Feature #21421
closed
Security Notifications when security related things are changed
0%
Description
As a user I want to receive an email whenever something security related (e.g. my password, my account email address) is changed.
As an admin, I would like to receive also emails about global changes (e.g. "login required" disactivated) or the addition/removal of other admins.
The attached patch series against current trunk implements this. Would be great if that could be included in one of the next releases. Thanks!
Files
Related issues
Updated by Jan from Planio www.plan.io almost 9 years ago
- Description updated (diff)
Updated by Jean-Philippe Lang almost 9 years ago
- Target version changed from Candidate for next major release to 3.3.0
Nice addition but maybe a bit late for 3.2.0. I'm assigning it to 3.3.0
Updated by Jan from Planio www.plan.io almost 9 years ago
- File 0000-Add-optional-user-parameter-to-I18n-format_time-to-o.patch 0000-Add-optional-user-parameter-to-I18n-format_time-to-o.patch added
- File 0002-Add-Mailer-security_notification.patch 0002-Add-Mailer-security_notification.patch added
- File 0007-Send-a-security-notification-when-users-gain-or-loos.patch added
Jean-Philippe Lang wrote:
Nice addition but maybe a bit late for 3.2.0. I'm assigning it to 3.3.0
Thanks for your feedback. 3.3.0 would be great!
After review, I'm also updating the patch series:
- replace bogus gmail address with more appropriate example.foo address
- rebase on current master (fixed a test)
- use correct time zone for mails
Updated by Jan from Planio www.plan.io almost 9 years ago
- File deleted (
0002-Add-Mailer-security_notification.patch)
Updated by Jan from Planio www.plan.io almost 9 years ago
- File deleted (
0007-Send-a-security-notification-when-users-gain-or-loos.patch)
Updated by Jan from Planio www.plan.io almost 9 years ago
- File deleted (
0004-Send-a-security-notification-when-a-user-s-email-add.patch)
Updated by Jan from Planio www.plan.io almost 9 years ago
- File 0004-Send-a-security-notification-when-a-user-s-email-add.patch 0004-Send-a-security-notification-when-a-user-s-email-add.patch added
Fix Patch 4 so that the user whose email address is changed gets the mail (not the current user). They might differ in case an admin changes email addresses for a different user.
Updated by Jan from Planio www.plan.io almost 9 years ago
- File deleted (
0007-Send-a-security-notification-when-users-gain-or-loos.patch)
Updated by Jan from Planio www.plan.io almost 9 years ago
- File deleted (
0006-Send-a-security-notification-when-certain-settings-a.patch)
Updated by Jan from Planio www.plan.io almost 9 years ago
- File 0007-Send-a-security-notification-when-users-gain-or-loos.patch added
- File 0006-Send-a-security-notification-when-certain-settings-a.patch 0006-Send-a-security-notification-when-certain-settings-a.patch added
Fix patches 6 and 7 so that security notifications only get sent to active admins only.
Updated by Jan from Planio www.plan.io almost 9 years ago
- File deleted (
0003-Send-a-security-notification-when-a-user-s-password-.patch)
Updated by Jan from Planio www.plan.io almost 9 years ago
- File 0003-Send-a-security-notification-when-a-user-s-password-.patch 0003-Send-a-security-notification-when-a-user-s-password-.patch added
Fix patch 3 to also send a security notification when the user's password is changed after a lost password.
Updated by Jan from Planio www.plan.io almost 9 years ago
- File deleted (
0007-Send-a-security-notification-when-users-gain-or-loos.patch)
Updated by Jan from Planio www.plan.io almost 9 years ago
- File 0007-Send-a-security-notification-when-users-gain-or-loos.patch 0007-Send-a-security-notification-when-users-gain-or-loos.patch added
Fix patch 7 to only send security notifications when admins are active.
Updated by Jan from Planio www.plan.io almost 9 years ago
- File 0008-Allow-overriding-of-originator-and-remote_ip-causing-a-s.patch 0008-Allow-overriding-of-originator-and-remote_ip-causing-a-s.patch added
Adding patch 8 which allows overriding of originator and remote_ip causing a security notification and use these overrides in lost password procedure (where no real session is initiated).
Updated by Jean-Philippe Lang over 8 years ago
- Status changed from New to Closed
- Assignee set to Jean-Philippe Lang
- Resolution set to Fixed
Feature added with a few changes, eg. we're sending one email about changed settings to all admins instead of one email to each amdin for each setting.
Thanks.
Updated by Toshi MARUYAMA over 8 years ago
- Related to Defect #23369: encoding error in locales de.yml added
Updated by Joel Bearden over 8 years ago
This is a nice feature. How do I turn these notifications off? Or limit the recipient list?
Updated by Toshi MARUYAMA about 8 years ago
Joel Bearden wrote:
This is a nice feature. How do I turn these notifications off? Or limit the recipient list?
Please create new feature issue.
Updated by Go MAEDA about 5 years ago
- Related to Defect #32193: Add turn on/off button to control sending security notifications added