Commit graph

183 commits

Author SHA1 Message Date
Nicola Murino
1ff55bbfa7
add DirLister interface
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-15 20:53:56 +01:00
Nicola Murino
c49553abd0
keyboard interactive: ask only the passcode if it is the second step
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-05 19:02:01 +01:00
Nicola Murino
6074ed21f7
dataproviders: return an uniform error for foreign key violations
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-03 14:24:50 +01:00
Nicola Murino
ad80d4e475
WIP new WebAdmin: event rules
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-01 20:32:43 +01:00
Nicola Murino
c85601146d
WIP new WebAdmin: event actions
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-31 20:49:25 +01:00
Nicola Murino
caa1d70aab
WebUI: add a base template for info messages
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-28 10:22:16 +01:00
Nicola Murino
69da5c10c6
WIP new WebAdmin: configs page
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-27 12:48:15 +01:00
Nicola Murino
8180b75ef1
WIP new WebAdmin: IP lists pages
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-24 19:23:15 +01:00
Nicola Murino
d381304136
WIP new WebAdmin: admin/admins pages
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-22 20:22:41 +01:00
Nicola Murino
e38350e8b3
WIP new WebAdmin: role page
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-21 17:19:25 +01:00
Nicola Murino
91802fad3e
WIP new WebAdmin: profile, change password, message pages
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-18 19:18:57 +01:00
Nicola Murino
87451560e3
normalize common database errors
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-17 17:36:35 +01:00
Nicola Murino
d939a82225
user: add TLS certificates
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-14 21:36:23 +01:00
Nicola Murino
5c8214e121
WIP new WebAdmin: groups page
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-11 19:26:13 +01:00
Nicola Murino
e1b5d2fe39
WebAdmin: use the new UI for user pages
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-09 19:54:08 +01:00
Nicola Murino
784b7585c1
remove end year from Copyright notice in files
so we don't have to update all the files every year

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-01 11:31:45 +01:00
Nicola Murino
8ce9af4adf
dataprovider: sort related resources by name
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-12-10 17:50:48 +01:00
Nicola Murino
c71f0426ae
WebClient WIP: add support for localizations
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-12-10 16:40:13 +01:00
Nicola Murino
6175acb572
add support for reading more secrets from files
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-11-24 20:43:50 +01:00
patrickap
a91cf22e0f
provider: support for username and password file (#1455)
Signed-off-by: patrickap <patrick.schlageter@web.de>
2023-11-24 20:28:51 +01:00
Nicola Murino
bfa17314c6
keyboard interactive auth: respect hook disabled setting
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-11-18 11:28:15 +01:00
Nicola Murino
c5c5860012
ssh: allow to configure public key auth algorithms
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-11-09 20:03:04 +01:00
Nicola Murino
51febb19fa
httpd: add database based token manager
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-11-01 10:54:14 +01:00
Nicola Murino
59378104b7
webclient: fix link for shares with a trailing space
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-10-29 07:33:56 +01:00
Nicola Murino
4a15775f65
allow to configure ALPN protocols
Fixes #1406

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-10-28 12:35:26 +02:00
Nicola Murino
ba9df51b2e
fix or suppress lint warnings detected by golangci-lint 1.55.0
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-10-20 20:31:17 +02:00
Nicola Murino
6282f95bd3
improve temp dirs handling an some logs
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-10-17 18:06:52 +02:00
Nicola Murino
4b685b21a2
configs: fix backward compatibility
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-10-07 22:02:10 +02:00
Nicola Murino
f05fe78737
ssh: refactor host key algorithm restriction
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-10-07 16:07:19 +02:00
Nicola Murino
19a95d8c55
httpfs: limit body size
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-10-07 11:28:16 +02:00
Nicola Murino
e54fd46a9e
SQL providers: make sure we don't exceed the allowed placeholders
Fixes #1415

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-09-12 19:15:40 +02:00
Nicola Murino
5ef0a2ed4b
External/plugin auth: check for password change after empty response
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-08-26 12:04:41 +02:00
Nicola Murino
60cc07bc81
eventmanager: add DELETE method to HTTP notifications
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-08-09 18:44:17 +02:00
Nicola Murino
830116bcf2
shares: allow to force an expiration date
this is a soft requirement, users can reactivate expired shares by
updating the expiration date

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-08-07 19:07:20 +02:00
Nicola Murino
ea96fe9a26
postgres provider: add support for "allow" and "prefer" SSL modes
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-08-05 20:01:14 +02:00
Nicola Murino
75e6ef6132
sftpd: remove diffie-hellman-group18-sha512 KEX
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-08-04 21:10:39 +02:00
Nicola Murino
af0d7b48ad
sftpd: refactor multi-step authentication
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-08-04 20:56:23 +02:00
Nicola Murino
0413c0471c
add a specific permission to manage folders
creating/updating folders embedded in users is no longer supported.

