middleware to impersonate users"""
    def middleware(request):
        """Middleware to impersonate users"""
        # User is superuser and has __impersonate ID set
        if request.user.is_superuser and "__impersonate" in request.GET:
            request.session['impersonate_id'] = request.GET["__impersonate"]
        # user wants to stop impersonation
        elif "__unimpersonate" in request.GET and 'impersonate_id' in request.session:
            del request.session['impersonate_id']
        # Actually impersonate user
        if request.user.is_superuser and 'impersonate_id' in request.session:
            request.user = User.objects.get(pk=request.session['impersonate_id'])
        response = get_response(request)
        return response
    return middleware
--- a/passbook/admin/requirements.txt
+++ b/passbook/admin/requirements.txt
@ -1,2 +1,2 @@
 django-rest-framework
-django-rest-swagger
+drf_yasg
--- a/passbook/admin/settings.py
+++ b/passbook/admin/settings.py
@ -0,0 +1,5 @@
 """passbook admin settings"""
 MIDDLEWARE = [
    'passbook.admin.middleware.impersonate',
 ]
--- a/passbook/admin/templates/administration/application/list.html
+++ b/passbook/admin/templates/administration/application/list.html
@ -9,31 +9,37 @@
 {% block content %}
 <div class="container">
-  <h1>{% trans "Applications" %}</h1>
+    <h1><span class="pficon-applications"></span> {% trans "Applications" %}</h1>
-  <a href="{% url 'passbook_admin:application-create' %}" class="btn btn-primary">
+    <span>{% trans "External Applications which use passbook as Identity-Provider, utilizing protocols like OAuth2 and SAML." %}</span>
-    {% trans 'Create...' %}
+    <hr>
-  </a>
+    <a href="{% url 'passbook_admin:application-create' %}?back={{ request.get_full_path }}" class="btn btn-primary">
-  <hr>
+        {% trans 'Create...' %}
-  <table class="table table-striped table-bordered">
+    </a>
-    <thead>
+    <hr>
-      <tr>
+    <table class="table table-striped table-bordered">
-        <th>{% trans 'Name' %}</th>
+        <thead>
-        <th>{% trans 'Provider' %}</th>
+            <tr>
-        <th></th>
+                <th>{% trans 'Name' %}</th>
-      </tr>
+                <th>{% trans 'Provider' %}</th>
-    </thead>
+                <th>{% trans 'Provider Type' %}</th>
-    <tbody>
+                <th></th>
-      {% for application in object_list %}
+            </tr>
-        <tr>
+        </thead>
-          <td>{{ application.name }}</td>
+        <tbody>
-          <td>{{ application.provider }}</td>
+            {% for application in object_list %}
-          <td>
+            <tr>
-            <a class="btn btn-default btn-sm" href="{% url 'passbook_admin:application-update' pk=application.uuid %}?back={{ request.get_full_path }}">{% trans 'Edit' %}</a>
+                <td>{{ application.name }}</td>
-            <a class="btn btn-default btn-sm" href="{% url 'passbook_admin:application-delete' pk=application.uuid %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
+                <td>{{ application.get_provider }}</td>
-          </td>
+                <td>{{ application.get_provider|verbose_name }}</td>
-        </tr>
+                <td>
-      {% endfor %}
+                    <a class="btn btn-default btn-sm"
-    </tbody>
+                        href="{% url 'passbook_admin:application-update' pk=application.uuid %}?back={{ request.get_full_path }}">{% trans 'Edit' %}</a>
-  </table>
+                    <a class="btn btn-default btn-sm"
                        href="{% url 'passbook_admin:application-delete' pk=application.uuid %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
                </td>
            </tr>
            {% endfor %}
        </tbody>
    </table>
 </div>
 {% endblock %}
--- a/passbook/admin/templates/administration/audit/list.html
+++ b/passbook/admin/templates/administration/audit/list.html
@ -8,77 +8,80 @@
 {% endblock %}
 {% block content %}
-<div class="container">
+<h1><span class="pficon-catalog"></span> {% trans "Audit Log" %}</h1>
-  <h1>{% trans "Audit Log" %}</h1>
+<div id="pf-list-standard" class="list-group list-view-pf list-view-pf-view">
  <div id="pf-list-standard" class="list-group list-view-pf list-view-pf-view">
    {% for entry in object_list %}
    <div class="list-group-item">
-      <div class="list-view-pf-main-info">
+        <div class="list-view-pf-main-info">
-        <div class="list-view-pf-left">
+            <div class="list-view-pf-left">
-          <span class="fa fa-plane list-view-pf-icon-sm"></span>
+                <span class="fa fa-plane list-view-pf-icon-sm"></span>
            </div>
            <div class="list-view-pf-body">
                <div class="list-view-pf-description">
                    <div class="list-group-item-heading">
                        {{ entry.action }}
                    </div>
                    <div class="list-group-item-text">
                        {{ entry.context }}
                    </div>
                </div>
                <div class="list-view-pf-additional-info">
                    <div class="list-view-pf-additional-info-item">
                        <span class="pficon pficon-user"></span>
                        <strong>{{ entry.user }}</strong>
                    </div>
                    <div class="list-view-pf-additional-info-item">
                        <span class="pficon pficon-cluster"></span>
                        <strong>{{ entry.app|default:'-' }}</strong>
                    </div>
                    <div class="list-view-pf-additional-info-item">
                        <span class="fa fa-clock-o"></span>
                        <strong>{{ entry.created }}</strong>
                    </div>
                    <div class="list-view-pf-additional-info-item">
                        <span class="pficon pficon-screen"></span>
                        <strong>{{ entry.request_ip }}</strong>
                    </div>
                </div>
            </div>
        </div>
        <div class="list-view-pf-body">
          <div class="list-view-pf-description">
            <div class="list-group-item-heading">
              {{ entry.action }}
            </div>
            <div class="list-group-item-text">
            </div>
          </div>
          <div class="list-view-pf-additional-info">
            <div class="list-view-pf-additional-info-item">
              <span class="pficon pficon-user"></span>
              <strong>{{ entry.user }}</strong>
            </div>
            <div class="list-view-pf-additional-info-item">
              <span class="pficon pficon-screen"></span>
              <strong>{{ entry.request_ip }}</strong>
            </div>
            <div class="list-view-pf-additional-info-item">
              <span class="pficon pficon-cluster"></span>
              <strong>{{ entry.app|default:'-' }}</strong>
            </div>
          </div>
        </div>
      </div>
    </div>
    {% endfor %}
-  </div>
+    <script>
-  <script>
+        $(document).ready(function () {
-    $(document).ready(function () {
+            // Row Checkbox Selection
-      // Row Checkbox Selection
+            $("#pf-list-standard input[type='checkbox']").change(function (e) {
-      $("#pf-list-standard input[type='checkbox']").change(function (e) {
+                if ($(this).is(":checked")) {
-        if ($(this).is(":checked")) {
+                    $(this).closest('.list-group-item').addClass("active");
-          $(this).closest('.list-group-item').addClass("active");
+                } else {
-        } else {
+                    $(this).closest('.list-group-item').removeClass("active");
-          $(this).closest('.list-group-item').removeClass("active");
+                }
-        }
+            });
-      });
+            // toggle dropdown menu
-      // toggle dropdown menu
+            $('#pf-list-standard .list-view-pf-actions').on('show.bs.dropdown', function () {
-      $('#pf-list-standard .list-view-pf-actions').on('show.bs.dropdown', function () {
+                var $this = $(this);
-        var $this = $(this);
+                var $dropdown = $this.find('.dropdown');
-        var $dropdown = $this.find('.dropdown');
+                var space = $(window).height() - $dropdown[0].getBoundingClientRect().top - $this.find('.dropdown-menu').outerHeight(true);
-        var space = $(window).height() - $dropdown[0].getBoundingClientRect().top - $this.find('.dropdown-menu').outerHeight(true);
+                $dropdown.toggleClass('dropup', space < 10);
-        $dropdown.toggleClass('dropup', space < 10);
+            });
-      });
+            // allow users to select multiple list items with shift key
-      // allow users to select multiple list items with shift key
+            $('#pf-list-standard .list-group').on('click', '.list-view-pf-checkbox>input', function (event) {
-      $('#pf-list-standard .list-group').on('click', '.list-view-pf-checkbox>input', function (event) {
+                var $list = $('.list-group');
-        var $list = $('.list-group');
+                var prevIndex = $list.data('preIndex');
-        var prevIndex = $list.data('preIndex');
+                var $listItems = $list.children('.list-group-item');
-        var $listItems = $list.children('.list-group-item');
+                var $currentItem = $(this).closest('.list-group-item');
-        var $currentItem = $(this).closest('.list-group-item');
+                if (event.shiftKey && prevIndex > -1 && this.checked) {
-        if (event.shiftKey && prevIndex > -1 && this.checked) {
+                    var currentIndex = $listItems.index($currentItem);
-          var currentIndex = $listItems.index($currentItem);
+                    var $selectScope = currentIndex - prevIndex > 0
-          var $selectScope = currentIndex - prevIndex > 0
+                        ? $currentItem.prevAll().not($listItems.eq(prevIndex).prevAll().addBack())
-            ? $currentItem.prevAll().not($listItems.eq(prevIndex).prevAll().addBack())
+                        : $listItems.eq(prevIndex).prevAll().not($currentItem.prevAll().addBack());
-            : $listItems.eq(prevIndex).prevAll().not($currentItem.prevAll().addBack());
+                    $selectScope.addClass('active').find('.list-view-pf-checkbox').children('input').prop('checked', true);
-          $selectScope.addClass('active').find('.list-view-pf-checkbox').children('input').prop('checked', true);
+                }
-        }
+                $list.data('preIndex', this.checked ? $listItems.index($currentItem) : -1);
-        $list.data('preIndex', this.checked ? $listItems.index($currentItem) : -1);
+            });
      });
-    });
+        });
-  </script>
+    </script>
-  {% include 'partials/pagination.html' %}
+    {% include 'partials/pagination.html' %}
 </div>
 {% endblock %}
--- a/passbook/admin/templates/administration/base.html
+++ b/passbook/admin/templates/administration/base.html
@ -5,32 +5,48 @@
 {% block nav_secondary %}
 <ul class="nav navbar-nav navbar-persistent">
-  <li class="{% is_active 'passbook_admin:overview' %}">
+    <li class="{% is_active 'passbook_admin:overview' %}">
-    <a href="{% url 'passbook_admin:overview' %}">{% trans 'Overview' %}</a>
+        <a href="{% url 'passbook_admin:overview' %}">{% trans 'Overview' %}</a>
-  </li>
+    </li>
-  <li class="{% is_active 'passbook_admin:applications' 'passbook_admin:application-create' 'passbook_admin:application-update' 'passbook_admin:application-delete' %}">
+    <li
-    <a href="{% url 'passbook_admin:applications' %}">{% trans 'Applications' %}</a>
+        class="{% is_active 'passbook_admin:applications' 'passbook_admin:application-create' 'passbook_admin:application-update' 'passbook_admin:application-delete' %}">
-  </li>
+        <a href="{% url 'passbook_admin:applications' %}">{% trans 'Applications' %}</a>
-  <li class="{% is_active 'passbook_admin:sources' 'passbook_admin:source-create' 'passbook_admin:source-update' 'passbook_admin:source-delete' %}">
+    </li>
-    <a href="{% url 'passbook_admin:sources' %}">{% trans 'Sources' %}</a>
+    <li
-  </li>
+        class="{% is_active 'passbook_admin:sources' 'passbook_admin:source-create' 'passbook_admin:source-update' 'passbook_admin:source-delete' %}">
-  <li class="{% is_active 'passbook_admin:providers' 'passbook_admin:provider-create' 'passbook_admin:provider-update' 'passbook_admin:provider-delete' %}">
+        <a href="{% url 'passbook_admin:sources' %}">{% trans 'Sources' %}</a>
-    <a href="{% url 'passbook_admin:providers' %}">{% trans 'Providers' %}</a>
+    </li>
-  </li>
+    <li
-  <li class="{% is_active 'passbook_admin:rules' 'passbook_admin:rule-create' 'passbook_admin:rule-update' 'passbook_admin:rule-delete' 'passbook_admin:rule-test' %}">
+        class="{% is_active 'passbook_admin:providers' 'passbook_admin:provider-create' 'passbook_admin:provider-update' 'passbook_admin:provider-delete' %}">
-    <a href="{% url 'passbook_admin:rules' %}">{% trans 'Rules' %}</a>
+        <a href="{% url 'passbook_admin:providers' %}">{% trans 'Providers' %}</a>
-  </li>
+    </li>
-  <li class="{% is_active 'passbook_admin:invitations' 'passbook_admin:invitation-create' 'passbook_admin:invitation-update' 'passbook_admin:invitation-delete' 'passbook_admin:invitation-test' %}">
+    <li
-    <a href="{% url 'passbook_admin:invitations' %}">{% trans 'Invitations' %}</a>
+        class="{% is_active 'passbook_admin:property-mappings' 'passbook_admin:property-mapping-create' 'passbook_admin:property-mapping-update' 'passbook_admin:property-mapping-delete' %}">
-  </li>
+        <a href="{% url 'passbook_admin:property-mappings' %}">{% trans 'Property Mappings' %}</a>
-  <li class="{% is_active 'passbook_admin:users' 'passbook_admin:user-update' 'passbook_admin:user-delete' %}">
+    </li>
-    <a href="{% url 'passbook_admin:users' %}">{% trans 'Users' %}</a>
+    <li
-  </li>
+        class="{% is_active 'passbook_admin:factors' 'passbook_admin:factor-create' 'passbook_admin:factor-update' 'passbook_admin:factor-delete' %}">
-  <li class="{% is_active 'passbook_admin:audit-log' %}">
+        <a href="{% url 'passbook_admin:factors' %}">{% trans 'Factors' %}</a>
-    <a href="{% url 'passbook_admin:audit-log' %}">{% trans 'Audit Log' %}</a>
+    </li>
-  </li>
+    <li
-  <li class="{% is_active_app 'admin' %}">
+        class="{% is_active 'passbook_admin:policies' 'passbook_admin:policy-create' 'passbook_admin:policy-update' 'passbook_admin:policy-delete' 'passbook_admin:policy-test' %}">
-    <a href="{% url 'admin:index' %}">{% trans 'Django' %}</a>
+        <a href="{% url 'passbook_admin:policies' %}">{% trans 'Policies' %}</a>
-  </li>
+    </li>
    <li
        class="{% is_active 'passbook_admin:invitations' 'passbook_admin:invitation-create' 'passbook_admin:invitation-update' 'passbook_admin:invitation-delete' 'passbook_admin:invitation-test' %}">
        <a href="{% url 'passbook_admin:invitations' %}">{% trans 'Invitations' %}</a>
    </li>
    <li class="{% is_active 'passbook_admin:users' 'passbook_admin:user-update' 'passbook_admin:user-delete' %}">
        <a href="{% url 'passbook_admin:users' %}">{% trans 'Users' %}</a>
    </li>
    <li class="{% is_active 'passbook_admin:groups' 'passbook_admin:group-update' 'passbook_admin:group-delete' %}">
        <a href="{% url 'passbook_admin:groups' %}">{% trans 'Groups' %}</a>
    </li>
    <li class="{% is_active 'passbook_admin:audit-log' %}">
        <a href="{% url 'passbook_admin:audit-log' %}">{% trans 'Audit Log' %}</a>
    </li>
    <li class="{% is_active_app 'admin' %}">
        <a href="{% url 'admin:index' %}">{% trans 'Django' %}</a>
    </li>
 </ul>
 {% endblock %}
--- a/passbook/admin/templates/administration/factor/list.html
+++ b/passbook/admin/templates/administration/factor/list.html
@ -0,0 +1,62 @@
 {% extends "administration/base.html" %}
 {% load i18n %}
 {% load utils %}
 {% load admin_reflection %}
 {% block title %}
 {% title %}
 {% endblock %}
 {% block content %}
 <div class="container">
    <h1><span class="pficon-plugged"></span> {% trans "Factors" %}</h1>
    <span>{% trans "Factors required for a user to successfully authenticate." %}</span>
    <hr>
    <div class="dropdown">
        <button class="btn btn-primary dropdown-toggle" type="button" id="createDropdown" data-toggle="dropdown">
            {% trans 'Create...' %}
            <span class="caret"></span>
        </button>
        <ul class="dropdown-menu" role="menu" aria-labelledby="createDropdown">
            {% for type, name in types.items %}
            <li role="presentation"><a role="menuitem" tabindex="-1"
                    href="{% url 'passbook_admin:factor-create' %}?type={{ type }}&back={{ request.get_full_path }}">{{ name }}</a></li>
            {% endfor %}
        </ul>
