sftpgo

mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-06 22:30:56 +03:00

Author	SHA1	Message	Date
Nicola Murino	5ce9688780	enforce group-level password strength for users and shares Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-10-26 09:44:32 +01:00
Nicola Murino	0ae2354fed	JWT: replace jwtauth/jwx with lightweight wrapper around go-jose We replaced the jwtauth and jwx libraries with a minimal custom wrapper around go-jose because we don’t need the full feature set provided by jwx. Implementing our own wrapper simplifies the codebase and improves maintainability. Moreover, go-jose depends only on the standard library, resulting in a leaner dependency that still meets all our requirements. This change also reduces the SFTPGo binary size by approximately 1MB Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-10-08 18:10:39 +02:00
Nicola Murino	a2d3613250	dataprovider: preserve initial sort order for related resources Folders and groups now retain their initial order, improving compatibility and predictability when used with Terraform Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-08-19 16:11:53 +02:00
Nicola Murino	75ad6346c3	removed some unused constants Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-08-02 19:00:15 +02:00
Nicola Murino	c2835bc19d	Enable setting password change requirements in user templates Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-07-17 19:35:17 +02:00
Nicola Murino	7317674b41	Remove legacy data retention API Data retention is now managed via the EventManager, introduced in v2.4.0. This allows scheduling retention checks and sending email or HTTP notifications, making the old API redundant. Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-07-12 22:20:54 +02:00
Nicola Murino	3f7533b86a	update deps ... ... and adapt the code to the new constants I added to golang.org/x/crypto/ssh Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-05-19 19:42:36 +02:00
Nicola Murino	9e2230cc33	Support leading and trailing spaces in user passwords This improves compatibility with external authentication providers that allow such characters in passwords. Passwords created via the WebAdmin UI are still sanitized to prevent user confusion. Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-04-26 14:31:13 +02:00
Nicola Murino	0da8adb7ac	EventManager: breaking change for placeholder names Placeholder names must now be in the format: {{.VirtualPath}} instead of: {{.VirtualPath}} Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-04-14 09:11:44 +02:00
Nicola Murino	2255c5f000	upgrade golangci-lint to v2 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-03-29 11:36:19 +01:00
Nicola Murino	69ef36b4d9	httpd: add a setting to disable login methods, deprecate the previous one the previous enabled login methods setting is hard to extend in a backward compatible way Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-01-25 22:00:55 +01:00
Nicola Murino	70f8b4d495	WebAdmin: allow to create admins with an unusable password Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-01-25 18:53:54 +01:00
Nicola Murino	04fa242f57	azblobfs: add support for Azure Identity Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-01-13 20:58:17 +01:00
Nicola Murino	843b8c38d3	SSH: add a test case for DSA keys Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-12-19 19:55:25 +01:00
Nicola Murino	d3e76898cd	WebAdmin: refactor template permissions Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-11-26 20:39:36 +01:00
Nicola Murino	4a414f0fa4	test cases: fix some random failures Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-11-21 07:52:45 +01:00
Nicola Murino	b524da11e9	EventManager: disable commands by default Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-11-10 12:08:17 +01:00
Nicola Murino	3dd412f6e3	WebAdmin and REST API: remove too granular permissions Our permissions system for admin users is too granular and some permissions overlap. For example, you can define an administrator with the "manage_system" permission and not with the "manage_admins" or "manage_user" permission, but the "manage_system" permission allows you to restore a backup and then create users and administrators. The following permissions will be removed: "manage_admins", "manage_apikeys", "manage_system", "retention_checks", "manage_event_rules", "manage_roles", "manage_ip_lists". Now you need to add the "*" permission to replace the removed granular permissions because the removed permissions allow actions that should only be allowed to super administrators. There is no point in having separate, overlapping permissions. Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-11-10 10:46:28 +01:00
Nicola Murino	ef98ee7d11	don't allow admins to change their own permissions Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-11-09 20:24:35 +01:00
