Correct hint on user->profile->recovery email

"email address used for recovering passwords"

Look at populating firstname/lastname

We currently do not log the timestamp in the access.log (ui/log.go)

Extend la_item with a timestamp and we are good though.
Likely a good idea to both log a human readable (Apache-style) format + epoch time.

When a key is not set for expiry we currently list the date as "1970-01-01 00:00" instead of "never".

Should also check that that is handled properly.

Feature Request:

Requesting password resets; It would be good to have a password reset request button on the login page - the split reply is good for those without PGP Keys uploaded - but where one exists for the email/username submitted the password should be automatically sent out to the requester in encrypted format.
Thus:

add toggle to Settings to allow this Direct Crypted Password Reset
This might expose that an account/user exists on the system
add button to Login page to go to /pwreset/
add /pwreset/
check if a viable PGP key is available
store the new password in the field used for password resets
send out crypted email
IPtrk will guard over this thing so that not too many attempts can be made.

The original TranslateObj function allowed an object to have a Translate function, thus keeping the translation function local to the object, and possibly allowing the translation to happen outside pitchfork.

6cc4175

This support has to be restored. The new GetTFunc should be renamed at minimum to GetTranslationFunc; it will serve as a cached translation func, instead of having to call i18n.Tfunc for every translation.

The TFunc can be attempted to be called when a per-object Translate function is not available.

Ctx->SetLanguage should not cause a panic when the given language does not exist.

We should be using bundles. Allowing multiple languages to be loaded at the same time from different json files and allowing errors to be detected which allows a fallback to another language.

wether -> whether

From: tweard

When browsing the web portal as a SysAdmin user, and going to the "User" page to list all users, the "Forward" button to advance the offset by 10 to see the "next page" of users does nothing.

The system passes the argument of offset=10 to the system, but the page does not advance to the next page of users.

The configuration root (confroot) does not always terminate in a /, terminate it properly with URL_EnsureSlash()

We have some cases where we do GetGroupCanSee || IsSysAdmin but in others we just check for GetGroupCanSee. Move the IsSysAdmin check inside of GetGroupCanSee and remove the || addition.

The current pager has a system hardcode-default of 10. VCP needs flexibility.

Dec 28 14:36:58 trident tridentd[1797]: 2016/12/28 14:36:58 /usr/lib/go-1.6/src/trident.li/pitchfork/lib/user_2fa.go:36 DB.QueryA: SELECT type, descr FROM second_factor_types ORDER BY type []interface {}(nil)
Dec 28 14:36:58 trident tridentd[1797]: 2016/12/28 14:36:58 http: panic serving [::1]:54431: ToString() Unhandled Struct Type 'trident.li/keyval.KeyVal' : keyval.KeyVal
Dec 28 14:36:58 trident tridentd[1797]: goroutine 118 [running]:
Dec 28 14:36:58 trident tridentd[1797]: net/http.(*conn).serve.func1(0x18c76180)
Dec 28 14:36:58 trident tridentd[1797]: /usr/lib/go-1.6/src/net/http/server.go:1389 +0xa2
Dec 28 14:36:58 trident tridentd[1797]: panic(0x853a820, 0x18ea6e60)
Dec 28 14:36:58 trident tridentd[1797]: /usr/lib/go-1.6/src/runtime/panic.go:443 +0x3fd
Dec 28 14:36:58 trident tridentd[1797]: trident.li/pitchfork/lib.ToString(0x85ea600, 0x18ce1130, 0x0, 0x0)
Dec 28 14:36:58 trident tridentd[1797]: /usr/lib/go-1.6/src/trident.li/pitchfork/lib/struct.go:1658 +0x87a
Dec 28 14:36:58 trident tridentd[1797]: trident.li/pitchfork/lib.user_2fa_types(0xb5bab288, 0x190d8b40, 0x18f8cfb0, 0x0, 0x0, 0x0, 0x0)
Dec 28 14:36:58 trident tridentd[1797]: /usr/lib/go-1.6/src/trident.li/pitchfork/lib/user_2fa.go:539 +0x154
Dec 28 14:36:58 trident tridentd[1797]: trident.li/pitchfork/lib.(*PfCtxS).Menu(0x190d8b40, 0x18f8cfb0, 0x1, 0x1, 0x18cb2000, 0x6, 0x6, 0x0, 0x0)
Dec 28 14:36:58 trident tridentd[1797]: /usr/lib/go-1.6/src/trident.li/pitchfork/lib/menu.go:211 +0x154d
Dec 28 14:36:58 trident tridentd[1797]: trident.li/pitchfork/lib.user_2fa_menu(0xb5bab288, 0x190d8b40, 0x18f8cfb0, 0x1, 0x1, 0x0, 0x0)
Dec 28 14:36:58 trident tridentd[1797]: /usr/lib/go-1.6/src/trident.li/pitchfork/lib/user_2fa.go:567 +0x4ec
Dec 28 14:36:58 trident tridentd[1797]: trident.li/pitchfork/lib.(*PfCtxS).Menu(0x190d8b40, 0x18f8cfa8, 0x2, 0x2, 0x18cb4240, 0xc, 0xc, 0x0, 0x0)
Dec 28 14:36:58 trident tridentd[1797]: /usr/lib/go-1.6/src/trident.li/pitchfork/lib/menu.go:211 +0x154d
Dec 28 14:36:58 trident tridentd[1797]: trident.li/pitchfork/lib.user_menu(0xb5bab288, 0x190d8b40, 0x18f8cfa8, 0x2, 0x2, 0x0, 0x0)
Dec 28 14:36:58 trident tridentd[1797]: /usr/lib/go-1.6/src/trident.li/pitchfork/lib/user.go:1172 +0x43f
Dec 28 14:36:58 trident tridentd[1797]: trident.li/pitchfork/lib.(*PfCtxS).Menu(0x190d8b40, 0x18f8cfa0, 0x3, 0x3, 0x18ce6540, 0x4, 0x4, 0x0, 0x0)
Dec 28 14:36:58 trident tridentd[1797]: /usr/lib/go-1.6/src/trident.li/pitchfork/lib/menu.go:211 +0x154d
Dec 28 14:36:58 trident tridentd[1797]: trident.li/pitchfork/lib.(*PfCtxS).Cmd(0x190d8b40, 0x18f8cfa0, 0x3, 0x3, 0x0, 0x0)
Dec 28 14:36:58 trident tridentd[1797]: /usr/lib/go-1.6/src/trident.li/pitchfork/lib/menu.go:235 +0x6b
Dec 28 14:36:58 trident tridentd[1797]: trident.li/pitchfork/ui.(*PfUIS).Cmd(0x18ba2000, 0x18f8cfa0, 0x3, 0x3, 0x0, 0x0)
Dec 28 14:36:58 trident tridentd[1797]: :233 +0x68

