bump version: 0.1.6-beta -> 0.1.7-beta

prepare debian changelog for 0.1.6
Improve access control for saml
2019-03-08 21:37:59 +01:00 · 2019-03-08 21:37:55 +01:00 · 2019-03-08 21:30:16 +01:00 · 2019-03-08 21:20:38 +01:00
22 changed files with 53 additions and 22 deletions
--- a/.bumpversion.cfg
+++ b/.bumpversion.cfg
@ -1,5 +1,5 @@
 [bumpversion]
-current_version = 0.1.6-beta
+current_version = 0.1.7-beta
 tag = True
 commit = True
 parse = (?P<major>\d+)\.(?P<minor>\d+)\.(?P<patch>\d+)\-(?P<release>.*)
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -53,7 +53,7 @@ package-docker:
  before_script:
    - echo "{\"auths\":{\"docker.$NEXUS_URL\":{\"auth\":\"$NEXUS_AUTH\"}}}" > /kaniko/.docker/config.json
  script:
-    - /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --destination docker.pkg.beryju.org/passbook:latest --destination docker.pkg.beryju.org/passbook:0.1.6-beta
+    - /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --destination docker.pkg.beryju.org/passbook:latest --destination docker.pkg.beryju.org/passbook:0.1.7-beta
  stage: build
  only:
    - tags
--- a/debian/changelog
+++ b/debian/changelog
@ -1,3 +1,23 @@
+passbook (0.1.6) stable; urgency=medium
+
+  * bump version: 0.1.3-beta -> 0.1.4-beta
+  * implicitly add kubernetes-healthcheck-host in helm configmap
+  * fix debian build (again)
+  * add PropertyMapping Model, add Subclass for SAML, test with AWS
+  * add custom DynamicArrayField to better handle arrays
+  * format data before inserting it
+  * bump version: 0.1.4-beta -> 0.1.5-beta
+  * fix static files missing for debian package
+  * fix password not getting set on user import
+  * remove audit's login attempt
+  * add passing property to PolicyEngine
+  * fix captcha factor not loading keys from Factor class
+  * bump version: 0.1.5-beta -> 0.1.6-beta
+  * fix MATCH_EXACT not working as intended
+  * Improve access control for saml
+
+ -- Jens Langhammer <jens.langhammer@beryju.org>  Fri, 08 Mar 2019 20:37:05 +0000
+
 passbook (0.1.4) stable; urgency=medium

  * initial debian package release
--- a/helm/passbook/Chart.yaml
+++ b/helm/passbook/Chart.yaml
@ -1,6 +1,6 @@
 apiVersion: v1
-appVersion: "0.1.6-beta"
+appVersion: "0.1.7-beta"
 description: A Helm chart for passbook.
 name: passbook
-version: "0.1.6-beta"
+version: "0.1.7-beta"
 icon: https://passbook.beryju.org/images/logo.png
--- a/helm/passbook/values.yaml
+++ b/helm/passbook/values.yaml
@ -5,7 +5,7 @@
 replicaCount: 1

 image:
-  tag: 0.1.6-beta
+  tag: 0.1.7-beta

 nameOverride: ""

--- a/passbook/init.py
+++ b/passbook/init.py
@ -1,2 +1,2 @@
 """passbook"""
-__version__ = '0.1.6-beta'
+__version__ = '0.1.7-beta'
--- a/passbook/admin/init.py
+++ b/passbook/admin/init.py
@ -1,2 +1,2 @@
 """passbook admin"""
-__version__ = '0.1.6-beta'
+__version__ = '0.1.7-beta'
--- a/passbook/api/init.py
+++ b/passbook/api/init.py
@ -1,2 +1,2 @@
 """passbook api"""
-__version__ = '0.1.6-beta'
+__version__ = '0.1.7-beta'
--- a/passbook/audit/init.py
+++ b/passbook/audit/init.py
@ -1,2 +1,2 @@
 """passbook audit Header"""
-__version__ = '0.1.6-beta'
+__version__ = '0.1.7-beta'
--- a/passbook/captcha_factor/init.py
+++ b/passbook/captcha_factor/init.py
@ -1,2 +1,2 @@
 """passbook captcha_factor Header"""
-__version__ = '0.1.6-beta'
+__version__ = '0.1.7-beta'
--- a/passbook/core/init.py
+++ b/passbook/core/init.py
@ -1,2 +1,2 @@
 """passbook core"""
-__version__ = '0.1.6-beta'
+__version__ = '0.1.7-beta'
--- a/passbook/core/models.py
+++ b/passbook/core/models.py
@ -288,6 +288,8 @@ class FieldMatcherPolicy(Policy):
        if self.match_action == FieldMatcherPolicy.MATCH_REGEXP:
            pattern = re.compile(self.value)
            passes = bool(pattern.match(user_field_value))
+        if self.match_action == FieldMatcherPolicy.MATCH_EXACT:
+            passes = user_field_value == self.value

