Bug 51259 – Separate black- and whitelists for Self Service tabs

Bug 51259 - Separate black- and whitelists for Self Service tabs


Summary:	Separate black- and whitelists for Self Service tabs

Status:	CLOSED FIXED

Product:	UCS
Classification:	Unclassified
Component:	Self Service
Version:	UCS 4.4
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	UCS 4.4-4-errata
Assigned To:	Johannes Keiser
QA Contact:	Dirk Wiesenthal

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2020-05-10 10:12 CEST by Valentin Heidelberger
Modified:	2020-06-24 12:53 CEST (History)
CC List:	4 users (show)

See Also:
What kind of report is it?:	Feature Request
What type of bug is this?:	---
Who will be affected by this bug?:	---
How will those affected feel about the bug?:	---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Patch for separate white/blacklists for Self Service tabs "Password change" and "Your profile" (2.20 KB, patch) 2020-05-10 10:12 CEST, Valentin Heidelberger	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Valentin Heidelberger

2020-05-10 10:12:25 CEST

Created attachment 10352 [details]
Patch for separate white/blacklists for Self Service tabs "Password change" and "Your profile"

A customer would like to have separate black- and whitelists for each of the Self Service's tabs. Currently the lists are being applied globally to all tabs.

The customer specifically wanted to separate both "Password change" and "Your profile" from "Password forgotten" and "Protect account". 
The attached patch allows for a new "tab" parameter to be passed to is_blacklisted, which is then used in the UCR var name. It only solves their specific use case and doesn't allow for more fine-grained lists per each tab.

Comment 1 Ingo Steuwer

2020-05-12 12:08:40 CEST

A product integration should be generic (it should support black/whitelists for all tabs)

Comment 2 Johannes Keiser

2020-06-18 13:58:57 CEST

c3444e636b Bug #51259: yaml
6a1992d962 Bug #51259: duplicate blacklist/whitelist ucr variables content
0d69750724 Bug #51259: yaml
e212fb7964 Bug #51259: debian changelog
6862a790c6 Bug #51259: add seperate blacklist/whitelist for profiledata and account deregistration

Successful build
Package: univention-self-service
Version: 4.0.3-30A~4.4.0.202006181337
Branch: ucs_4.4-0
Scope: errata4.4-4

-----
The "Change password" page does not go over the selfservice backend but changes the password directly, so there is no blacklist/whitelist for that.



There are now 3 groups of 4 ucr variables for blacklist/whitelist
umc/self-service/{passwordreset,profiledata,account-deregistration}/{blacklist,whitelist}/{users,groups}

passwordreset
  "Protect account" page
    get_contact
    set_contact
  "Password forgotten" page
    get_reset_methods
    send_token
  "Set new password" page
    set_password
profiledata
  "Your profile" page
    get_user_attributes
    set_user_attributes
    validate_user_attributes
account-deregistration
  "Delete my account" button on "Your profile" page
    deregister_account

Methods that do not check for blacklist/whitelist
  "Your profile" page
    get_user_attributes_descriptions

Blacklist/Whitelist for account creation/verification not needed
  "Create an account" page
    get_registration_attributes
    create_self_registered_account
  "Account verification" page
    send_verification_token
    verify_contact

Comment 3 Johannes Keiser

2020-06-23 15:40:35 CEST

e4083ea128 Bug #51259: yaml
a583948942 Bug #51259: debian changelog
fbacedcd39 Bug #51259: set missing UCR defaults in postinst

Successful build
Package: univention-self-service
Version: 4.0.3-32A~4.4.0.202006231526
Branch: ucs_4.4-0
Scope: errata4.4-4

Comment 4 Dirk Wiesenthal

2020-06-24 02:25:30 CEST

> There are now 3 groups of 4 ucr variables for blacklist/whitelist
> umc/self-service/{passwordreset,profiledata,account-deregistration}/
> {blacklist,whitelist}/{users,groups}

OK

> 
> passwordreset
>   "Protect account" page
>     get_contact
>     set_contact
>   "Password forgotten" page
>     get_reset_methods
>     send_token
>   "Set new password" page
>     set_password

OK

> profiledata
>   "Your profile" page
>     get_user_attributes
>     set_user_attributes
>     validate_user_attributes

OK

> account-deregistration
>   "Delete my account" button on "Your profile" page
>     deregister_account

OK

YAML: OK

Comment 5 Erik Damrose

2020-06-24 12:53:06 CEST

<http://errata.software-univention.de/ucs/4.4/632.html>