Closes: #1818. The new navbar collapse handles items better without a scrollbar.
- Switch dependency to newer bootstrap4 library.
- Bootstrap 4 has 5 grid levels instead of 4. Adjust all classes accordingly to
retain current semantics.
- Update for newer markup for dropdowns.
- Replace use for labels with badges. Labels have been removed. Use
badge-secondary instead of label-default.
- Replace use of btn-xs with btn-sm. Size is roughly the same.
- Accommodate removal of form-horizontal.
- .hidden* and .visible* classes have been removed. Use alternate utilities.
- Replace use of table-condensed with table-sm.
- Update progress bar background styling. .progress-bar-* have been replaced
with bg-*.
- Drop support for IE9 and below. Bootstrap 4 does not support those browsers.
- Use the new simplified markup for navs, navbar and navbar-toggler. Accommodate
removal of .navbar-fixed-top.
- Update the JSXC page too.
- Update all values that are using rem units. The base font size is now 1rem =
16px instead of 1rem = 10px. This the default for bootstrap 4.
- A button inside a dropdown menu is natively supported by bootstrap 4. Remove
custom styling done earlier.
- Drop use of removed class thumbnail.
- Override colors for buttons and warnings to keep the old style.
- Use new markup for close buttons inside alerts.
- Use .collapse.show instead of .collapse.in as per bootstrap 4 styling.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
This change prevents the plinth user to become a superuser without
knowing an admin password.
Users module and action script:
- User credentials are now required for the subcommands: create-user,
set-user-password, add-user-to-group (if the group is admin),
remove-user-from-group (if the group is admin), set-user-status,
remove-user (if the removed user is the last admin user.
Note: the web UI doesn't allow to delete last admin user).
- subcommand remove-users requires authentication if the user is last
admin user. Password must be provided through standard input.
- subcommand remove-group: do not allow to remove group 'admin'
- User credentials must be provided using the argument
--auth-user and a passsword must be provided through standard input.
- If there are no users in the admin group, no admin password is
required and if the --auth-user argument is required, it can be an
empty string.
Users web UI:
- An admin needs to enter current password to create and edit a user
and to change user's password.
- Show more detailed error text on exceptions when submitting forms.
- Show page title on the edit and create user pages.
Users unit and functional tests:
- Added a configuration parameters to the pytest configuration file
to set current admin user/password.
- Added a configuration parameter 'ssh_port' to the functional tests.
You can overwrite this with the FREEDOMBOX_SSH_PORT environment
variable. Modified HACKING.md accordingly.
- Added an unit test:
- test changing the password as a non-admin user.
- test invalid admin password input.
- test that removing the admin group fails.
- Capture stdout and stderr in the unit tests when calling an action
script to be able to see more info on exceptions.
- Added functional tests for setting ssh keys and changing passwords
for admin and non-admin users.
- Added a functional test for setting a user as active/inactive.
Changes during review [sunil]:
- Move uncommon functional step definitions to users module from global. This is
keep the common functional step definitions to minimal level and promote when
needed.
- Minor styling changes, flake8 fixes.
- Don't require pampy module when running non-admin tests. This allows tests to
be run from outside the container on the host machine without python3-pam
installed.
- Call the confirm password field 'Authorization Password'. This avoid confusion
with a very common field 'Confirm Password' which essentially means retype
your password to ensure you didn't get it wrong. Add label explaining why the
field exists.
- Don't hard-code /tmp path in test_actions.py. Use tmp_path_factory fixture
provided by pytest.
- Remove unused _get_password_hash() from actions/users.
- Undo splitting ldapgid output before parsing. It does not seem correct and
could introduce problems when field values contain spaces.
Tests performed:
- No failed unit tests (run with and without sudo).
- All 'users' functional tests pass.
- Creating an admin user during the first boot wizard succeeds.
- Creating a user using the web UI with an empty or wrong admin
password fails and with the correct admin password succeeds.
- Editing a user using the web UI with an empty or wrong admin
password fails and with the correct admin password succeeds.
- Changing user's password using the web UI with an empty or wrong
admin password fails and with the correct admin password succeeds.
- Above mentioned user action script commands can't be run without
correct credentials.
- Adding the daemon user to the freedombox-share group succeeds when
installing certain apps (deluge, mldonkey, syncthing, transmission).
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
[sunil: Move uncommon functional step definitions to users module from global]
[sunil: Minor styling changes, flake8 fixes]
[sunil: Don't require pampy module when running non-admin tests]
[sunil: Call the confirm password field 'Authorization Password']
[sunil: Don't hard-code /tmp path in test_actions.py]
[sunil: Remove unused _get_password_hash() from actions/users]
[sunil: Undo splitting ldapgid output before parsing]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- Implement ability to refresh page at the framework level so that every page
does not need to handle it.
- Refresh after number of seconds specified in context of the view.
Tests performed:
- Trigger the following functions and ensure that page reload after 3 seconds
during the running operation while it does refresh before and after the
operation.
- Diagnostics tests from the module.
- Gitweb repository cloning.
- Monkeysphere publish key to server.
- OpenVPN setup.
- Tor configuration update.
- Manual software update.
