diff --git a/README.md b/README.md index 731732beb..b18652a77 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# passbook +passbook logopassbook ![](https://img.shields.io/github/workflow/status/beryju/passbook/passbook-ci?style=flat-square) ![](https://img.shields.io/docker/pulls/beryju/passbook.svg?style=flat-square) @@ -28,12 +28,12 @@ docker-compose up -d docker-compose exec server ./manage.py migrate ``` -For bigger setups, there is a Helm Chart in the `helm/` directory. This is documented [here](https://beryju.github.io/passbook/installation/kubernetes/) +For bigger setups, there is a Helm Chart in the `helm/` directory. This is documented [here](https://passbook.beryju.org//installation/kubernetes/) ## Screenshots -![](.github/screen_apps.png) -![](.github/screen_admin.png) +![](docs/images/screen_apps.png) +![](docs/images/screen_admin.png) ## Development diff --git a/docs/Dockerfile b/docs/Dockerfile deleted file mode 100644 index d0953e867..000000000 --- a/docs/Dockerfile +++ /dev/null @@ -1,14 +0,0 @@ -FROM python:3.8-slim-buster as builder - -WORKDIR /mkdocs - -RUN pip install mkdocs mkdocs-material - -COPY docs/ docs -COPY mkdocs.yml . - -RUN mkdocs build - -FROM nginx - -COPY --from=builder /mkdocs/site /usr/share/nginx/html diff --git a/docs/build.sh b/docs/build.sh new file mode 100755 index 000000000..3ca164253 --- /dev/null +++ b/docs/build.sh @@ -0,0 +1,3 @@ +#!/bin/bash -x +pip install -U mkdocs mkdocs-material +mkdocs gh-deploy diff --git a/docs/factors.md b/docs/factors.md deleted file mode 100644 index 8e55930c4..000000000 --- a/docs/factors.md +++ /dev/null @@ -1,23 +0,0 @@ -# Factors - -A factor represents a single authenticating factor for a user. Common examples of this would be a password or an OTP. These factors can be combined in any order, and can be dynamically enabled using policies. - -## Password Factor - -This is the standard Password Factor. It allows you to select which Backend the password is checked with. here you can also specify which Policies are used to check the password. You can also specify which Factors a User has to pass to recover their account. - -## Dummy Factor - -This factor waits a random amount of time. Mostly used for debugging. - -## E-Mail Factor - -This factor is mostly for recovery, and used in conjunction with the Password Factor. - -## OTP Factor - -This is your typical One-Time Password implementation, compatible with Authy and Google Authenticator. You can enfore this Factor so that every user has to configure it, or leave it optional. - -## Captcha Factor - -While this factor doesn't really authenticate a user, it is part of the Authentication Flow. passbook uses Google's reCaptcha implementation. diff --git a/docs/flow/examples/login.md b/docs/flow/examples/login.md new file mode 100644 index 000000000..1c141e8d1 --- /dev/null +++ b/docs/flow/examples/login.md @@ -0,0 +1,36 @@ +# Login Flow + +This document describes how a simple authentication flow can be created. + +This flow is created automatically when passbook is installed. + +1. Create an **Identification** stage + + > Here you can select whichever fields the user can identify themselves with + > Select the Template **Default Login**, as this template shows the (optional) Flows + > Here you can also link optional enrollment and recovery flows. + +2. Create a **Password** stage + + > Select the Backend you want the password to be checked against. Select "passbook-internal Userdatabase". + +3. Create a **User Login** stage + + > This stage doesn't have any options. + +4. Create a flow + + > Create a flow with the delegation of **Authentication** + > Assign a name and a slug. The slug is used in the URL when the flow is executed. + +5. Bind the stages to the flow + + > Bind the **Identification** Stage with an order of 0 + > Bind the **Password** Stage with an order of 1 + > Bind the **User Login** Stage with an order of 2 + + ![](login.png) + +!!! notice + + This flow can used by any