continuous-integration/drone/push Build is passingDetails
Closes#69.
Tests are failing locally with many `assert os.geteuid() == 0` errors even on the master branch. I will add tests after I figure this out.
Reviewed-on: #82
Co-authored-by: Jonathan Leung <j23leung@csclub.uwaterloo.ca>
Co-committed-by: Jonathan Leung <j23leung@csclub.uwaterloo.ca>
continuous-integration/drone/push Build is passingDetails
Closed#75
Co-authored-by: Rio6 <rio.liu@r26.me>
Co-authored-by: Max Erenberg <merenber@csclub.uwaterloo.ca>
Reviewed-on: #77
Co-authored-by: Rio Liu <r345liu@csclub.uwaterloo.ca>
Co-committed-by: Rio Liu <r345liu@csclub.uwaterloo.ca>
continuous-integration/drone/push Build is passingDetails
Closes#55.
Once this is merged and deployed, a cron job will be used to automatically run `ceo members remindexpire` at the beginning of every term.
Reviewed-on: #61
continuous-integration/drone/push Build is passingDetails
Office staff currently can't sign up new members because ceod uses their GSSAPI credentials to authenticate to LDAP, and those credentials are insufficient.
This PR uses the ceod/admin credentials instead for signing up new members and for renewing existing memberships.
Reviewed-on: #45
continuous-integration/drone/push Build is passingDetails
Closes#37.
Co-authored-by: Max Erenberg <>
Reviewed-on: #43
Co-authored-by: Max Erenberg <merenber@csclub.uwaterloo.ca>
Co-committed-by: Max Erenberg <merenber@csclub.uwaterloo.ca>
continuous-integration/drone/push Build is passingDetails
continuous-integration/drone Build is passingDetails
Closes#23
Co-authored-by: Rio Liu <rio.liu@r26.me>
Co-authored-by: Max Erenberg <>
Reviewed-on: #33
Co-authored-by: Rio <r345liu@localhost>
Co-committed-by: Rio <r345liu@localhost>
continuous-integration/drone/push Build is failingDetails
Closes#26.
Co-authored-by: Max Erenberg <>
Reviewed-on: #30
Co-authored-by: Max Erenberg <merenber@csclub.uwaterloo.ca>
Co-committed-by: Max Erenberg <merenber@csclub.uwaterloo.ca>
continuous-integration/drone/push Build is passingDetails
Closes#25.
Co-authored-by: Max Erenberg <>
Reviewed-on: #29
Co-authored-by: Max Erenberg <merenber@csclub.uwaterloo.ca>
Co-committed-by: Max Erenberg <merenber@csclub.uwaterloo.ca>
continuous-integration/drone/push Build is passingDetails
Closes#24.
Co-authored-by: Max Erenberg <>
Reviewed-on: #27
Co-authored-by: Max Erenberg <merenber@csclub.uwaterloo.ca>
Co-committed-by: Max Erenberg <merenber@csclub.uwaterloo.ca>
This PR implements the /api/groups endpoints.
Closes #2.
Reviewed-on: #6
Co-authored-by: Max Erenberg <merenber@localhost>
Co-committed-by: Max Erenberg <merenber@localhost>
This PR adds unconstrained Kerberos delegation to the API.
The client obtains a forwarded TGT and sends it, base64-encoded, in an HTTP header named 'X-KRB5-CRED'. The server reads this credential, creates a new credentials cache for the user, and stores the credential into the new cache. The server can now authenticate to other services (e.g. LDAP) over GSSAPI using the forwarded client's credentials.
Reviewed-on: #5
Co-authored-by: Max Erenberg <merenber@localhost>
Co-committed-by: Max Erenberg <merenber@localhost>
Jonathan Leung
Rio Liu
Max Erenberg
Max Erenberg
Max Erenberg