1.0.0 release

openwisp · Apr 18, 2022 · 270677c · 270677c
1 parent e70e359
commit 270677c
Show file tree

Hide file tree

Showing 3 changed files with 138 additions and 23 deletions.
diff --git a/CHANGES.rst b/CHANGES.rst
@@ -1,26 +1,154 @@
-Changelog
-=========
+Change log
+==========
 
-Version 0.3.0 [unreleased]
+Version 1.0.0 [2022-04-18]
 --------------------------
 
 Features
 ~~~~~~~~
 
-- Allowed login via API with email or phone number
+- Allowed to login via API with email or phone number
 - Allowed freeradius authorize with email or phone number
 - Allowed the usage of subnets in `OPENWISP_RADIUS_FREERADIUS_ALLOWED_HOSTS
  <https://openwisp-radius.readthedocs.io/en/latest/user/settings.html#openwisp-radius-freeradius-allowed-hosts>`_
+- Made the fields containing personal data of users which are exposed in the registration API
+ configurable (allowed, mandatory, disabled) via the
+ `OPENWISP_RADIUS_OPTIONAL_REGISTRATION_FIELDS setting or the admin interface
+ <https://openwisp-radius.readthedocs.io/en/latest/user/settings.html#openwisp-radius-optional-registration-fields>`_
+- Allow to disable registration API via the
+ `OPENWISP_RADIUS_REGISTRATION_API_ENABLED setting
+ or the admin interface
+ <https://openwisp-radius.readthedocs.io/en/latest/user/settings.html#openwisp-radius-registration-api-enabled>`_
+- Added `throttling of API requests
+ <https://openwisp-radius.readthedocs.io/en/latest/user/api.html#api-throttling>`_
+- Added `OPENWISP_RADIUS_API_BASEURL setting
+ <https://openwisp-radius.readthedocs.io/en/latest/user/settings.html#openwisp-radius-api-baseurl>`_
+- Add identity verification feature, configurable via the
+ `OPENWISP_RADIUS_NEEDS_IDENTITY_VERIFICATION or via admin interface
+ <https://openwisp-radius.readthedocs.io/en/latest/user/settings.html#openwisp-radius-needs-identity-verification>`_
+- Added utilities for implementing
+ `new registration and identity verification methods
+ <https://openwisp-radius.readthedocs.io/en/latest/user/settings.html#adding-support-for-more-registration-verification-methods>`_
+- Added `captive portal mock views
+ <https://openwisp-radius.readthedocs.io/en/latest/developer/captive_portal_mock.html>`_
+ to ease development and debugging
+- Add possibility to filter users by registration method in the admin interface
+- Added SAML registration method to implement `captive portal authentication
+ via Single Sign On (SSO) <https://openwisp-radius.readthedocs.io/en/latest/user/saml.html>`_
+- Added management command and celery task to
+ `delete unverified users
+ <https://openwisp-radius.readthedocs.io/en/latest/user/management_commands.html#delete-unverified-users>`_
+- Added translations of user facing API responses in Italian, German, Slovenian and Furlan
+- Added `Convert RADIUS accounting CALLED-STATION-ID feature
+ <https://openwisp-radius.readthedocs.io/en/latest/user/management_commands.html#convert-called-station-id>`_,
+ celery task and management command,
+ with the possibility of triggering it on accounting creation
+ (see `OPENWISP_RADIUS_CONVERT_CALLED_STATION_ON_CREATE
+ <https://openwisp-radius.readthedocs.io/en/latest/user/settings.html#openwisp-radius-convert-called-station-on-create>`_)
+- Added an `equivalent of the FreeRADIUS sqlcounter feature to the REST API
+ <https://openwisp-radius.readthedocs.io/en/latest/user/enforcing_limits.html#how-limits-are-enforced-counters>`_
+- Added emission of django signal to FreeRADIUS accounting view:
+ `radius_accounting_success
+ <https://openwisp-radius.readthedocs.io/en/latest/developer/signals.html#radius-accounting-success>`_
+- Added possibility to send email to the user an they start
+ a new radius accounting session
+- Added organization level settings and related admin interface functionality
+ to enable/disable SAML and social login:
+
+ - `OPENWISP_RADIUS_SAML_REGISTRATION_ENABLED
+ <https://openwisp-radius.readthedocs.io/en/latest/user/settings.html#openwisp-radius-saml-registration-enabled>`_
+ - `OPENWISP_RADIUS_SOCIAL_REGISTRATION_ENABLED
+ <https://openwisp-radius.readthedocs.io/en/latest/user/settings.html#openwisp-radius-social-registration-enabled>`_
+
+- Added setting to avoid updating username from SAML:
+ `OPENWISP_RADIUS_SAML_UPDATES_PRE_EXISTING_USERNAME
+ <https://openwisp-radius.readthedocs.io/en/latest/user/settings.html#openwisp-radius-saml-updates-pre-existing-username>`_
+
 
 Changes
 ~~~~~~~
 