    </div>
    <hr>
    <table class="table table-striped table-bordered">
        <thead>
            <tr>
                <th>{% trans 'Name' %}</th>
                <th>{% trans 'Type' %}</th>
                <th>{% trans 'Order' %}</th>
                <th>{% trans 'Enabled?' %}</th>
                <th></th>
            </tr>
        </thead>
        <tbody>
            {% for factor in object_list %}
            <tr>
                <td>{{ factor.name }} ({{ factor.slug }})</td>
                <td>{{ factor|verbose_name }}</td>
                <td>{{ factor.order }}</td>
                <td>{{ factor.enabled }}</td>
                <td>
                    <a class="btn btn-default btn-sm"
                        href="{% url 'passbook_admin:factor-update' pk=factor.pk %}?back={{ request.get_full_path }}">{% trans 'Edit' %}</a>
                    <a class="btn btn-default btn-sm"
                        href="{% url 'passbook_admin:factor-delete' pk=factor.pk %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
                    {% get_links factor as links %}
                    {% for name, href in links.items %}
                    <a class="btn btn-default btn-sm"
                        href="{{ href }}?back={{ request.get_full_path }}">{% trans name %}</a>
                    {% endfor %}
                </td>
            </tr>
            {% endfor %}
        </tbody>
    </table>
 </div>
 {% endblock %}
--- a/passbook/admin/templates/administration/group/list.html
+++ b/passbook/admin/templates/administration/group/list.html
@ -0,0 +1,45 @@
 {% extends "administration/base.html" %}
 {% load i18n %}
 {% load utils %}
 {% block title %}
 {% title %}
 {% endblock %}
 {% block content %}
 <div class="container">
    <h1><span class="pficon-users"></span> {% trans "Groups" %}</h1>
    <span>{% trans "Group users together and give them permissions based on the membership." %}</span>
    <hr>
    <a href="{% url 'passbook_admin:group-create' %}?back={{ request.get_full_path }}" class="btn btn-primary">
        {% trans 'Create...' %}
    </a>
    <hr>
    <table class="table table-striped table-bordered">
        <thead>
            <tr>
                <th>{% trans 'Name' %}</th>
                <th>{% trans 'Parent' %}</th>
                <th>{% trans 'Members' %}</th>
                <th></th>
            </tr>
        </thead>
        <tbody>
            {% for group in object_list %}
            <tr>
                <td>{{ group.name }}</td>
                <td>{{ group.parent }}</td>
                <td>{{ group.user_set.all|length }}</td>
                <td>
                    <a class="btn btn-default btn-sm"
                        href="{% url 'passbook_admin:group-update' pk=group.uuid %}?back={{ request.get_full_path }}">{% trans 'Edit' %}</a>
                    <a class="btn btn-default btn-sm"
                        href="{% url 'passbook_admin:group-delete' pk=group.uuid %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
                </td>
            </tr>
            {% endfor %}
        </tbody>
    </table>
 </div>
 {% endblock %}
--- a/passbook/admin/templates/administration/groups/list.html
+++ b/passbook/admin/templates/administration/groups/list.html
@ -1,83 +0,0 @@
 {% extends "administration/base.html" %}
 {% load i18n %}
 {% load static %}
 {% load utils %}
 {% block head %}
 {{ block.super }}
 <link rel="stylesheet" href="{% static 'css/bootstrap-treeview.min.css'%}">
 {% endblock %}
 {% block scripts %}
 {{ block.super }}
 <script src="{% static 'js/bootstrap-treeview.min.js' %}"></script>
 <script>
  var cleanupData = function (obj) {
    return {
      text: obj.name,
      href: '?group=' + obj.uuid,
      nodes: obj.children.map(cleanupData),
    };
  }
 $(function() {
   var apiUrl = "{% url 'passbook_admin:group-list' %}?format=json";
   $.ajax({
      url: apiUrl,
    }).done(function(data) {
      $('#treeview1').treeview({
        collapseIcon: "fa fa-angle-down",
        data: data.map(cleanupData),
        expandIcon: "fa fa-angle-right",
        nodeIcon: "fa pficon-users",
        showBorder: true,
        enableLinks: true,
        onNodeSelected: function (event, node) {
          window.location.href = node.href;
        }
      });
    });
  });
 </script>
 {% endblock %}
 {% block title %}
 {% title %}
 {% endblock %}
 {% block content %}
 <div class="col-md-3">
  <div id="treeview1" class="treeview">
  </div>
 </div>
 <div class="col-md-9">
  <h1>{% trans "Invitations" %}</h1>
  <a href="{% url 'passbook_admin:invitation-create' %}" class="btn btn-primary">
    {% trans 'Create...' %}
  </a>
  <hr>
  <table class="table table-striped table-bordered">
    <thead>
      <tr>
        <th>{% trans 'Expiry' %}</th>
        <th>{% trans 'Link' %}</th>
        <th></th>
      </tr>
    </thead>
    <tbody>
      {% for invitation in object_list %}
      <tr>
        <td>{{ invitation.expires|default:"Never" }}</td>
        <td>
          <pre>{{ invitation.link }}</pre>
        </td>
        <td>
          <a class="btn btn-default btn-sm" href="{% url 'passbook_admin:invitation-delete' pk=invitation.uuid %}?back={{ request.get_full_path }}">{%
            trans 'Delete' %}</a>
        </td>
      </tr>
      {% endfor %}
    </tbody>
  </table>
 </div>
 {% endblock %}
--- a/passbook/admin/templates/administration/invitation/list.html
+++ b/passbook/admin/templates/administration/invitation/list.html
@ -9,30 +9,35 @@
 {% block content %}
 <div class="container">
-  <h1>{% trans "Invitations" %}</h1>
+    <h1><span class="pficon-migration"></span> {% trans "Invitations" %}</h1>
-  <a href="{% url 'passbook_admin:invitation-create' %}" class="btn btn-primary">
+    <span>{% trans "Create Invitation Links which optionally force a username or expire on a set date." %}</span>
-    {% trans 'Create...' %}
+    <hr>
-  </a>
+    <a href="{% url 'passbook_admin:invitation-create' %}?back={{ request.get_full_path }}" class="btn btn-primary">
-  <hr>
+        {% trans 'Create...' %}
-  <table class="table table-striped table-bordered">
+    </a>
-    <thead>
+    <hr>
-      <tr>
+    <table class="table table-striped table-bordered">
-        <th>{% trans 'Expiry' %}</th>
+        <thead>
-        <th>{% trans 'Link' %}</th>
+            <tr>
-        <th></th>
+                <th>{% trans 'Expiry' %}</th>
-      </tr>
+                <th>{% trans 'Link' %}</th>
-    </thead>
+                <th></th>
-    <tbody>
+            </tr>
-      {% for invitation in object_list %}
+        </thead>
-        <tr>
+        <tbody>
-          <td>{{ invitation.expires|default:"Never" }}</td>
+            {% for invitation in object_list %}
-          <td><pre>{{ invitation.link }}</pre></td>
+            <tr>
-          <td>
+                <td>{{ invitation.expires|default:"Never" }}</td>
-            <a class="btn btn-default btn-sm" href="{% url 'passbook_admin:invitation-delete' pk=invitation.uuid %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
+                <td>
-          </td>
+                    <pre>{{ invitation.link }}</pre>
-        </tr>
+                </td>
-      {% endfor %}
+                <td>
-    </tbody>
+                    <a class="btn btn-default btn-sm"
-  </table>
+                        href="{% url 'passbook_admin:invitation-delete' pk=invitation.uuid %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
                </td>
            </tr>
            {% endfor %}
        </tbody>
    </table>
 </div>
 {% endblock %}
--- a/passbook/admin/templates/administration/overview.html
+++ b/passbook/admin/templates/administration/overview.html
@ -4,53 +4,193 @@
 {% block content %}
 <div class="container">
-  <div class="col-xs-6 col-sm-2 col-md-2">
+    <div class="col-xs-6 col-sm-2 col-md-2">
-    <div class="card-pf card-pf-accented card-pf-aggregate-status">
+        <div class="card-pf card-pf-accented card-pf-aggregate-status">
-      <h2 class="card-pf-title">
+            <h2 class="card-pf-title">
-        <a href="#"><span class="fa fa-shield"></span><span class="card-pf-aggregate-status-count"></span> {% trans 'Applications' %}</a>
+                <a href="{% url 'passbook_admin:applications' %}">
-      </h2>
+                    <span class="pficon-applications"></span>
-      <div class="card-pf-body">
+                    <span class="card-pf-aggregate-status-count"></span> {% trans 'Applications' %}
-        <p class="card-pf-aggregate-status-notifications">
+                </a>
-          <span class="card-pf-aggregate-status-notification"><a href="#"><span class="pficon pficon-ok"></span>{{ application_count }}</a></span>
+            </h2>
-        </p>
+            <div class="card-pf-body">
-      </div>
+                <p class="card-pf-aggregate-status-notifications">
                    <span class="card-pf-aggregate-status-notification">
                        <a href="{% url 'passbook_admin:applications' %}">
                            <span class="pficon pficon-ok"></span>{{ application_count }}
                        </a>
                    </span>
                </p>
            </div>
        </div>
    </div>
-  </div>
+    <div class="col-xs-6 col-sm-2 col-md-2">
-  <div class="col-xs-6 col-sm-2 col-md-2">
+        <div class="card-pf card-pf-accented card-pf-aggregate-status">
-    <div class="card-pf card-pf-accented card-pf-aggregate-status">
+            <h2 class="card-pf-title">
-      <h2 class="card-pf-title">
+                <a href="{% url 'passbook_admin:sources' %}">
-        <a href="#"><span class="fa fa-shield"></span><span class="card-pf-aggregate-status-count"></span> {% trans 'Providers' %}</a>
+                    <span class="pficon-resource-pool"></span>
-      </h2>
+                    <span class="card-pf-aggregate-status-count"></span> {% trans 'Sources' %}
-      <div class="card-pf-body">
+                </a>
-        <p class="card-pf-aggregate-status-notifications">
+            </h2>
-          <span class="card-pf-aggregate-status-notification"><a href="#"><span class="pficon pficon-ok"></span>{{ provider_count }}</a></span>
+            <div class="card-pf-body">
-        </p>
+                <p class="card-pf-aggregate-status-notifications">
-      </div>
+                    <span class="card-pf-aggregate-status-notification">
                        <a href="{% url 'passbook_admin:sources' %}">
                            <span class="pficon pficon-ok"></span>{{ source_count }}
                        </a>
                    </span>
                </p>
            </div>
        </div>
    </div>
-  </div>
+    <div class="col-xs-6 col-sm-2 col-md-2">
-  <div class="col-xs-6 col-sm-2 col-md-2">
+        <div class="card-pf card-pf-accented card-pf-aggregate-status">
-    <div class="card-pf card-pf-accented card-pf-aggregate-status">
+            <h2 class="card-pf-title">
-      <h2 class="card-pf-title">
+                <a href="{% url 'passbook_admin:providers' %}">
-        <a href="#"><span class="fa fa-shield"></span><span class="card-pf-aggregate-status-count"></span> {% trans 'Rules' %}</a>
+                    <span class="pficon-integration"></span>
-      </h2>
+                    <span class="card-pf-aggregate-status-count"></span> {% trans 'Providers' %}
-      <div class="card-pf-body">
+                </a>
-        <p class="card-pf-aggregate-status-notifications">
+            </h2>
-          <span class="card-pf-aggregate-status-notification"><a href="#"><span class="pficon pficon-ok"></span>{{ rule_count }}</a></span>
+            <div class="card-pf-body">
-        </p>
+                <p class="card-pf-aggregate-status-notifications">
-      </div>
+                    <span class="card-pf-aggregate-status-notification">
                        <a href="{% url 'passbook_admin:providers' %}">
                            {% if providers_without_application.exists %}
                            <span class="pficon-warning-triangle-o" data-toggle="tooltip" data-placement="right" title="{% trans 'Warning: At least one Provider has no application assigned.' %}"></span> {{ provider_count }}
                            {% else %}
                            <span class="pficon pficon-ok"></span> {{ provider_count }}
                            {% endif %}
                        </a>
                    </span>
                </p>
            </div>
        </div>
    </div>
-  </div>
+    <div class="col-xs-6 col-sm-2 col-md-2">
-  <div class="col-xs-6 col-sm-2 col-md-2">
+        <div class="card-pf card-pf-accented card-pf-aggregate-status">
-    <div class="card-pf card-pf-accented card-pf-aggregate-status">
+            <h2 class="card-pf-title">
-      <h2 class="card-pf-title">
+                <a href="{% url 'passbook_admin:factors' %}">
-        <a href="#"><span class="fa fa-shield"></span><span class="card-pf-aggregate-status-count"></span> {% trans 'Users' %}</a>
+                    <span class="pficon-plugged"></span>
-      </h2>
+                    <span class="card-pf-aggregate-status-count"></span> {% trans 'Factors' %}
-      <div class="card-pf-body">
+                </a>
-        <p class="card-pf-aggregate-status-notifications">
+            </h2>
-          <span class="card-pf-aggregate-status-notification"><a href="#"><span class="pficon pficon-ok"></span>{{ user_count }}</a></span>
+            <div class="card-pf-body">
-        </p>
+                <p class="card-pf-aggregate-status-notifications">
-      </div>
+                    <span class="card-pf-aggregate-status-notification">
                        {% if factor_count < 1 %}
                        <span class="pficon-error-circle-o" data-toggle="tooltip" data-placement="right"
                            title="{% trans 'No Factors configured. No Users will be able to login.' %}"></span>
                        {{ factor_count }}
                        {% else %}
                        <span class="pficon pficon-ok"></span>{{ factor_count }}
                        {% endif %}
                    </span>
                </p>
            </div>
        </div>
    </div>
    <div class="col-xs-6 col-sm-2 col-md-2">
        <div class="card-pf card-pf-accented card-pf-aggregate-status">
            <h2 class="card-pf-title">
                <a href="{% url 'passbook_admin:policies' %}">
                    <span class="pficon-infrastructure"></span>
                    <span class="card-pf-aggregate-status-count"></span> {% trans 'Policies' %}
                </a>
            </h2>
            <div class="card-pf-body">
                <p class="card-pf-aggregate-status-notifications">
                    <span class="card-pf-aggregate-status-notification">
                        {% if policies_without_attachment > 0 %}
                        <span class="pficon-warning-triangle-o" data-toggle="tooltip" data-placement="right"
                            title="{% trans 'Policies without attachment exist.' %}"></span>
                        {{ policy_count }}
                        {% else %}
                        <span class="pficon pficon-ok"></span>{{ policy_count }}
                        {% endif %}
                    </span>
                </p>
            </div>
        </div>
    </div>
    <div class="col-xs-6 col-sm-2 col-md-2">
        <div class="card-pf card-pf-accented card-pf-aggregate-status">
            <h2 class="card-pf-title">
                <a href="{% url 'passbook_admin:invitations' %}">
                    <span class="pficon-migration"></span>
                    <span class="card-pf-aggregate-status-count"></span> {% trans 'Invitation' %}
                </a>
            </h2>
            <div class="card-pf-body">
                <p class="card-pf-aggregate-status-notifications">
                    <span class="card-pf-aggregate-status-notification">
                        <a href="{% url 'passbook_admin:invitations' %}">
                            <span class="pficon pficon-ok"></span>{{ invitation_count }}
                        </a>
                    </span>
                </p>
            </div>
        </div>
    </div>
    <div class="col-xs-6 col-sm-2 col-md-2">
        <div class="card-pf card-pf-accented card-pf-aggregate-status">
            <h2 class="card-pf-title">
                <a href="{% url 'passbook_admin:users' %}">
                    <span class="pficon-users"></span>
                    <span class="card-pf-aggregate-status-count"></span> {% trans 'Users' %}
                </a>
            </h2>
            <div class="card-pf-body">
                <p class="card-pf-aggregate-status-notifications">
                    <span class="card-pf-aggregate-status-notification">
                        <a href="{% url 'passbook_admin:users' %}">