- App installation.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
Tests performed:
- Submit a form and notice that button has a spinner soon after click.
- Select a from like Gitweb repository creation form and submit it. After submit
go back to previous form using back button. Notice that button has been restored
to proper state.
- Without filling valid information the form, press submit. Notice that the
button does not change to a spinner.
- Check installing an app, snapshots management, network forms, wireguard forms,
etc.
- Test on Firefox and Chromium.
- Test with LibreJS that the script is accepted as valid free software license.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
See #1841 for discussion on why Turbolinks needs to be removed.
Closes: #1841.
Closes: #1804.
Tests performed:
- There are no more references to 'turbolinks' in source code other than .po(t)
files and the manual.
- When loading a page, turbolinks.js is no longer loaded.
- The following links don't have data-turbolinks attribute and work well when
clicked.a
- Gitweb repository links
- Download manual links (en, es)
- Ikiwiki wiki links
- Sharing app web share links
- TT-RSS mobile app link
- 'Launch web client' button
- 'Launch' button in web section of clients table
- Active and regular front page shortcut
- Roundcube does not have a link to /roundcube in description.
- turblinks not present in /static/jslicense.html . LibreJs accepts all scripts.
Reported-by: Veiko Aasa <veiko17@disroot.org>
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Tested-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
- Eliminate issue with collapsed navbar's drop-down menu text color when the
width is exactly 768px or less than 320px.
- Remove redundant footer's position: relative rule.
Tests performed:
- Change the browser width to 768px, the navbar is not collapsed and drop down
menu text color is black on white background.
- Change the browser width to 767px, the navbar is collapsed and drop down menu
text color is white on blue background.
- Change the browser width to less than 320px, the navbar is collapsed and drop
down menu text color is white on blue background.
- Footer on the main page and remaining pages is unchanged at <320px, =767px and
>= 768px.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
This seems to be a regression from earlier behavior.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Joseph Nuthalapati <njoseph@riseup.net>
- Refactor the help menu into a django template include.
- Show help menu if user is logged in, instead of after completing firstboot.
Closes: #1517
Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
[sunil@medhas.org Rename help-menu.inc to help-menu.inc]
[sunil@medhas.org Use user.is_authenticated instead of another variable]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
The link is hidden but not removed. librejs will still parse it. Ideally we
would want to do this from <link data-jslicense='1' href=''> but that seems to
cause problems for librejs.
Librejs users can still find out about the license of Javscript script file
using Librejs menu.
We already have a link to FreedomBox source code in the home page.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
- Keep unimportant items hidden on small screens.
- Remove dividers that cause confusion.
- Avoid a scrollbar inside the menu when user menu is expanded. Bootstrap
intended to show exactly 8 menu items.
Fixes#1431.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
- This works properly in mobile sizes by underlining only the logo.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Currently, when a message is shown at the top or in users and groups page, The
top margin is too short. Increase it to 25px from 5px. Also:
- Don't use the .thumbnail class for containers as this does not match the
semantics. Create and use class .contain-container.
- Also create class .card-container for all container containing cards. Unused
for now.
- Indentation fixes.
- Remove duplicated rule.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
- There should not be a space in front of the text. This is a styling issue.
- Remove the CSS rule causing issues with spacing.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
This puts pages on white cards.
This lets the footer float underneath content instead of bottom of the page.
This should fix issues with MR !1335
Reviewed-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Using the "no-preview" directive disables caching on application visits but
shows cached pages on restoration visits.
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Turbolinks cannot replace the styles in the head of the HTML document. Moved
them to the body by making the class of the body an overridable Django template
block.
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Load scripts in the head with `defer` instead of at the end of the body
- Disable turbolinks for application shortcuts and manual download
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Needed as the submenu on the left is gone. There is too much space available
for the main content.
Signed-off-by: Manish Tripathy <manisht@thougtworks.com>
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- Use properly base class overrides
- Implement feature to go back to the page user was on before language
selection.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
When an admin user goes to the UpdateUser view of a different user, the template
gets only one username which is of the user being updated. This causes the admin
user's name being overwritten in the header section thus making it appear that
the user is modifying themselves and not the admin. This can cause confusion to
the admin user.
Explicitly getting the name of the user that made the request ensures that we
always get the correct username.
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Hide the listing of apps and configuration options on small screens,
so that the user doesn't have to navigate to the bottom of the page.
- Closes#921
Reviewed-by: Johannes Keyser <johanneskeyser@posteo.de>
- Pined footer to the bottom of the viewport
- Introduced a new stylesheet to hold custom responsive css
- Footer bottom fix exluded for smaller viewports
- Remove apps and system modules and merge their views into main views.
- Move main_menu from cfg into menu.py.
- Remove dependencies of other modules on apps and system modules.
- Update tests.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
- Internationalize all the strings.
- Fix indentation.
- Use bootstrap row/columns better for footer links.
- Minimize CSS.
- Restore some of the FreedomBox statements until futher discussion.
- Move the apps and configuration items outside of navbar header and
into left navbar group so that it collapses properly for mobile
view.
- Change link titles to reflect label text.
- Indent properly, remove blank lines.
- Remove need to tweak font size of items.
