Nicola Murino
12f599fd65
WebUI: skip checks for static resource
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-25 18:19:21 +01:00
Nicola Murino
92911bda2b
require at least 2048 bits for RSA certificates/keys
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-25 11:12:57 +01:00
Nicola Murino
f7d9e56cac
ssh: remove moduli, log negotiated algorithms
...
Fixes #1324
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-24 20:35:09 +01:00
Nicola Murino
a577d8b3cd
WebAdmin: allow to disable 2FA
...
Before it was only possible using REST API
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-23 18:24:07 +01:00
Nicola Murino
76ffa107dd
check admins' two-factor requirements in the disable API as well
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-22 19:05:16 +01:00
Nicola Murino
9a6a65931e
two-factor auth: fixed validation of conflicting settings
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-22 18:20:51 +01:00
Nicola Murino
de089e51fd
Web: allow to require password change and two-factor for admins
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-21 20:45:10 +01:00
Nicola Murino
51ae2d7301
add copy permission
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-20 18:19:09 +01:00
Nicola Murino
e61fb42cbc
remove metadata plugin
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-17 12:30:47 +01:00
Nicola Murino
ad75543172
fix some new lint warnings
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-15 21:13:45 +01:00
Nicola Murino
1ff55bbfa7
add DirLister interface
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-15 20:53:56 +01:00
Nicola Murino
ae309d64c4
WebClient: disable indicator if we redirect from the login page
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-04 21:13:04 +01:00
Nicola Murino
8385acd0e3
Redirect to two-factor auth page after creating the first admin
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-04 20:58:29 +01:00
Nicola Murino
e5836c8118
WebUI: add a JSON helper function
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-04 18:16:10 +01:00
Nicola Murino
c23d779280
WebClient: load shares using an async request
...
instead of rendering them directly within the template
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-04 14:33:51 +01:00
Nicola Murino
3158190945
WebClient: respect second factor requirements enforced at group level
...
Fixes #1506
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-04 12:09:47 +01:00
Nicola Murino
6074ed21f7
dataproviders: return an uniform error for foreign key violations
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-03 14:24:50 +01:00
Nicola Murino
71e01ab26d
new WebAdmin: add test cases
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-03 12:42:05 +01:00
Nicola Murino
ad80d4e475
WIP new WebAdmin: event rules
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-01 20:32:43 +01:00
Nicola Murino
c85601146d
WIP new WebAdmin: event actions
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-31 20:49:25 +01:00
Nicola Murino
143d4611ba
WIP new WebAdmin: events page
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-28 19:38:01 +01:00
Nicola Murino
69da5c10c6
WIP new WebAdmin: configs page
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-27 12:48:15 +01:00
Nicola Murino
d01fccf28c
WIP new WebAdmin: maintenance page
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-26 21:03:41 +01:00
Nicola Murino
9fcff83f8f
WIP new WebAdmin: status page
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-25 19:26:51 +01:00
Nicola Murino
eec9c449d4
vfs: make PipeReader an interface
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-24 19:59:50 +01:00
Nicola Murino
8180b75ef1
WIP new WebAdmin: IP lists pages
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-24 19:23:15 +01:00
Nicola Murino
d381304136
WIP new WebAdmin: admin/admins pages
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-22 20:22:41 +01:00
Nicola Murino
e38350e8b3
WIP new WebAdmin: role page
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-21 17:19:25 +01:00
Nicola Murino
3f479c5537
WIP new WebAdmin: roles page
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-21 16:49:04 +01:00
Nicola Murino
8648351fc7
WIP new WebAdmin: connections page
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-20 15:35:05 +01:00
Nicola Murino
73b2573b14
WIP new WebAdmin: two factor auth page
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-18 20:25:07 +01:00
Nicola Murino
91802fad3e
WIP new WebAdmin: profile, change password, message pages
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-18 19:18:57 +01:00
Nicola Murino
87451560e3
normalize common database errors
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-17 17:36:35 +01:00
Nicola Murino
5ac99ee556
WIP new WebAdmin: folder page
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-16 19:51:37 +01:00
Nicola Murino
d939a82225
user: add TLS certificates
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-14 21:36:23 +01:00
Nicola Murino
0722c4369b
WIP new WebAdmin: folders page
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-14 16:59:27 +01:00
Nicola Murino
1a0f734a9c
WIP new WebAdmin: remove some hard coded strings
...