                            <span class="pficon pficon-ok"></span>{{ user_count }}
                        </a>
                    </span>
                </p>
            </div>
        </div>
    </div>
    <div class="col-xs-6 col-sm-2 col-md-2">
        <div class="card-pf card-pf-accented card-pf-aggregate-status">
            <h2 class="card-pf-title">
                <a href="#">
                    <span class="pficon-bundle"></span>
                    <span class="card-pf-aggregate-status-count"></span> {% trans 'Version' %}
                </a>
            </h2>
            <div class="card-pf-body">
                <p class="card-pf-aggregate-status-notifications">
                    <span class="card-pf-aggregate-status-notification">
                        <a href="#">
                            {{ version }}
                        </a>
                    </span>
                </p>
            </div>
        </div>
    </div>
    <div class="col-xs-6 col-sm-2 col-md-2">
        <div class="card-pf card-pf-accented card-pf-aggregate-status">
            <h2 class="card-pf-title">
                <a href="#">
                    <span class="pficon-server"></span>
                    <span class="card-pf-aggregate-status-count"></span> {% trans 'Worker(s)' %}
                </a>
            </h2>
            <div class="card-pf-body">
                <p class="card-pf-aggregate-status-notifications">
                    <span class="card-pf-aggregate-status-notification">
                        <a href="#">
                            {% if worker_count < 1%}
                            <span class="pficon-error-circle-o" data-toggle="tooltip" data-placement="right"
                                title="{% trans 'No workers connected. Policies will not work and you may expect other issues.' %}"></span> {{ worker_count }}
                            {% else %}
                            <span class="pficon pficon-ok"></span>{{ worker_count }}
                            {% endif %}
                        </a>
                    </span>
                </p>
            </div>
        </div>
    </div>
  </div>
 </div>
-{% endblock %}
+{% endblock %}
--- a/passbook/admin/templates/administration/policy/list.html
+++ b/passbook/admin/templates/administration/policy/list.html
@ -0,0 +1,62 @@
 {% extends "administration/base.html" %}
 {% load i18n %}
 {% load utils %}
 {% block title %}
 {% title %}
 {% endblock %}
 {% block content %}
 <div class="container">
    <h1><span class="pficon-infrastructure"></span> {% trans "Policies" %}</h1>
    <span>{% trans "Allow users to use Applications based on properties, enforce Password Criteria and selectively apply Factors." %}</span>
    <hr>
    <div class="dropdown">
        <button class="btn btn-primary dropdown-toggle" type="button" id="createDropdown" data-toggle="dropdown">
            {% trans 'Create...' %}
            <span class="caret"></span>
        </button>
        <ul class="dropdown-menu" role="menu" aria-labelledby="createDropdown">
            {% for type, name in types.items %}
            <li role="presentation"><a role="menuitem" tabindex="-1"
                    href="{% url 'passbook_admin:policy-create' %}?type={{ type }}&back={{ request.get_full_path }}">{{ name }}</a></li>
            {% endfor %}
        </ul>
    </div>
    <hr>
    <table class="table table-striped table-bordered">
        <thead>
            <tr>
                <th></th>
                <th>{% trans 'Name' %}</th>
                <th>{% trans 'Type' %}</th>
                <th></th>
            </tr>
        </thead>
        <tbody>
            {% for policy in object_list %}
            <tr {% if not policy.policymodel_set.exists %} class="warning" {% endif %}>
                <th>
                    {% if not policy.policymodel_set.exists %}
                    <span class="pficon-warning-triangle-o" data-toggle="tooltip" data-placement="right" title="{% trans 'Warning: Policy is not assigned.' %}"></span>
                    {% else %}
                    <span class="pficon-ok" data-toggle="tooltip" data-placement="right" title="{% blocktrans with objects=policy.policymodel_set.all|join:', ' %}Assigned to objects {{ objects }}{% endblocktrans %}"></span>
                    {% endif %}
                </th>
                <td>{{ policy.name }}</td>
                <td>{{ policy|verbose_name }}</td>
                <td>
                    <a class="btn btn-default btn-sm"
                        href="{% url 'passbook_admin:policy-update' pk=policy.uuid %}?back={{ request.get_full_path }}">{% trans 'Edit' %}</a>
                    <a class="btn btn-default btn-sm"
                        href="{% url 'passbook_admin:policy-test' pk=policy.uuid %}?back={{ request.get_full_path }}">{% trans 'Test' %}</a>
                    <a class="btn btn-default btn-sm"
                        href="{% url 'passbook_admin:policy-delete' pk=policy.uuid %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
                </td>
            </tr>
            {% endfor %}
        </tbody>
    </table>
 </div>
 {% endblock %}
--- a/passbook/admin/templates/administration/policy/test.html
+++ b/passbook/admin/templates/administration/policy/test.html
@ -0,0 +1,26 @@
 {% extends 'generic/form.html' %}
 {% load i18n %}
 {% block above_form %}
 <h1>{% blocktrans with policy=policy %}Test policy {{ policy }}{% endblocktrans %}</h1>
 {% endblock %}
 {% block action %}
 {% trans 'Test' %}
 {% endblock %}
 {% block beneath_form %}
 <p class="loading" style="display: none;">
  <span class="spinner spinner-xs spinner-inline"></span> {% trans 'Processing, please wait...' %}
 </p>
 {% endblock %}
 {% block scripts %}
 {{ block.super }}
 <script>
  $('form').on('submit', function () {
    $('p.loading').show();
  })
 </script>
 {% endblock %}
--- a/passbook/admin/templates/administration/property_mapping/list.html
+++ b/passbook/admin/templates/administration/property_mapping/list.html
@ -0,0 +1,52 @@
 {% extends "administration/base.html" %}
 {% load i18n %}
 {% load utils %}
 {% block title %}
 {% title %}
 {% endblock %}
 {% block content %}
 <div class="container">
    <h1><span class="fa fa-table"></span> {% trans "Property Mappings" %}</h1>
    <span>{% trans "Property Mappings allow you expose provider-specific attributes." %}</span>
    <hr>
    <div class="dropdown">
        <button class="btn btn-primary dropdown-toggle" type="button" id="createDropdown" data-toggle="dropdown">
            {% trans 'Create...' %}
            <span class="caret"></span>
        </button>
        <ul class="dropdown-menu" role="menu" aria-labelledby="createDropdown">
            {% for type, name in types.items %}
            <li role="presentation"><a role="menuitem" tabindex="-1"
                    href="{% url 'passbook_admin:property-mapping-create' %}?type={{ type }}&back={{ request.get_full_path }}">{{ name }}</a></li>
            {% endfor %}
        </ul>
    </div>
    <hr>
    <table class="table table-striped table-bordered">
        <thead>
            <tr>
                <th>{% trans 'Name' %}</th>
                <th>{% trans 'Type' %}</th>
                <th></th>
            </tr>
        </thead>
        <tbody>
            {% for property_mapping in object_list %}
            <tr>
                <td>{{ property_mapping.name }} ({{ property_mapping.slug }})</td>
                <td>{{ property_mapping|verbose_name }}</td>
                <td>
                    <a class="btn btn-default btn-sm"
                        href="{% url 'passbook_admin:property-mapping-update' pk=property_mapping.pk %}?back={{ request.get_full_path }}">{% trans 'Edit' %}</a>
                    <a class="btn btn-default btn-sm"
                        href="{% url 'passbook_admin:property-mapping-delete' pk=property_mapping.pk %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
                </td>
            </tr>
            {% endfor %}
        </tbody>
    </table>
 </div>
 {% endblock %}
--- a/passbook/admin/templates/administration/provider/list.html
+++ b/passbook/admin/templates/administration/provider/list.html
@ -10,43 +10,57 @@
 {% block content %}
 <div class="container">
-  <h1>{% trans "Providers" %}</h1>
+    <h1><span class="pficon-integration"></span> {% trans "Providers" %}</h1>
-  <div class="dropdown">
+    <span>{% trans "Authentication Protocol Provider, used as Protocol behind an Application." %}</span>
-    <button class="btn btn-primary dropdown-toggle" type="button" id="createDropdown" data-toggle="dropdown">
+    <hr>
-      {% trans 'Create...' %}
+    <div class="dropdown">
-      <span class="caret"></span>
+        <button class="btn btn-primary dropdown-toggle" type="button" id="createDropdown" data-toggle="dropdown">
-    </button>
+            {% trans 'Create...' %}
-    <ul class="dropdown-menu" role="menu" aria-labelledby="createDropdown">
+            <span class="caret"></span>
-      {% for type, name in types.items %}
+        </button>
-      <li role="presentation"><a role="menuitem" tabindex="-1" href="{% url 'passbook_admin:provider-create' %}?type={{ type }}">{{ name }}</a></li>
+        <ul class="dropdown-menu" role="menu" aria-labelledby="createDropdown">
-      {% endfor %}
+            {% for type, name in types.items %}
-    </ul>
+            <li role="presentation"><a role="menuitem" tabindex="-1"
-  </div>
+                    href="{% url 'passbook_admin:provider-create' %}?type={{ type }}&back={{ request.get_full_path }}">{{ name }}</a></li>
  <hr>
  <table class="table table-striped table-bordered">
    <thead>
      <tr>
        <th>{% trans 'Name' %}</th>
        <th>{% trans 'Class' %}</th>
        <th></th>
      </tr>
    </thead>
    <tbody>
      {% for provider in object_list %}
        <tr>
          <td>{{ provider.name }}</td>
          <td>{{ provider|fieldtype }}</td>
          <td>
            <a class="btn btn-default btn-sm" href="{% url 'passbook_admin:provider-update' pk=provider.pk %}?back={{ request.get_full_path }}">{% trans 'Edit' %}</a>
            <a class="btn btn-default btn-sm" href="{% url 'passbook_admin:provider-delete' pk=provider.pk %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
            {% get_links provider as links %}
            {% for name, href in links.items %}
              <a class="btn btn-default btn-sm" href="{{ href }}?back={{ request.get_full_path }}">{% trans name %}</a>
            {% endfor %}
-          </td>
+        </ul>
-        </tr>
+    </div>
-      {% endfor %}
+    <hr>
-    </tbody>
+    <table class="table table-striped table-bordered">
-  </table>
+        <thead>
            <tr>
                <th></th>
                <th>{% trans 'Name' %}</th>
                <th>{% trans 'Type' %}</th>
                <th></th>
            </tr>
        </thead>
        <tbody>
            {% for provider in object_list %}
            <tr {% if not provider.application %} class="warning" {% endif %}>
                <th>
                    {% if not provider.application %}
                    <span class="pficon-warning-triangle-o" data-toggle="tooltip" data-placement="right" title="{% trans 'Warning: Provider has no application assigned.' %}"></span>
                    {% else %}
                    <span class="pficon-ok" data-toggle="tooltip" data-placement="right" title="{% blocktrans with app=provider.application %}Assigned to Application {{ app }}{% endblocktrans %}"></span>
                    {% endif %}
                </th>
                <td>{{ provider.name }}</td>
                <td>{{ provider|verbose_name }}</td>
                <td>
                    <a class="btn btn-default btn-sm"
                        href="{% url 'passbook_admin:provider-update' pk=provider.pk %}?back={{ request.get_full_path }}">{% trans 'Edit' %}</a>
                    <a class="btn btn-default btn-sm"
                        href="{% url 'passbook_admin:provider-delete' pk=provider.pk %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
                    {% get_links provider as links %}
                    {% for name, href in links.items %}
                    <a class="btn btn-default btn-sm"
                        href="{{ href }}?back={{ request.get_full_path }}">{% trans name %}</a>
                    {% endfor %}
                </td>
            </tr>
            {% endfor %}
        </tbody>
    </table>
 </div>
 {% endblock %}
--- a/passbook/admin/templates/administration/rule/list.html
+++ b/passbook/admin/templates/administration/rule/list.html
@ -1,48 +0,0 @@
 {% extends "administration/base.html" %}
 {% load i18n %}
 {% load utils %}
 {% block title %}
 {% title %}
 {% endblock %}
 {% block content %}
 <div class="container">
  <h1>{% trans "Rules" %}</h1>
  <div class="dropdown">
    <button class="btn btn-primary dropdown-toggle" type="button" id="createDropdown" data-toggle="dropdown">
      {% trans 'Create...' %}
      <span class="caret"></span>
    </button>
    <ul class="dropdown-menu" role="menu" aria-labelledby="createDropdown">
      {% for type, name in types.items %}
      <li role="presentation"><a role="menuitem" tabindex="-1" href="{% url 'passbook_admin:rule-create' %}?type={{ type }}">{{ name }}</a></li>
      {% endfor %}
    </ul>
  </div>
  <hr>
  <table class="table table-striped table-bordered">
    <thead>
      <tr>
        <th>{% trans 'Name' %}</th>
        <th>{% trans 'Class' %}</th>
        <th></th>
      </tr>
    </thead>
    <tbody>
      {% for rule in object_list %}
        <tr>
          <td>{{ rule.name }}</td>
          <td>{{ rule|fieldtype }}</td>
          <td>
            <a class="btn btn-default btn-sm" href="{% url 'passbook_admin:rule-update' pk=rule.uuid %}?back={{ request.get_full_path }}">{% trans 'Edit' %}</a>
            <a class="btn btn-default btn-sm" href="{% url 'passbook_admin:rule-test' pk=rule.uuid %}?back={{ request.get_full_path }}">{% trans 'Test' %}</a>
            <a class="btn btn-default btn-sm" href="{% url 'passbook_admin:rule-delete' pk=rule.uuid %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
          </td>
        </tr>
      {% endfor %}
    </tbody>
  </table>
 </div>
 {% endblock %}
--- a/passbook/admin/templates/administration/rule/test.html
+++ b/passbook/admin/templates/administration/rule/test.html
@ -1,7 +0,0 @@
 {% extends 'generic/form.html' %}
 {% load i18n %}
 {% block above_form %}
 <h1>{% blocktrans with rule=rule %}Test rule {{ rule }}{% endblocktrans %}</h1>
 {% endblock %}
--- a/passbook/admin/templates/administration/source/list.html
+++ b/passbook/admin/templates/administration/source/list.html
@ -6,43 +6,51 @@
 {% block content %}
 <div class="container">
-  <h1>{% trans "Sources" %}</h1>
+    <h1><span class="pficon-resource-pool"></span> {% trans "Sources" %}</h1>
-  <div class="dropdown">
+    <span>{% trans "External Sources which can be used to get Identities into passbook, for example Social Providers like Twiter and GitHub or Enterprise Providers like ADFS and LDAP." %}</span>
-    <button class="btn btn-primary dropdown-toggle" type="button" id="createDropdown" data-toggle="dropdown">
+    <hr>
-      {% trans 'Create...' %}
+    <div class="dropdown">
-      <span class="caret"></span>
+        <button class="btn btn-primary dropdown-toggle" type="button" id="createDropdown" data-toggle="dropdown">
-    </button>
+            {% trans 'Create...' %}
-    <ul class="dropdown-menu" role="menu" aria-labelledby="createDropdown">
+            <span class="caret"></span>
-      {% for type, name in types.items %}
+        </button>
-      <li role="presentation"><a role="menuitem" tabindex="-1" href="{% url 'passbook_admin:source-create' %}?type={{ type }}">{{ name }}</a></li>
+        <ul class="dropdown-menu" role="menu" aria-labelledby="createDropdown">
-      {% endfor %}
+            {% for type, name in types.items %}
-    </ul>
+            <li role="presentation"><a role="menuitem" tabindex="-1"
-  </div>
+                    href="{% url 'passbook_admin:source-create' %}?type={{ type }}&back={{ request.get_full_path }}">{{ name }}</a></li>
  <hr>
  <table class="table table-striped table-bordered">
    <thead>
      <tr>
        <th>{% trans 'Name' %}</th>
        <th>{% trans 'Class' %}</th>
        <th></th>
      </tr>
    </thead>
    <tbody>
      {% for source in object_list %}
        <tr>
          <td>{{ source.name }}</td>
          <td>{{ source|fieldtype }}</td>
          <td>
            <a class="btn btn-default btn-sm" href="{% url 'passbook_admin:source-update' pk=source.uuid %}?back={{ request.get_full_path }}">{% trans 'Edit' %}</a>
            <a class="btn btn-default btn-sm" href="{% url 'passbook_admin:source-delete' pk=source.uuid %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
            {% get_links source as links %}