We should allow Group admins to reset the login attempt counter of a user.

We should also have a overview of accounts that are locked out, be that because of locked out IPs (IPtrk based) or because of failed attempts.

Add:

## License

[Apache 2.0](LICENSE)

## Documentation

Godoc is the preferred style of documentation. Please see the doc.go files in various directories directly, or the interleaved-in-code Godoc details.

Or, when pitchfork is properly located in a GOPATH, use godoc to view the documentation.
Note that godoc does not follow symlinks when discovering documentation in GOPATH.

Note that one can use ?m=all at the end of the godoc server URL to expose also the unexported types/functions/etc.

eg after starting godoc with ```godoc -http=:6060``` the URL

http://127.0.0.1:6060/pkg/trident.li/pitchfork/lib/?m=all

will show all the unexported documentation too.

Remove text that is already in doc.go.

The pager footer shows the number of files in that group, not in that level of the file tree. Need to teach the SQL to know about the layering so that the query used to get the total is aware of the current path.

Currently the activity field is only updated when

We should update the activity of the user when:

1. member->activity they login (ctx->Login() & ctx->LoginToken())
2. member_trustgroup->activity when a group is selected.
3. a valid message is sent to the mailinglist

There are 2-char usernames one of the production databases.

For

3af02f0

Instead of:

 keyset := make(map[[16]byte][]byte)

in a few places.

We should have:

const IndexedKeySetHashSize 16

// The index is MD5 hashed, thus the index is 16 bytes wide.
type IndexedKeySet map[[IndexedKeySetHashSize]byte][]byte)

func NewIndexedKeySet() IndexedKeySet {
 return make(map[[IndexedKeySetHashSize]byte][]byte)
}

and use that. Possibly even letting IndexedKeySet have an Add() function that calls the md5.Hash so that it adds an item there.

names should follow expected golang standards, for function names at least.

Redirect back to /$tg/ml/ after successful [un]subscribe

share/rendered/ is mentioned in the documentation and used by code.

Add a .README.txt that states

In Pitchfork this directory is empty as it should be supplied by the application.

See pitchfork:doc.go for more details about the share/rendered directory.

Simple way to merge user profiles.

Suggest:

new button for "merge accounts" in user profile. The form has 2 sections. "Merge into another account" and "Accept Merge". Descriptive text explains that you first login to the account that will be lost and perform the "Merge into another account" process. This will set recover_token to "RECOVER:$sha256($nonce)" and presents the nonce to the user.

The user then logs into the "gaining account" and goes to "Accept merge" where they enter the username and nonce of the "losing account".

If the nonce matches, begin the merge process per existing code.

In commit:
f26c088

pfform usage was removed, due to claimed non-functioning single-button forms.

Investigate, fix and return to pfform style.

The situation in:

e173250

Where File_GetModOpts gets a WikiOpts should never ever happen.

Thus do not hack around it, but solve it properly by figuring out which codepath led there instead.

ideas that seem reasonable to me...

when I search for a user, showing me the most critical info early seems good. I think showing in the search (or as a product of clicking on a user in the results perhaps) the user's email address would be super helpful. It'd save me a few extra clicks for each user.