so they can be localized
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-14 09:41:39 +01:00
Nicola Murino
bf94f8b87c
WIP new WebAdmin: group page
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-14 09:09:42 +01:00
Nicola Murino
5c8214e121
WIP new WebAdmin: groups page
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-11 19:26:13 +01:00
Nicola Murino
113724f340
Merge branch 'main' of github.com:drakkan/sftpgo
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-10 20:01:54 +01:00
Nicola Murino
9cde0909b0
test cases: replace expired TLS certificates
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-10 19:53:48 +01:00
Nicola Murino
86eab21be8
WebAdmin: fix parsing form field
...
some field names changed with the new UI
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-10 18:49:20 +01:00
Nicola Murino
e1b5d2fe39
WebAdmin: use the new UI for user pages
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-09 19:54:08 +01:00
Nicola Murino
ca880f6cbb
WebAdmin: completed base page
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-01 20:09:15 +01:00
Nicola Murino
784b7585c1
remove end year from Copyright notice in files
...
so we don't have to update all the files every year
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-01 11:31:45 +01:00
Nicola Murino
ce0693feda
WebUIs: move more shared components to common/base.html
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-12-31 17:35:14 +01:00
Nicola Murino
3e47a4f664
WebAdmin: use the new theme for the login and setup page
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-12-30 19:12:22 +01:00
Nicola Murino
7318d1f32a
Web: move baselogin template to common
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-12-30 14:13:25 +01:00
Nicola Murino
259566fcce
WebUI: allow absolute URLs for disclaimers
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-12-28 19:59:06 +01:00
Nicola Murino
3121c35437
WebClient: do not silently overwrite files/directories
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-12-28 18:43:07 +01:00
Nicola Murino
f721cf5c40
WebClient: fix test cases
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-12-12 19:04:32 +01:00
Nicola Murino
61fe7c39a7
WebClient: allow to pass args for localized errors from the backend
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-12-12 18:04:14 +01:00
Nicola Murino
691133d7c8
WebClient: improve test coverage
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-12-10 18:34:09 +01:00
Nicola Murino
c71f0426ae
WebClient WIP: add support for localizations
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-12-10 16:40:13 +01:00
Nicola Murino
74836af66e
WebUI: extract a common struct for all pages
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-11-25 18:30:56 +01:00
Nicola Murino
ed828458ab
WebUI add title to all pages
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-11-25 18:11:10 +01:00
Nicola Murino
6175acb572
add support for reading more secrets from files
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-11-24 20:43:50 +01:00
Nicola Murino
62854e4802
WebClient: use flatpickr as time picker
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-11-22 20:14:49 +01:00
Nicola Murino
bde5713ed6
WebClient: cleanup some js code
...
also returns an error if file or directory names contain a slash
instead of silently replacing slashes with a similar symbol
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-11-22 15:57:33 +01:00
Nicola Murino
ac309cf9a3
WebClient: remove data schema usage from mfa page
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-11-18 20:06:31 +01:00
Nicola Murino
59bdd4bc4e
WebClient: add support for more languages to the editor
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-11-18 14:17:28 +01:00
Nicola Murino
1a765c7ff7
WebClient share: add a download page
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-11-17 19:10:03 +01:00
Nicola Murino
61e6cc6985
WebClient: remove remaining inline onclick events
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-11-16 18:55:14 +01:00
Nicola Murino
37b0c229fc
Web UI: propagate CSPNonce to templates
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-11-15 18:48:16 +01:00
Nicola Murino
c5c5860012
ssh: allow to configure public key auth algorithms
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-11-09 20:03:04 +01:00
Nicola Murino
a1346aa071
httpd: fixed logging of refused requests due to rate limiting/blocklisting
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-11-08 19:11:00 +01:00
Nicola Murino
6295be786f
WebClient: add a ping URL
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-11-06 19:58:39 +01:00
Nicola Murino
d5a9bec3da
WebClient: allow bulk move or copy actions
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-11-06 19:10:35 +01:00
Nicola Murino
654ce2e349
s3: allow to skip TLS verification
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-11-05 19:27:11 +01:00
Nicola Murino
010c36cab5
WebClient: allow to set a list of default CSS
...
