22 Commits

Author SHA1 Message Date
Jenkins
93904437f4 Merge "The background colour of the success message changed" 2017-03-06 05:01:44 +00:00
Fredrik Starkenberg
a2386d80fb Check if user.token attribute exists
If the user is admin or don't have an ID the identity panel
will be loaded. In any other case  the project panel will be loaded.
This will also check if the panel is unregistred, and if the
session has expired it will lead to the login screen.

Closes-Bug: #1659818
Change-Id: I27300e928855ec10ca5d2a623d636e50d756b698
2017-02-02 15:13:12 +00:00
Sharat Sharma
618d4e1737 The background colour of the success message changed
When the password is successfully changed, the background colour
of the success message is changed from red to green to avoid
users mistaking it for an error message.

Change-Id: Icbaae9f15d02368539e47cd5e929c19ed67b5fed
Closes-Bug: #1520486
2017-01-18 06:53:09 +00:00
daniel-a-nguyen
2b846515f3 Retrieve domain scoped token
This patch supports using domain scoped tokens against keystone v3.

Use Cases:

Cloud Admin - view and manage identity resources across domains
Domain Admin - view and manage identity resources in the domain logged in
User - view identity project in the domain logged in

Regression:

Supports keystone v2 through local_settings.py configuration
Supports keystone v3 with multidomain = False
Supports keystone v3 with mulitdomain = True

Relates to https://review.openstack.org/#/c/141153/

Background on how to test is here
https://wiki.openstack.org/wiki/Horizon/DomainWorkFlow

Co-Authored-By: Brad Pokorny <Brad_Pokorny@symantec.com>
Co-Authored-By: Brian Tully <brian.tully@hp.com>
Co-Authored-By: Michael Hagedorn <mike.hagedorn@hp.com>
Co-Authored-By: woomatt <matt.wood@hp.com>

Partially Implements: blueprint domain-scoped-tokens

Closes-Bug: #1413851
Change-Id: Iaa19bfef9b0c70304ff81d083c62b218b2d02479
2016-03-08 15:17:38 -08:00
lin-hua-cheng
0e025d9d71 Add message of the day option
Allow user to configure messages to display to the user
after they login.

Change-Id: I6dc0318708d0f964e52c8b127718297fc723651c
Implements: blueprint message-of-the-day
2016-01-22 11:31:36 -08:00
Jamie Lennox
f9ceb2d86a Redirect initial hit to login page
By rendering the login page within the GET / path we cannot trap the /auth
location from horizon to allow us to setup kerberos and other REMOTE_USER tasks
on that path.

On initial unauthenticated request redirect the user to /auth/login.

Change-Id: Ibe577672fc67a33460ea5d8726925b7e4b2a65e9
Closes-Bug: #1418440
2015-03-13 15:14:23 +11:00
Masco Kaliyamoorthy
a3f7ac2625 password visibility icon not shown for first page
In the initial page (http://<ip>:<port>) the
password field not showing the password visibility
icon.

If we go to login page (http://<ip>:<port>/auth/login)
the password visibility icon is shown properly.

Now both the address are using the same template so
the password visibility icon shown in the initial
page also and the unused template is deleted.

Change-Id: Ia8063c54143c5394c927cf7aea7c15c3e9373dd0
Closes-Bug: #1408220
2015-01-22 13:16:22 +05:30
eric
43ba4fe19a Horizon login page contains DOS attack mechanism
the horizon login page (really the middleware) accesses the session
too early in the login process, which will create session records
in the session backend.  This is especially problematic when non-cookie
backends are used.

Change-Id: I9d2c40403fb9b0cfb512f2ff45397cbe0b050c71
Closes-Bug: 1394370
2014-12-08 16:38:37 -07:00
nikunj2512
e940196a43 Fixes session timeout string in horizon
1) This patch fixes the session timeout string problem which
occurs when users clicks on the UI and Ui redirects the
user to the login page but without session timeout message.

2) This patch also fixes other cases of unnecessary logout
messages.

Closes-Bug: #1231355

Change-Id: I9824db44382247d64cc8c399eb5e855e818e8781
2014-09-24 10:23:40 +05:30
Radomir Dopieralski
0eca7449cc Fix Flake8 style warnings in openstack_dashboard/
Warnings H904, H307 and H405 are new or considerably changed, and will
be fixed in a separate patch.

Closes-bug: #1349820
Partial-bug: #1347472

Change-Id: I4fd28990dacf16f03a4eaa6074ef59c37f1a2c14
2014-07-30 14:13:24 +02:00
Julie Pichon
345ccc9d50 Fix issues with importing the Login form
The Login form lives in openstack_auth.forms and should be directly
imported from that file.

Change-Id: I42808530024bebb01604adbf4828769812856bf3
Closes-Bug: #1332149
2014-06-19 17:36:17 +01:00
He Yongli
e790ac070e Remove extraneous vim configuration comments
Remove vim setting:
comment - # vim: tabstop=4 shiftwidth=4 softtabstop=4

at the top of source code files, except for files in
openstack/common.

