beenull/sftpgo-mirror
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2024-11-21 15:10:23 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6
2047 commits 8 branches 49 tags 49 MiB
Commit graph

143 commits

Author SHA1 Message Date
Nicola Murino
3dd412f6e3
WebAdmin and REST API: remove too granular permissions 
Our permissions system for admin users is too granular and some
permissions overlap. For example, you can define an administrator
with the "manage_system" permission and not with the "manage_admins"
or "manage_user" permission, but the "manage_system" permission
allows you to restore a backup and then create users and
administrators. The following permissions will be removed:
"manage_admins", "manage_apikeys", "manage_system", "retention_checks",
"manage_event_rules", "manage_roles", "manage_ip_lists". Now you
need to add the "*" permission to replace the removed granular
permissions because the removed permissions allow actions that
should only be allowed to super administrators.
There is no point in having separate, overlapping permissions.

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-11-10 10:46:28 +01:00
Nicola Murino
0c75d234b9
OpenAPI: document password_strength 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-10-26 21:19:28 +02:00
Nicola Murino
7feeec6941
update OpenAPI schema
Some checks failed
CI / Test and deploy (push) Has been cancelled
Details
CI / Test build flags (push) Has been cancelled
Details
Code scanning - action / CodeQL-Build (push) Has been cancelled
Details
Docker / Build (push) Has been cancelled
Details
CI / Test with PgSQL/MySQL/Cockroach (push) Has been cancelled
Details
CI / Build Linux packages (push) Has been cancelled
Details
CI / golangci-lint (push) Has been cancelled
Details 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-10-16 20:51:51 +02:00
Nicola Murino
2fbf608895
S3: add SSE customer key 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-08-15 10:09:06 +02:00
Nicola Murino
81433e00d1
event action: add update modtime to fs rename 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-08-09 20:18:33 +02:00
Nicola Murino
0cddcba5a7
EventManager: add an action to rotate the log file 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-06-04 19:51:52 +02:00
Nicola Murino
61bc0065f9
back to development 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-05-16 04:54:46 +02:00
Nicola Murino
19e9857fea
set version to 2.6.0 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-05-15 17:36:10 +02:00
Nicola Murino
a1af33c6aa
WebClient: allow to set TLS certificates 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-05-03 18:30:03 +02:00
Nicola Murino
58a8b2b860
S3: add support for STS temporary credentials 
Fixes #1558

Co-authored-by: Nazarii Mediukh <nazar.medykh@gmail.com>
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-05-02 20:01:30 +02:00
Nicola Murino
acfd4c3e55
ftpd: allow to ignore ASCII transfer types 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-05-02 19:00:29 +02:00
Nicola Murino
456517af87
notifier plugin: add support for login succeeded events 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-04-10 18:39:08 +02:00
Nicola Murino
cb3bc3f604
update OpenAPI definition 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-03-18 19:32:01 +01:00
Nicola Murino
4d357a6a57
EventManager: allow to check for inactive users 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-03-04 19:48:10 +01:00
Nicola Murino
a577d8b3cd
WebAdmin: allow to disable 2FA 
Before it was only possible using REST API

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-02-23 18:24:07 +01:00
Nicola Murino
de089e51fd
Web: allow to require password change and two-factor for admins 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-02-21 20:45:10 +01:00
Nicola Murino
51ae2d7301
add copy permission 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-02-20 18:19:09 +01:00
Nicola Murino
e61fb42cbc
remove metadata plugin 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-02-17 12:30:47 +01:00
Nicola Murino
d939a82225
user: add TLS certificates 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-01-14 21:36:23 +01:00
Nicola Murino
ac309cf9a3
WebClient: remove data schema usage from mfa page 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-11-18 20:06:31 +01:00
Nicola Murino
c5c5860012
ssh: allow to configure public key auth algorithms 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-11-09 20:03:04 +01:00
Nicola Murino
f05fe78737
ssh: refactor host key algorithm restriction 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-10-07 16:07:19 +02:00
Nicola Murino
6c482a248d
portable mode: add WebClient 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-08-10 19:02:55 +02:00
Nicola Murino
830116bcf2
shares: allow to force an expiration date 
this is a soft requirement, users can reactivate expired shares by
updating the expiration date

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-08-07 19:07:20 +02:00
Nicola Murino
0413c0471c
add a specific permission to manage folders 
creating/updating folders embedded in users is no longer supported.

