CHANGELOG¶
Unreleased¶
v1.2.3 (2025-01-13)¶
- Fix privilege bit validation check
v1.2.2 (2024-12-03)¶
- Avoid exception when creating resource without authentication
v1.2.1 (2024-08-09)¶
- Wrap backend adac errors into proper backend error class
- Update pre-commit dev dependency
v1.2.0 (2024-07-10)¶
- Set additional permissions when creating resources
- Grant permissions to creating user when creating a resource
- Add support to create users as resource
v1.1.0 (2024-06-18)¶
- Support on-premise synchronization sync user aliases feature flag
- Change on-premise sync configuration anchor default from mail to uid
v1.0.4 (2024-06-05)¶
- Bump e4a-python-e4a to 1.5.3
v1.0.3 (2024-02-16)¶
- Add definitions for newly added privilege bits
- Bump e4a-python-e4a to 1.5.2
v1.0.2 (2024-02-14)¶
- Fix domain verify for existing domains when triggered as system admin
v1.0.1 (2023-11-24)¶
- Add JSON schema validation for onPremisesSynchronization endpoints
v1.0.0 (2023-11-17)¶
- Improve logging format and gRPC messages
- Add onPremiseSynchronization endpoint
- Bump e4a-python-e4a to 1.5.1
v0.18.1 (2023-09-18)¶
- Bump e4a-python-e4a to 1.4.0
v0.18.0 (2023-09-15)¶
- Update CI to Ubuntu 22.04
v0.17.1 (2023-03-06)¶
- Fix error 500 for ssku endpoint when global admin
v0.17.0 (2023-02-28)¶
- Improve compatibility with Microsoft Graph for organizations and ssku
- Bind the rw flag for static limits to license "cloud" claim
- Add API endpoints to add change or delete a static org subscription
v0.16.1 (2023-02-07)¶
- Fix user auth check when in organization from id loader
v0.16.0 (2022-12-22)¶
- Fix exception on password complexity check when without user
- Enable password complexity checks when setting user password from redeemer
- Require displayName property when creating groups
- Add support for user mailbox settings
v0.15.2 (2022-12-06)¶
- Allow ssku list to extend when there are both subscriptions and licenses
v0.15.1 (2022-11-30)¶
- Enable security enabled flag for all mlist based groups
v0.15.0 (2022-10-18)¶
- Fix a bunch of linter errors
- Bump requests to 2.28.1
- Bump orjson to 3.7.12
- Fix unit test specific runtime warning
- Add support for domain aliases through aliases endpoint
- Add support for equality filter and its restrictions
- Add support to query all users of a specific organization
- Bump e4a-python-e4a to 1.2.0
- Fix invalid field comparison for equality filter comparison
- Relax namepolicy blacklist
v0.14.1 (2022-08-29)¶
- Fix refactoring duple nameing which broke name and password policy checks
v0.14.0 (2022-08-29)¶
- Update typing_extensions to latest to gain Python 3.11 support
- Enable mypy strict mode to prepare for further improvments
- Pin all dev dependencies to secure build pipeline
- Fix more linter warnings
- Improve linting in CI
- Fix codeclimate linting
- Update linter rules, fix a ton of warnings and bump minimal Python version to 3.8
- Update linters and improve their config
v0.13.0 (2022-08-23)¶
- Derive domain quota limit from organization max users
- Add lru_cache with timeout helper
- Add support for allow outgoing for groups
- Implement support for search on collection resources
- Bump e4a-python-e4a to 1.1.0 for search support
- Update black linter for compatibility reasons
- Allow to set group displayName
- Increase default organization derived max domains limit
- Use organization wide privilege for distribution list groups
- Enable domain and group/alias limits
- Update minimal e4a-python-e4a version to 0.12
- Change default group privilege from internal to domain
- Implement distribution list support as groups via mlist
- Update minimal e4a-python-e4a version to 0.11
- Update 3rd party Python runtime dependencies and pin them
- Fix time and trigger when to tread subscription expiration as warning
v0.12.0 (2022-07-14)¶
- Derive subscribed SKU entry from limits provider
- Add command line parameter to control backend and limits implementation
- Reserve some more "local" names via policy
- Fix SPF domain service record syntax
- Treat insufficient size MAPI error as in sufficient storage error
- Validate limits on patch
- Implement user creation limits per organization
- Update minimal e4a-python-e4a version to 0.10
v0.11.0 (2022-07-11)¶
- Prevent creation of domaini for non system admins if a user exists with the same name
- Implement reserved names policy for sub domain creation
- Enable name policy when creating users and not system admin
- Implement name policy and enable for non system admins when creating domains
- Disable password policy checks for local request with no roles
- Add error handling and logging around password policy and frequency list loading
- Sort imports properly
- Add top 10000 de, fr and nl word lists to the password complexity check
- Include sequence information in password policy error response
- Switch zxcvbn to fork zxcvbn-covert
- Implement password policy complexity check
- Add support to configure domain service autodiscover SRV record
- Cleanup Redis dvs:pending record on manual admin verify
- Add support for local bitwise contains checks
- Fix profile photo setter endpoint
v0.10.0 (2022-06-01)¶
- Implement domain isAdminManaged field
- Set verified bit of dub domains when the root domain is already verified
- Skip domain validation if a verified root domain exists in the same scope
- Load pending domain status also when organization does not match but domain exists
- Ensure organization when creating or updating domains