user, authenticated and un-authenticated. This means any authenticated user that visits this flow can login again. diff --git a/docs/flow/examples/login.png b/docs/flow/examples/login.png new file mode 100644 index 000000000..5e5306d3b Binary files /dev/null and b/docs/flow/examples/login.png differ diff --git a/docs/flow/flows.md b/docs/flow/flows.md new file mode 100644 index 000000000..5c429db15 --- /dev/null +++ b/docs/flow/flows.md @@ -0,0 +1,45 @@ +# Flows + +Flows are a method of describing a sequence of stages. A stage represents a single verification or logic step. They are used to authenticate users, enroll them, and more. + +Upon Flow execution, a plan is generated, which contains all stages. This means upon execution, all attached policies are evaluated. This behaviour can be altered by enabling the **Re-evaluate Policies** option on the binding. + +To determine which flow is linked, passbook searches all Flows with the required designation and chooses the first instance the current user has access to. + +## Permissions + +Flows can have policies assigned to them, which determines if the current user is allowed to see and use this flow. + +## Designation + +Flows are designated for a single Purpose. This designation changes when a Flow is used. The following designations are available: + +### Authentication + +This is designates a flow to be used for authentication. + +The authentication flow should always contain a [**User Login**](stages/user_login.md) stage, which attaches the staged user to the current session. + +### Invalidation + +This designates a flow to be used for the invalidation of a session. + +This stage should always contain a [**User Logout**](stages/user_logout.md) stage, which resets the current session. + +### Enrollment + +This designates a flow for enrollment. This flow can contain any amount of Prompt stages, E-Mail verification or Captchas. At the end to create the user, you can use the [**User Write**](stages/user_write.md) stage, which either updates the currently staged user, or if none exists, creates a new one. + +### Unenrollment + +This designates a flow for unenrollment. This flow can contain any amount of verification, like [**E-Mail**](stages/email/index.md) or [**Captcha**](stages/captcha/index.md). To finally delete the account, use the [**User Delete**](stages/user_delete.md) stage. + +### Recovery + +This designates a flow for recovery. This flow normally contains an [**Identification**](stages/identification/index.md) stage to find the user. Then it can contain any amount of verification, like [**E-Mail**](stages/email/index.md) or [**Captcha**](stages/captcha/index.md). +Afterwards, use the [**Prompt**](stages/prompt/index.md) stage to ask the user for a new password and use [**User Write**](stages/user_write.md) to update the password. + +### Change Password + +This designates a flow for password changing. This flow can contain any amount of verification, like [**E-Mail**](stages/email/index.md) or [**Captcha**](stages/captcha/index.md). +Afterwards, use the [**Prompt**](stages/prompt/index.md) stage to ask the user for a new password and use [**User Write**](stages/user_write.md) to update the password. diff --git a/docs/flow/stages/captcha/captcha-admin.png b/docs/flow/stages/captcha/captcha-admin.png new file mode 100644 index 000000000..f33a52972 Binary files /dev/null and b/docs/flow/stages/captcha/captcha-admin.png differ diff --git a/docs/flow/stages/captcha/index.md b/docs/flow/stages/captcha/index.md new file mode 100644 index 000000000..f9d730013 --- /dev/null +++ b/docs/flow/stages/captcha/index.md @@ -0,0 +1,7 @@ +# Captcha stage + +This stage adds a form of verification using [Google's ReCaptcha](https://www.google.com/recaptcha/intro/v3.html). + +This stage has two required fields. You need a Public and a Private key, both of which you can acquire at https://www.google.com/recaptcha/admin. + +![](captcha-admin.png) diff --git a/docs/flow/stages/dummy/dummy.png