beenull/sftpgo-mirror

mirror of https://github.com/drakkan/sftpgo.git synced 2024-11-22 15:40:23 +00:00

Author	SHA1	Message	Date
Nicola Murino	63972edb96	httpd: add a test case for StripSlash middleware Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-10-08 10:46:17 +02:00
Nicola Murino	da0eb5037e	httpd: skip StripSlash middleware for URL ending with multiple slashes Fixes #1434 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-10-08 10:40:08 +02:00
Nicola Murino	4b685b21a2	configs: fix backward compatibility Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-10-07 22:02:10 +02:00
Nicola Murino	e54fd46a9e	SQL providers: make sure we don't exceed the allowed placeholders Fixes #1415 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-09-12 19:15:40 +02:00
Nicola Murino	fac022090d	httpd: disable directory index for static files Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-09-08 19:55:45 +02:00
Nicola Murino	aefcea034a	validate API key scope Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-09-08 18:54:11 +02:00
Nicola Murino	f03fdd1155	add object metadata to notification events Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-08-12 18:51:47 +02:00
Nicola Murino	6c482a248d	portable mode: add WebClient Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-08-10 19:02:55 +02:00
Nicola Murino	25450d9efc	fix event validation test case Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-08-09 19:00:59 +02:00
Nicola Murino	63212bb033	remove the legacy PreferServerCipherSuites configuration Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-08-07 19:11:48 +02:00
Nicola Murino	830116bcf2	shares: allow to force an expiration date this is a soft requirement, users can reactivate expired shares by updating the expiration date Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-08-07 19:07:20 +02:00
Nicola Murino	af0d7b48ad	sftpd: refactor multi-step authentication Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-08-04 20:56:23 +02:00
Nicola Murino	0413c0471c	add a specific permission to manage folders creating/updating folders embedded in users is no longer supported. Fixes #1349 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-07-23 18:48:49 +02:00
Nicola Murino	00366fce07	shares: respect password strength Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-07-16 16:51:38 +02:00
Nicola Murino	e88172dd7e	back to development Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-07-15 12:35:30 +02:00
Nicola Murino	a38ce460bb	WebClient: show user quota Also remove per-source data transfer limits. This was an oversight Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-06-16 21:06:21 +02:00
Nicola Murino	1c1b76011f	WebAdmin: relax key prefix validation try to automatically fix leading and trailing slashes Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-06-12 19:13:16 +02:00
Nicola Murino	9d60972743	WebClient: redirect to the requested URL after login This feature is only useful and enabled for file manager urls Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-06-08 18:14:47 +02:00
Nicola Murino	f938af5a61	WebClient: fix sorting by size Fixes #1313 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-06-04 21:45:31 +02:00
Nicola Murino	3499edd5c2	WebUI: remove leading and trailing spaces from user-submitted input Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-06-04 08:45:17 +02:00
Nicola Murino	48939b2b4f	add XOAUTH2 start the countdown, let's see how long it takes for your favorite Go-based proprietary SFTP server to notice this change, copy the SFTPGo code and thus violate its license, and announce the same feature :) Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-06-03 16:17:32 +02:00
Nicola Murino	8339fee69d	smtp: add debug option Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-05-30 19:11:28 +02:00
Nicola Murino	8f934f7c82	email action: allow to configure Bcc Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-05-25 19:55:27 +02:00
Nicola Murino	bbaca578cd	EventManager: add content type option for email config Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-05-17 19:28:13 +02:00
Nicola Murino	52ec36dbd6	update pwd reset template. Update deps and use new features from the OIDC library Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-05-17 18:10:57 +02:00
Nicola Murino	e0d9b8bddf	WebClient: update password change timestamp after password reset Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-05-16 19:15:45 +02:00
Nicola Murino	adad8e658b	osfs: add optional buffering Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-05-16 18:08:14 +02:00
Nicola Murino	4eded56d5f	add support for log events Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-05-12 18:34:59 +02:00
Nicola Murino	712f2053a4	REST API dumpdata: allow to specify the resources to dump Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-04-18 18:11:23 +02:00
Nicola Murino	466f2e88b3	WebClient: fix rename Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-04-15 14:16:26 +02:00
Nicola Murino	4294659785	try harder to convert transfer errors in well-known error types Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-04-08 14:55:04 +02:00
Nicola Murino	184b99d500	user: add a field to indicate whether the password is set A structure similar to the one used for secrets would be better, but we don't want to break backwards compatibility. Also document that omitting the password field in the request body will preserve the current password when updating a user using the REST API. Added a test case for this. Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-04-06 18:22:09 +02:00
Nicola Murino	354fc9b3d6	OIDC: allow to extract custom fields from sub-structs Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-03-23 18:15:07 +01:00
Nicola Murino	e29f6857db	EventManager: add IDP login trigger and check account action Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-03-22 19:02:54 +01:00
Nicola Murino	84396343da	fix some codeql warnings Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-03-10 17:30:06 +01:00
Nicola Murino	0423e8f157	httpd: generate defender events for failed 2fa and password resets Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-03-04 13:55:48 +01:00
Nicola Murino	bdcee06665	WebClient: remove the default upload size limit Users who want a limit can still set it. By default, we want to allow uploads of any size Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-03-02 18:26:21 +01:00
Nicola Murino	4ba3ae876d	allow to set password strength at user/group level Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-03-02 09:11:30 +01:00
Nicola Murino	662164c7ff	smtp: require templates only if a server is configured or in service mode This regression was introduced after recent changes to allow setting the SMTP settings from the WebAdmin UI. Fixes #1217 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-03-01 18:31:02 +01:00
Nicola Murino	fad6af11e5	don't expose error messages from pre-actions and post connect hooks always return a generic error instead to avoid leaking internal info Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-02-28 18:01:09 +01:00
Nicola Murino	dba088daed	printf: replace %#v with the more explicit %q Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-02-27 19:19:57 +01:00
Nicola Murino	561976bcd0	WebClient: return proper status code for http.MaxBytesError Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-02-27 11:03:05 +01:00
Nicola Murino	9a10740218	allow ACME HTTP-01 challenge with https redirect from port 80 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-02-24 20:08:14 +01:00
Nicola Murino	8805d85377	configs: add ACME section Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-02-23 19:25:20 +01:00
Nicola Murino	a3fff56da5	WebAdmin: add configs section Setting configurations is an experimental feature and is not currently supported in the REST API Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-02-19 19:03:45 +01:00
Nicola Murino	78cd5d8eba	groups: add expiration date override Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-02-13 19:32:36 +01:00
Nicola Murino	7738faa040	events: add elapsed to UI and exports Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-02-13 12:58:21 +01:00
Nicola Murino	7e85356325	WebClient shares: replace basic auth with a login form basic auth will continue to work for REST API Fixes #1166 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-02-12 08:29:53 +01:00
Nicola Murino	1b1745b7f7	move IP/Network lists to the data provider this is a backward incompatible change, all previous file based IP/network lists will not work anymore Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-02-09 09:33:33 +01:00
Nicola Murino	c0fe08b597	defender: allow to set a different score for "no auth tried" events Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-01-25 18:49:03 +01:00

1 2 3

118 commits