Fixes #1349

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-07-23 18:48:49 +02:00
Nicola Murino
e88172dd7e
back to development 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-07-15 12:35:30 +02:00
Nicola Murino
51d8f3b436
back to development 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-06-29 14:42:16 +02:00
Nicola Murino
66f360e66c
back to development 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-06-18 07:15:39 +02:00
Nicola Murino
a38ce460bb
WebClient: show user quota 
Also remove per-source data transfer limits. This was an
oversight

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-06-16 21:06:21 +02:00
Nicola Murino
80f21d1c91
WebAdmin: don't show hidden deny policy for allowed patterns 
The deny policy only applies to denied patterns, showing an allowed
pattern as hidden will confuse users

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-06-14 19:00:52 +02:00
Nicola Murino
8f934f7c82
email action: allow to configure Bcc 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-05-25 19:55:27 +02:00
Nicola Murino
b2781e0bfc
WebAdmin: Set TLS username to empty string if disabled 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-05-25 18:24:51 +02:00
Nicola Murino
f8f8962ccb
file patterns: evaluate allowed filters before the denied ones 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-05-24 19:56:53 +02:00
Nicola Murino
2b77709a04
back to development 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-05-21 09:23:24 +02:00
Nicola Murino
5b4a1bda2e
set version to 2.5.1 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-05-20 17:39:23 +02:00
Nicola Murino
bbaca578cd
EventManager: add content type option for email config 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-05-17 19:28:13 +02:00
Nicola Murino
da30389989
fix OpenAPI schema, update js deps 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-05-17 18:24:33 +02:00
Nicola Murino
adad8e658b
osfs: add optional buffering 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-05-16 18:08:14 +02:00
Nicola Murino
4eded56d5f
add support for log events 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-05-12 18:34:59 +02:00
Nicola Murino
05c54614b2
back to development 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-05-05 19:12:50 +02:00
Nicola Murino
32020e236f
set version to 2.5.0 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-05-03 13:07:48 +02:00
Nicola Murino
fd6a44c562
OpenAPI: fix filesystem action types enum 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-04-23 14:46:09 +02:00
Nicola Murino
712f2053a4
REST API dumpdata: allow to specify the resources to dump 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-04-18 18:11:23 +02:00
Nicola Murino
5219c1fdd1
back to development 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-04-08 19:00:05 +02:00
Nicola Murino
184b99d500
user: add a field to indicate whether the password is set 
A structure similar to the one used for secrets would be better,
but we don't want to break backwards compatibility.

Also document that omitting the password field in the request body
will preserve the current password when updating a user using the
REST API. Added a test case for this.

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-04-06 18:22:09 +02:00
Nicola Murino
b60d3f680e
user as JSON: rename 2fa_protocols to two_factor_protocols 
This is a breaking change, but it is necessary to make JSON serialization of
users more compatible.
For example, Terraform does not allow JSON fields starting with numbers

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-03-26 15:57:53 +02:00
Nicola Murino
ee90bfb506
add unixcrypt build tag 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-03-26 10:33:30 +02:00
Nicola Murino
e29f6857db
EventManager: add IDP login trigger and check account action 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-03-22 19:02:54 +01:00
Nicola Murino
b8496c4d6e
eventmanager: add user expiration check 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-02-25 13:06:09 +01:00
Nicola Murino
a3fff56da5
WebAdmin: add configs section 
Setting configurations is an experimental feature and is not currently
supported in the REST API

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-02-19 19:03:45 +01:00