Commit Graph

1062 Commits

Author SHA1 Message Date
Colin Finck
2223807233
[FORUM] [ROSLOGIN] Add new users to phpBB's NEWLY_REGISTERED group, which automatically transitions to REGISTERED after X posts.
We can now set different permissions for newly registered and established users and hopefully combat our spam problems this way.
2018-10-24 02:42:07 +02:00
Pierre Schweitzer
fae7a34f50
[TESTMAN] Call appropriate class when exporting results.
ONLINE-837
2018-09-13 08:24:35 +02:00
Colin Finck
76ea82f320 [WIKI] Also search in user pages by default, we have many interesting things there. 2018-08-21 11:42:11 +00:00
Colin Finck
84b310939e [WIKI] Simplify doing the RosLogin user logout. 2018-07-09 20:44:43 +02:00
Colin Finck
ca4b822ae3 [FORUM] After logging in to RosLogin, redirect to the last forum page visited based on the HTTP_REFERER (because $event['redirect'] is apparently buggy).
ONLINE-792
2018-07-09 20:42:07 +02:00
Colin Finck
8abeebf92b [GETBUILDS] Follow-up to 91725a7:
* Move the GitHub button next to the "Browse all created Builds" button.
  Both belong to the same group of buttons and this is consistent with Testman.
* Change both to <a> tags that open the destination URL in a new window.
* Define a constant for the GitHub URL.
2018-07-09 19:27:51 +02:00
Stanislav Motylkov
fd9e140770 [GETBUILDS] Update russian translation 2018-07-09 19:22:39 +02:00
Stanislav Motylkov
91725a788f [GETBUILDS] Add GitHub link and button
ONLINE-746
2018-07-09 19:22:39 +02:00
Colin Finck
16ca649712 [ROSLOGIN] Improve security and fix a bug where the user was redirected to a blank page after login.
* Guard all inputs from parameters with htmlspecialchars() when they're inserted into page content.
* Implement a new function is_valid_redirect() to only redirect to non-empty local URLs with allowed characters.

Thanks a lot to Stanislav Motylkov for the bug reports and a first fix!

ONLINE-793
ONLINE-802
2018-07-09 19:06:53 +02:00
Colin Finck
bd19bbfb65 [FORUM] Let phpBB reuse anonymous user sessions, too. Should remove the &sid=... part of most phpBB URLs. 2018-07-09 17:52:53 +02:00
Colin Finck
cf317fbd7d [WIKI] Fix the "loss of session data" bug.
Apparently, it is important to pass an "id" field in provideSessionInfo.
Fortunately, this field expects the same format of 32 alphanumeric characters as we already have in the "roslogin_session_id" cookie.

ONLINE-796
2018-07-05 22:20:26 +02:00
Colin Finck
a1f0eb2b77 [WIKI] Delete no longer needed config file. 2018-07-04 10:57:49 +02:00
Colin Finck
1985069073 [WIKI] Redo the skin customizations for MediaWiki 1.31.0 2018-06-30 09:26:47 +02:00
Colin Finck
f4d5e5c88e [WIKI] Commit the original files of the MediaWiki 1.31.0 Vector skin that are going to be customized. 2018-06-30 09:18:06 +02:00
Colin Finck
c1effa645d [WIKI] Remove the MediaWiki 1.30.0 skin 2018-06-30 09:16:08 +02:00
Colin Finck
1ee04ba237 [FORUM] Remove the quick-login box from the phpBB index page.
This one isn't compatible with RosLogin and there is a "Login" link that forwards to the RosLogin Login page anyway.
2018-06-28 19:52:40 +02:00
Colin Finck
13b45ee0a8 [FORUM] This original file from the phpBB 3.2.2 prosilver skin also need to be modified. 2018-06-28 19:52:10 +02:00
Colin Finck
486eededc4 [ROSLOGIN] Also consider users in the migration script that have only created or be assigned to an issue, but never commented on it.
Thanks to Mark for the review and suggestions!
2018-06-28 19:12:01 +02:00
Colin Finck
60cec6c5b9 [ROSLOGIN] Add an LDIF to disable the default OpenLDAP limit of 500 entries per query. 2018-06-27 10:50:38 +02:00
Colin Finck
60bf1ba50f [ROSLOGIN] Count special user rights in Drupal as activity in the migration script 2018-06-27 10:48:04 +02:00
Colin Finck
3ea78bd587 [ROSLOGIN] Finish the migration script by adding active users to the LDAP directory and removing inactive ones from all DB tables.
This script is now able to migrate our entire user database to LDAP/RosLogin.
By filtering out users that have never participated in either Drupal, Forum, Wiki, or JIRA and are older than one month, it reduces
our user base from 47333 to 7428.