-N/A.
+Backward incompatible changes
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Updated prefixes of REST API URLs:
+
+ - API endpoints dedicated to FreeRADIUS have moved to ``/api/v1/freeradius/``
+ - the rest of the API endpoints have moved to ``/api/v1/radius/``
+
+- Allowed ``username`` and ``phone_number`` in password reset API,
+ the endpoint now accepts the "input" parameter instead of "email"
+- Removed customizations for checks and password hashing because
+ they are unmaintained, any user needing these customizations is
+ advised to implement them as a third party app
+- Improved REST API to change password:
+ inherited ``PasswordChangeView`` of openwisp-users to add support for
+ the current-password field in password change view
+
+Dependencies
+^^^^^^^^^^^^
+
+- Added support for Django 3.2 and 4.0
+- Dropped support for Django 2.2
+- Upgraded celery to 5.2.x
+- Updated and tested Django REST Framework to 3.13.0
+- Added support for Python 3.8, 3.9
+- Removed support for Python 3.6
+
+Other changes
+^^^^^^^^^^^^^
+
+- Moved AccountingView to freeradius endpoints
+- Relaxed default values for the
+ `SMS token settings <https://openwisp-radius.readthedocs.io/en/latest/user/settings.html#sms-token-related-settings>`_
+- Switched to new navigation menu and new OpenWISP theme
+- Allowed users to sign up to multiple organizations
+- Update username when phone number is changed if username is equal to the phone number
+- Update stop time and termination to ``None`` if ``status_type`` is ``Interim-Update``
+- Send password reset emails using HTML theme:
+ leverage the new `openwisp-utils send_email function
+ <https://github.com/openwisp/openwisp-utils#openwisp-utils-admin-theme-email-send-email>`_
+ to send an HTML version
+ of the reset password email based on the configurable email HTML theme of OpenWISP
+- Save the user preferred language in obtain and validate token views
+- Added validation check to prevent invalid username in batch user creation
+- Allowed to set the
+ `Password Reset URL setting
+ <https://openwisp-radius.readthedocs.io/en/latest/user/settings.html#openwisp-radius-password-reset-urls>`_
+ via the admin interface
+- Added soft limits to celery tasks for background operations
+- Generalized the implementation of the fallback model fields which allow
+ overriding general settings for each organization
 
 Bugfixes
 ~~~~~~~~
 
-N/A.
+- Fixed login template of openwisp-admin-theme
+- Fixed swagger API docs collision with openwisp-users
+- Ensured each user can be member of a group only once
+- Radius check and reply should check for organization membership
+- ``ValidateAuthTokenView``: show ``phone_number`` as ``null`` if ``None``
+- Freeradius API: properly handle interaction between multiple orgs:
+ an user trying to authorize using the authorization data of an
+ org for which they are not member of must be rejected
+- Fixed radius user group creation with multiple orgs
+- Added validation of phone number uniqueness in the registration API
+- Fixed issues with translatable strings:
+
+ - we don't translate log lines anymore because these won't be shown
+ to end users
+ - ``gettext`` does not work with fstrings,
+ therefore the use of ``str.format()`` has been restored
+ - improved some user facing strings
+
+- Fixed Accounting-On and Accounting-Of accounting requests with blank usernames
+- Delete any cached radius token key on phone number change
+- Fixed handling of interim-updates for closed sessions:
+ added handling of "Interim-Updates" for RadiusAccounting sessions
+ that are closed by OpenWISP when user logs into another organization
+- Flag user as verified in batch user creation
+- Added validation which prevents the creation of duplicated
+ check/reply attributes
 
 Version 0.2.1 [2020-12-14]
 --------------------------

diff --git a/openwisp_radius/__init__.py b/openwisp_radius/__init__.py
@@ -1,4 +1,4 @@
-VERSION = (0, 3, 0, 'alpha')
+VERSION = (1, 0, 0, 'final')
 __version__ = VERSION # alias
 
 

diff --git a/setup.py b/setup.py
@@ -36,32 +36,19 @@
  zip_safe=False,
  install_requires=[
  'django>=3.0,<=4.1.0',
- # Needed for the new authentication backend in openwisp-users
- # TODO: remove when the new version of openwisp-users is released
- (
- 'openwisp-users @ https://github.com/openwisp/openwisp-users/'
- 'tarball/master'
- ),
- # TODO: change this when next point version of openwisp-utils is released
- (
- 'openwisp-utils[rest] @'
- 'https://github.com/openwisp/openwisp-utils/tarball/master'
- ),
+ 'openwisp-users~=1.0.0',
+ 'openwisp-utils[rest,celery]~=1.0.0',
  'passlib~=1.7.1',
  'djangorestframework-link-header-pagination~=0.1.1',
  'weasyprint>=43,<53',
  'dj-rest-auth~=2.1.6',
  'django-sendsms~=0.5.0',
  'jsonfield~=3.1.0',
  'django-private-storage~=3.0',
- 'celery~=5.2.3',
  'django-ipware~=3.0.0',
  ],
  extras_require={
- # TODO: change this when next point version of djangosaml2 is released
- 'saml': [
- 'djangosaml2 @ https://github.com/IdentityPython/djangosaml2/tarball/master'
- ],
+ 'saml': ['djangosaml2~=1.5.0'],
  'openvpn_status': ['openvpn-status~=0.2.1'],
  },
  classifiers=[