b/docs/flow/stages/dummy/dummy.png new file mode 100644 index 000000000..7040e66cb Binary files /dev/null and b/docs/flow/stages/dummy/dummy.png differ diff --git a/docs/flow/stages/dummy/index.md b/docs/flow/stages/dummy/index.md new file mode 100644 index 000000000..2321803cb --- /dev/null +++ b/docs/flow/stages/dummy/index.md @@ -0,0 +1,5 @@ +# Dummy stage + +This stage is used for development, and has no function. It presents the User with a form, that requires a single confirmation. + +![](dummy.png) diff --git a/docs/flow/stages/email/email-recovery.png b/docs/flow/stages/email/email-recovery.png new file mode 100644 index 000000000..26c0cccb8 Binary files /dev/null and b/docs/flow/stages/email/email-recovery.png differ diff --git a/docs/flow/stages/email/index.md b/docs/flow/stages/email/index.md new file mode 100644 index 000000000..c7f2f5e68 --- /dev/null +++ b/docs/flow/stages/email/index.md @@ -0,0 +1,5 @@ +# E-Mail + +This stage can be used for E-Mail verification. passbook's background worker will send an E-Mail using the specified connection details. When an E-Mail can't be delivered, it is automatically periodically retried. + +![](email-recovery.png) diff --git a/docs/flow/stages/identification/index.md b/docs/flow/stages/identification/index.md new file mode 100644 index 000000000..4096f40b0 --- /dev/null +++ b/docs/flow/stages/identification/index.md @@ -0,0 +1,25 @@ +# Identification + +This stage provides a ready-to-go form for users to identify themselves. + +## Options + +### User Fields + +Select which fields the user can use to identify themselves. Multiple fields can be specified and separated with a comma. +Valid choices: + +- email +- username + +### Template + +This specifies which template is rendered. Currently there are two templates. + +The `Login` template shows configured Sources below the login form, as well as linking to the defined Enrollment and Recovery flows. + +The `Recovery` template shows only the form. + +### Enrollment/Recovery Flow + +These fields specify if and which flows are linked on the form. The enrollment flow is linked as `Need an account? Sign up.`, and the recovery flow is linked as `Forgot username or password?`. diff --git a/docs/flow/stages/invitation/index.md b/docs/flow/stages/invitation/index.md new file mode 100644 index 000000000..db01b83be --- /dev/null +++ b/docs/flow/stages/invitation/index.md @@ -0,0 +1,7 @@ +# Invitation Stage + +This stage can be used to invite users. You can use this enroll users with preset values. + +If the option `Continue Flow without Invitation`, this stage will continue when no invitation token is present. + +If you want to check if a user has used an invitation within a policy, you can check `request.context.invitation_in_effect`. diff --git a/docs/flow/stages/otp/index.md b/docs/flow/stages/otp/index.md new file mode 100644 index 000000000..c14f6af27 --- /dev/null +++ b/docs/flow/stages/otp/index.md @@ -0,0 +1,7 @@ +# OTP Stage + +This stage offers a generic Time-based One-time Password authentication step. + +You can optionally enforce this step, which will force every user without OTP setup to configure it. + +This stage uses a 6-digit Code with a 30 second time-drift. This is currently not changeable. diff --git a/docs/flow/stages/password/index.md b/docs/flow/stages/password/index.md new file mode 100644 index 000000000..319b0f486 --- /dev/null +++ b/docs/flow/stages/password/index.md @@ -0,0 +1,3 @@ +# Password Stage + +This is a generic password prompt, which authenticates the currently `pending_user`. This stage allows the selection of the Backend the user is authenticated against. diff --git a/docs/flow/stages/prompt/index.md b/docs/flow/stages/prompt/index.md new file mode 100644 index 000000000..c05f37858 --- /dev/null +++ b/docs/flow/stages/prompt/index.md @@ -0,0 +1,42 @@ +# Prompt Stage + +This stage is used to show the user arbitrary prompts. + +## Prompt + +The prompt can be any of the following types: + +| | | +|----------|------------------------------------------------------------------| +| text | Arbitrary text, no client-side validation is done. | +| email | E-Mail input, requires a valid E-Mail adress | +| password | Password Input | +| number | Number Input, any number is allowed | +| checkbox | Simple Checkbox | +| hidden | Hidden Input field, allows for the pre-setting of default values | + +A Prompt has the following attributes: + +### `field_key` + +HTML name used for the prompt. This key is also used to later retrieve the data in expression policies: + +```python +request.context.get('prompt_data').get('') +``` + +### `label` + +Label used to describe the Field. This might not be shown depending on the template selected. + +### `required` + +Flag that decides whether or not this field is required. + +### `placeholder` + +Field placeholder, shown within the input field. This field is also used by the `hidden` type as the actual value. + +### `order` + +Numerical index of the prompt. This applies to all stages this prompt is a part of. diff --git a/docs/flow/stages/prompt/validation.md b/docs/flow/stages/prompt/validation.md new file mode 100644 index 000000000..f2e64a9df --- /dev/null +++ b/docs/flow/stages/prompt/validation.md @@ -0,0 +1,16 @@ +# Prompt Validation + +Further validation of prompts can be done using policies. + +To validate that two password fields are identical, create the following expression policy: + +```python +if request.context.get('prompt_data').get('password') == request.context.get('prompt_data').get('password_repeat'): + return True + +pb_message("Passwords don't match.") +return False +``` +This policy expects you two have two password fields with `field_key` set to `password` and `password_repeat`. + +Afterwards bind this policy to the prompt stage you want to validate. diff --git a/docs/flow/stages/user_delete.md b/docs/flow/stages/user_delete.md new file mode 100644 index 000000000..040337a81 --- /dev/null +++ b/docs/flow/stages/user_delete.md @@ -0,0 +1,8 @@ +# User Delete Stage + +!!! danger + This stage deletes the `pending_user` without any confirmation. You have to make sure the user is aware of this. + +This stage is intended for an unenrollment flow. It deletes the currently pending user. + +The pending user is also removed from the current session. diff --git a/docs/flow/stages/user_login.md b/docs/flow/stages/user_login.md new file mode 100644 index 000000000..ab3f18d6c --- /dev/null +++ b/docs/flow/stages/user_login.md @@ -0,0 +1,5 @@ +# User Login Stage + +This stage attaches a currently pending user to the current session. + +It can be used after `user_write` during an enrollment flow, or after a `password` stage during an authentication flow. diff --git a/docs/flow/stages/user_logout.md b/docs/flow/stages/user_logout.md new file mode 100644 index 000000000..47c7b3b7b --- /dev/null +++ b/docs/flow/stages/user_logout.md @@ -0,0 +1,3 @@ +# User Logout Stage + +Opposite stage of [User Login Stages](user_login.md). It removes the user from the current session. diff --git a/docs/flow/stages/user_write.md b/docs/flow/stages/user_write.md new file mode 100644 index 000000000..9fd718ce0 --- /dev/null +++ b/docs/flow/stages/user_write.md @@ -0,0 +1,3 @@ +# User Write Stage + +This stages writes data from the current context to the current pending user. If no user is pending, a new one is created. diff --git a/docs/images/brand.svg b/docs/images/brand.svg new file mode 100644 index 000000000..15c3f9d61 --- /dev/null +++ b/docs/images/brand.svg @@ -0,0 +1,2 @@ + diff --git a/docs/images/brand_inverted.svg b/docs/images/brand_inverted.svg new file mode 100644 index 000000000..86711c6bb --- /dev/null +++ b/docs/images/brand_inverted.svg @@ -0,0 +1,2 @@ + diff --git a/.github/screen_admin.png b/docs/images/screen_admin.png similarity index 100% rename from .github/screen_admin.png rename to docs/images/screen_admin.png diff --git a/.github/screen_apps.png b/docs/images/screen_apps.png