Change-Id: I9a5c6b17c6ef7ecec601f4503dfc7b31fc72e90a
Close-bug: #1229324
2014-05-06 15:30:10 +08:00
David Lyle
0c1a0a7015 Fix default get_user_home with dynamic dashboards
The existing get_user_home implementation expects both the 'admin'
and 'project' dashboards to exist and throws an exception if they
are missing.  With the inclusion of configurable dashboard loading,
we can no longer count on certain dashboards being loaded.

Closes-Bug: #1293727

Change-Id: I4ee0b7b313f4e1b27c0daea829c8b38282fa78d9
2014-04-11 16:37:46 -06:00
Radomir Dopieralski
ef2f59f09d Don't ignore the HORIZON_CONFIG['user_home'] setting
Dashboard has its own splash, with a hardcoded get_user_home that
igonres HORIZON_CONFIG. This patch makes it use horiozn.get_user_home
which actually checks the user_home setting, and with the default
settings.py, uses dashboard's get_user_home anyways, but allows for
changing that default behavior.

Change-Id: Id2d957f0cd8fbbbbb8f2c053f0c5df4be177e18c
Closes-bug: #1301935
2014-04-03 15:07:32 +02:00
Tatiana Mazur
b4fc9b4bc9 Small "H302 check" cleanup
This patch set removes some commented out stuff that
has been unintentially left in "H302 check" patch set.
It also replaces a couple more method imports with
module imports.

Fixes bug 1215892

Change-Id: I35fd880154a4ea6d6d8d3b3615103c271aa4a005
2013-08-23 18:07:08 +04:00
Tatiana Mazur
953d1b9793 Enable H302 check
This patch replaces some method imports with module imports and
makes H302 test enabled.

Fixes bug 1188531

Change-Id: Ibfbddeaa19cbbb244da58ffd5c918c41f03a0c65
2013-08-22 17:39:09 +04:00
Gabriel Hurley
cb8e7c1f8f Splits OpenStack Dashboard bits from framework app code.
Moves everything OpenStack-specific (dashboards, apis, etc.)
into the openstack_dashboard project, achieving a much
cleaner separation between the project-specific code and
the generic Horizon framework code.

Change-Id: I7235b41d449b26c980668fc3eb4360b24508717b
2012-10-11 11:47:50 -07:00
Gabriel Hurley
6f838a09b8 Fixed/enabled selenium tests.
Moved the tests to the horizon portion since they test core functionality.
This also required moving some of the templates, etc. that belong in horizon
to their proper homes.

Change-Id: I7d9758845b81e4b8bcf1ffaaff4f6e237b4fe9f8
2012-07-25 14:12:24 -07:00
Gabriel Hurley
c339189b44 Auth refactor.
Switch to using the self-contained django_openstack_auth
package which is a proper django.contrib.auth pluggable
backend.

Notable functional improvements include:

  * Better overall security via use of standard Django
    auth code (well-vetted by security experts).
  * Token expiration checking.
  * User "enabled" attribute checking.
  * Support for full range of Django auth attributes
    such as is_anonymous, is_active, is_superuser, etc.
  * Improved hooks for RBAC/permission-based acess control.

Regarding the RBAC/permission-based access control, this
patch moves all "role" and "service"-oriented checks to
permission checks. This will make transitioning to
policy-driven checking much easier once that fully lands
in OpenStack.

Implements blueprint move-keystone-support-to-django-auth-backend

Change-Id: I4f3112af797aff8c4c5e9930c6ca33a70e45589d
2012-07-09 16:57:52 -07:00
Gabriel Hurley
41c3a5990c JavaScript Refactor.
Cleans up Horizon's JavaScript to make it properly modular and
well-organized.

Adds unit tests written in QUnit for some of the JS modules
as a starting point for the JS test framework. You can visit
/qunit/ with DEBUG=True in your settings to access the JS
test runner.

Fixes bug 961509.

Change-Id: Ica33765660d0ed80f22c71bc96f122c3fc8b80cc
2012-06-23 17:12:37 -07:00
Gabriel Hurley
f986a631a2 Make sure Horizon is treating passwords securely.
* Applies the sensitive_post_parameters and sensitive_variables
  decorators to functions that handle sensitive data.
* Defines a custom Exception Filter class to provide some added
  security.
* Adds notes on logging to the docs.

Fixes bug 1004114 for Horizon.

Change-Id: I13ac91d91e0ed2322cc61633b02455cfed39fdcd
2012-05-24 15:28:01 -07:00
Gabriel Hurley
052aa55d34 Unifies the project packaging into one set of modules.
There are no longer two separate projects living inside the horizon
repository. There is a single project now with a single setup.py,
single README, etc.

The openstack-dashboard/dashboard django project is now named
"openstack_dashboard" and lives as an example project in the
topmost horizon directory.

The "horizon/horizon" directory has been bumped up a level and now
is directly on the path when the root horizon directory is on
your python path.

Javascript media which the horizon module directly relies upon
now ships in the horizon/static dir rather than
openstack-dashboard/dashboard/static.

All the corresponding setup, installation, build, and env scripts
have been updated accordingly.

Implements blueprint unified-packaging.

Change-Id: Ieed8e3c777432cd046c3e0298869a9428756ab62
2012-02-29 00:20:13 -08:00