I'm open for comments and reviews until this goes live.
2018-06-27 10:30:53 +02:00
Colin Finck
8c71475897 [ROSLOGIN] Improve error handling in getUserInformation 2018-06-27 10:26:48 +02:00
Colin Finck
9ec7e47d8d [ROSLOGIN] Add a first (unfinished) version of my script to migrate the user database from Drupal to RosLogin.
I want to use this opportunity to clean the user database from inactive users.
A user is considered inactive if it is older than a month and has never been active in either Drupal, MediaWiki, phpBB, or JIRA.
Consequently, deleting it would not cause any loss of information.
However, it keeps our future LDAP directory small and may fix possible name clashes due to the new stricter username rules.
2018-06-18 22:52:38 +02:00
Colin Finck
8fe36bb4f4 [DRUPAL] Delete no longer required modules and files. 2018-06-18 16:33:38 +02:00
Colin Finck
60898710f8 [FORUM] Integrate phpBB 3.2.2's prosilver skin into the ReactOS website design.
This careful integration leaves most of the original prosilver skin unchanged.
It should be a piece of cake to redo these changes if necessary for a later phpBB version.
2018-06-18 16:28:11 +02:00
Colin Finck
726bdc7554 [ROSWEB] [WIKI] Make the ReactOS static header more flexible for the upcoming integration into phpBB 3.2.2 and adapt the MediaWiki skin accordingly. 2018-06-18 16:26:05 +02:00
Colin Finck
f50780301a [FORUM] Commit the original files of the phpBB prosilver skin that are going to be customized. 2018-06-18 16:21:24 +02:00
Colin Finck
8fefd2e1e1 [FORUM] Add a RosLogin extension for phpBB 3.2.2 to authenticate phpBB users using RosLogin Single-Sign-On. 2018-06-18 15:15:54 +02:00
Colin Finck
35486b7945 [FORUM] Update phpBB configuration for phpBB 3.2.2. 2018-06-18 15:14:30 +02:00
Colin Finck
85f0b07a38 [FORUM] Remove our heavily patched phpBB 3.0.x from the repository and update the instruction text.
The RosLogin integration will be realized as a proper extension instead of code changes spread over hundreds of phpBB core files.
This finally enables us to move to the latest phpBB release and makes further upgrades straightforward.
2018-06-18 14:59:08 +02:00
Colin Finck
da6c642a47 [DRUPAL] [WIKI] Update instruction texts. 2018-06-18 14:56:14 +02:00
Colin Finck
c7482b8d5e [ROSLOGIN] Fix a variable name typo. 2018-06-18 14:24:29 +02:00
Colin Finck
6c84aed164 [TESTMAN] Use git.reactos.org instead of GitHub for the source code links and fix the search URLs to decide between apitests and winetests.
git.reactos.org is under our own control and its URLs are guaranteed to remain stable.
Furthermore, the web server can access it much faster, which is important for the get_headers() call.
2018-05-16 18:01:01 +00:00
Yaroslav Veremenko
4324bb55b8 [GETBUILDS] Disable MSVC builds filter by default ONLINE-772 2018-05-16 18:35:14 +02:00
Yaroslav Veremenko
a427a02ed4 [DRUPAL] Display year in news/blog/article pages ONLINE-568 2018-05-16 18:33:57 +02:00
Yaroslav Veremenko
93f7171744 [TESTMAN] Point to GitHub instead of old SVN ONLINE-773 2018-05-16 18:30:40 +02:00
Colin Finck
80948864d5 [DRUPAL] [ROSLOGIN] Add a Drupal 7.x module to authenticate using RosLogin Single-Sign-On.
This one is much simpler than any other SSO module for Drupal, because:
* it replaces the Drupal login methods instead of offering an additional way of logging in, and
* it redirects Drupal forms (e.g. account registration, password reset) to RosLogin pages instead of capturing input from Drupal and calling SSO functions.