            {% for name, href in links %}
              <a class="btn btn-default btn-sm" href="{{ href }}?back={{ request.get_full_path }}">{% trans name %}</a>
            {% endfor %}
-          </td>
+        </ul>
-        </tr>
+    </div>
-      {% endfor %}
+    <hr>
-    </tbody>
+    <table class="table table-striped table-bordered">
-  </table>
+        <thead>
            <tr>
                <th>{% trans 'Name' %}</th>
                <th>{% trans 'Class' %}</th>
                <th>{% trans 'Additional Info' %}</th>
                <th></th>
            </tr>
        </thead>
        <tbody>
            {% for source in object_list %}
            <tr>
                <td>{{ source.name }}</td>
                <td>{{ source|fieldtype }}</td>
                <td>{{ source.additional_info }}</td>
                <td>
                    <a class="btn btn-default btn-sm"
                        href="{% url 'passbook_admin:source-update' pk=source.uuid %}?back={{ request.get_full_path }}">{% trans 'Edit' %}</a>
                    <a class="btn btn-default btn-sm"
                        href="{% url 'passbook_admin:source-delete' pk=source.uuid %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
                    {% get_links source as links %}
                    {% for name, href in links %}
                    <a class="btn btn-default btn-sm"
                        href="{{ href }}?back={{ request.get_full_path }}">{% trans name %}</a>
                    {% endfor %}
                </td>
            </tr>
            {% endfor %}
        </tbody>
    </table>
 </div>
 {% endblock %}
--- a/passbook/admin/templates/administration/user/list.html
+++ b/passbook/admin/templates/administration/user/list.html
@ -5,34 +5,38 @@
 {% block content %}
 <div class="container">
-  <h1>{% trans "Users" %}</h1>
+    <h1><span class="pficon-users"></span> {% trans "Users" %}</h1>
-  <hr>
+    <hr>
-  <table class="table table-striped table-bordered">
+    <table class="table table-striped table-bordered">
-    <thead>
+        <thead>
-      <tr>
+            <tr>
-        <th>{% trans 'Username' %}</th>
+                <th>{% trans 'Username' %}</th>
-        <th>{% trans 'First Name' %}</th>
+                <th>{% trans 'Name' %}</th>
-        <th>{% trans 'Last Name' %}</th>
+                <th>{% trans 'Active' %}</th>
-        <th>{% trans 'Active' %}</th>
+                <th>{% trans 'Last Login' %}</th>
-        <th>{% trans 'Last Login' %}</th>
+                <th></th>
-        <th></th>
+            </tr>
-      </tr>
+        </thead>
-    </thead>
+        <tbody>
-    <tbody>
+            {% for user in object_list %}
-      {% for user in object_list %}
+            <tr>
-        <tr>
+                <td>{{ user.username }}</td>
-          <td>{{ user.username }}</td>
+                <td>{{ user.name|default:'-' }}</td>
-          <td>{{ user.first_name|default:'-' }}</td>
+                <td>{{ user.is_active }}</td>
-          <td>{{ user.last_name|default:'-' }}</td>
+                <td>{{ user.last_login }}</td>
-          <td>{{ user.is_active }}</td>
+                <td>
-          <td>{{ user.last_login }}</td>
+                    <a class="btn btn-default btn-sm"
-          <td>
+                        href="{% url 'passbook_admin:user-update' pk=user.pk %}?back={{ request.get_full_path }}">{% trans 'Edit' %}</a>
-            <a class="btn btn-default btn-sm" href="{% url 'passbook_admin:user-update' pk=user.pk %}?back={{ request.get_full_path }}">{% trans 'Edit' %}</a>
+                    <a class="btn btn-default btn-sm"
-            <a class="btn btn-default btn-sm" href="{% url 'passbook_admin:user-delete' pk=user.pk %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
+                        href="{% url 'passbook_admin:user-delete' pk=user.pk %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
-          </td>
+                    <a class="btn btn-default btn-sm"
-        </tr>
+                        href="{% url 'passbook_admin:user-password-reset' pk=user.pk %}?back={{ request.get_full_path }}">{% trans 'Reset Password' %}</a>
-      {% endfor %}
+                    <a class="btn btn-default btn-sm"
-    </tbody>
+                        href="{% url 'passbook_core:overview' %}?__impersonate={{ user.pk }}">{% trans 'Impersonate' %}</a>
-  </table>
+                </td>
            </tr>
            {% endfor %}
        </tbody>
    </table>
 </div>
 {% endblock %}
--- a/passbook/admin/templates/generic/create.html
+++ b/passbook/admin/templates/generic/create.html
@ -1,7 +1,12 @@
 {% extends "generic/form.html" %}
 {% load utils %}
 {% load i18n %}
 {% block above_form %}
-<h1>{% trans 'Create' %}</h1>
+<h1>{% blocktrans with type=form|form_verbose_name %}Create {{ type }}{% endblocktrans %}</h1>
-{% endblock %}
+{% endblock %}
 {% block action %}
 {% blocktrans with type=form|form_verbose_name %}Create {{ type }}{% endblocktrans %}
 {% endblock %}
--- a/passbook/admin/templates/generic/create_inheritance.html
+++ b/passbook/admin/templates/generic/create_inheritance.html
@ -1,11 +0,0 @@
 {% extends "generic/create.html" %}
 {% load i18n %}
 {% block title %}
 {% blocktrans with type=request.GET.type %}Create {{ type }}{% endblocktrans %}
 {% endblock %}
 {% block above_form %}
 <h1>{% blocktrans with type=request.GET.type %}Create {{ type }}{% endblocktrans %}</h1>
 {% endblock %}
--- a/passbook/admin/templates/generic/form.html
+++ b/passbook/admin/templates/generic/form.html
@ -2,6 +2,21 @@
 {% load i18n %}
 {% load utils %}
 {% load static %}
 {% block head %}
 {{ block.super }}
 {{ form.media.css }}
 <script type="text/javascript" src="{% url 'admin:jsi18n' %}"></script>
 <script type="text/javascript" src="{% static 'admin/js/vendor/jquery/jquery.js' %}"></script>
 <script type="text/javascript" src="{% static 'admin/js/jquery.init.js' %}"></script>
 <script type="text/javascript" src="{% static 'admin/js/core.js' %}"></script>
 <script type="text/javascript" src="{% static 'admin/js/actions.js' %}"></script>
 <script type="text/javascript" src="{% static 'admin/js/urlify.js' %}"></script>
 <script type="text/javascript" src="{% static 'admin/js/prepopulate.js' %}"></script>
 <script type="text/javascript" src="{% static 'admin/js/SelectBox.js' %}"></script>
 <script type="text/javascript" src="{% static 'admin/js/SelectFilter2.js' %}"></script>
 {% endblock %}
 {% block content %}
 <div class="container">
@ -11,8 +26,15 @@
    <form action="" method="post" class="form-horizontal">
      {% include 'partials/form.html' with form=form %}
      <a class="btn btn-default" href="{% back %}">{% trans "Cancel" %}</a>
-      <input type="submit" class="btn btn-primary" value="{% trans 'Create' %}" />
+      <input type="submit" class="btn btn-primary" value="{% block action %}{% endblock %}" />
    </form>
  </div>
  {% block beneath_form %}
  {% endblock %}
 </div>
 {% endblock %}
 {% block scripts %}
 {{ block.super }}
 {{ form.media.js }}
 {% endblock %}
--- a/passbook/admin/templates/generic/update.html
+++ b/passbook/admin/templates/generic/update.html
@ -1,7 +1,12 @@
 {% extends "generic/form.html" %}
 {% load utils %}
 {% load i18n %}
 {% block above_form %}
-<h1>{% trans 'Update' %}</h1>
+<h1>{% blocktrans with type=form|form_verbose_name %}Update {{ type }}{% endblocktrans %}</h1>
-{% endblock %}
+{% endblock %}
 {% block action %}
 {% blocktrans with type=form|form_verbose_name %}Update {{ type }}{% endblocktrans %}
 {% endblock %}
--- a/passbook/admin/urls.py
+++ b/passbook/admin/urls.py
@ -1,12 +1,9 @@
 """passbook URL Configuration"""
 from django.urls import include, path
 from rest_framework_swagger.views import get_swagger_view
 from passbook.admin.views import (applications, audit, groups, invitations,
                                  overview, providers, rules, sources, users)
 schema_view = get_swagger_view(title='passbook Admin Internal API')
 from passbook.admin.views import (applications, audit, factors, groups,
                                  invitations, overview, policy,
                                  property_mapping, providers, sources, users)
 urlpatterns = [
    path('', overview.AdministrationOverviewView.as_view(), name='overview'),
@ -24,12 +21,12 @@ urlpatterns = [
    path('sources/create/', sources.SourceCreateView.as_view(), name='source-create'),
    path('sources/<uuid:pk>/update/', sources.SourceUpdateView.as_view(), name='source-update'),
    path('sources/<uuid:pk>/delete/', sources.SourceDeleteView.as_view(), name='source-delete'),
-    # Rules
+    # Policies
-    path('rules/', rules.RuleListView.as_view(), name='rules'),
+    path('policies/', policy.PolicyListView.as_view(), name='policies'),
-    path('rules/create/', rules.RuleCreateView.as_view(), name='rule-create'),
+    path('policies/create/', policy.PolicyCreateView.as_view(), name='policy-create'),
-    path('rules/<uuid:pk>/update/', rules.RuleUpdateView.as_view(), name='rule-update'),
+    path('policies/<uuid:pk>/update/', policy.PolicyUpdateView.as_view(), name='policy-update'),
-    path('rules/<uuid:pk>/delete/', rules.RuleDeleteView.as_view(), name='rule-delete'),
+    path('policies/<uuid:pk>/delete/', policy.PolicyDeleteView.as_view(), name='policy-delete'),
-    path('rules/<uuid:pk>/test/', rules.RuleTestView.as_view(), name='rule-test'),
+    path('policies/<uuid:pk>/test/', policy.PolicyTestView.as_view(), name='policy-test'),
    # Providers
    path('providers/', providers.ProviderListView.as_view(), name='providers'),
    path('providers/create/',
@ -38,6 +35,23 @@ urlpatterns = [
         providers.ProviderUpdateView.as_view(), name='provider-update'),
    path('providers/<int:pk>/delete/',
         providers.ProviderDeleteView.as_view(), name='provider-delete'),
    # Factors
    path('factors/', factors.FactorListView.as_view(), name='factors'),
    path('factors/create/',
         factors.FactorCreateView.as_view(), name='factor-create'),
    path('factors/<uuid:pk>/update/',
         factors.FactorUpdateView.as_view(), name='factor-update'),
    path('factors/<uuid:pk>/delete/',
         factors.FactorDeleteView.as_view(), name='factor-delete'),
    # Factors
    path('property-mappings/', property_mapping.PropertyMappingListView.as_view(),
         name='property-mappings'),
    path('property-mappings/create/',
         property_mapping.PropertyMappingCreateView.as_view(), name='property-mapping-create'),
    path('property-mappings/<uuid:pk>/update/',
         property_mapping.PropertyMappingUpdateView.as_view(), name='property-mapping-update'),
    path('property-mappings/<uuid:pk>/delete/',
         property_mapping.PropertyMappingDeleteView.as_view(), name='property-mapping-delete'),
    # Invitations
    path('invitations/', invitations.InvitationListView.as_view(), name='invitations'),
    path('invitations/create/',
@ -51,11 +65,17 @@ urlpatterns = [
         users.UserUpdateView.as_view(), name='user-update'),
    path('users/<int:pk>/delete/',
         users.UserDeleteView.as_view(), name='user-delete'),
    path('users/<int:pk>/reset/',
         users.UserPasswordResetView.as_view(), name='user-password-reset'),
    # Groups
    path('group/', groups.GroupListView.as_view(), name='group'),
    path('group/create/', groups.GroupCreateView.as_view(), name='group-create'),
    path('group/<uuid:pk>/update/', groups.GroupUpdateView.as_view(), name='group-update'),
    path('group/<uuid:pk>/delete/', groups.GroupDeleteView.as_view(), name='group-delete'),
    # Audit Log
    path('audit/', audit.AuditEntryListView.as_view(), name='audit-log'),
    # Groups
    path('groups/', groups.GroupListView.as_view(), name='groups'),
    # API
-    path('api/', schema_view),
+    path('api/', include('passbook.admin.api.urls'))
    path('api/v1/', include('passbook.admin.api.v1.urls'))
 ]
--- a/passbook/admin/views/applications.py
+++ b/passbook/admin/views/applications.py
@ -1,4 +1,5 @@
 """passbook Application administration"""
 from django.contrib import messages
 from django.contrib.messages.views import SuccessMessageMixin
 from django.urls import reverse_lazy
 from django.utils.translation import ugettext as _
@ -13,6 +14,7 @@ class ApplicationListView(AdminRequiredMixin, ListView):
    """Show list of all applications"""
    model = Application
    ordering = 'name'
    template_name = 'administration/application/list.html'
    def get_queryset(self):
@ -28,6 +30,10 @@ class ApplicationCreateView(SuccessMessageMixin, AdminRequiredMixin, CreateView)
    success_url = reverse_lazy('passbook_admin:applications')
    success_message = _('Successfully created Application')
    def get_context_data(self, **kwargs):
        kwargs['type'] = 'Application'
        return super().get_context_data(**kwargs)
 class ApplicationUpdateView(SuccessMessageMixin, AdminRequiredMixin, UpdateView):
    """Update application"""
@ -45,5 +51,10 @@ class ApplicationDeleteView(SuccessMessageMixin, AdminRequiredMixin, DeleteView)
    model = Application
    template_name = 'generic/delete.html'
    success_url = reverse_lazy('passbook_admin:applications')
-    success_message = _('Successfully updated Application')
+    success_message = _('Successfully deleted Application')
    def delete(self, request, *args, **kwargs):
        messages.success(self.request, self.success_message)
        return super().delete(request, *args, **kwargs)
--- a/passbook/admin/views/factors.py
+++ b/passbook/admin/views/factors.py
@ -0,0 +1,84 @@
 """passbook Factor administration"""
 from django.contrib import messages
 from django.contrib.messages.views import SuccessMessageMixin
 from django.http import Http404
 from django.urls import reverse_lazy
 from django.utils.translation import ugettext as _
 from django.views.generic import CreateView, DeleteView, ListView, UpdateView
 from passbook.admin.mixins import AdminRequiredMixin
 from passbook.core.models import Factor
 from passbook.lib.utils.reflection import path_to_class
 def all_subclasses(cls):
    """Recursively return all subclassess of cls"""
    return set(cls.__subclasses__()).union(
        [s for c in cls.__subclasses__() for s in all_subclasses(c)])
 class FactorListView(AdminRequiredMixin, ListView):
    """Show list of all factors"""
    model = Factor
    template_name = 'administration/factor/list.html'
    ordering = 'order'
    def get_context_data(self, **kwargs):
        kwargs['types'] = {
            x.__name__: x._meta.verbose_name for x in all_subclasses(Factor)}
        return super().get_context_data(**kwargs)
    def get_queryset(self):
        return super().get_queryset().select_subclasses()
 class FactorCreateView(SuccessMessageMixin, AdminRequiredMixin, CreateView):
    """Create new Factor"""
    template_name = 'generic/create.html'
    success_url = reverse_lazy('passbook_admin:factors')
    success_message = _('Successfully created Factor')
    def get_context_data(self, **kwargs):
        kwargs = super().get_context_data(**kwargs)
        factor_type = self.request.GET.get('type')
        model = next(x for x in all_subclasses(Factor) if x.__name__ == factor_type)
        kwargs['type'] = model._meta.verbose_name
        return kwargs
    def get_form_class(self):
        factor_type = self.request.GET.get('type')
        model = next(x for x in all_subclasses(Factor) if x.__name__ == factor_type)
        if not model:
            raise Http404
        return path_to_class(model.form)
 class FactorUpdateView(SuccessMessageMixin, AdminRequiredMixin, UpdateView):
    """Update factor"""
    model = Factor
    template_name = 'generic/update.html'
    success_url = reverse_lazy('passbook_admin:factors')
    success_message = _('Successfully updated Factor')
    def get_form_class(self):
        form_class_path = self.get_object().form
        form_class = path_to_class(form_class_path)
        return form_class
    def get_object(self, queryset=None):
        return Factor.objects.filter(pk=self.kwargs.get('pk')).select_subclasses().first()
 class FactorDeleteView(SuccessMessageMixin, AdminRequiredMixin, DeleteView):
    """Delete factor"""
    model = Factor
    template_name = 'generic/delete.html'
    success_url = reverse_lazy('passbook_admin:factors')
    success_message = _('Successfully deleted Factor')
    def get_object(self, queryset=None):
        return Factor.objects.filter(pk=self.kwargs.get('pk')).select_subclasses().first()
    def delete(self, request, *args, **kwargs):
        messages.success(self.request, self.success_message)
        return super().delete(request, *args, **kwargs)
--- a/passbook/admin/views/groups.py
+++ b/passbook/admin/views/groups.py
@ -1,12 +1,57 @@
 """passbook Group administration"""
-from django.views.generic import ListView
+from django.contrib import messages
 from django.contrib.messages.views import SuccessMessageMixin
 from django.urls import reverse_lazy
