PyPI - micro-users - Versions diffs - 1.8.3__tar.gz → 1.8.4__tar.gz - Mend

micro-users 1.8.3tar.gz → 1.8.4tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of micro-users might be problematic. Click here for more details.

Files changed (48) hide show

{micro_users-1.8.3 → micro_users-1.8.4}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: micro_users
-Version: 1.8.3
+Version: 1.8.4
 Summary: Arabic Django user management app with abstract user, permissions, and activity logging
 Home-page: https://github.com/debeski/micro-users
 Author: DeBeski
@@ -215,3 +215,4 @@ MICRO_USERS_THEME = {
 | v1.8.1   | • **UI Refinement**: Swapped `Email` and `Phone` positions across all forms, tables, and detail views<br>• **Field Logic**: Set `Email` and `Phone` as optional (not required) for all users<br>• **Security**: Added `manage_staff` custom permission to restrict `is_staff` management to authorized managers only<br>• **Bug Fix**: Reserved `manage_staff` assignment power strictly for Superusers and fixed UI grouping for custom permissions |
 | v1.8.2   | • **Login UX**: Enhanced login flow with auto-focus on username and improved "Enter to Submit" handling |
 | v1.8.3   | • **CSP Compliance**: Added `nonce` attribute support to all inline and external script tags (Login, Permissions, Manage Users) for Content Security Policy compliance |
+| v1.8.4   | • **Strict CSP**: Refactored inline JS event handlers to use Event Listeners, fully resolving CSP violation errors |

{micro_users-1.8.3 → micro_users-1.8.4}/README.md RENAMED Viewed

@@ -182,4 +182,5 @@ MICRO_USERS_THEME = {
 | v1.8.0   | • **Permissions UI**: Complete redesign with App/Model-based grouping and hierarchical checkboxes<br>• **Aesthetics**: Applied modern glassmorphism theme to permission cards with interactive toggles<br>• **Security**: Implemented 3-level security logic (GM, SM, User) and "invisible" Superuser protection<br>• **Foolproofing**: Added self-editing protection for staff and scope enforcement for managers<br>• **Localization**: Fully translated system auth labels and metadata to Arabic |
 | v1.8.1   | • **UI Refinement**: Swapped `Email` and `Phone` positions across all forms, tables, and detail views<br>• **Field Logic**: Set `Email` and `Phone` as optional (not required) for all users<br>• **Security**: Added `manage_staff` custom permission to restrict `is_staff` management to authorized managers only<br>• **Bug Fix**: Reserved `manage_staff` assignment power strictly for Superusers and fixed UI grouping for custom permissions |
 | v1.8.2   | • **Login UX**: Enhanced login flow with auto-focus on username and improved "Enter to Submit" handling |
-| v1.8.3   | • **CSP Compliance**: Added `nonce` attribute support to all inline and external script tags (Login, Permissions, Manage Users) for Content Security Policy compliance |
+| v1.8.3   | • **CSP Compliance**: Added `nonce` attribute support to all inline and external script tags (Login, Permissions, Manage Users) for Content Security Policy compliance |
+| v1.8.4   | • **Strict CSP**: Refactored inline JS event handlers to use Event Listeners, fully resolving CSP violation errors |

{micro_users-1.8.3 → micro_users-1.8.4}/micro_users.egg-info/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: micro-users
-Version: 1.8.3
+Version: 1.8.4
 Summary: Arabic Django user management app with abstract user, permissions, and activity logging
 Home-page: https://github.com/debeski/micro-users
 Author: DeBeski
@@ -215,3 +215,4 @@ MICRO_USERS_THEME = {
 | v1.8.1   | • **UI Refinement**: Swapped `Email` and `Phone` positions across all forms, tables, and detail views<br>• **Field Logic**: Set `Email` and `Phone` as optional (not required) for all users<br>• **Security**: Added `manage_staff` custom permission to restrict `is_staff` management to authorized managers only<br>• **Bug Fix**: Reserved `manage_staff` assignment power strictly for Superusers and fixed UI grouping for custom permissions |
 | v1.8.2   | • **Login UX**: Enhanced login flow with auto-focus on username and improved "Enter to Submit" handling |
 | v1.8.3   | • **CSP Compliance**: Added `nonce` attribute support to all inline and external script tags (Login, Permissions, Manage Users) for Content Security Policy compliance |
+| v1.8.4   | • **Strict CSP**: Refactored inline JS event handlers to use Event Listeners, fully resolving CSP violation errors |

{micro_users-1.8.3 → micro_users-1.8.4}/pyproject.toml RENAMED Viewed

@@ -8,7 +8,7 @@ build-backend = "setuptools.build_meta"
 [project]
 name = "micro_users"
-version = "1.8.3"
+version = "1.8.4"
 description = "Arabic Django user management app with abstract user, permissions, and activity logging"
 readme = "README.md"
 requires-python = ">=3.11"

{micro_users-1.8.3 → micro_users-1.8.4}/setup.py RENAMED Viewed

@@ -5,7 +5,7 @@ with open("README.md", "r", encoding="utf-8") as fh:
 setup(
     name="micro_users",
-    version="1.8.3",
+    version="1.8.4",
     author="DeBeski",
     author_email="debeski1@gmail.com",
     description="Arabic django user management app with abstract user, permissions, and activity logging",

{micro_users-1.8.3 → micro_users-1.8.4}/users/static/users/js/permissions.js RENAMED Viewed

@@ -82,4 +82,11 @@ document.addEventListener('DOMContentLoaded', function() {
     // Initial State Sync
     document.querySelectorAll('.model-group').forEach(group => updateModelMasterStatus(group));
     document.querySelectorAll('.permissions-card').forEach(card => updateAppMasterStatus(card));
+    // Prevent toggle propagation for specific elements
+    document.querySelectorAll('.prevent-toggle').forEach(el => {
+        el.addEventListener('click', function(e) {
+            e.stopPropagation();
+        });
+    });
 });

{micro_users-1.8.3 → micro_users-1.8.4}/users/templates/users/manage_users.html RENAMED Viewed

@@ -21,7 +21,7 @@
     <div class="mt-3">
         {% if not request.user.scope %}
-        <button type="button" class="btn btn-info no-print" title="إدارة النطاقات" onclick="loadScopeManager()">
+        <button type="button" class="btn btn-info no-print" title="إدارة النطاقات" id="btn-manage-scopes">
             <i class="bi bi-list me-1 h4"></i> إدارة النطاقات
         </button>
         {% endif %}
@@ -134,6 +134,13 @@
             })
             .catch(err => console.error('Error deleting scope:', err));
         }
+        document.addEventListener('DOMContentLoaded', function() {
+            const btnManageScopes = document.getElementById('btn-manage-scopes');
+            if (btnManageScopes) {
+                btnManageScopes.addEventListener('click', loadScopeManager);
+            }
+        });
     </script>
 {% endblock %}

{micro_users-1.8.3 → micro_users-1.8.4}/users/templates/users/widgets/grouped_permissions.html RENAMED Viewed

@@ -14,7 +14,7 @@
                  aria-expanded="false">
                 <div class="d-flex align-items-center">
-                    <div class="form-check me-3" onclick="event.stopPropagation()">
+                    <div class="form-check me-3 prevent-toggle">
                         <input class="form-check-input app-master-checkbox" type="checkbox" id="master_{{ app_label }}">
                         <label class="form-check-label d-none" for="master_{{ app_label }}">تحديد الكل</label>
                     </div>