similarity index 100% rename from .github/screen_apps.png rename to docs/images/screen_apps.png diff --git a/docs/index.md b/docs/index.md index 309acb089..954916e1d 100755 --- a/docs/index.md +++ b/docs/index.md @@ -1,31 +1,16 @@ -# Welcome +# +![passbook logo](images/logo.svg){: style="height:50px"} +![passbook brand](images/brand.svg){: style="height:50px"} -Welcome to the passbook Documentation. passbook is an open-source Identity Provider and Usermanagement software. It can be used as a central directory for users or customers and it can integrate with your existing Directory. +## What is passbook? -passbook can also be used as part of an Application to facilitate User Enrollment, Password recovery and Social Login. +passbook is an open-source Identity Provider focused on flexibility and versatility. You can use passbook in an existing environment to add support for new protocols. passbook is also a great solution for implementing signup/recovery/etc in your application, so you don't have to deal with it. -passbook uses the following Terminology: +## Installation -### Policy +See [Docker-compose](installation/docker-compose.md) or [Kubernetes](installation/kubernetes.md) -A Policy is at a base level a yes/no gate. It will either evaluate to True or False depending on the Policy Kind and settings. For example, a "Group Membership Policy" evaluates to True if the User is member of the specified Group and False if not. This can be used to conditionally apply Factors and grant/deny access. +## Screenshots -### Provider - -A Provider is a way for other Applications to authenticate against passbook. Common Providers are OpenID Connect (OIDC) and SAML. - -### Source - -Sources are ways to get users into passbook. This might be an LDAP Connection to import Users from Active Directory, or an OAuth2 Connection to allow Social Logins. - -### Application - -An application links together Policies with a Provider, allowing you to control access. It also holds Information like UI Name, Icon and more. - -### Factors - -Factors represent Authentication Factors, like a Password or OTP. These Factors can be dynamically enabled using policies. This allows you to, for example, force users from a certain IP ranges to complete a Captcha to authenticate. - -### Property Mappings - -Property Mappings allow you to make Information available for external Applications. For example, if you want to login to AWS with passbook, you'd use Property Mappings to set the User's Roles based on their Groups. +![](images/screen_apps.png) +![](images/screen_admin.png) diff --git a/docs/installation/install.md b/docs/installation/install.md deleted file mode 100755 index ebd88c387..000000000 --- a/docs/installation/install.md +++ /dev/null @@ -1,6 +0,0 @@ -# Installation - -There are two supported ways to install passbook: - -- [docker-compose](docker-compose.md) for test- or small productive setups -- [Kubernetes](./kubernetes.md) for larger Productive setups diff --git a/docs/k8s/deployment.yml b/docs/k8s/deployment.yml deleted file mode 100644 index 616245cbb..000000000 --- a/docs/k8s/deployment.yml +++ /dev/null @@ -1,33 +0,0 @@ ---- -apiVersion: apps/v1beta2 -kind: Deployment -metadata: - name: passbook-docs - namespace: prod-passbook-docs - labels: - app.kubernetes.io/name: passbook-docs - app.kubernetes.io/managed-by: passbook-docs -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/name: passbook-docs - template: - metadata: - labels: - app.kubernetes.io/name: passbook-docs - spec: - containers: - - name: passbook-docs - image: "beryju/passbook-docs:latest" - ports: - - name: http - containerPort: 80 - protocol: TCP - resources: - limits: - cpu: 10m - memory: 20Mi - requests: - cpu: 10m - memory: 20Mi diff --git a/docs/k8s/ingress.yml b/docs/k8s/ingress.yml deleted file mode 100644 index 210826cad..000000000 --- a/docs/k8s/ingress.yml +++ /dev/null @@ -1,21 +0,0 @@ ---- -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - labels: - app.kubernetes.io/name: passbook-docs - name: passbook-docs - namespace: prod-passbook-docs -spec: - rules: - - host: docs.passbook.beryju.org - http: - paths: - - backend: - serviceName: passbook-docs-http - servicePort: http - path: / - tls: - - hosts: - - docs.passbook.beryju.org - secretName: passbook-docs-acme diff --git a/docs/k8s/service.yml b/docs/k8s/service.yml deleted file mode 100644 index 0e83a1a8a..000000000 --- a/docs/k8s/service.