- Log full traceback on selected errors to gain context info
- Fix domain organization removal
- Add exists helper to organizations backend
- Use paretheses and colon to select a pending domain as system admin
- Implement filter query string parser
- Add more options when triggering domain verification is allowed
- Support access to domains endpoint for internal no auth requests
- Reorganize unit tests
- Fix a bunch of linter errors and add linting to CI
- Improve organization domain validation as system admin
- Update resource JSON schema validation for all resources
- Add support for serviceConfigurationRecords domains endpoint
- Improve domain validation endpoints and functionality
- Add backend fieldset flags
- Implement proper isRoot return value for domains
- Use sorted set Redis data type for domain validation records
- Benefit from iterator when loading pending domain
- Prepare API to use more iterables
- Add additional scope checks to useraliases endpoint
- Add support for domain validation
- Add option to run scoped hook also when system administrator
- Support $filter with path selector for sub key comparison
- Ensure all field definitions are hashable so they can be used in sets
- Add support for fieldset overlay
- Add support to pin fieldset fields into context
- Fix linter warnings
- Add scope to log messages of redeem redis
- Add support for fields which store data in context
- Add iterator count helper function
- Bump required minimal Pip version to 21.3
- Add missing sanity check for non-existing routes with auth
- Validate no auth cases properly
- Add organization field to Domain resource with POST and PATCH support
- Add organization field to Domain e4a extension (get only)
- Restrict e4a extension properties to accept only known ones for POST and PATCH
- Ensure that organization from auth helpers always return list to simplify checks
- Improve fieldset repr debug representation
- Add select support for extension sub fields
- Refactor ADAC manager integration
- Remove unused imports
v0.9.0 (2022-05-17)¶
- Add scope validation to aliases endpoint
- Add role checks to aliases endpoint
- Initialize all resources also for e4a specific sub resources
- Remove duplicated route registration for storage endpoint
- Add schema validation to useralias post and patch
- Move user alias list to filter based approach
- Bring back support for Python 3.7 and newer
- Add scope validation to profilephoto endpoint
- Add scope validation to users endpoint
- Add scope validation to domains endpoint
- Add resource scope check resource before hook
- Add role checks to users endpoint
- Add role checks to domains endpoints
- Add validate function to user and domain priv definition
- Allow global admin role to access users and aliases endpoints
- Validate domain name when creating domains
- Use descriptor protocol to support class and static properties in payload hook
- Improve backend to base resource function delegation
- Support jsonschema validation in payload hook
- Expose privileges via backend references
- Define domain and user privilege bits as a named tuple
- Update domain and user JSON request schema
- Add extra jsonschema format support for date-time and more
- Add implicit domains endpoint scoping
- Add implicit users endpoint scoping including helpers for org based scope
- Add request payload filter decorator
- Add helper function to check if domain exists
- Add contextvar for auth via middleware
- Add helper function to fetch organization from a given domain
- Change auth in context to be a context object itself to simplify access
- Cleanup obsolete import
- Make backend error types available to resources
- Add field getter helper function to parsed filter
- Add backend error wrapping helper
- Allow to set waitress threads via environment
- Add repr function for fieldset
- Fix compatibility with Python 3.7
- Auto generate restriction functions from filter
- Use / instead of . as divider in filter sub field keys
- Implement filter support for domains endpoint
- Improve user resource filter support
- Add fieldset field helper function
- Add isVerfied field to domain resource
- Update minimal e4a-python-e4a version to ensure restrictions functionality
- Implement 'contains' filter function
- Remove unused commandline parameters
- Update 3rd-party runtime dependencies to their latest versions
- Add PyPy compatibility
- Implement subscribedSkus endpoint for license display
- Add role based access control for all routes
- Update permission bit value support for role selection
v0.8.0 (2022-03-07)¶
- Bump e4a-python-e4a requirement to 0.8.0
- Add configuration for user default timezone and language
v0.7.0 (2022-02-28)¶
- Strip alpha channel from uploaded profile photo
- Disable fallback to role based access control based on permissions
- Enhance access control with permissions
- Add support for role based access control
- Avoid caching of own profile picture and cache other profile pictures private
- Add scope to redeem claim set
- Use less verbose error logging for known errors
- Use correct update URL for profile photos
- Set caching headers for profile photo responses
- Improve profile photo error responses
- Add profile photo size support
- Implement user profile photo endpoint
- Consolidate backend specific implementation into backend folder
v0.6.0 (2021-12-20)¶
- Implement redeem middleware for record cleanup
- Implement invitations endpoint