 from django.utils.translation import ugettext as _
 from django.views.generic import CreateView, DeleteView, ListView, UpdateView
 from passbook.admin.mixins import AdminRequiredMixin
 from passbook.core.forms.groups import GroupForm
 from passbook.core.models import Group
 class GroupListView(AdminRequiredMixin, ListView):
-    """Show list of all invitations"""
+    """Show list of all groups"""
    model = Group
-    template_name = 'administration/groups/list.html'
+    ordering = 'name'
    template_name = 'administration/group/list.html'
 class GroupCreateView(SuccessMessageMixin, AdminRequiredMixin, CreateView):
    """Create new Group"""
    form_class = GroupForm
    template_name = 'generic/create.html'
    success_url = reverse_lazy('passbook_admin:groups')
    success_message = _('Successfully created Group')
    def get_context_data(self, **kwargs):
        kwargs['type'] = 'Group'
        return super().get_context_data(**kwargs)
 class GroupUpdateView(SuccessMessageMixin, AdminRequiredMixin, UpdateView):
    """Update group"""
    model = Group
    form_class = GroupForm
    template_name = 'generic/update.html'
    success_url = reverse_lazy('passbook_admin:groups')
    success_message = _('Successfully updated Group')
 class GroupDeleteView(SuccessMessageMixin, AdminRequiredMixin, DeleteView):
    """Delete group"""
    model = Group
    template_name = 'generic/delete.html'
    success_url = reverse_lazy('passbook_admin:groups')
    success_message = _('Successfully deleted Group')
    def delete(self, request, *args, **kwargs):
        messages.success(self.request, self.success_message)
        return super().delete(request, *args, **kwargs)
--- a/passbook/admin/views/invitations.py
+++ b/passbook/admin/views/invitations.py
@ -1,4 +1,5 @@
 """passbook Invitation administration"""
 from django.contrib import messages
 from django.contrib.messages.views import SuccessMessageMixin
 from django.http import HttpResponseRedirect
 from django.urls import reverse_lazy
@ -26,6 +27,10 @@ class InvitationCreateView(SuccessMessageMixin, AdminRequiredMixin, CreateView):
    success_message = _('Successfully created Invitation')
    form_class = InvitationForm
    def get_context_data(self, **kwargs):
        kwargs['type'] = 'Invitation'
        return super().get_context_data(**kwargs)
    def form_valid(self, form):
        obj = form.save(commit=False)
        obj.created_by = self.request.user
@ -42,4 +47,8 @@ class InvitationDeleteView(SuccessMessageMixin, AdminRequiredMixin, DeleteView):
    model = Invitation
    template_name = 'generic/delete.html'
    success_url = reverse_lazy('passbook_admin:invitations')
-    success_message = _('Successfully updated Invitation')
+    success_message = _('Successfully deleted Invitation')
    def delete(self, request, *args, **kwargs):
        messages.success(self.request, self.success_message)
        return super().delete(request, *args, **kwargs)
--- a/passbook/admin/views/overview.py
+++ b/passbook/admin/views/overview.py
@ -2,7 +2,10 @@
 from django.views.generic import TemplateView
 from passbook.admin.mixins import AdminRequiredMixin
-from passbook.core.models import Application, Provider, Rule, User
+from passbook.core import __version__
 from passbook.core.celery import CELERY_APP
 from passbook.core.models import (Application, Factor, Invitation, Policy,
                                  Provider, Source, User)
 class AdministrationOverviewView(AdminRequiredMixin, TemplateView):
@ -12,7 +15,14 @@ class AdministrationOverviewView(AdminRequiredMixin, TemplateView):
    def get_context_data(self, **kwargs):
        kwargs['application_count'] = len(Application.objects.all())
-        kwargs['rule_count'] = len(Rule.objects.all())
+        kwargs['policy_count'] = len(Policy.objects.all())
        kwargs['user_count'] = len(User.objects.all())
        kwargs['provider_count'] = len(Provider.objects.all())
        kwargs['source_count'] = len(Source.objects.all())
        kwargs['factor_count'] = len(Factor.objects.all())
        kwargs['invitation_count'] = len(Invitation.objects.all())
        kwargs['version'] = __version__
        kwargs['worker_count'] = len(CELERY_APP.control.ping(timeout=0.5))
        kwargs['providers_without_application'] = Provider.objects.filter(application=None)
        kwargs['policies_without_attachment'] = len(Policy.objects.filter(policymodel__isnull=True))
        return super().get_context_data(**kwargs)
--- a/passbook/admin/views/policy.py
+++ b/passbook/admin/views/policy.py
@ -0,0 +1,111 @@
 """passbook Policy administration"""
 from django.contrib import messages
 from django.contrib.messages.views import SuccessMessageMixin
 from django.http import Http404
 from django.urls import reverse_lazy
 from django.utils.translation import ugettext as _
 from django.views.generic import (CreateView, DeleteView, FormView, ListView,
                                  UpdateView)
 from django.views.generic.detail import DetailView
 from passbook.admin.forms.policies import PolicyTestForm
 from passbook.admin.mixins import AdminRequiredMixin
 from passbook.core.models import Policy
 from passbook.core.policies import PolicyEngine
 from passbook.lib.utils.reflection import path_to_class
 class PolicyListView(AdminRequiredMixin, ListView):
    """Show list of all policies"""
    model = Policy
    template_name = 'administration/policy/list.html'
    def get_context_data(self, **kwargs):
        kwargs['types'] = {
            x.__name__: x._meta.verbose_name for x in Policy.__subclasses__()}
        return super().get_context_data(**kwargs)
    def get_queryset(self):
        return super().get_queryset().order_by('order').select_subclasses()
 class PolicyCreateView(SuccessMessageMixin, AdminRequiredMixin, CreateView):
    """Create new Policy"""
    template_name = 'generic/create.html'
    success_url = reverse_lazy('passbook_admin:policies')
    success_message = _('Successfully created Policy')
    def get_form_class(self):
        policy_type = self.request.GET.get('type')
        model = next(x for x in Policy.__subclasses__()
                     if x.__name__ == policy_type)
        if not model:
            raise Http404
        return path_to_class(model.form)
 class PolicyUpdateView(SuccessMessageMixin, AdminRequiredMixin, UpdateView):
    """Update policy"""
    model = Policy
    template_name = 'generic/update.html'
    success_url = reverse_lazy('passbook_admin:policies')
    success_message = _('Successfully updated Policy')
    def get_form_class(self):
        form_class_path = self.get_object().form
        form_class = path_to_class(form_class_path)
        return form_class
    def get_object(self, queryset=None):
        return Policy.objects.filter(pk=self.kwargs.get('pk')).select_subclasses().first()
 class PolicyDeleteView(SuccessMessageMixin, AdminRequiredMixin, DeleteView):
    """Delete policy"""
    model = Policy
    template_name = 'generic/delete.html'
    success_url = reverse_lazy('passbook_admin:policies')
    success_message = _('Successfully deleted Policy')
    def get_object(self, queryset=None):
        return Policy.objects.filter(pk=self.kwargs.get('pk')).select_subclasses().first()
    def delete(self, request, *args, **kwargs):
        messages.success(self.request, self.success_message)
        return super().delete(request, *args, **kwargs)
 class PolicyTestView(AdminRequiredMixin, DetailView, FormView):
    """View to test policy(s)"""
    model = Policy
    form_class = PolicyTestForm
    template_name = 'administration/policy/test.html'
    object = None
    def get_object(self, queryset=None):
        return Policy.objects.filter(pk=self.kwargs.get('pk')).select_subclasses().first()
    def get_context_data(self, **kwargs):
        kwargs['policy'] = self.get_object()
        return super().get_context_data(**kwargs)
    def post(self, *args, **kwargs):
        self.object = self.get_object()
        return super().post(*args, **kwargs)
    def form_valid(self, form):
        policy = self.get_object()
        user = form.cleaned_data.get('user')
        policy_engine = PolicyEngine([policy])
        policy_engine.for_user(user).with_request(self.request).build()
        result = policy_engine.passing
        if result:
            messages.success(self.request, _('User successfully passed policy.'))
        else:
            messages.error(self.request, _("User didn't pass policy."))
        return self.render_to_response(self.get_context_data(form=form, result=result))
--- a/passbook/admin/views/property_mapping.py
+++ b/passbook/admin/views/property_mapping.py
@ -0,0 +1,90 @@
 """passbook PropertyMapping administration"""
 from django.contrib import messages
 from django.contrib.messages.views import SuccessMessageMixin
 from django.http import Http404
 from django.urls import reverse_lazy
 from django.utils.translation import ugettext as _
 from django.views.generic import CreateView, DeleteView, ListView, UpdateView
 from passbook.admin.mixins import AdminRequiredMixin
 from passbook.core.models import PropertyMapping
 from passbook.lib.utils.reflection import path_to_class
 def all_subclasses(cls):
    """Recursively return all subclassess of cls"""
    return set(cls.__subclasses__()).union(
        [s for c in cls.__subclasses__() for s in all_subclasses(c)])
 class PropertyMappingListView(AdminRequiredMixin, ListView):
    """Show list of all property_mappings"""
    model = PropertyMapping
    template_name = 'administration/property_mapping/list.html'
    ordering = 'name'
    def get_context_data(self, **kwargs):
        kwargs['types'] = {
            x.__name__: x._meta.verbose_name for x in all_subclasses(PropertyMapping)}
        return super().get_context_data(**kwargs)
    def get_queryset(self):
        return super().get_queryset().select_subclasses()
 class PropertyMappingCreateView(SuccessMessageMixin, AdminRequiredMixin, CreateView):
    """Create new PropertyMapping"""
    template_name = 'generic/create.html'
    success_url = reverse_lazy('passbook_admin:property-mappings')
    success_message = _('Successfully created Property Mapping')
    def get_context_data(self, **kwargs):
        kwargs = super().get_context_data(**kwargs)
        property_mapping_type = self.request.GET.get('type')
        model = next(x for x in all_subclasses(PropertyMapping)
                     if x.__name__ == property_mapping_type)
        kwargs['type'] = model._meta.verbose_name
        return kwargs
    def get_form_class(self):
        property_mapping_type = self.request.GET.get('type')
        model = next(x for x in all_subclasses(PropertyMapping)
                     if x.__name__ == property_mapping_type)
        if not model:
            raise Http404
        return path_to_class(model.form)
 class PropertyMappingUpdateView(SuccessMessageMixin, AdminRequiredMixin, UpdateView):
    """Update property_mapping"""
    model = PropertyMapping
    template_name = 'generic/update.html'
    success_url = reverse_lazy('passbook_admin:property-mappings')
    success_message = _('Successfully updated Property Mapping')
    def get_form_class(self):
        form_class_path = self.get_object().form
        form_class = path_to_class(form_class_path)
        return form_class
    def get_object(self, queryset=None):
        return PropertyMapping.objects.filter(pk=self.kwargs.get('pk')).select_subclasses().first()
 class PropertyMappingDeleteView(SuccessMessageMixin, AdminRequiredMixin, DeleteView):
    """Delete property_mapping"""
    model = PropertyMapping
    template_name = 'generic/delete.html'
    success_url = reverse_lazy('passbook_admin:property-mappings')
    success_message = _('Successfully deleted Property Mapping')
    def get_object(self, queryset=None):
        return PropertyMapping.objects.filter(pk=self.kwargs.get('pk')).select_subclasses().first()
    def delete(self, request, *args, **kwargs):
        messages.success(self.request, self.success_message)
        return super().delete(request, *args, **kwargs)
--- a/passbook/admin/views/providers.py
+++ b/passbook/admin/views/providers.py
@ -1,4 +1,5 @@
 """passbook Provider administration"""
 from django.contrib import messages
 from django.contrib.messages.views import SuccessMessageMixin
 from django.http import Http404
 from django.urls import reverse_lazy
@ -28,7 +29,7 @@ class ProviderListView(AdminRequiredMixin, ListView):
 class ProviderCreateView(SuccessMessageMixin, AdminRequiredMixin, CreateView):
    """Create new Provider"""
-    template_name = 'generic/create_inheritance.html'
+    template_name = 'generic/create.html'
    success_url = reverse_lazy('passbook_admin:providers')
    success_message = _('Successfully created Provider')
@ -64,7 +65,11 @@ class ProviderDeleteView(SuccessMessageMixin, AdminRequiredMixin, DeleteView):
    model = Provider
    template_name = 'generic/delete.html'
    success_url = reverse_lazy('passbook_admin:providers')
-    success_message = _('Successfully updated Provider')
+    success_message = _('Successfully deleted Provider')
    def get_object(self, queryset=None):
        return Provider.objects.filter(pk=self.kwargs.get('pk')).select_subclasses().first()
    def delete(self, request, *args, **kwargs):
        messages.success(self.request, self.success_message)
        return super().delete(request, *args, **kwargs)
--- a/passbook/admin/views/rules.py
+++ b/passbook/admin/views/rules.py
@ -1,104 +0,0 @@
 """passbook Rule administration"""
 from django.contrib import messages
 from django.contrib.messages.views import SuccessMessageMixin
 from django.http import Http404
 from django.urls import reverse_lazy
 from django.utils.translation import ugettext as _
 from django.views.generic import (CreateView, DeleteView, FormView, ListView,
                                  UpdateView)
 from django.views.generic.detail import DetailView
 from passbook.admin.forms.rule import RuleTestForm
 from passbook.admin.mixins import AdminRequiredMixin
 from passbook.core.models import Rule
 from passbook.lib.utils.reflection import path_to_class
 class RuleListView(AdminRequiredMixin, ListView):
    """Show list of all rules"""
    model = Rule
    template_name = 'administration/rule/list.html'
    def get_context_data(self, **kwargs):
        kwargs['types'] = {
            x.__name__: x._meta.verbose_name for x in Rule.__subclasses__()}
        return super().get_context_data(**kwargs)
    def get_queryset(self):
        return super().get_queryset().order_by('order').select_subclasses()
 class RuleCreateView(SuccessMessageMixin, AdminRequiredMixin, CreateView):
    """Create new Rule"""
    template_name = 'generic/create_inheritance.html'
    success_url = reverse_lazy('passbook_admin:rules')
    success_message = _('Successfully created Rule')
    def get_form_class(self):
        rule_type = self.request.GET.get('type')
        model = next(x for x in Rule.__subclasses__()
                     if x.__name__ == rule_type)
        if not model:
            raise Http404
        return path_to_class(model.form)
 class RuleUpdateView(SuccessMessageMixin, AdminRequiredMixin, UpdateView):
    """Update rule"""
    model = Rule
    template_name = 'generic/update.html'
    success_url = reverse_lazy('passbook_admin:rules')
    success_message = _('Successfully updated Rule')
    def get_form_class(self):
        form_class_path = self.get_object().form
        form_class = path_to_class(form_class_path)
        return form_class
    def get_object(self, queryset=None):
        return Rule.objects.filter(pk=self.kwargs.get('pk')).select_subclasses().first()
 class RuleDeleteView(SuccessMessageMixin, AdminRequiredMixin, DeleteView):
    """Delete rule"""
    model = Rule
    template_name = 'generic/delete.html'
    success_url = reverse_lazy('passbook_admin:rules')
    success_message = _('Successfully updated Rule')
    def get_object(self, queryset=None):
        return Rule.objects.filter(pk=self.kwargs.get('pk')).select_subclasses().first()
 class RuleTestView(AdminRequiredMixin, DetailView, FormView):
    """View to test rule(s)"""
    model = Rule
    form_class = RuleTestForm
    template_name = 'administration/rule/test.html'
    object = None
    def get_object(self, queryset=None):
        return Rule.objects.filter(pk=self.kwargs.get('pk')).select_subclasses().first()
    def get_context_data(self, **kwargs):
        kwargs['rule'] = self.get_object()
        return super().get_context_data(**kwargs)
    def post(self, *args, **kwargs):
        self.object = self.get_object()
        return super().post(*args, **kwargs)
    def form_valid(self, form):
        rule = self.get_object()
        user = form.cleaned_data.get('user')
        result = rule.passes(user)
        if result:
            messages.success(self.request, _('User successfully passed rule.'))