Fixes #1349

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-07-23 18:48:49 +02:00
Nicola Murino
00366fce07
shares: respect password strength
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-07-16 16:51:38 +02:00
Nicola Murino
4f8794a255
file patterns: fix denied except rules
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-07-08 17:02:47 +02:00
Nicola Murino
76964a6b85
check second factor after plugin authentication
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-06-25 07:16:26 +02:00
Nicola Murino
a38ce460bb
WebClient: show user quota
Also remove per-source data transfer limits. This was an
oversight

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-06-16 21:06:21 +02:00
Nicola Murino
957d3a7b4d
CockroachDB: use unordered_unique_rowid for primary keys
sequential values in a primary key does not perform as well

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-06-10 18:23:35 +02:00
Nicola Murino
d7d7b0bbf0
dataprovider: fix sql for CockroachDB
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-06-10 15:32:51 +02:00
Nicola Murino
99424bfa58
squash database migrations
SQLite: remove AUTOINCREMENT from primary keys. It is not needed.

Postgres: switch from serial to identity for primary keys.
This means Postgres < 10 will not work in v2.6.x

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-06-10 13:06:24 +02:00
Nicola Murino
9470cd6e69
multi-node installations: use a different backup path for each node
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-06-03 17:54:24 +02:00
Nicola Murino
74e5999c63
added support for verifying sha256/sha512 passwords hash
this simplifies the migration of users from some proprietary products

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-06-03 16:58:45 +02:00
Nicola Murino
48939b2b4f
add XOAUTH2
start the countdown, let's see how long it takes for your favorite
Go-based proprietary SFTP server to notice this change, copy the SFTPGo
code and thus violate its license, and announce the same feature :)

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-06-03 16:17:32 +02:00
Nicola Murino
8339fee69d
smtp: add debug option
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-05-30 19:11:28 +02:00
Nicola Murino
8f934f7c82
email action: allow to configure Bcc
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-05-25 19:55:27 +02:00
Nicola Murino
255985b7b0
Windows: start the service in a goroutine
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-05-23 12:59:27 +02:00
Nicola Murino
d28a53a6cf
webdav: fix caching with external auth/plugins
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-05-20 12:39:07 +02:00
Nicola Murino
bbaca578cd
EventManager: add content type option for email config
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-05-17 19:28:13 +02:00
Nicola Murino
adad8e658b
osfs: add optional buffering
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-05-16 18:08:14 +02:00
Nicola Murino
4eded56d5f
add support for log events
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-05-12 18:34:59 +02:00
Nicola Murino
712f2053a4
REST API dumpdata: allow to specify the resources to dump
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-04-18 18:11:23 +02:00
Nicola Murino
3cb53b2c33
fix cross folder copy
also update css/js deps and other minor changes

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-04-13 18:23:42 +02:00
Nicola Murino
184b99d500
user: add a field to indicate whether the password is set
A structure similar to the one used for secrets would be better,
but we don't want to break backwards compatibility.

Also document that omitting the password field in the request body
will preserve the current password when updating a user using the
REST API. Added a test case for this.

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-04-06 18:22:09 +02:00
Nicola Murino
ee90bfb506
add unixcrypt build tag
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-03-26 10:33:30 +02:00
Nicola Murino
e17068a76f
postgres provider: add support for load balancing
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-03-25 09:29:13 +01:00
Nicola Murino
e29f6857db
EventManager: add IDP login trigger and check account action
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-03-22 19:02:54 +01:00
Nicola Murino
0423e8f157
httpd: generate defender events for failed 2fa and password resets
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-03-04 13:55:48 +01:00
Nicola Murino
4ba3ae876d
allow to set password strength at user/group level
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-03-02 09:11:30 +01:00
Nicola Murino
dba088daed
printf: replace %#v with the more explicit %q
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-27 19:19:57 +01:00
Nicola Murino
874776bd12
also capture logs for pre-login and check-password commands
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-26 15:15:34 +01:00
Felix Eckhofer
ec67b67e9e Send output from external_auth_hook to logs
Signed-off-by: Felix Eckhofer <felix@eckhofer.com>
2023-02-26 07:39:34 +01:00
Nicola Murino
b8496c4d6e
eventmanager: add user expiration check
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-25 13:06:09 +01:00
Nicola Murino
8805d85377
configs: add ACME section
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-23 19:25:20 +01:00
Nicola Murino
fcf9a8c673
scheduler: disable verbose logs
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-21 18:18:24 +01:00
Nicola Murino
2c1319985d
sql providers: remove unnecessary []byte to string conversion
always check affected rows for updates

