FAQ | This is a LIVE service | Changelog

Skip to content
Snippets Groups Projects
  1. Oct 31, 2024
  2. Oct 21, 2024
    • Dr Adam Thorn's avatar
      allow autoatic mergeing of users with matching email addresses · 09ec375f
      Dr Adam Thorn authored
      This is flagged as a security risk, but that's very much dependent upon
      the site config. We trust that if Entra claims a user has an email
      address of user@cam.ac.uk, they this is unquestionably true. (The
      warnings all concern cases where you can't necessarily trust this
      attribute)
      
      The use cases I have for doing this include:
      
      - being able to proactively set node ownership when doing a site import
        (we need user accounts to exist if they are to own content)
      - for content like staff pages we make use of the "can edit own content"
        permission. Although in principle we could implement a custom
        permission check (e.g. compare field_person_crsid to
        $current_user->getUsername() ) that feels like a bad strategy.
      09ec375f
  3. Jul 23, 2024
  4. Jun 26, 2024
  5. May 30, 2024
    • Dr Adam Thorn's avatar
      shorten label for plugin · 3eb3594c
      Dr Adam Thorn authored
      This gets used as e.g. the text that users see on the login button. For
      that context, the fact the underlying authentication provider is Entra
      is neither useful nor helpful.
      1.0.0
      3eb3594c
  6. May 15, 2024
  7. May 14, 2024
  8. May 10, 2024
  9. May 09, 2024
Loading