- Implement authorized claims passthru based API authorization
- Make implementation compatible with Python 3.9
- Sort imports using isort
- Actually validate the current password in user changePassword
- Implement user password change endpoint
- Fix linter warning
- Require scope
E4A.Manage
v0.5.0 (2021-11-12)¶
- Implement auth token validation for all API endpoints
- Require newer e4a Python module
- Implement user alias endpoints
- Add Caddyfile to .gitignore
- Fix linter errors
v0.4.1 (2021-10-07)¶
- Use distro codename instead of version in package file name
v0.4.0 (2021-10-07)¶
- Add support to build a binary runtime package with pex
- Create vendor folder on CI build
- Bump e4a-python-e4a version requirement
- Implement e4a storage resource endpoints
v0.3.3 (2021-10-01)¶
- Allow to remove all organization domains
v0.3.2 (2021-10-01)¶
- Bring back lost setter to change domains of organizations
v0.3.1 (2021-10-01)¶
- Bring back organization route
v0.3.0 (2021-10-01)¶
- Improve pytest startup and parameters
- Refactor resource file names and app structure
- Remove computed userPrincipalName, instead use username directly
- Add minimal support for organization and organizations endpoints
- Use json_iter also for media JSON response encoding
- Properly support nested iterators in json_iter marshaller
- Remove server side pagination debug log spam
- Improve server side pagination memory usage
- Improve server side pagination debug logging
- Fixup rest of integration tests
- Improve some typing while retaining Python 3.7 compatibility
- Fix unit tests for pagination changes
- Implement worker cache expiration
- Remove Cython again, it has no effect but keep it in history for education
- Play around with Cython
- Use streamed JSON response for collection resources
- Implement server side pagination support and general interface for it
- Include JSON schema files in wheel build result
v0.2.1 (2021-09-21)¶
- Install twine in CI so publish actually works
v0.2.0 (2021-09-21)¶
- Add dateutil to runtime requirements
- Fix integration tests for user and domain resources so they actually work
- Fix pagination without top parameter
- Improve integration test consistency
- Use explicit dependency versions in CI
- Refactor backend response code error exception raising
- Ensure to set root logger log level at mfr startup
- Install dependencies before running CI tests
- Add minimal set of unit tests and run them in CI
- Refactor pytest into tests and integration tests
- Improve request error logging
- Improve startup and exit behavior
- Improve logging
- Add mutation and delete adapter code
- Add build target and use it in CI to publish artifact wheel
- Refactor mfr invokation and module location
- Add PIP cache dir to CI cache
- Format Python files with Isort treewide
- Format Python files with Black treewide
- Generate code quality report
- Update project liniting and auto formatting
- Improve profile support, avoid nested fork when only one subworker
- Move middleware stuff to fine grained decorators
- Refactor app boostrap for testability
- Improve error handling and bad request error result
- Add sub worker support for better efficiency
- Refactor resource to backend relation
- Refactor data model creation, mutation and error triggers
- Refactor data model and fields
- Refactor $filter, $count and pagination
- Refactor domain resource data processing
- Remove spurious value envelope from user get and create results
- Change usedUsers in domains e4a extension to usedUser for consistency
- Update linting rules and pin to config file
- Implement JSON pretty printing
- Update user schema to properly include streedAddress
- Fix more user fields for reading and writing
- Fix fals comparison for numeric field values
- Get rid of wrongly mapped mailNickname field
- Add more validations to user schema
- Return 400 when user patch fails
- Add integration test for user and domain resources
- Fix $count, user JSON Schema and fields
- Fix user creation json data
- Change 'code' to 'error' in the error message response
- Add JSON schema validation
- Fix field category of the healthcheck resource
- Use consistent run path and naming defaults
- Implement error serializer
- Return 409 instead of 400 when domain already exists
- Fix default key to get field_name value when doens't exist
- Return error messages based on MS Graph format
- Fix resources default fields and make 'key' optional in resource field
- Support $filter query param
- Return None when it can't create a new user
v0.1.0 (2021-08-23)¶
- Add version helper
- Add default user privileges on user creation
- Add input request convertor for user
- Fix serializer to support nested fields
- Add userPrincipalName user field
- Convert extension keys into lower camel case
- Support $select query param
- Add email as the user ID and fix email field to show domain
- Add 'primary key' and rename 'rev_fields' to 'rpc_fields'
- Make return statements compatible with Python3.7
- Read 'name' instead of 'id' to create domain
- Add fields data structure for resources
- Avoid showing OData nextLink for the last page
- Support $count query param
- Update request/response fields based on MS Graph fields
- Update README.md
- Add OData nextLink for pagination
- Add development setup instructions
- Fix a package name in requirements.txt file
- Move 'backend/e4a/' files into 'backend/'
- Add gitlab-ci
- Add user and domain resources
v0.0.1 (2021-08-23)¶
- Init the project