        else:
            messages.error(self.request, _("User didn't pass rule."))
        return self.render_to_response(self.get_context_data(form=form, result=result))
--- a/passbook/admin/views/sources.py
+++ b/passbook/admin/views/sources.py
@ -1,4 +1,5 @@
 """passbook Source administration"""
 from django.contrib import messages
 from django.contrib.messages.views import SuccessMessageMixin
 from django.http import Http404
 from django.urls import reverse_lazy
@ -33,7 +34,7 @@ class SourceListView(AdminRequiredMixin, ListView):
 class SourceCreateView(SuccessMessageMixin, AdminRequiredMixin, CreateView):
    """Create new Source"""
-    template_name = 'generic/create_inheritance.html'
+    template_name = 'generic/create.html'
    success_url = reverse_lazy('passbook_admin:sources')
    success_message = _('Successfully created Source')
@ -66,9 +67,13 @@ class SourceDeleteView(SuccessMessageMixin, AdminRequiredMixin, DeleteView):
    """Delete source"""
    model = Source
-
+    template_name = 'generic/delete.html'
    success_url = reverse_lazy('passbook_admin:sources')
-    success_message = _('Successfully updated Source')
+    success_message = _('Successfully deleted Source')
    def get_object(self, queryset=None):
        return Source.objects.filter(pk=self.kwargs.get('pk')).select_subclasses().first()
    def delete(self, request, *args, **kwargs):
        messages.success(self.request, self.success_message)
        return super().delete(request, *args, **kwargs)
--- a/passbook/admin/views/users.py
+++ b/passbook/admin/views/users.py
@ -1,12 +1,15 @@
 """passbook User administration"""
 from django.contrib import messages
 from django.contrib.messages.views import SuccessMessageMixin
-from django.urls import reverse_lazy
+from django.shortcuts import get_object_or_404, redirect
 from django.urls import reverse, reverse_lazy
 from django.utils.translation import ugettext as _
 from django.views import View
 from django.views.generic import DeleteView, ListView, UpdateView
 from passbook.admin.forms.users import UserForm
 from passbook.admin.mixins import AdminRequiredMixin
-from passbook.core.forms.user import UserDetailForm
+from passbook.core.models import Nonce, User
 from passbook.core.models import User
 class UserListView(AdminRequiredMixin, ListView):
@ -20,7 +23,7 @@ class UserUpdateView(SuccessMessageMixin, AdminRequiredMixin, UpdateView):
    """Update user"""
    model = User
-    form_class = UserDetailForm
+    form_class = UserForm
    template_name = 'generic/update.html'
    success_url = reverse_lazy('passbook_admin:users')
@ -31,6 +34,24 @@ class UserDeleteView(SuccessMessageMixin, AdminRequiredMixin, DeleteView):
    """Delete user"""
    model = User
-
+    template_name = 'generic/delete.html'
    success_url = reverse_lazy('passbook_admin:users')
-    success_message = _('Successfully updated User')
+    success_message = _('Successfully deleted User')
    def delete(self, request, *args, **kwargs):
        messages.success(self.request, self.success_message)
        return super().delete(request, *args, **kwargs)
 class UserPasswordResetView(AdminRequiredMixin, View):
    """Get Password reset link for user"""
    # pylint: disable=invalid-name
    def get(self, request, pk):
        """Create nonce for user and return link"""
        user = get_object_or_404(User, pk=pk)
        nonce = Nonce.objects.create(user=user)
        link = request.build_absolute_uri(reverse(
            'passbook_core:auth-password-reset', kwargs={'nonce': nonce.uuid}))
        messages.success(request, _('Password reset link: <pre>%(link)s</pre>' % {'link': link}))
        return redirect('passbook_admin:users')
--- a/passbook/api/init.py
+++ b/passbook/api/init.py
@ -1,2 +1,2 @@
 """passbook api"""
-__version__ = '0.0.1-alpha'
+__version__ = '0.1.13-beta'
--- a/passbook/api/apps.py
+++ b/passbook/api/apps.py
@ -9,3 +9,4 @@ class PassbookAPIConfig(AppConfig):
    name = 'passbook.api'
    label = 'passbook_api'
    mountpoint = 'api/'
    verbose_name = 'passbook API'
--- a/passbook/api/requirements.txt
+++ b/passbook/api/requirements.txt
@ -0,0 +1,3 @@
 django-rest-framework
 drf_yasg
 django-filters
--- a/passbook/api/v1/openid.py
+++ b/passbook/api/v1/openid.py
@ -14,8 +14,8 @@ class OpenIDUserInfoView(ScopedResourceMixin, View):
        payload = {
            'sub': request.user.uuid.int,
            'name': request.user.get_full_name(),
-            'given_name': request.user.first_name,
+            'given_name': request.user.name,
-            'family_name': request.user.last_name,
+            'family_name': '',
            'preferred_username': request.user.username,
            'email': request.user.email,
        }
--- a/passbook/audit/init.py
+++ b/passbook/audit/init.py
@ -1,2 +1,2 @@
 """passbook audit Header"""
-__version__ = '0.0.2-alpha'
+__version__ = '0.1.13-beta'
--- a/passbook/audit/migrations/0001_initial.py
+++ b/passbook/audit/migrations/0001_initial.py
@ -1,4 +1,4 @@
-# Generated by Django 2.1.3 on 2018-11-25 10:39
+# Generated by Django 2.1.7 on 2019-02-16 09:13
 import uuid
@ -20,13 +20,32 @@ class Migration(migrations.Migration):
            name='AuditEntry',
            fields=[
                ('uuid', models.UUIDField(default=uuid.uuid4, editable=False, primary_key=True, serialize=False)),
-                ('action', models.TextField()),
+                ('action', models.TextField(choices=[('login', 'login'), ('login_failed', 'login_failed'), ('logout', 'logout'), ('authorize_application', 'authorize_application'), ('suspicious_request', 'suspicious_request'), ('sign_up', 'sign_up'), ('password_reset', 'password_reset'), ('invitation_created', 'invitation_created'), ('invitation_used', 'invitation_used')])),
                ('date', models.DateTimeField(auto_now_add=True)),
                ('app', models.TextField()),
                ('_context', models.TextField()),
                ('request_ip', models.GenericIPAddressField()),
                ('created', models.DateTimeField(auto_now_add=True)),
                ('user', models.ForeignKey(null=True, on_delete=django.db.models.deletion.SET_NULL, to=settings.AUTH_USER_MODEL)),
            ],
            options={
-                'abstract': False,
+                'verbose_name': 'Audit Entry',
                'verbose_name_plural': 'Audit Entries',
            },
        ),
        migrations.CreateModel(
            name='LoginAttempt',
            fields=[
                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
                ('created', models.DateField(auto_now_add=True)),
                ('last_updated', models.DateTimeField(auto_now=True)),
                ('target_uid', models.CharField(max_length=254)),
                ('request_ip', models.GenericIPAddressField()),
                ('attempts', models.IntegerField(default=1)),
            ],
        ),
        migrations.AlterUniqueTogether(
            name='loginattempt',
            unique_together={('target_uid', 'request_ip', 'created')},
        ),
    ]
--- a/passbook/audit/migrations/0002_auto_20181210_1039.py
+++ b/passbook/audit/migrations/0002_auto_20181210_1039.py
@ -1,30 +0,0 @@
 # Generated by Django 2.1.4 on 2018-12-10 10:39
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('passbook_audit', '0001_initial'),
    ]
    operations = [
        migrations.AddField(
            model_name='auditentry',
            name='context',
            field=models.TextField(default=''),
            preserve_default=False,
        ),
        migrations.AddField(
            model_name='auditentry',
            name='request_ip',
            field=models.GenericIPAddressField(default=''),
            preserve_default=False,
        ),
        migrations.AlterField(
            model_name='auditentry',
            name='action',
            field=models.TextField(choices=[('login', 'login'), ('login_failed', 'login_failed'), ('logout', 'logout'), ('authorize_application', 'authorize_application'), ('suspicious_request', 'suspicious_request'), ('sign_up', 'sign_up'), ('password_reset', 'password_reset')]),
        ),
    ]
--- a/passbook/audit/migrations/0002_auto_20190221_1201.py
+++ b/passbook/audit/migrations/0002_auto_20190221_1201.py
@ -0,0 +1,18 @@
 # Generated by Django 2.1.7 on 2019-02-21 12:01
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('passbook_audit', '0001_initial'),
    ]
    operations = [
        migrations.AlterField(
            model_name='loginattempt',
            name='created',
            field=models.DateTimeField(auto_now_add=True),
        ),
    ]
--- a/passbook/audit/migrations/0003_auto_20181210_1213.py
+++ b/passbook/audit/migrations/0003_auto_20181210_1213.py
@ -1,27 +0,0 @@
 # Generated by Django 2.1.4 on 2018-12-10 12:13
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('passbook_audit', '0002_auto_20181210_1039'),
    ]
    operations = [
        migrations.AlterModelOptions(
            name='auditentry',
            options={'verbose_name': 'Audit Entry', 'verbose_name_plural': 'Audit Entries'},
        ),
        migrations.RenameField(
            model_name='auditentry',
            old_name='context',
            new_name='_context',
        ),
        migrations.AlterField(
            model_name='auditentry',
            name='action',
            field=models.TextField(choices=[('login', 'login'), ('login_failed', 'login_failed'), ('logout', 'logout'), ('authorize_application', 'authorize_application'), ('suspicious_request', 'suspicious_request'), ('sign_up', 'sign_up'), ('password_reset', 'password_reset'), ('invitation_used', 'invitation_used')]),
        ),
    ]
--- a/passbook/audit/migrations/0003_auto_20190221_1240.py
+++ b/passbook/audit/migrations/0003_auto_20190221_1240.py
@ -0,0 +1,23 @@
 # Generated by Django 2.1.7 on 2019-02-21 12:40
 import django.contrib.postgres.fields.jsonb
 from django.db import migrations
 class Migration(migrations.Migration):
    dependencies = [
        ('passbook_audit', '0002_auto_20190221_1201'),
    ]
    operations = [
        migrations.RemoveField(
            model_name='auditentry',
            name='_context',
        ),
        migrations.AddField(
            model_name='auditentry',
            name='context',
            field=django.contrib.postgres.fields.jsonb.JSONField(blank=True, default=dict),
        ),
    ]
--- a/passbook/audit/migrations/0004_auto_20181210_1348.py
+++ b/passbook/audit/migrations/0004_auto_20181210_1348.py
@ -1,18 +0,0 @@
 # Generated by Django 2.1.4 on 2018-12-10 13:48
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('passbook_audit', '0003_auto_20181210_1213'),
    ]
    operations = [
        migrations.AlterField(
            model_name='auditentry',
            name='action',
            field=models.TextField(choices=[('login', 'login'), ('login_failed', 'login_failed'), ('logout', 'logout'), ('authorize_application', 'authorize_application'), ('suspicious_request', 'suspicious_request'), ('sign_up', 'sign_up'), ('password_reset', 'password_reset'), ('invitation_created', 'invitation_created'), ('invitation_used', 'invitation_used')]),
        ),
    ]
--- a/passbook/audit/migrations/0004_delete_loginattempt.py
+++ b/passbook/audit/migrations/0004_delete_loginattempt.py
@ -0,0 +1,16 @@
 # Generated by Django 2.1.7 on 2019-03-08 14:53
 from django.db import migrations
 class Migration(migrations.Migration):
    dependencies = [
        ('passbook_audit', '0003_auto_20190221_1240'),
    ]
    operations = [
        migrations.DeleteModel(
            name='LoginAttempt',
        ),
    ]
--- a/passbook/audit/migrations/0005_auditentry_created.py
+++ b/passbook/audit/migrations/0005_auditentry_created.py
@ -1,20 +0,0 @@
 # Generated by Django 2.1.4 on 2018-12-11 15:00
 import django.utils.timezone
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('passbook_audit', '0004_auto_20181210_1348'),
    ]
    operations = [
        migrations.AddField(
            model_name='auditentry',
            name='created',
            field=models.DateTimeField(auto_now_add=True, default=django.utils.timezone.now),
            preserve_default=False,
        ),
    ]
--- a/passbook/audit/migrations/0006_auto_20181218_1252.py
+++ b/passbook/audit/migrations/0006_auto_20181218_1252.py
@ -1,28 +0,0 @@
 # Generated by Django 2.1.4 on 2018-12-18 12:52
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('passbook_audit', '0005_auditentry_created'),
    ]
    operations = [
        migrations.CreateModel(
            name='LoginAttempt',
            fields=[
                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
                ('created', models.DateField(auto_now_add=True)),
                ('last_updated', models.DateTimeField(auto_now=True)),
                ('target_uid', models.CharField(max_length=254)),
                ('request_ip', models.GenericIPAddressField()),
                ('attempts', models.IntegerField(default=1)),
            ],
        ),
        migrations.AlterUniqueTogether(
            name='loginattempt',
            unique_together={('target_uid', 'request_ip', 'created')},
        ),
    ]
--- a/passbook/audit/models.py
+++ b/passbook/audit/models.py
@ -1,22 +1,18 @@
 """passbook audit models"""
 from datetime import timedelta
 from json import dumps, loads
 from logging import getLogger
 from django.conf import settings
 from django.contrib.auth.models import AnonymousUser
 from django.contrib.postgres.fields import JSONField
 from django.core.exceptions import ValidationError
 from django.db import models
 from django.utils import timezone
 from django.utils.translation import gettext as _
 from ipware import get_client_ip
 from reversion import register
-from passbook.lib.models import CreatedUpdatedModel, UUIDModel
+from passbook.lib.models import UUIDModel
 LOGGER = getLogger(__name__)
@register()
 class AuditEntry(UUIDModel):
    """An individual audit log entry"""
@ -45,23 +41,18 @@ class AuditEntry(UUIDModel):
    action = models.TextField(choices=ACTIONS)
    date = models.DateTimeField(auto_now_add=True)
    app = models.TextField()
-    _context = models.TextField()
+    context = JSONField(default=dict, blank=True)
    _context_cache = None
    request_ip = models.GenericIPAddressField()
    created = models.DateTimeField(auto_now_add=True)
    @property
    def context(self):
        """Load context data and load json"""
        if not self._context_cache:
            self._context_cache = loads(self._context)
        return self._context_cache
    @staticmethod
    def create(action, request, **kwargs):
        """Create AuditEntry from arguments"""
        client_ip, _ = get_client_ip(request)
-        user = request.user
+        if not hasattr(request, 'user'):
            user = None
        else:
            user = request.user
        if isinstance(user, AnonymousUser):
            user = kwargs.get('user', None)
        entry = AuditEntry.objects.create(
@ -69,8 +60,8 @@ class AuditEntry(UUIDModel):
            user=user,
            # User 255.255.255.255 as fallback if IP cannot be determined
            request_ip=client_ip or '255.255.255.255',
-            _context=dumps(kwargs))
+            context=kwargs)
-        LOGGER.debug("Logged %s from %s (%s)", action, request.user, client_ip)
+        LOGGER.debug("Logged %s from %s (%s)", action, user, client_ip)
        return entry
    def save(self, *args, **kwargs):
@ -82,41 +73,3 @@ class AuditEntry(UUIDModel):
        verbose_name = _('Audit Entry')
        verbose_name_plural = _('Audit Entries')
 class LoginAttempt(CreatedUpdatedModel):
    """Track failed login-attempts"""
    target_uid = models.CharField(max_length=254)
    request_ip = models.GenericIPAddressField()
    attempts = models.IntegerField(default=1)
    @staticmethod
    def attempt(target_uid, request):
        """Helper function to create attempt or count up existing one"""
        client_ip, _ = get_client_ip(request)
