* Configurable device display name
You can just set the display name in device settings.
It also accepts simple template format with the variables: hostname, sysName, sysName_fallback, ip
Default controlled by device_display_default, (set from old force_hostname_to_sysname and force_ip_to_sysname settings
* remove second argument to format_hostname()
* Style fixes
* Update schema
* update phpstan baseline
* Improved settings strings (and add for translation)
* Device group based access
* Use Permissions class to resolve permissions
Also give port access based on device access
* Convert more pages to use Permissions class
* shorten config setting name
use Eloquent relationships in several places
alphabetize config_definitions.json
* Change Models and Permissions
* Clean up ajax_search LIMIT sql
* Convert more pages to use Permissions class
Co-authored-by: Tony Murray <murraytony@gmail.com>
* Remove auth use of $_SESSION
Will break plugins that depend on $_SESSION, Weathermap was already fixed.
Port them to use Auth::check()/Auth::user()/Auth:id()
* revert accidental replacement
* Rewrite user management.
Error management
Revert edituser legacy page
Connect user permissions button to legacy page for now.
Implement user creation
Refine form
Remove PingCheck.php accidental add :)
Fixes for redirection and deletion
More fixes: realname accidental validation setting, hide can modify for read-only auths
Use a panel to improve style
Add icon to panel-title
Not allowed to delete own user (at least via the click of a button)
Use request validation to reduce complexity of controller.
Improve protection against users doing things they should not.
Switch to horizontal form and not nearly as wide of layout :)
delete without refresh.
Fix for buttons
Include all users (not just from this auth)
Hide the auth column if there is only one auth type
Show username if real name isn't set
Don't allow creation of demo users via the webui
a fix to the lnms user:add command, it didn't set auth_id
update edituser.inc.php to current
just redirect to users page
* Remove TwoFactorTest for now
* Update edituser.inc.php
* Update .env.dusk.testing
* Enable 2fa for 2fa test...
* Security fix: unauthorized access
Affects nginx users:
Moved php files outside of public html directory (Apache was protected by .htaccess)
Affects all users:
Some files did not check for authentication and could disclose some info.
Better checks before including files from user input
* git mv html/includes/ includes/html
git mv html/pages/ includes/html/