Revision 2b7d01a0b4fd0802e95f089083963b4375a37d9b authored by Kirill Lakhov on 15 December 2023, 17:42:55 UTC, committed by GitHub on 15 December 2023, 17:42:55 UTC
<!-- Raise an issue to propose your change (https://github.com/opencv/cvat/issues). It helps to avoid duplication of efforts from multiple independent contributors. Discuss your ideas with maintainers to be sure that changes will be approved and merged. Read the [Contribution guide](https://opencv.github.io/cvat/docs/contributing/). --> <!-- Provide a general summary of your changes in the Title above --> ### Motivation and context <!-- Why is this change required? What problem does it solve? If it fixes an open issue, please link to the issue here. Describe your changes in detail, add screenshots. --> This PR improves workflow with invitations to organizations. It allows to view, accept, decline invitations to organizations (previously all the invitations were auto-accepted). It fixes problems with inviting unregistered users to organization allowing them to register without invitation. ![image](https://github.com/opencv/cvat/assets/50956430/71bededa-be48-4e7a-80b6-febba86c2a3f) ![image](https://github.com/opencv/cvat/assets/50956430/773119a2-4d88-46c1-bad6-ed24734ce0c2) ### How has this been tested? <!-- Please describe in detail how you tested your changes. Include details of your testing environment, and the tests you ran to see how your change affects other areas of the code, etc. --> The best way to test this PR is to add those lines to `cvat/settings/base.py`: Enable email verification: ``` ACCOUNT_AUTHENTICATION_METHOD = 'username_email' ACCOUNT_CONFIRM_EMAIL_ON_GET = True ACCOUNT_EMAIL_REQUIRED = True ACCOUNT_EMAIL_VERIFICATION = 'mandatory' ``` Setup console email backend ``` # Email backend settings for Django EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' ``` And edit `ORG_INVITATION_CONFIRM` to `Yes` ``` ORG_INVITATION_CONFIRM = 'Yes' ``` ### Checklist <!-- Go over all the following points, and put an `x` in all the boxes that apply. If an item isn't applicable for some reason, then ~~explicitly strikethrough~~ the whole line. If you don't do that, GitHub will show incorrect progress for the pull request. If you're unsure about any of these, don't hesitate to ask. We're here to help! --> - [ ] I submit my changes into the `develop` branch - [ ] I have created a changelog fragment <!-- see top comment in CHANGELOG.md --> - [ ] I have updated the documentation accordingly - [ ] I have added tests to cover my changes - [ ] I have linked related issues (see [GitHub docs]( https://help.github.com/en/github/managing-your-work-on-github/linking-a-pull-request-to-an-issue#linking-a-pull-request-to-an-issue-using-a-keyword)) - [ ] I have increased versions of npm packages if it is necessary ([cvat-canvas](https://github.com/opencv/cvat/tree/develop/cvat-canvas#versioning), [cvat-core](https://github.com/opencv/cvat/tree/develop/cvat-core#versioning), [cvat-data](https://github.com/opencv/cvat/tree/develop/cvat-data#versioning) and [cvat-ui](https://github.com/opencv/cvat/tree/develop/cvat-ui#versioning)) ### License - [ ] I submit _my code changes_ under the same [MIT License]( https://github.com/opencv/cvat/blob/develop/LICENSE) that covers the project. Feel free to contact the maintainers if that's a concern. --------- Co-authored-by: Boris Sekachev <boris@cvat.ai> Co-authored-by: Boris Sekachev <boris.sekachev@yandex.ru>
1 parent 9fb582d
SECURITY.md
# Security Policy
## Supported Versions
At the moment only the latest release is supported. When you report a security issue,
be sure it can be reproduced in the supported version.
| Version | Supported |
| ------- | ------------------ |
| 2.0.0 | :white_check_mark: |
| <2.0.0 | :x: |
## Reporting a Vulnerability
If you have information about a security issue or vulnerability in the product, please
send an e-mail to [secure@cvat.ai](mailto:secure+github@cvat.ai).
Please provide as much information as possible, including:
- The products and versions affected
- Detailed description of the vulnerability
- Information on known exploits
- A member of the CVAT.ai Product Security Team will review your e-mail and contact you to
collaborate on resolving the issue.
Computing file changes ...