patchcenter

adminmpmcz/patchcenter

Fork 0

Commit Graph

Author	SHA1	Message	Date
MOUTAOUAKIL-ext Khalid (admin)	4590e89ff6	feat(securite/ldap): cookie Secure, logs debug LDAPS, .gitignore durci - auth.py: flag Secure + path=/ sur le cookie d'authentification - ldap_service.py: logging debug des connexions LDAPS vers logs/ldap_debug.log (jamais les mots de passe) - .gitignore: protege cles/certs TLS (ssl/, .key, .crt) + artefacts lourds (db/, sitepkgs.zip, *.bak, dump) - inclut aussi des modifs en cours: planning_import, patch_run_service, patching_iexec Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>	2026-06-18 15:42:00 +02:00
Admin MPCZ	53d4f71607	LDAP: restriction groupe AD + auto-provisioning users (sans permissions) - Settings ldap_required_group (DN groupe autorise) + ldap_default_role - ldap_authenticate verifie memberOf vs required_group avant bind - auth.py: si user inconnu + LDAP + groupe OK -> auto-create user, role default, zero permission (admin doit assigner via /users)	2026-04-15 11:45:33 +02:00
Admin MPCZ	8479d7280e	Users/Contacts: workflow profils + LDAP + sync iTop + etat aligne - Users: 4 profils (admin/coordinator/operator/viewer) remplacent la matrix - /users/add: picker contacts iTop (plus de creation libre) - /me/change-password: flow force_password_change - LDAP: service + section settings + option login - Sync iTop contacts: filtre par teams (SecOps/iPOP/Externe/DSI/Admin DSI) - Auto-desactivation users si contact inactif - etat: alignement sur enum iTop (production/implementation/stock/obsolete) - Menu: Contacts dans Administration, Serveurs en groupe repliable - Audit bases: demo/prod via JWT mode Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-12 18:50:43 +02:00

Author

SHA1

Message

Date

MOUTAOUAKIL-ext Khalid (admin)

4590e89ff6

feat(securite/ldap): cookie Secure, logs debug LDAPS, .gitignore durci

- auth.py: flag Secure + path=/ sur le cookie d'authentification
- ldap_service.py: logging debug des connexions LDAPS vers logs/ldap_debug.log (jamais les mots de passe)
- .gitignore: protege cles/certs TLS (ssl/, *.key, *.crt) + artefacts lourds (db/, sitepkgs.zip, *.bak, dump)
- inclut aussi des modifs en cours: planning_import, patch_run_service, patching_iexec

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

2026-06-18 15:42:00 +02:00

Admin MPCZ

53d4f71607

LDAP: restriction groupe AD + auto-provisioning users (sans permissions)

- Settings ldap_required_group (DN groupe autorise) + ldap_default_role
- ldap_authenticate verifie memberOf vs required_group avant bind
- auth.py: si user inconnu + LDAP + groupe OK -> auto-create user, role default,
  zero permission (admin doit assigner via /users)

2026-04-15 11:45:33 +02:00

Admin MPCZ

8479d7280e

Users/Contacts: workflow profils + LDAP + sync iTop + etat aligne

- Users: 4 profils (admin/coordinator/operator/viewer) remplacent la matrix
- /users/add: picker contacts iTop (plus de creation libre)
- /me/change-password: flow force_password_change
- LDAP: service + section settings + option login
- Sync iTop contacts: filtre par teams (SecOps/iPOP/Externe/DSI/Admin DSI)
- Auto-desactivation users si contact inactif
- etat: alignement sur enum iTop (production/implementation/stock/obsolete)
- Menu: Contacts dans Administration, Serveurs en groupe repliable
- Audit bases: demo/prod via JWT mode

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-12 18:50:43 +02:00

3 Commits