Consequently, an inline login box (like ours at the bottom page) needs to be replaced by a link to /roslogin/?p=login
2018-05-15 12:06:17 +02:00
Colin Finck
83078e5615 [ROSLOGIN] Remove all special characters during username normalization instead of replacing them by a single underscore.
There is no reason to allow an account "ColinFinck" when "Colin Finck" already exists.
2018-05-15 12:01:41 +02:00
Colin Finck
c9f98c0d69 [WIKI] Port our ReactOS customizations to the unmodified Vector skin of MediaWiki 1.30.0. 2018-05-14 19:00:31 +02:00
Colin Finck
14b3d8964a [WIKI] Commit the parts we will customize of the unmodified Vector skin of MediaWiki 1.30.0 and remove our customized MediaWiki 1.23.x skin. 2018-05-14 18:42:19 +02:00
Colin Finck
ff063944e3 [ROSLOGIN] Fixes based on Code Review by Mark Jansen
- Redirect to the "username_sent" message also when no such E-Mail address exists in the directory.
  This prevents disclosing the existence of a particular E-Mail address when using the SendUsername feature.
- Remove unused globals.
- Use uppercase boolean values consistently.
2018-05-08 16:28:25 +02:00
Colin Finck
9ebc516a7a [ROSLOGIN] [WIKI] Add a "RosLogin" MediaWiki extension based on the SessionManager framework introduced in MediaWiki 1.27.
Much simpler than the unmaintained AuthDrupal extension and - unlike that - needs no additional component on the CMS side.
2018-04-30 17:47:11 +02:00
Colin Finck
280f50e251 [WIKI] Update LocalSettings.php and the associated wiki-config.php for MediaWiki 1.30.0 and remove the unmaintained AuthDrupal extension. 2018-04-30 17:42:00 +02:00
Colin Finck
8c5fa454fa [ROSLOGIN] A simple Self-Service and Single-Sign-On around an LDAP user directory
RosLogin is a simple user Self-Service and Single-Sign-On system for a single site
(such as *.reactos.org) written in PHP and licensed under AGPLv3 or later.

In contrast to CAS, OAuth, SAML or Shibboleth-based solutions, RosLogin is much more
lightweight due to its focus on a single site.
Each login sets a site-wide cookie, which is sufficient to identify a user on every
page of the domain and subdomains.
No Public-Key-Infrastructure or XML message passing needs to be set up for this.

While many Single-Sign-On solutions only provide Login and Logout functionality,
RosLogin also comes with a Self-Service that handles registrations, user data changes,
and forgotten credentials.

Finally, PHP web applications like MediaWiki are first-class citizens for RosLogin.
They can easily get information about the currently logged in user by instantiating
`RosLogin` and calling the `isLoggedIn` and `getUserInformation` methods, thereby
implementing SSO functionality.
RosLogin also takes care to only allow user names that do not conflict with the user
name constraints of popular PHP applications.

By managing the entire user information in an LDAP directory (inetOrgPerson schema),
RosLogin additionally allows a basic integration of applications without writing any
custom code.

The migration to RosLogin will decouple our user database from the CMS, easing a later
migration to any other CMS, and put an end to weirdnesses such as the 30 minute delay
for account changes in JIRA.
2018-04-30 17:04:43 +02:00
Colin Finck
012098ffda [TESTMAN] Don't count the reboot into 3rd stage twice and clarify that only *re*boots are counted.
That means, the first "Running stage 1" line is never counted and an ideal result would only report 2 reboots (into stage 2 and stage 3).
This gets the logic back to what we had in SVN times.

svn path=/trunk/; revision=1012
2017-10-29 10:30:55 +00:00
Colin Finck
967bbfb9cf [TESTMAN] Get the long revision hash from the enhanced KDIO log message instead of using GitInfo. Fixes getting the long hash for revisions outside the master branch (e.g. when testing Pull Requests).
Also output more useful error messages.

svn path=/trunk/; revision=1011
2017-10-16 08:40:27 +00:00
Colin Finck
9ef582774a [TESTMAN] Fix number of tests selected when clicking "Search" another time.
Thanks to Victor for reporting and explaining!
ONLINE-638


svn path=/trunk/; revision=1010
2017-10-06 16:42:28 +00:00
Colin Finck
01f4266127 [ROSWEB] Escape special XML characters in commit messages when outputting them in ajax-gitinfo.php.
svn path=/trunk/; revision=1009
2017-10-05 10:50:33 +00:00
Colin Finck
c25a651da4 [GITINFO] Creating the table with DEFAULT CURRENT_TIMESTAMP removes the "on update CURRENT_TIMESTAMP" at least.
This is still not really what I want, but less of a hack and causes no harm if we ever migrate the database to another server.

svn path=/trunk/; revision=1008
2017-10-05 10:39:04 +00:00
Colin Finck
f512b673da [GITINFO] MySQL always creates timestamp columns with a default value and "on update CURRENT_TIMESTAMP". I have to alter the table afterwards to get rid of these unwanted extras again.
I consider this a bug given that even mysqldump is now unable to identically export and reimport this table..
At least, the people at Stackoverflow have found this way around it: https://stackoverflow.com/a/31865524

svn path=/trunk/; revision=1007
2017-10-05 10:33:37 +00:00