Matthew Wild <mwild1@gmail.com> [Sun, 26 Mar 2023 15:53:27 +0100] rev 13000
mod_tokenauth: return error if storage of new token fails
Matthew Wild <mwild1@gmail.com> [Sun, 26 Mar 2023 14:06:04 +0100] rev 12999
moduleapi: Add 'peek' to :may() and new :could() helper to suppress logging
The current method logs scary "access denied" messages on failure - this is
generally very useful when debugging access control stuff, but in some cases
the call is simply a check to see if someone *could* perform an action, even
if they haven't requested it yet. One example is determining whether to show
the user as an admin in disco.
The 'peek' parameter, if true, will suppress such logging.
The :could() method is just a simple helper that can make the calling code a
bit more readable (suggested by Zash).
Matthew Wild <mwild1@gmail.com> [Sat, 25 Mar 2023 19:38:41 +0000] rev 12998
moduleapi: may: Fail early if a local session has no role assigned
We expect every session to explicitly have a role assigned. Falling back to
any kind of "default" role (even the user's default role) in the absence of
an explicit role could open up the possibility of accidental privilege
escalation.
Kim Alvefur <zash@zash.se> [Sun, 26 Mar 2023 16:51:33 +0200] rev 12997
core.usermanager: Correct formatting of not implemented error
Spaces, no hyphen, apparently.
Kim Alvefur <zash@zash.se> [Sun, 26 Mar 2023 16:45:34 +0200] rev 12996
mod_admin_shell: Enable user after creation with role
Fixes that otherwise the user was created in a disabled state and left
as such.
Kim Alvefur <zash@zash.se> [Sun, 26 Mar 2023 16:45:23 +0200] rev 12995
mod_admin_shell: Simplify user creation when no role given
Idea here is to prevent a user from being created with the default role
if a different role was given, but that dance wouldn't be needed if no
role is provided.
Kim Alvefur <zash@zash.se> [Sun, 26 Mar 2023 16:07:34 +0200] rev 12994
util.jsonschema: Reorder type definition by specification, section
Also some comment headers and missing properties
Kim Alvefur <zash@zash.se> [Sun, 26 Mar 2023 15:20:07 +0200] rev 12993
util.jsonschema: Implement 'dependentSchemas'
If this object key exists then this schema must validate against the
current object. Seems useful.
Kim Alvefur <zash@zash.se> [Sun, 26 Mar 2023 15:19:14 +0200] rev 12992
util.jsonschema: Implement 'dependentRequired'
If this field exists, then these fields must also exist.
Kim Alvefur <zash@zash.se> [Sun, 26 Mar 2023 13:13:31 +0200] rev 12991
util.roles: Implement a serialization preparation metamethod
Should be able to roundtrip trough serialization. Also nice for debug
and logging purposes where you might want more details than what the
__tostring method provides.