A newly nominated user should begin with a verified e-mail, the current process requires calling "user email confirm_force " which should not be exposed to regular users. By making this part of create we can normalize the process.

After 'Mask arguments that should not be logged' for password/twofactor/keyring also add support for normalizing booleans:

+                               case "bool":
+                                       /* Field not given - then it is off */
+                                       if val == "" {
+                                               val = "off"
+                                       }
+
+                                       /* Normalize the Boolean */
+                                       val = pf.NormalizeBoolean(val)
+                                       break
+

In:

e4787a3

we introduced the use of reflection to fetch a field value; no error checking is being done, no default is being fallen back on.

Instead call:

_, _, value, err := StructDetails(ctx, pf.Config, fieldname, SD_Perms_Ignore, SD_Tags_Ignore)

and voila, we got the field value, including error checking etc.

Also take the moment to document this magic CFG_ behavior.

See tridentli/trident#40

header

"note" is a input-wide note.
"header" will be a form-wide header (thus spanning both label + input).

content

Instead of loading the value from a label, load it from a special content tag instead of the value of a string.

Useful for note + header.

sections

Fix sections by enclosing them in a fieldset and allow that to be modified by CSS when wanted.

Verify functioning of tcli user password resetcount.

Missing: a CLI command to start and restart verification:

Trident Help for: "user email"
User: bapril [sysadmin]

add Add email address
remove Remove email address
confirm Confirm email address
confirm_force force and email verification
list List email addresses
pgp_add Add PGP Key
pgp_get Get PGP Key
pgp_check Check all PGP Keys
member [SUB] Member commands

Should be:

confirm Begin email verification process.
confirm_submit Complete the email verification process
confirm_restart re-initialte the email verification process.

/system/report/

does not show the Password Dictionary Checker report as the report is not returned in the function

lib/user_email.go calls govalidator directly, should use Chk_email instead.

When looking at their profile, the Download pgp keys, should be labeled "Download All PGP keys" and the output should only include one copy of each key.

Also add a link on the psi icon to download that pgp key.

We need a second-stage login. The first stage will remain username/password/2FA. If the member provides a valid 2fa token, login is successful. However if they have second-stage 2FA such as u2F and Duo, We will put the user is a new semi-logged-in state which will present with a valid session, that does not claim to be logged in. Next present the form for one or more second-stage logins. If any one is successful the user becomes logged in otherwise the session is invalidated.

Change the pfmaximagesize tag to pfmaxsize; as it is defined as either a single number indicating the amount of bytes or widthXheight to indicate pixels.

When logging via cli with a 2fa login, the user is only allowed one -r argument (the last arg). For login with 2FA the user will want the last 2 arguments kept out of .bash_history.

Allow -r 2 or -r 4 etc so the tcli engine will loop until it has all of the arguments it wants.

tcli system login <2FA>

tcli -r system login
works.

tcli -r 2 system login

<2FA>

Should work.

StructModA for instance is only called by StructMod as it is the recursive part.

Same for StructVarsA, StructDetailsA, StructTagA, StructMenuA, structGetA and ObjPermCheck.

Drop doignore from structVarsA/StructVars as it is not used.

Describe how logging works in Pitchfork.

It seems that while logrotate rotates the log trident is not kicked properly to cause it to rotate.

Investigate what is going on.

Add hints.

We now have a normal pager and a "VCP" pager. There should be only 1.

https://github.com/tridentli/pitchfork/blob/master/lib/wiki_import.go

21 format := strings.TrimSpace(args[1])
22 fname := strings.TrimSpace(args[2])
23 path := strings.TrimSpace(args[3])

Should likely be:

21 format := strings.TrimSpace(args[0])
22 fname := strings.TrimSpace(args[1])
23 path := strings.TrimSpace(args[2])

DB.Query(SELECT m.ident, m.descr, m.affiliation, mt.trustgroup, grp.descr,
mt.admin, mt.state, ms.can_see, mt.email, me.pgpkey_id, DATE_TRUNC('days', AGE(mt.entered)),
EXTRACT(day FROM now() - m.activity) as activity, m.tel_info,
m.sms_info, m.airport FROM member_trustgroup mt
INNER JOIN trustgroup grp ON (mt.trustgroup = grp.ident)
INNER JOIN member m ON (mt.member = m.ident)
INNER JOIN member_state ms ON (ms.ident = mt.state)
INNER JOIN member_email me ON (me.email = mt.email)
WHERE grp.ident = $1
AND me.email = mt.emailAND NOT ms.hidden
ORDER BY m.descr)[[]interface {}{"system"}]

error: pq: syntax error at or near "NOT"

cause lib/group.go:

	if inclhidden {
		if nominated {
			q += " AND (NOT ms.hidden OR ms.ident = 'nominated') "
		} else {
			q += " AND NOT ms.hidden "
		}
	} else {
		if nominated {
			q += "AND (NOT ms.hidden OR ms.ident = 'nominated') "
		} else {
			q += "AND NOT ms.hidden "
		}

Those appends should be indented with a space.

But that is a weird construct anyway, as the above and below for inclhidden do exactly the same...