When this option is enabled, it would make the interface easy to work with. This
is likely what most users would want. Don't break things for users who have
already installed roundcube and ensure that local only is disable for them.
Tests:
- Install roundcube without the patch. Disable the app. Apply patch. Restart
service. Notice that roundcube is not re-enabled.
- Install roundcube without the patch. Apply patch. Restart service. Notice that
roundcube configuration /etc/roundcube/config.inc.php file has been updated and
include_once() at the end has been added. The file
/etc/roundcube/freedombox-config.php has been added. Local only option is
disabled.
- Install roundcube freshly with the patch. Local only option is enabled. Open
interface. Notice that server option is not presented.
- Disable local only option and notice that server field is shown in the
interface.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
[jvalleroy: Fix comment]
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: #2081.
Tests:
- In the create user form, edit user form and change password form, the message
is shown as expected.
- The create user form, edit user form and change password form work as expected.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: #2178.
- Don't bother with the redirection to the next page using the ?next= URL
parameter. Always redirect to the home (index) page.
- Show a message that logout was successful.
- Ensure that SSO cookie is removed.
Tests:
- Logout and notice that redirection has been performed to the home page.
- "Logged out successfully." message is shown.
- When logged as a user with a language set, logging out preserves the language
of the user who was just logged out.
- Login. Click logout while having browser developer tool open. Notice that
Logout request has SSO cookie. The response does not have the cookie set. The
next request is to the home page and it does not have SSO cookie in the request.
- Login to tt-rss app that needs SSO to work. Logout from FreedomBox interface
using another page. Refresh the tt-rss page and notice that user was logged out
and redirect to FreedomBox login page.
- Logout. Again, manually visit the URL
https://10.42.0.203/plinth/accounts/logout/. The page is still required to home
page and success is still shown even though the user is already logged out.
- Repeat the logout test as non-admin user.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Fixes: #2069.
Without a listening port, coturn will try to enumerate the non-local IP
addresses and try to listen on them. If coturn is started before network is
fully setup, it finds no usable IP addresses and fails. Furthermore, if IPs are
added to the system, it does not automatically listen on them.
A better approach as advised by systemd NetworkTarget documentation is to listen
on a wildcard address. This does not require network to be online and works well
for IP addresses being added/removed from the system. coturn is itself unable to
make changes to its default listening behavior for backward compatibility.
Tests:
- Freshly install coturn. Observe that listening-ip is properly set in the
configuration file. coturn is listening on 3478, 3479, 5349, 5350. coturn is
listening on ::1 and * addresses instead of individual IP addresses.
- Install coturn without the patch. Apply the patch and restart FreedomBox.
coturn setup will run. listening-ips get added to the configuration file. The
static-auth-secret is not changed from earlier. coturn will be restarted. coturn
is listening on 3478, 3479, 5349, 5350. coturn is listening on ::1 and *
addresses instead of individual IP addresses.
- Install coturn without the patch. Disable coturn. Apply the patch and restart
FreedomBox. coturn setup will run. coturn will not be enabled. coturn will be
running after setup.
- Functional tests pass.
- All ports able to connect using netcat (nc command) with IPv4 (-4 option) and
IPv6 (-6 option).
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Add HTML classes to help with functional testing.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Cockpit uses WebSockets which won't work without HTTPS. For .onion domains, we
are not explicitly redirecting to HTTPS since TLS is not necessary. Ensure that
Cockpit continues to work with .onion domains by explicitly redirecting to
HTTPS.
Tests:
- Without the patch, on a normal/Onion domain run curl -kv
http://{DOMAIN}/_cockpit/. Redirection does not happen.
- With the patch, on a normal/Onion domain run curl -kv
http://{DOMAIN}/_cockpit/. Redirection happen to https:// occurs.
- Redirection is a with HTTP status code 302, the temporary redirection code.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: #2157.
Original author of the app J. Carlos Romero <juancarlos.romero@gmail.com> has
been contacted to see if there is interest in continuing to maintain the app.
There has been no response.
Since the app is not available even in the current stable (Bullseye), few users
are presumably using it on a supported FreedomBox distribution. Any users are
advised to maintain the manually instead of relying on FreedomBox for it.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Fixes: #2171.
Since systemd version 250, journalctl does not print the header line '-- Journal
begins... --'. To accommodate those changes, read the status log lines
accurately and check that they are not empty.
Tests:
- Run help functional tests on stable, testing and unstable.
- Modify code to not print status logs and notice that the functional test
fails.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Looking for .btn-primary could yield two results when a notification is active
with an action button of type primary. This results in form not getting
submitted properly and test failing with wait timeout. Fix this by making the
lookup for submit button more specific.
Tests:
- Run matrix-synapse functional tests on a fresh container.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
matrix-synapse 1.47.0-2 requires python3-frozendict 1.2-3 or higher. This is
only available in bullseye-backports, testing and unstable but not bullseye.
Allow python3-frozendict to be installed from buster-backports. Further there is
no longer any need to allow packages from buster-backports (on the master
branch). So, drop all those.
Tests:
- On stable/testing, without matrix-synapse and its dependencies installed, run
matrix-synapse functional tests.
- On stable, with older version of matrix-synapse and python3-frozendict, run
unattened-upgrade and notice that matrix-synapse upgrades to latest version.
- Without this patch, run service. Notice the contents of
/etc/apt/preferences.d/51freedombox.pref. When this patch is applied and service
is restarted, upgrades app is setup again and the files contents will change as
expected.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Fixes: #2170.
Starting with Django 2.2.25, re_path behavior has changed. When the regular
expression ends with a '$', a full match is performed with the regular
expression. This breaks the behavior of how we are currently matching the locked
URLs for CAPTCHA based login forms.
Tests:
- All tests are done on Debian stable with Django 2.2.25 and on Debian unstable
with Django 3.2.10.
- Go to home page, click on login link. Enter wrong password three times.
CAPTCHA page is show with URL ending with /locked. Type the correct password and
login will be successful.
- Install tt-rss. Logout. Go to /tt-rss/, redirection will happen to login page.
Enter wrong password three times. CAPTCHA page is show with URL ending with
/locked. Type the correct password and login will be successful.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Install tt-rss. Logout. Visit the /tt-rss link. We will be redirected to the
login page. Login with wrong password 3 times. CAPTCHA is shown. Login with
correct password. Login will be successful.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