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: passbook-docs-http - namespace: prod-passbook-docs - labels: - app.kubernetes.io/name: passbook-docs -spec: - type: ClusterIP - ports: - - port: 80 - targetPort: http - protocol: TCP - name: http - selector: - app.kubernetes.io/name: passbook-docs diff --git a/docs/policies/expression.md b/docs/policies/expression.md index e3d0812cb..c6d9c9374 100644 --- a/docs/policies/expression.md +++ b/docs/policies/expression.md @@ -1,5 +1,8 @@ # Expression Policies +!!! notice + These variables are available in addition to the common variables/functions defined in [**Expressions**](../expressions/index.md) + The passing of the policy is determined by the return value of the code. Use `return True` to pass a policy and `return False` to fail it. ### Available Functions diff --git a/docs/policies/index.md b/docs/policies/index.md index 362f43d54..4c86878b2 100644 --- a/docs/policies/index.md +++ b/docs/policies/index.md @@ -27,11 +27,11 @@ See [Expression Policy](expression.md). This Policy allows you to specify Password rules, like Length and required Characters. The following rules can be set: -- Minimum amount of Uppercase Characters -- Minimum amount of Lowercase Characters -- Minimum amount of Symbols Characters -- Minimum Length -- Symbol charset (define which characters are counted as symbols) +- Minimum amount of Uppercase Characters +- Minimum amount of Lowercase Characters +- Minimum amount of Symbols Characters +- Minimum Length +- Symbol charset (define which characters are counted as symbols) ### Have I Been Pwned Policy diff --git a/docs/property-mappings/expression.md b/docs/property-mappings/expression.md index a25ee2aad..3888ce92d 100644 --- a/docs/property-mappings/expression.md +++ b/docs/property-mappings/expression.md @@ -2,6 +2,9 @@ The property mapping should return a value that is expected by the Provider/Source. What types are supported, is documented in the individual Provider/Source. Returning `None` is always accepted, this simply skips this mapping. +!!! notice + These variables are available in addition to the common variables/functions defined in [**Expressions**](../expressions/index.md) + ### Context Variables - `user`: The current user, this might be `None` if there is no contextual user. ([ref](../expressions/reference/user-object.md)) diff --git a/docs/requirements.txt b/docs/requirements.txt new file mode 100644 index 000000000..9a8a4ca47 --- /dev/null +++ b/docs/requirements.txt @@ -0,0 +1,2 @@ +mkdocs +mkdocs-material diff --git a/docs/runtime.txt b/docs/runtime.txt new file mode 100644 index 000000000..548d71365 --- /dev/null +++ b/docs/runtime.txt @@ -0,0 +1 @@ +3.7 \ No newline at end of file diff --git a/docs/terminology.md b/docs/terminology.md new file mode 100644 index 000000000..1b345e079 --- /dev/null +++ b/docs/terminology.md @@ -0,0 +1,27 @@ +### Policy + +A Policy is at a base level a yes/no gate. It will either evaluate to True or False depending on the Policy Kind and settings. For example, a "Group Membership Policy" evaluates to True if the User is member of the specified Group and False if not. This can be used to conditionally apply Stages, grant/deny access to various objects and is also used for other custom logic. + +### Provider + +A Provider is a way for other Applications to authenticate against passbook. Common Providers are OpenID Connect (OIDC) and SAML. + +### Source + +Sources are ways to get users into passbook. This might be an LDAP Connection to import Users from