summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2015-09-03Bug 1201536 - 2FA secrets for all users are removed when someone disables 2FAByron Jones2-10/+0
2015-09-03Bug 1201426 - 2fa message says "your current password is required to ↵Byron Jones1-1/+1
enable.." when disabling
2015-09-03Bug 1201422 - extend totp verification time to 90 secondsByron Jones1-1/+1
2015-09-03Bug 1201116 - the duo mobile client doesn't appear to work with our totp ↵Byron Jones1-1/+3
implementation
2015-09-03Bug 1200961 - switching to the modal view doesn't force the mozilla skinByron Jones2-2/+22
2015-09-03Bug 1196508: Intern Request Metric DashboardDavid Lawrence7-5/+188
2015-09-02Bug 1196618 - fix test failuresByron Jones3-0/+3
2015-09-02Bug 1200974 - "API-Key" in 2fa text should be "API key" to match the rest of ↵Byron Jones3-4/+4
bugzilla
2015-09-02Bug 1196618 - add support for group ownersDavid Lawrence11-15/+119
2015-09-02Bug 1200957 - when a non-admin edits a user the 2fa setting is incorrectly ↵Byron Jones1-1/+1
reported
2015-09-02Bug 1199136 - lower memory consumption to better operate in bugzilladm'sByron Jones2-4/+37
low memory environment
2015-09-02Bug 1200618 - Layout of the TOTP 2FA leads to missing the token time window ↵Byron Jones3-17/+38
and thus frustration
2015-09-01Bug 1196618: add support for group owners (schema only)David Lawrence2-0/+14
2015-09-01Bug 1200610: jsonrpc API requests do not work when "Require API-Key ↵David Lawrence9-14/+42
authentication for API requests" is enabled due to missing API tokens
2015-09-01Bug 1200600 - message about 2fa's interaction with api authentication should ↵Byron Jones1-6/+16
be visible when 2fa is enabled
2015-09-01Bug 1197073 - add support for 2fa using totp (eg. google authenticator)Byron Jones1-1/+1
2015-09-01Bug 1199941 - inactive sessions should expire faster (a week?)Byron Jones1-1/+1
2015-09-01Bug 1197073 - fix mfa disabling when updating account tabByron Jones1-1/+0
2015-09-01Bug 1200515 - unable to create accounts with githubByron Jones1-12/+23
2015-09-01Bug 1197073 - add support for 2fa using totp (eg. google authenticator)Byron Jones32-30/+821
2015-09-01Bug 1199136 - add update-bug-groups.pl for automated group changesByron Jones1-0/+96
2015-08-31Bug 1197073 - add support for 2fa using totp (schema-only)Byron Jones2-0/+16
2015-08-31this script lives elsewhere nowByron Jones1-542/+0
2015-08-28Bug 1199329 - Auth Delegation should ignore the query string parameters of a ↵Dylan William Hardison1-1/+1
callback URI when determining uniqueness
2015-08-27Bug 1198598: change the bug count restrictions in describekeywords from ↵David Lawrence1-1/+1
'security-group' to 'core-security'
2015-08-25Bug 1196134 - add ability for admins to force a user to change their ↵Byron Jones12-45/+401
password on next login
2015-08-25Bug 1197699 - always store the ip address in the logincookies tableByron Jones2-12/+8
2015-08-25Bug 1180733 - "An invalid state parameter was passed to the GitHub OAuth2 ↵Dylan William Hardison2-3/+5
callback" error when logging in with github
2015-08-24Bug 1195836 - Remove install-module.pl from bmoDylan William Hardison4-178/+5
2015-08-24Bug 1192687 - add the ability for users to view and revoke existing sessionsDylan William Hardison5-1/+173
2015-08-24Bug 1196134 - add ability for admins to force a user to change their ↵Byron Jones2-0/+7
password on next login (schema only)
2015-08-24Bug 1197696 - group_members report doesn't display nested inherited groupsByron Jones5-49/+72
2015-08-24Bug 1197699 - always store the ip address in the logincookies table (schema ↵Byron Jones2-0/+12
only)
2015-08-24Bug 1196092 - Switch logincookies primary key to auto_incremented id, make ↵Dylan William Hardison2-3/+10
cookie a secondary UNIQUE key
2015-08-24Bug 1196614 - restrict the ability for users with editusers/creategroups to ↵Byron Jones3-1/+56
alter admins and the admin group
2015-08-21Bug 1197084 - No mail sent when bugs added to or removed from ↵Byron Jones1-1/+13
*-core-security groups
2015-08-21Bug 1195645 - don't create a new session for every authenticated REST/BzAPI callByron Jones2-2/+12
2015-08-20Bug 1190476 - set Comment field in GPG email to the URL of the bugByron Jones1-17/+29
2015-08-28Bug 1195362: Quicksearch error pages ("foo is not a field" and friends) ↵David Lawrence1-7/+13
should still fill in search into quicksearch box
2015-08-19Bug 1195544 - Information Disclosure Vulnerability Permits Attacker Obtains ↵Byron Jones1-0/+2
The GitHub OAUTH Return Code
2015-08-18Bug 1194584 - fix 'member of secure mail group' is always falseByron Jones1-1/+1
2015-08-18Bug 1194250 - 'take' button should uncheck "reset assignee to default"Byron Jones1-0/+3
2015-08-18Bug 1195620 - stop sending http cookies to sentryByron Jones1-3/+36
2015-08-18Bug 1195598 - The "unknown_action" error message could confuse the userFrédéric Buclin1-2/+3
2015-08-18Bug 1195593 - Able to delete any Bugzilla user's Bugmail FilterByron Jones1-4/+5
2015-08-17Bug 1195315 - Use of uninitialized value in string eq at Bugzilla/Product.pm ↵Byron Jones1-0/+1
line 99
2015-08-17Bug 981487 - change bugs_fulltext from myisam to innodbByron Jones3-13/+7
2015-08-17Bug 979441 - Under mod_perl, some modules aren't preloaded at startupByron Jones2-35/+40
2015-08-17Bug 1193190 - 'view account history' on edituser should include audit_log ↵Byron Jones2-14/+54
entries
2015-08-14Bug 1181596 - Modal UI doesn't honor the "where to put the additional ↵Byron Jones3-32/+64
comment textarea" preference