Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-06 22:30:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,070 Commits 9 Branches 53 Tags
843b8c38d3621c5f6d2570db674d527d3336d3eb
Commit Graph

148 Commits

Author SHA1 Message Date
Nicola Murino
843b8c38d3 SSH: add a test case for DSA keys 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-12-19 19:55:25 +01:00
Nicola Murino
d3e76898cd WebAdmin: refactor template permissions 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-11-26 20:39:36 +01:00
Nicola Murino
4a414f0fa4 test cases: fix some random failures 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-11-21 07:52:45 +01:00
Nicola Murino
b524da11e9 EventManager: disable commands by default 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-11-10 12:08:17 +01:00
Nicola Murino
3dd412f6e3 WebAdmin and REST API: remove too granular permissions 
Our permissions system for admin users is too granular and some
permissions overlap. For example, you can define an administrator
with the "manage_system" permission and not with the "manage_admins"
or "manage_user" permission, but the "manage_system" permission
allows you to restore a backup and then create users and
administrators. The following permissions will be removed:
"manage_admins", "manage_apikeys", "manage_system", "retention_checks",
"manage_event_rules", "manage_roles", "manage_ip_lists". Now you
need to add the "*" permission to replace the removed granular
permissions because the removed permissions allow actions that
should only be allowed to super administrators.
There is no point in having separate, overlapping permissions.

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-11-10 10:46:28 +01:00
Nicola Murino
ef98ee7d11 don't allow admins to change their own permissions 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-11-09 20:24:35 +01:00
Nicola Murino
88b1850b58 EventManager: allow to define the allowed system commands 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-11-01 11:37:33 +01:00
Nicola Murino
ae1487d733 fix connection limits 
an SFTP client can start multiple transfers on a single connection

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-10-26 21:18:19 +02:00
Nicola Murino
d8691d1e1a update translations 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-10-13 17:00:17 +02:00
Nicola Murino
eba4c93efd user: add additional emails 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-10-11 19:20:51 +02:00
Nicola Murino
424999dacd kms: add support for Oracle Key Vault 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-10-02 18:14:05 +02:00
Nicola Murino
eeef23139d EventManager: filter action execution based on event status 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-09-23 19:55:03 +02:00
Nicola Murino
6896d2bfb1 httpd: validate reference also for CSRF token in headers 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-09-14 21:45:25 +02:00
Nicola Murino
14cabda5c2 update shortuid to v4 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-09-08 18:01:14 +02:00
Nicola Murino
2fbf608895 S3: add SSE customer key 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-08-15 10:09:06 +02:00
Nicola Murino
fa710b36c2 httpd: allow to configure cache control header 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-08-12 21:19:44 +02:00
Nicola Murino
81433e00d1 event action: add update modtime to fs rename 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-08-09 20:18:33 +02:00
Nicola Murino
d94f80c8da replace utils.Contains with slices.Contains 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-07-24 18:27:13 +02:00
Nicola Murino
b5c821795a allow to customize name and log from the WebUI 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-07-24 09:14:27 +02:00
Nicola Murino
b2926377b7 WebUI: switch favicon from ico to png 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-07-20 16:11:21 +02:00
Nicola Murino
fef388d8cb don't track quota for private virtual folders 
they are included within the user quota.
This is a backward incompatible change.

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-07-13 21:02:40 +02:00
Nicola Murino
58de410850 nt: fix unused write warnings 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-07-03 20:42:51 +02:00
Nicola Murino
363770ab84 WebClient shares: add a logout button 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-06-18 19:10:32 +02:00
Nicola Murino
01b666a78f WebUIs: check login conditions before allowing password reset 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-06-14 19:34:42 +02:00
Nicola Murino
8294952474 WebUIs: refactor CSRF 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-06-14 18:09:32 +02:00
Nicola Murino
08526da153 REST API: fix token invalidation after password change 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-06-07 18:19:05 +02:00
Nicola Murino
a1af33c6aa WebClient: allow to set TLS certificates 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-05-03 18:30:03 +02:00
Nicola Murino
e1fdc10ef8 remove robots.txt endpoint 
This reverts #833 because the contributor did not respond to our
request to sign the CLA

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-04-26 11:00:55 +02:00
Nicola Murino
1196727448 dataretention: remove ignore_user_permissions 
Required permissions are now automatically granted as for any other
filesystem action

Fixes #1564

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-04-01 15:07:03 +02:00
Nicola Murino
db577b154e webclient: add more test cases for shares 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-04-01 11:42:22 +02:00
Nicola Murino
cb3bc3f604 update OpenAPI definition 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-03-18 19:32:01 +01:00
Nicola Murino
cc9a0d4dc2 add time-based access restrictions 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-03-17 11:30:03 +01:00
Nicola Murino
26d3105f54 groups: add role placeholder 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-03-12 18:21:50 +01:00
Nicola Murino
f38966c6ac WebClient: refactor long-running tasks to improve browser compatibility 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-03-11 18:19:57 +01:00
Nicola Murino
4d357a6a57 EventManager: allow to check for inactive users 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-03-04 19:48:10 +01:00
Nicola Murino
12f599fd65 WebUI: skip checks for static resource 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-02-25 18:19:21 +01:00
Nicola Murino
92911bda2b require at least 2048 bits for RSA certificates/keys 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-02-25 11:12:57 +01:00
Nicola Murino
f7d9e56cac ssh: remove moduli, log negotiated algorithms 
Fixes #1324

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-02-24 20:35:09 +01:00
Nicola Murino
a577d8b3cd WebAdmin: allow to disable 2FA 
Before it was only possible using REST API

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-02-23 18:24:07 +01:00
Nicola Murino
76ffa107dd check admins' two-factor requirements in the disable API as well 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-02-22 19:05:16 +01:00
Nicola Murino
9a6a65931e two-factor auth: fixed validation of conflicting settings 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-02-22 18:20:51 +01:00
Nicola Murino
de089e51fd Web: allow to require password change and two-factor for admins 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-02-21 20:45:10 +01:00
Nicola Murino
51ae2d7301 add copy permission 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-02-20 18:19:09 +01:00
Nicola Murino
e61fb42cbc remove metadata plugin 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-02-17 12:30:47 +01:00
Nicola Murino
ad75543172 fix some new lint warnings 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-02-15 21:13:45 +01:00
Nicola Murino
1ff55bbfa7 add DirLister interface 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-02-15 20:53:56 +01:00
Nicola Murino
8385acd0e3 Redirect to two-factor auth page after creating the first admin 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-02-04 20:58:29 +01:00
Nicola Murino
e5836c8118 WebUI: add a JSON helper function 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-02-04 18:16:10 +01:00
Nicola Murino
c23d779280 WebClient: load shares using an async request 
instead of rendering them directly within the template

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-02-04 14:33:51 +01:00
Nicola Murino
3158190945 WebClient: respect second factor requirements enforced at group level 
Fixes #1506

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-02-04 12:09:47 +01:00