Nicola Murino	88b1850b58	EventManager: allow to define the allowed system commands Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-11-01 11:37:33 +01:00
Nicola Murino	ae1487d733	fix connection limits an SFTP client can start multiple transfers on a single connection Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-10-26 21:18:19 +02:00
Nicola Murino	d8691d1e1a	update translations Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-10-13 17:00:17 +02:00
Nicola Murino	eba4c93efd	user: add additional emails Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-10-11 19:20:51 +02:00
Nicola Murino	424999dacd	kms: add support for Oracle Key Vault Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-10-02 18:14:05 +02:00
Nicola Murino	eeef23139d	EventManager: filter action execution based on event status Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-09-23 19:55:03 +02:00
Nicola Murino	6896d2bfb1	httpd: validate reference also for CSRF token in headers Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-09-14 21:45:25 +02:00
Nicola Murino	14cabda5c2	update shortuid to v4 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-09-08 18:01:14 +02:00
Nicola Murino	2fbf608895	S3: add SSE customer key Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-08-15 10:09:06 +02:00
Nicola Murino	fa710b36c2	httpd: allow to configure cache control header Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-08-12 21:19:44 +02:00
Nicola Murino	81433e00d1	event action: add update modtime to fs rename Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-08-09 20:18:33 +02:00
Nicola Murino	d94f80c8da	replace utils.Contains with slices.Contains Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-07-24 18:27:13 +02:00
Nicola Murino	b5c821795a	allow to customize name and log from the WebUI Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-07-24 09:14:27 +02:00
Nicola Murino	b2926377b7	WebUI: switch favicon from ico to png Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-07-20 16:11:21 +02:00
Nicola Murino	fef388d8cb	don't track quota for private virtual folders they are included within the user quota. This is a backward incompatible change. Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-07-13 21:02:40 +02:00
Nicola Murino	58de410850	nt: fix unused write warnings Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-07-03 20:42:51 +02:00
Nicola Murino	363770ab84	WebClient shares: add a logout button Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-06-18 19:10:32 +02:00
Nicola Murino	01b666a78f	WebUIs: check login conditions before allowing password reset Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-06-14 19:34:42 +02:00
Nicola Murino	8294952474	WebUIs: refactor CSRF Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-06-14 18:09:32 +02:00
Nicola Murino	08526da153	REST API: fix token invalidation after password change Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-06-07 18:19:05 +02:00
Nicola Murino	a1af33c6aa	WebClient: allow to set TLS certificates Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-05-03 18:30:03 +02:00
Nicola Murino	e1fdc10ef8	remove robots.txt endpoint This reverts #833 because the contributor did not respond to our request to sign the CLA Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-04-26 11:00:55 +02:00
Nicola Murino	1196727448	dataretention: remove ignore_user_permissions Required permissions are now automatically granted as for any other filesystem action Fixes #1564 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-04-01 15:07:03 +02:00
Nicola Murino	db577b154e	webclient: add more test cases for shares Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-04-01 11:42:22 +02:00
Nicola Murino	cb3bc3f604	update OpenAPI definition Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-03-18 19:32:01 +01:00
Nicola Murino	cc9a0d4dc2	add time-based access restrictions Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-03-17 11:30:03 +01:00
Nicola Murino	26d3105f54	groups: add role placeholder Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-03-12 18:21:50 +01:00
Nicola Murino	f38966c6ac	WebClient: refactor long-running tasks to improve browser compatibility Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-03-11 18:19:57 +01:00
Nicola Murino	4d357a6a57	EventManager: allow to check for inactive users Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-03-04 19:48:10 +01:00
Nicola Murino	12f599fd65	WebUI: skip checks for static resource Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-02-25 18:19:21 +01:00
Nicola Murino	92911bda2b	require at least 2048 bits for RSA certificates/keys Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-02-25 11:12:57 +01:00

1 2 3 4

161 Commits