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-20 18:14:02 +01:00
Nicola Murino
a3fff56da5
WebAdmin: add configs section
Setting configurations is an experimental feature and is not currently
supported in the REST API

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-19 19:03:45 +01:00
Nicola Murino
78cd5d8eba
groups: add expiration date override
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-13 19:32:36 +01:00
Nicola Murino
7e85356325
WebClient shares: replace basic auth with a login form
basic auth will continue to work for REST API

Fixes #1166

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-12 08:29:53 +01:00
Nicola Murino
1b1745b7f7
move IP/Network lists to the data provider
this is a backward incompatible change, all previous file based IP/network
lists will not work anymore

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-09 09:33:33 +01:00
Nicola Murino
c0fe08b597
defender: allow to set a different score for "no auth tried" events
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-25 18:49:03 +01:00
Nicola Murino
7b5bebc588
EventManager: add "on-demand" trigger
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-21 15:41:24 +01:00
Nicola Murino
53f17b5715
allow to disable event rules
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-19 18:33:04 +01:00
Nicola Murino
0190d0b849
update Copyright year
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-03 10:18:30 +01:00
Nicola Murino
2611dd2c98
eventmanager: add support for pre-* actions
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-01 17:59:41 +01:00
Nicola Murino
ea4c4dd57f
eventmanager: add copy action
refactor sftpgo-copy and sftpgo-remove commands

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-12-27 18:51:53 +01:00
Nicola Murino
e17975ed7d
dataprovider: include port in node name and make it a hash
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-12-20 16:40:32 +01:00
Nicola Murino
2da3eabc12
eventmanager: add password notification check action
this action allow to send an email notification to users whose
password is about to expire

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-12-16 18:51:29 +01:00
Nicola Murino
ad5d657a1a
add support for password policies
you can now set a password expiration and the password change requirement

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-12-11 17:15:34 +01:00
Nicola Murino
926dcbbc63
add a CLI command to reset admin passwords
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-12-09 18:28:16 +01:00
Nicola Murino
221a4878aa
eventmanager: allow to filter based on role name
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-12-03 17:47:43 +01:00
Nicola Murino
1f9cf194fe
add role to events
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-12-03 11:45:27 +01:00
Nicola Murino
e87118d2a8
allow WebClient login with multi-step auth enabled
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-11-29 18:43:48 +01:00
Nicola Murino
2017cb60e9
Per-directory permissions: add wildcards support
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-11-18 18:12:04 +01:00
Nicola Murino
5a222807b7
add roles
Fixes #837

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-11-16 19:04:50 +01:00
Nicola Murino
048591553a
allow to set a default expiration for newly created users
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-11-05 18:01:24 +01:00
Nicola Murino
676286182a
webdav: always open files for reading in lazy mode
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-11-03 08:31:40 +01:00
Nicola Murino
3b2002d9ef
shared providers: allow to immediately re-add soft-deleted event rules
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-11-01 17:39:53 +01:00
Nicola Murino
91fae5c4d4
shared providers: allow to immediately re-add soft-deleted users
there is no need to wait for cache updates

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-11-01 12:53:08 +01:00
Nicola Murino
e3e85867b1
sftpfs: reuse connections
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-11-01 12:22:54 +01:00
Nicola Murino
80244bd83b
eventmanager: allow to access the backup file
so it can be used in email and other actions

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-10-29 14:04:31 +02:00
Nicola Murino
9a9e7d1a7f
squash database migrations
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-10-28 14:28:37 +02:00
Nicola Murino
15b4194e8f
event rules: allow to set min/max file size using "human" notation
10MB or 1GB instead of the size in bytes

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-10-16 15:28:47 +02:00
Nicola Murino
4b4edef0ad
disable self connections by default
now that the event manager can create files, self connections may create
even more issues than before

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-10-12 18:12:12 +02:00
Nicola Murino
07012aa812
WebDAV: allow to set last modification time
This commit add a minimal dead properties implementation

Fixes #1018

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-10-11 19:20:58 +02:00
Nicola Murino
0e54fa5655
cryptfs: fix quota for overwrites if upload fails
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-10-10 19:34:15 +02:00