        LOGGER.debug("User got '%r'", passes)
        return passes
--- a/passbook/hibp_policy/init.py
+++ b/passbook/hibp_policy/init.py
@ -1,2 +1,2 @@
 """passbook hibp_policy"""
-__version__ = '0.1.6-beta'
+__version__ = '0.1.7-beta'
--- a/passbook/ldap/init.py
+++ b/passbook/ldap/init.py
@ -1,2 +1,2 @@
 """Passbook ldap app Header"""
-__version__ = '0.1.6-beta'
+__version__ = '0.1.7-beta'
--- a/passbook/lib/init.py
+++ b/passbook/lib/init.py
@ -1,2 +1,2 @@
 """passbook lib"""
-__version__ = '0.1.6-beta'
+__version__ = '0.1.7-beta'
--- a/passbook/oauth_client/init.py
+++ b/passbook/oauth_client/init.py
@ -1,2 +1,2 @@
 """passbook oauth_client Header"""
-__version__ = '0.1.6-beta'
+__version__ = '0.1.7-beta'
--- a/passbook/oauth_provider/init.py
+++ b/passbook/oauth_provider/init.py
@ -1,2 +1,2 @@
 """passbook oauth_provider Header"""
-__version__ = '0.1.6-beta'
+__version__ = '0.1.7-beta'
--- a/passbook/otp/init.py
+++ b/passbook/otp/init.py
@ -1,2 +1,2 @@
 """passbook otp Header"""
-__version__ = '0.1.6-beta'
+__version__ = '0.1.7-beta'
--- a/passbook/password_expiry_policy/init.py
+++ b/passbook/password_expiry_policy/init.py
@ -1,2 +1,2 @@
 """passbook password_expiry"""
-__version__ = '0.1.6-beta'
+__version__ = '0.1.7-beta'
--- a/passbook/saml_idp/init.py
+++ b/passbook/saml_idp/init.py
@ -1,2 +1,2 @@
 """passbook saml_idp Header"""
-__version__ = '0.1.6-beta'
+__version__ = '0.1.7-beta'
--- a/passbook/saml_idp/templates/saml/idp/login.html
+++ b/passbook/saml_idp/templates/saml/idp/login.html
@ -18,7 +18,7 @@
    <input type="hidden" name="SAMLResponse" value="{{ saml_response }}" />
    <div class="login-group">
        <h3>
-            {% blocktrans with remote=remote.name %}
+            {% blocktrans with remote=remote.application.name %}
            You're about to sign into {{ remote }}
            {% endblocktrans %}
        </h3>
--- a/passbook/saml_idp/views.py
+++ b/passbook/saml_idp/views.py
@ -12,6 +12,7 @@ from django.utils.decorators import method_decorator
 from django.views import View
 from django.views.decorators.csrf import csrf_exempt
 from signxml.util import strip_pem_header
+from django.utils.translation import gettext as _

 from passbook.audit.models import AuditEntry
 from passbook.core.models import Application
@ -110,8 +111,12 @@ class LoginProcessView(ProviderMixin, LoginRequiredMixin, View):
    def get(self, request, application):
        """Handle get request, i.e. render form"""
        LOGGER.debug("Request: %s", request)
+        if not self._has_access():
+            return render(request, 'login/denied.html', {
+                'title': _("You don't have access to this application")
+            })
        # Check if user has access
-        if self.provider.application.skip_authorization and self._has_access():
+        if self.provider.application.skip_authorization:
            ctx = self.provider.processor.generate_response()
            # Log Application Authorization
            AuditEntry.create(
@ -133,8 +138,12 @@ class LoginProcessView(ProviderMixin, LoginRequiredMixin, View):
    def post(self, request, application):
        """Handle post request, return back to ACS"""
        LOGGER.debug("Request: %s", request)
+        if not self._has_access():
+            return render(request, 'login/denied.html', {
+                'title': _("You don't have access to this application")
+            })
        # Check if user has access
-        if request.POST.get('ACSUrl', None) and self._has_access():
+        if request.POST.get('ACSUrl', None):
            # User accepted request
            AuditEntry.create(
                action=AuditEntry.ACTION_AUTHORIZE_APPLICATION,
Author	SHA1	Message	Date
Jens Langhammer	74da3df7cd	bump version: 0.1.6-beta -> 0.1.7-beta	2019-03-08 21:37:59 +01:00
Jens Langhammer	a6e435bd70	prepare debian changelog for 0.1.6	2019-03-08 21:37:55 +01:00
Jens Langhammer	c313b496aa	Improve access control for saml	2019-03-08 21:30:16 +01:00
Jens Langhammer	a7eaa74191	fix MATCH_EXACT not working as intended	2019-03-08 21:20:38 +01:00