cryptaeve / seat-strict
Module to provide tighter enforcement of privileges on SeAT 4
Installs: 792
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 2
Forks: 1
Open Issues: 0
Type:seat-plugin
Requires
- eveseat/eveapi: ^4.0
- eveseat/services: ^4.1
- eveseat/web: ^4.0
This package is auto-updated.
Last update: 2024-10-18 13:15:40 UTC
README
A module for SeAT that allows for enforcing ESI tokens to be up to date
Usage
This plugin allows you to remove privileges from users when they have invalid tokens for linked characters.
Once installed an audit will be performed automatically on the relevant user whenever a refresh token is deleted.
There is also the command strict:audit
which will queue jobs to audit every user. This can be run manually or I also recommend you add it to the seat scheduler.
Configuration
Plugin Enable
- Global Enable - This setting will enable or disable the entire plugin
What to Remove
- Remove Squads - Remove users from squad member lists when they have an invalid token
- Remove Mods - Remove users from squad moderator positions of squads when they have an invalid token
- Remove Squads - Remove users from squad member lists when they have an invalid token
Reason for Removal
- Invalid Token - If the user has any invalid tokens then strip their permissions
Caveats
Until changes are made to SeAT core (working on it) the behaviour with auto squads is a bit flaky, as it will be a constant battle between seat re adding the squad and this plugin removing it. Until this is resolved, you may notice increased job load as this fighting occurs.
Quick Installation
Docker Install
Open the .env file (which is most probably at /opt/seat-docker/.env) and edit the SEAT_PLUGINS variable to include the package.
# SeAT Plugins
# This is a list of the all of the third party plugins that you
# would like to install as part of SeAT. Package names should be
# comma separated if multiple packages should be installed.
SEAT_PLUGINS=cryptaeve/seat-strict
Save your .env file and run docker-compose up -d to restart the stack with the new plugins as part of it. Depending on how many other plugins you also may have, this could take a while to complete.
You can monitor the installation process by running:
docker-compose logs --tail 5 -f seat-web
Blade Install
In your seat directory (By default: /var/www/seat), type the following:
php artisan down
composer require cryptaeve/seat-strict
php artisan vendor:publish --force --all
php artisan migrate
php artisan up
And now, when you log into 'SeAT', you should see a 'SeAT Text' link on the left.
Usage Tracking
In order to get an idea of the usage of this plugin, a very simplistic form of anonymous usage tracking has been implemented.
Read more about the system in use here