Active Directory, or an OAuth2 Connection to allow Social Logins. + +### Application + +An application links together Policies with a Provider, allowing you to control access. It also holds Information like UI Name, Icon and more. + +### Flows + +Flows are a method of describing a sequence of stages. These flows can be used to defined how a user authenticates, enrolls, etc. + +### Stages + +A stage represents a single verification or logic step. They are used to authenticate users, enroll them, and more. These stages can optionally be applied to a flow via policies. + +### Property Mappings + +Property Mappings allow you to make Information available for external Applications. For example, if you want to login to AWS with passbook, you'd use Property Mappings to set the User's Roles based on their Groups. diff --git a/mkdocs.yml b/mkdocs.yml index 2fd537455..29c074b3d 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -1,13 +1,31 @@ site_name: passbook Docs -site_url: https://beryju.github.io/passbook +site_url: https://passbook.beryju.org/ copyright: "Copyright © 2019 - 2020 BeryJu.org" nav: - Home: index.md + - Terminology: terminology.md - Installation: - - Installation: installation/install.md - docker-compose: installation/docker-compose.md - Kubernetes: installation/kubernetes.md + - Flows: + Overview: flow/flows.md + Examples: + - Login: flow/examples/login.md + - Stages: + - Captcha Stage: flow/stages/captcha/index.md + - Dummy Stage: flow/stages/dummy/index.md + - E-Mail Stage: flow/stages/email/index.md + - Identification Stage: flow/stages/identification/index.md + - Invitation Stage: flow/stages/invitation/index.md + - OTP Stage: flow/stages/otp/index.md + - Password Stage: flow/stages/password/index.md + - Prompt Stage: flow/stages/prompt/index.md + - Prompt Stage Validation: flow/stages/prompt/validation.md + - User Delete Stage: flow/stages/user_delete.md + - User Login Stage: flow/stages/user_login.md + - User Logout Stage: flow/stages/user_logout.md + - User Write Stage: flow/stages/user_write.md - Sources: sources.md - Providers: providers.md - Expressions: @@ -17,7 +35,6 @@ nav: - Property Mappings: - Overview: property-mappings/index.md - Expressions: property-mappings/expression.md - - Factors: factors.md - Policies: - Overview: policies/index.md - Expression: policies/expression.md @@ -34,8 +51,12 @@ nav: repo_name: "BeryJu/passbook" repo_url: https://github.com/BeryJu/passbook theme: - name: "material" - logo: "images/logo.svg" + name: material + logo: images/logo.svg + favicon: images/logo.svg + palette: + scheme: slate + primary: white markdown_extensions: - toc: @@ -46,6 +67,7 @@ markdown_extensions: smart_enable: all - pymdownx.inlinehilite - pymdownx.magiclink + - attr_list plugins: - search diff --git a/passbook/admin/templates/administration/stage/list.html b/passbook/admin/templates/administration/stage/list.html index 624f5374e..9ca46266a 100644 --- a/passbook/admin/templates/administration/stage/list.html +++ b/passbook/admin/templates/administration/stage/list.html @@ -62,6 +62,8 @@ diff --git a/passbook/admin/templates/generic/update.html b/passbook/admin/templates/generic/update.html index 7c7f57290..cee51661c 100644 --- a/passbook/admin/templates/generic/update.html +++ b/passbook/admin/templates/generic/update.html @@ -6,7 +6,7 @@ {% block above_form %}

{% blocktrans with type=form|form_verbose_name|title inst=form.instance %} - Update {{ type }}: {{ inst }} + Update {{ inst }} {% endblocktrans %}

{% endblock %} diff --git a/passbook/core/templates/partials/form_horizontal.html b/passbook/core/templates/partials/form_horizontal.html index 1e2836e6e..b482c7265 100644 --- a/passbook/core/templates/partials/form_horizontal.html +++ b/passbook/core/templates/partials/form_horizontal.html @@ -18,6 +18,9 @@ {% if c.data.selected %} checked {% endif %}> + {% if field.help_text %} +

{{ field.help_text }}

+ {% endif %} {% endfor %} {% elif field.field.widget|fieldtype == 'Select' %}