        # Since we can only use 254 chars for target_uid, truncate target_uid.
        target_uid = target_uid[:254]
        time_threshold = timezone.now() - timedelta(minutes=10)
        existing_attempts = LoginAttempt.objects.filter(
            target_uid=target_uid,
            request_ip=client_ip,
            last_updated__gt=time_threshold).order_by('created')
        if existing_attempts.exists():
            attempt = existing_attempts.first()
            attempt.attempts += 1
            attempt.save()
            LOGGER.debug("Increased attempts on %s", attempt)
        else:
            attempt = LoginAttempt.objects.create(
                target_uid=target_uid,
                request_ip=client_ip)
            LOGGER.debug("Created new attempt %s", attempt)
    def __str__(self):
        return "LoginAttempt to %s from %s (x%d)" % (self.target_uid,
                                                     self.request_ip, self.attempts)
    class Meta:
        unique_together = (('target_uid', 'request_ip', 'created'),)
--- a/passbook/audit/requirements.txt
+++ b/passbook/audit/requirements.txt
@ -1 +0,0 @@
 django-ipware
--- a/passbook/audit/signals.py
+++ b/passbook/audit/signals.py
@ -1,9 +1,8 @@
 """passbook audit signal listener"""
-from django.contrib.auth.signals import (user_logged_in, user_logged_out,
+from django.contrib.auth.signals import user_logged_in, user_logged_out
                                         user_login_failed)
 from django.dispatch import receiver
-from passbook.audit.models import AuditEntry, LoginAttempt
+from passbook.audit.models import AuditEntry
 from passbook.core.signals import (invitation_created, invitation_used,
                                   user_signed_up)
@ -34,8 +33,3 @@ def on_invitation_used(sender, request, invitation, **kwargs):
    """Log Invitation usage"""
    AuditEntry.create(AuditEntry.ACTION_INVITE_USED, request,
                      invitation_uuid=invitation.uuid.hex)
@receiver(user_login_failed)
 def on_user_login_failed(sender, request, credentials, **kwargs):
    """Log failed login attempt"""
    LoginAttempt.attempt(target_uid=credentials.get('username'), request=request)
--- a/passbook/captcha_factor/init.py
+++ b/passbook/captcha_factor/init.py
@ -1,2 +1,2 @@
 """passbook captcha_factor Header"""
-__version__ = '0.0.2-alpha'
+__version__ = '0.1.13-beta'
--- a/passbook/captcha_factor/factor.py
+++ b/passbook/captcha_factor/factor.py
@ -13,3 +13,10 @@ class CaptchaFactor(FormView, AuthenticationFactor):
    def form_valid(self, form):
        return self.authenticator.user_ok()
    def get_form(self, form_class=None):
        form = CaptchaForm(**self.get_form_kwargs())
        form.fields['captcha'].public_key = '6Lfi1w8TAAAAAELH-YiWp0OFItmMzvjGmw2xkvUN'
        form.fields['captcha'].private_key = '6Lfi1w8TAAAAAMQI3f86tGMvd1QkcqqVQyBWI23D'
        form.fields['captcha'].widget.attrs["data-sitekey"] = form.fields['captcha'].public_key
        return form
--- a/passbook/captcha_factor/forms.py
+++ b/passbook/captcha_factor/forms.py
@ -2,8 +2,25 @@
 from captcha.fields import ReCaptchaField
 from django import forms
 from passbook.captcha_factor.models import CaptchaFactor
 from passbook.core.forms.factors import GENERAL_FIELDS
 class CaptchaForm(forms.Form):
    """passbook captcha factor form"""
    captcha = ReCaptchaField()
 class CaptchaFactorForm(forms.ModelForm):
    """Form to edit CaptchaFactor Instance"""
    class Meta:
        model = CaptchaFactor
        fields = GENERAL_FIELDS + ['public_key', 'private_key']
        widgets = {
            'name': forms.TextInput(),
            'order': forms.NumberInput(),
            'public_key': forms.TextInput(),
            'private_key': forms.TextInput(),
        }
--- a/passbook/captcha_factor/migrations/0001_initial.py
+++ b/passbook/captcha_factor/migrations/0001_initial.py
@ -0,0 +1,29 @@
 # Generated by Django 2.1.7 on 2019-02-24 21:35
 import django.db.models.deletion
 from django.db import migrations, models
 class Migration(migrations.Migration):
    initial = True
    dependencies = [
        ('passbook_core', '0010_auto_20190224_1016'),
    ]
    operations = [
        migrations.CreateModel(
            name='CaptchaFactor',
            fields=[
                ('factor_ptr', models.OneToOneField(auto_created=True, on_delete=django.db.models.deletion.CASCADE, parent_link=True, primary_key=True, serialize=False, to='passbook_core.Factor')),
                ('public_key', models.TextField()),
                ('private_key', models.TextField()),
            ],
            options={
                'verbose_name': 'Captcha Factor',
                'verbose_name_plural': 'Captcha Factors',
            },
            bases=('passbook_core.factor',),
        ),
    ]
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Jens Langhammer	e6376a05f7	bump version: 0.1.12-beta -> 0.1.13-beta	2019-03-11 11:31:12 +01:00
Jens Langhammer	1f45aff7ad	prepare 0.1.13	2019-03-11 11:31:06 +01:00
Jens Langhammer	e1f1f617b6	fix UserChangePasswordView not requiring Login	2019-03-11 11:25:59 +01:00
Jens Langhammer	2690675dca	allow custom email server for helm installs	2019-03-11 11:03:25 +01:00
Jens Langhammer	7529b51358	Fix DoesNotExist error when running PolicyEngine against None user	2019-03-11 10:52:50 +01:00
Jens Langhammer	c394066d99	bump version: 0.1.11-beta -> 0.1.12-beta	2019-03-11 09:51:00 +01:00
Jens Langhammer	9c585032ef	prepare 0.1.12-beta	2019-03-11 09:50:57 +01:00
Jens Langhammer	d408031304	fix OAuth Authorization View not requiring authentication	2019-03-11 09:48:36 +01:00
Jens Langhammer	c47bc11ec0	disable automatic k8s deployment for now	2019-03-11 09:47:06 +01:00
Jens Langhammer	1deb094afe	install updated helm release from local folder	2019-03-10 21:47:22 +01:00
Jens Langhammer	501fed1922	rewrite PasswordFactor to use backends setting instead of trying all backends	2019-03-10 21:47:08 +01:00
Jens Langhammer	ad8125ac1c	bump version: 0.1.10-beta -> 0.1.11-beta	2019-03-10 19:56:30 +01:00
Jens Langhammer	b42a551fb2	prepare 0.1.11	2019-03-10 19:56:27 +01:00
Jens Langhammer	3256be23df	Merge branch '23-groups' into 'master' Resolve "Group Management" Closes #23 See merge request BeryJu.org/passbook!9	2019-03-10 18:49:01 +00:00
Jens Langhammer	f7c0c0146a	add LDAP Group Membership Policy	2019-03-10 19:45:16 +01:00
Jens Langhammer	e4baf8c21e	Add Group Member policy	2019-03-10 19:32:18 +01:00
Jens Langhammer	364f040b36	always use FilteredSelectMultiple for many-to-many fields	2019-03-10 18:34:09 +01:00
Jens Langhammer	2b8c2b2346	use Django's Admin FilteredSelectMultiple for Group Membership	2019-03-10 18:06:06 +01:00
Jens Langhammer	5f861189e4	Merge branch 'master' into 23-groups # Conflicts: # passbook/admin/templates/administration/base.html	2019-03-10 17:13:29 +01:00
Jens Langhammer	5e11b6687e	automatically deploy after release	2019-03-10 17:08:33 +01:00
Jens Langhammer	c4b429825d	fix helm labels being on deployments and not pods	2019-03-10 16:39:41 +01:00
Jens Langhammer	eebbae0677	bump version: 0.1.9-beta -> 0.1.10-beta	2019-03-10 15:54:50 +01:00
Jens Langhammer	42b30f4507	prepare 0.1.10 release	2019-03-10 15:53:38 +01:00
Jens Langhammer	0e425418df	better show loading state when testing a policy	2019-03-10 15:46:49 +01:00
Jens Langhammer	7fe0300b86	Fix button on policy test page	2019-03-10 15:36:49 +01:00
Jens Langhammer	c012c6be5c	fix k8s service routing http traffic to workers	2019-03-10 15:34:24 +01:00
Jens Langhammer	a5dc193cfd	bump version: 0.1.8-beta -> 0.1.9-beta	2019-03-10 12:17:48 +01:00
Jens Langhammer	7507ad2620	Merge branch '24-impersonate' into 'master' Resolve "Impersonate user" Closes #24 See merge request BeryJu.org/passbook!11	2019-03-10 01:47:29 +00:00
Jens Langhammer	f1291fec8d	add impersonation middleware, add to templates	2019-03-10 02:41:31 +01:00
Jens Langhammer	37aeeea239	slightly refactor Factor View, add more unittests	2019-03-10 02:08:09 +01:00
Jens Langhammer	0fa1fc86da	add more Verbosity to PolicyEngine, rewrite SAML Authorisation check	2019-03-10 02:07:48 +01:00
Jens Langhammer	c3034ab9ac	consistently using PolicyEngine	2019-03-10 02:07:18 +01:00
Jens Langhammer	76694e037a	bump version: 0.1.7-beta -> 0.1.8-beta	2019-03-08 21:43:35 +01:00
Jens Langhammer	787db41cc3	prepare for 0.1.7	2019-03-08 21:43:33 +01:00
Jens Langhammer	74da3df7cd	bump version: 0.1.6-beta -> 0.1.7-beta	2019-03-08 21:37:59 +01:00
Jens Langhammer	a6e435bd70	prepare debian changelog for 0.1.6	2019-03-08 21:37:55 +01:00
Jens Langhammer	c313b496aa	Improve access control for saml	2019-03-08 21:30:16 +01:00
Jens Langhammer	a7eaa74191	fix MATCH_EXACT not working as intended	2019-03-08 21:20:38 +01:00
Jens Langhammer	11ecdc4fcf	bump version: 0.1.5-beta -> 0.1.6-beta	2019-03-08 20:39:27 +01:00
Jens Langhammer	2f7781b67a	fix captcha factor not loading keys from Factor class	2019-03-08 20:08:28 +01:00
Jens Langhammer	296d4f691a	add passing property to PolicyEngine	2019-03-08 19:49:53 +01:00
Jens Langhammer	64033031b1	remove audit's login attempt	2019-03-08 19:45:50 +01:00
Jens Langhammer	9daff7608d	fix password not getting set on user import	2019-03-08 19:45:41 +01:00
Jens Langhammer	0a4af80b9b	fix static files missing for debian package	2019-03-08 16:41:52 +01:00
Jens Langhammer	a54adb05c4	bump version: 0.1.4-beta -> 0.1.5-beta	2019-03-08 16:03:52 +01:00
Jens Langhammer	43a389e596	Merge branch '22-custom-property-mapping' into 'master' Resolve "Custom Property Mapping" Closes #22 See merge request BeryJu.org/passbook!8	2019-03-08 15:03:08 +00:00
Jens Langhammer	2d7e8f1b50	add group administration	2019-03-08 15:49:45 +01:00
Jens Langhammer	cf11f6b121	format data before inserting it	2019-03-08 15:16:25 +01:00
Jens Langhammer	6dcdf7bcce	add custom DynamicArrayField to better handle arrays	2019-03-08 15:11:01 +01:00
Jens Langhammer	56d872af15	add PropertyMapping Model, add Subclass for SAML, test with AWS	2019-03-08 12:47:50 +01:00
Jens Langhammer	ca663d16fc	fix debian build (again)	2019-03-07 20:58:18 +01:00
Jens Langhammer	e05c18b19b	implicitly add kubernetes-healthcheck-host in helm configmap	2019-03-07 17:11:55 +01:00
Jens Langhammer	a7b86e46bc	bump version: 0.1.3-beta -> 0.1.4-beta	2019-03-07 16:24:09 +01:00
Jens Langhammer	84f56674c2	prepare 0.1.4	2019-03-07 16:24:07 +01:00
Jens Langhammer	02ab177c6d	install python3-venv for debian build	2019-03-07 16:23:42 +01:00
Jens Langhammer	1232c487e9	bump version: 0.1.2-beta -> 0.1.3-beta	2019-03-07 16:13:05 +01:00
Jens Langhammer	ef0a2bfbe8	Merge branch '11-debian-packaging' into 'master' add debian package files Closes #11 See merge request BeryJu.org/passbook!7	2019-03-07 15:06:33 +00:00
Jens Langhammer	05242a11ad	add debian package files	2019-03-07 16:01:31 +01:00
Jens Langhammer	4593ad7bcc	load AWS processor by default on helm	2019-03-07 14:49:06 +01:00
Jens Langhammer	d7fd5a7fa6	Fix redis dependency being too old	2019-03-07 14:39:00 +01:00
Jens Langhammer	4439378fd4	bump version: 0.1.1-beta -> 0.1.2-beta	2019-03-07 14:14:51 +01:00
Jens Langhammer	acf65eafdd	make naming of Providers more consistent	2019-03-07 14:14:49 +01:00
Jens Langhammer	c2ebff55ef	fix IDP-initiated login not working	2019-03-07 14:10:06 +01:00
Jens Langhammer	99c82676b6	Add some more failsafe for administration	2019-03-07 14:09:52 +01:00
Jens Langhammer	4991e9b825	Merge branch '1-suspicious-request' into 'master' fix broken E-Mail templatetag Closes #1 See merge request BeryJu.org/passbook!5	2019-03-03 20:18:23 +00:00
Jens Langhammer	612f95c3ba	fix broken E-Mail templatetag	2019-03-03 21:05:17 +01:00
Jens Langhammer	cd91d5ca15	Merge branch '1-suspicious-request' into 'master' Resolve "Suspicious request detector (many invalid logins from one IP, many attempts on one username, etc)" Closes #1 See merge request BeryJu.org/passbook!3	2019-03-03 20:04:56 +00:00
