* Add web authorization permission based on groups
* Access and parts of website are limited by permissions
* Add group management in /manage page
* Higher level permissions grant lower level permissions similar to Sponge
* Add command /plan setgroup, which uses plan.setgroup.other permission
* Add command /plan groups, which uses plan.setgroup.other permission
* Add more navigation based on permissions
* API modifications
* User#hasPermission now returns true if user has parent permission in the tree
* ResolverService#registerPermissions and ResolverService#registerPermission methods for adding new permissions
* Update locale with new lines
* Various unrelated fixes to CSS and code
Affects issues:
- Close#1623
- Store access log in database, clean logs after 30 days by default
- Add Webserver.Security.Access_log.Print_to_console setting
- Add Webserver.Security.Access_log.Remove_logs_after_days setting
Affects issues:
- Close#2328
Fixed security vulnerability with cookies not being invalidated properly
Request headers were not properly set for the Request object,
leading to the Cookie header missing when logging out, which then left
the cookie in memory. Rogue actor who gained access to the cookie could then
use the cookie to access the panel.
Made cookie expiry configurable with 'Webserver.Security.Cookie_expires_after'
Due to cookie persistence there is no way to log everyone out of the panel.
This will be addressed in a future commit with addition of a command.
Affects issues:
- Close#1740
Reason: Parse means extracting information - In many cases the word was being
used wrong (In Finnish 'parsia' means 'to patch together', which caused
the wrong use)
The word 'parse' replaced with 'build', 'create' or 'generate' where appropriate
Aurora Lahtela
Rsl1122
Rsl1122