v28.0.0
28.0.0 (2023-08-10)
⚠ BREAKING CHANGES
-
authz table was updated
ALTER TABLE authz ADD COLUMN created_at timestamp default statement_timestamp() not null;
ALTER TABLE authz ADD column created_by varchar default user not null;
UPDATE configurations set value='3.2.16' WHERE property='DATABASE VERSION'; -
core: column 'global' was added to the attribute_critical_actions table
Database changelog:
ALTER TABLE attribute_critical_actions ADD COLUMN global boolean default false not null;
UPDATE configurations SET value='3.2.17' WHERE property='DATABASE VERSION'; -
core: Added created_at and created_by columns to authz table.
-
core: New property 'appAllowedRoles' added to the CoreConfig. In perun.properties define 'perun.appAllowedRoles.apps' as a list of names of apps where role limitation is necessary.
For each app name, define regex which maps to the Referer header of the request coming from the given app and a list of allowed roles. For example:
perun.appAllowedRoles.apps=registrar
perun.appAllowedRoles.registrar.reg=^./registrar/.$
perun.appAllowedRoles.registrar.roles=SELF,MFA -
core: Make sure following registration modules are not used on your instance - Ceitec, EduGain, Elixircz, Sitola and WeNMR.
-
fixup! feat(core): extend authz table with audit attributes (a85de71)
-
core: removed unused registration modules (32bbba5)
New features and notable changes
- 🎸 BBMRIResources reg. module (8cee9f6)
- 🎸 new RPC method membersManager/sendUsernameReminder (60eccd0)
- core: allow to set attribute action as globally critical (da3d1eb)
- core: attribute modul for mfaEnforceSettings (6de84b7)
- core: extend authz table with audit attributes (1608da5)
- core: filter getMembersPage (9d52d58)
- core: last successful propagation (56d6722)
- core: remove not allowed roles (c3654b6)
- core: skip MFA for internal components (259e284)
- enable facility search for SP reg role (9274d3c)