Jens Langhammer	cbbbb5dc08	Merge branch '20-sentry' into 'master' Resolve "Sentry Error Tracking" Closes #20 See merge request BeryJu.org/passbook!4	2019-03-03 19:58:18 +00:00
Jens Langhammer	c1640b9411	fix prospector/isort errors	2019-03-03 20:54:23 +01:00
Jens Langhammer	a4842c1f95	add sentry configuration	2019-03-03 20:48:31 +01:00
Jens Langhammer	a4707ddc54	fix failing unittests	2019-03-03 20:34:00 +01:00
Jens Langhammer	fb82d56307	create suspicious request detector and policy, add request to policy engine	2019-03-03 20:26:25 +01:00
Jens Langhammer	1a1005f80d	remove audit's LoginAttempt	2019-03-03 20:13:54 +01:00
Jens Langhammer	e86cae6cac	Merge branch '18-password-expiry' into 'master' Resolve "Password Expiry" Closes #18 See merge request BeryJu.org/passbook!2	2019-03-03 16:53:31 +00:00
Jens Langhammer	0b282f45e0	fix pylint messages	2019-03-03 17:45:20 +01:00
Jens Langhammer	791e88ffc1	Fix negate on FieldMatcherPolicy	2019-03-03 17:21:58 +01:00
Jens Langhammer	7bd3c4bccf	Better handle Policy.action and Policy.negate	2019-03-03 17:12:53 +01:00
Jens Langhammer	722e2e4050	Show warning when un-attached policies exist	2019-03-03 17:12:35 +01:00
Jens Langhammer	c7fc444c95	add password policy	2019-03-03 17:12:05 +01:00
Jens Langhammer	20ad062814	Log SAML Authorization actions	2019-03-03 00:34:34 +01:00
Jens Langhammer	fcb5d36e07	cleanup SAML urls	2019-03-03 00:07:40 +01:00
Jens Langhammer	9b131b619f	Show warning message when no Factor exists	2019-03-02 23:54:40 +01:00
Jens Langhammer	54427f7c68	use HTML5 autocomplete values to better handle password managers	2019-03-02 23:19:58 +01:00
Jens Langhammer	35eef9c28d	improve worker warning	2019-03-02 22:41:25 +01:00
Jens Langhammer	e88a82553d	use separate Form for Admin user editing (allow is_staff and is_active)	2019-03-02 22:41:14 +01:00
Jens Langhammer	01a9520140	add import_users script to import users from CSV with already hashed passwords	2019-03-02 22:40:47 +01:00
Jens Langhammer	46667615c3	switch releases to beta	2019-02-27 17:47:41 +01:00
Jens Langhammer	c6721a83a4	bump version: 0.1.1-alpha -> 0.1.1-beta	2019-02-27 17:45:10 +01:00
Jens Langhammer	46866e8ef0	bump version: 0.1.0-beta -> 0.1.1-alpha	2019-02-27 17:43:28 +01:00
Jens Langhammer	4a49681127	Fix docker build failing	2019-02-27 17:43:24 +01:00
Jens Langhammer	4c3fced4e9	bump version: 0.1.0-alpha -> 0.1.0-beta	2019-02-27 16:45:52 +01:00
Jens Langhammer	172347d90f	bump version: 0.0.13-alpha -> 0.1.0-alpha	2019-02-27 16:42:52 +01:00
Jens Langhammer	f54520b5cf	bump version: 0.0.12-alpha -> 0.0.13-alpha	2019-02-27 16:06:28 +01:00
Jens Langhammer	d7c4697625	Only use one create template, get title from Form's Model	2019-02-27 16:06:20 +01:00
Jens Langhammer	5584f5bda8	switch to PolicyEngine everywhere	2019-02-27 15:49:20 +01:00
Jens Langhammer	2ce6f5a714	improve error display on forms	2019-02-27 15:49:05 +01:00
Jens Langhammer	c66945623a	Improve admin interface more (back links, better headlines)	2019-02-27 15:48:33 +01:00
Jens Langhammer	cbae05c74c	show more useful information on admin overview	2019-02-27 15:45:42 +01:00
Jens Langhammer	5b771da972	switch from first_name and last_name to name	2019-02-27 15:09:05 +01:00
Jens Langhammer	2db1738e4a	make Admin UI more consistent, better show when provider has no application assigned	2019-02-27 14:47:11 +01:00
Jens Langhammer	95de6a14fd	bump version: 0.0.11-alpha -> 0.0.12-alpha	2019-02-27 13:18:28 +01:00
Jens Langhammer	17132ebc19	Verify OAuth Username vuln and fix closes #9	2019-02-27 13:18:16 +01:00
Jens Langhammer	289be46388	fix SAML Views not having LoginRequiredMixin	2019-02-27 12:36:18 +01:00
Jens Langhammer	6c300b7b31	autofocus password field	2019-02-27 12:35:57 +01:00
Jens Langhammer	b726583084	Keep GET parameters throughout entire login process	2019-02-27 12:35:48 +01:00
Jens Langhammer	48055d1cfd	fix CSRF Bug in SAML	2019-02-27 11:20:52 +01:00
Jens Langhammer	436070f5bd	fix redis connection issues in k8s	2019-02-27 09:59:01 +01:00
Jens Langhammer	3ee79818db	explicit version in helm values	2019-02-27 09:33:26 +01:00
Jens Langhammer	e7a02104db	fix display on mobile	2019-02-27 09:33:12 +01:00
Jens Langhammer	556740d7bc	add PasswordPolicyForm back in	2019-02-26 15:41:11 +01:00
Jens Langhammer	421f51770c	implement password policy checking on signup and password change closes #8	2019-02-26 15:40:58 +01:00
Jens Langhammer	96f7e70f9e	enable always_eager when unittesting	2019-02-26 14:24:50 +01:00
Jens Langhammer	ad96f7dbb8	add E-Mail support via celery task, untested, closes #17	2019-02-26 14:10:53 +01:00
Jens Langhammer	e7fb48eba2	bump version: 0.0.10-alpha -> 0.0.11-alpha	2019-02-26 13:06:26 +01:00
Jens Langhammer	b19b5b644d	remove hardcoded passwords	2019-02-26 13:06:22 +01:00
Jens Langhammer	250b6691d4	bump version: 0.0.9-alpha -> 0.0.10-alpha	2019-02-26 12:44:02 +01:00
Jens Langhammer	e3b02a6e78	fix isort/pylint issues	2019-02-26 12:43:59 +01:00
Jens Langhammer	e94ef34d8f	bump version: 0.0.8-alpha -> 0.0.9-alpha	2019-02-26 12:35:28 +01:00
Jens Langhammer	49e945307a	Re-enable OTP Disable View	2019-02-26 12:35:24 +01:00
Jens Langhammer	edfe0e5450	fix broken Docker build and helm package	2019-02-26 12:34:51 +01:00
Jens Langhammer	06b65a7882	add unittests, woo	2019-02-26 10:57:05 +01:00
Jens Langhammer	ff9bc8aa70	Automatically create PasswordFactor on initial setup closes #16	2019-02-26 09:54:51 +01:00
Jens Langhammer	28da67abe6	Improve partially broken Delete Views, show success message on deletion	2019-02-26 09:49:42 +01:00
Jens Langhammer	39d9fe9bf0	add passbook.pretend to use passbook in applications which don't support generic OAuth	2019-02-26 09:10:37 +01:00
Jens Langhammer	750117b0fd	Cleanup templates, handle OAuth Provider without application better	2019-02-26 09:09:19 +01:00
Jens Langhammer	983462f80d	user/ -> _/user/ to prevent duplicate URLs	2019-02-26 09:08:49 +01:00
Jens Langhammer	4ae31d409b	directly use paths instead of including oauth2_provider's	2019-02-26 09:08:22 +01:00
Jens Langhammer	98b414f3e2	add SignUp Confirmation (required by default, can be disabled in invitations) closes #6	2019-02-25 21:03:24 +01:00
Jens Langhammer	a0d42092e3	add Nonce (one-time links), add password reset function (missing e-mail verification), closes #7	2019-02-25 20:46:23 +01:00
Jens Langhammer	f2569b6424	improve placeholder on login template	2019-02-25 19:43:33 +01:00
Jens Langhammer	9d344d887c	add more information to administrator Overview	2019-02-25 17:52:51 +01:00
Jens Langhammer	7e9154a0ea	bump version: 0.0.7-alpha -> 0.0.8-alpha	2019-02-25 17:39:39 +01:00
Jens Langhammer	e0ef061771	fix pylint errors....	2019-02-25 17:32:52 +01:00
Jens Langhammer	b8694a7ade	fix bandit error (SHA1 has to be used)	2019-02-25 17:23:42 +01:00
Jens Langhammer	10d6a30f2c	add experimental HaveIBeenPwned Password Policy	2019-02-25 17:21:56 +01:00
Jens Langhammer	8c94aef6d0	add stub test so coverage doesn't crash	2019-02-25 17:21:06 +01:00
Jens Langhammer	19bd3bfffb	fix allauth imports	2019-02-25 17:20:53 +01:00
Jens Langhammer	8611ac624c	Make links on admin overview site actually useful	2019-02-25 17:11:52 +01:00
Jens Langhammer	fa93b59a8c	switch to toast notifications everywhere	2019-02-25 16:41:53 +01:00
Jens Langhammer	8b66b40f0d	move forgot password to PasswordFactor	2019-02-25 16:41:33 +01:00
Jens Langhammer	c2756f15fc	Correctly display action on Create/Update templates	2019-02-25 16:40:46 +01:00
Jens Langhammer	408e205c5f	add signal for password change, add field for password policies	2019-02-25 15:41:36 +01:00
Jens Langhammer	5f3ab49535	fix bug when Empty username is given to LoginAttempt.attempt	2019-02-25 14:10:29 +01:00
Jens Langhammer	33431ae013	improve OAuth Source Setup process, fix login template, closes #3	2019-02-25 14:10:10 +01:00
Jens Langhammer	b40ac6dc5d	more Icons cause everyone loves icons	2019-02-25 13:31:11 +01:00
Jens Langhammer	fec9b5cf94	bump version: 0.0.6-alpha -> 0.0.7-alpha	2019-02-25 13:20:12 +01:00
Jens Langhammer	986fed3e7c	add hook for Factors to show user settings. closes #5	2019-02-25 13:20:07 +01:00
Jens Langhammer	da5568b571	cleanup, fix Permission Denied when Cancelling login, fix display of messages on login template	2019-02-25 13:02:50 +01:00
Jens Langhammer	07f5dce97a	remove todo file	2019-02-25 12:31:27 +01:00
Jens Langhammer	bb81bb5a8d	totp => otp, integrate with factors, new setup form	2019-02-25 12:29:40 +01:00
Jens Langhammer	9c2cfd7db4	use Inheritance for Factors instead of JSONField	2019-02-24 22:39:09 +01:00
Jens Langhammer	292fbecca0	add password change view	2019-02-23 20:56:41 +01:00
Jens Langhammer	e5a405bf43	Register applications with Branded name for UI Dropdown	2019-02-23 20:42:14 +01:00
Jens Langhammer	66c0fc9d9a	Move factor base template to form_with_user	2019-02-23 20:41:43 +01:00
Jens Langhammer	5fa8711bfa	change hostname to localhost for k8s CI	2019-02-21 17:04:46 +01:00
Jens Langhammer	dd9cd7aa0c	automatically fill slug field while typing	2019-02-21 17:01:12 +01:00
Jens Langhammer	8bc8765035	use postgres service for CI	2019-02-21 16:50:36 +01:00
Jens Langhammer	b7ac4f1dd2	add psycopg2 as dependency	2019-02-21 16:30:56 +01:00
Jens Langhammer	183308e444	fix Contains not working correctly	2019-02-21 16:21:45 +01:00
Jens Langhammer	c941107d42	Rules -> Policies, more things	2019-02-21 16:06:57 +01:00
Jens Langhammer	d3d75737ed	switch to drf_yasg	2019-02-21 16:05:59 +01:00
Jens Langhammer	458decfbb3	add prospector config	2019-02-21 16:00:39 +01:00
Jens Langhammer	7601351f51	add help texts to explain naming	2019-02-16 11:25:53 +01:00
Jens Langhammer	df45797b4a	fix inconsistent naming again	2019-02-16 11:13:00 +01:00
Jens Langhammer	744a320731	fix inconsistent naming	2019-02-16 10:59:23 +01:00
Jens Langhammer	89722336e3	fix duplicate Class naming	2019-02-16 10:54:15 +01:00
Jens Langhammer	d6f4832e90	Rule -> Policies	2019-02-16 10:24:31 +01:00
Jens Langhammer	d32699b332	remove reversion	2019-02-16 09:53:32 +01:00
Jens Langhammer	59a15c988f	Move Factor instances to database	2019-02-16 09:52:37 +01:00
Jens Langhammer	57e5996513	Fix Docker Image having messed up static files	2019-02-14 16:31:40 +01:00
Jens Langhammer	6649eb401e	bump version: 0.0.5-alpha -> 0.0.6-alpha	2019-02-13 16:41:59 +01:00
Jens Langhammer	b657d7319d	fix failing docker build and failing helm packaging	2019-02-13 16:41:51 +01:00
Jens Langhammer	a9d29067bf	bump version: 0.0.4-alpha -> 0.0.5-alpha	2019-02-11 18:01:45 +01:00
Jens Langhammer	b7791f3b9a	use build image in docker to generate static files	2019-02-11 18:01:29 +01:00
Jens Langhammer	9161a6e41d	initialize helm properly, include built static files	2019-02-11 17:58:25 +01:00
Jens Langhammer	b4cb157257	bump version: 0.0.3-alpha -> 0.0.4-alpha	2019-02-11 17:44:42 +01:00
Jens Langhammer	d9ccbdd962	fix bumpversion typo	2019-02-11 17:44:40 +01:00
Jens Langhammer	d5ab20ee12	fix coverage failing	2019-02-11 17:36:36 +01:00
Jens Langhammer	0e73702fca	add PasswordPolicyRule (not used yet)	2019-02-10 20:09:47 +01:00
Jens Langhammer	58ebd15ada	fix mismatched Version numbers and missing verbose_names	2019-02-10 20:08:29 +01:00
Jens Langhammer	1a998e5020	bump version: 0.0.2-alpha -> 0.0.3-alpha	2019-02-08 15:19:31 +01:00
Jens Langhammer	d8eb926a76	fix migration import order	2019-02-08 15:19:29 +01:00
`@ -1,2 +1,2 @@`
	`"""passbook"""`	`"""passbook"""`
	`__version__ = '0.0.2-alpha'`	`__version__ = '0.1.13-beta'`
`@ -1,2 +1,2 @@`
	`"""passbook admin"""`	`"""passbook admin"""`
	`__version__ = '0.0.2-alpha'`	`__version__ = '0.1.13-beta'`
`@ -1,2 +1,2 @@`
	`django-rest-framework`	`django-rest-framework`
	`django-rest-swagger`	`drf_yasg`
`@ -1,2 +1,2 @@`
	`"""passbook api"""`	`"""passbook api"""`
	`__version__ = '0.0.1-alpha'`	`__version__ = '0.1.13-beta'`
`@ -1,2 +1,2 @@`
	`"""passbook audit Header"""`	`"""passbook audit Header"""`
	`__version__ = '0.0.2-alpha'`	`__version__ = '0.1.13-beta'`
`@ -1,2 +1,2 @@`
	`"""passbook captcha_factor Header"""`	`"""passbook captcha_factor Header"""`
	`__version__ = '0.0.2-alpha'`	`__version__ = '0.1.13-beta'`