The new WIP WebClient requires 2 CSS files
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-11-05 17:30:33 +01:00
Nicola Murino
b872c423ee
Remove external integrations, they are not supported in the new WIP WebClient
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-11-05 17:30:21 +01:00
Nicola Murino
2ee2098a48
WebClient: add test cases for new backend code
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-11-05 17:30:17 +01:00
Nicola Murino
0671178e29
WebClient: fix test cases
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-11-05 17:30:06 +01:00
Nicola Murino
37facd21d4
WebClient shares: fix view pdf files
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-11-05 17:29:15 +01:00
Nicola Murino
9322701615
WIP: new WebClient UI
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-11-05 17:26:29 +01:00
Nicola Murino
87b12af932
static files: refactor neutered http.FileSystem
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-11-03 17:22:28 +01:00
Nicola Murino
379f87f571
loaddata: do not reveal the existence of the files in error messages
...
return a generic error message
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-11-01 10:54:20 +01:00
Nicola Murino
51febb19fa
httpd: add database based token manager
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-11-01 10:54:14 +01:00
Nicola Murino
8c31cc47b0
web UIs: fix dismissable alerts
...
alerts can now be shown again after the user dismissal
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-10-29 08:17:24 +01:00
Nicola Murino
59378104b7
webclient: fix link for shares with a trailing space
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-10-29 07:33:56 +01:00
Nicola Murino
7da5d8fcea
config: rename protocols to tls_protocols
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-10-28 12:42:05 +02:00
Nicola Murino
4a15775f65
allow to configure ALPN protocols
...
Fixes #1406
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-10-28 12:35:26 +02:00
Nicola Murino
320e404e4d
vfs: make PipeWriter an interface
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-10-23 09:56:46 +02:00
Nicola Murino
e3c4ee0833
add support for conditional resuming of uploads
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-10-23 09:56:40 +02:00
Nicola Murino
fc460922ad
events: fix event type string conversion
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-10-21 11:25:39 +02:00
Nicola Murino
ba9df51b2e
fix or suppress lint warnings detected by golangci-lint 1.55.0
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-10-20 20:31:17 +02:00
Nicola Murino
63972edb96
httpd: add a test case for StripSlash middleware
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-10-08 10:46:17 +02:00
Nicola Murino
da0eb5037e
httpd: skip StripSlash middleware for URL ending with multiple slashes
...
Fixes #1434
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-10-08 10:40:08 +02:00
Nicola Murino
4b685b21a2
configs: fix backward compatibility
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-10-07 22:02:10 +02:00
Nicola Murino
e54fd46a9e
SQL providers: make sure we don't exceed the allowed placeholders
...
Fixes #1415
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-09-12 19:15:40 +02:00
Nicola Murino
fac022090d
httpd: disable directory index for static files
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-09-08 19:55:45 +02:00
Nicola Murino
aefcea034a
validate API key scope
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-09-08 18:54:11 +02:00
Nicola Murino
f03fdd1155
add object metadata to notification events
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-08-12 18:51:47 +02:00
Nicola Murino
6c482a248d
portable mode: add WebClient
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-08-10 19:02:55 +02:00
Nicola Murino
25450d9efc
fix event validation test case
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-08-09 19:00:59 +02:00
Nicola Murino
63212bb033
remove the legacy PreferServerCipherSuites configuration
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-08-07 19:11:48 +02:00
Nicola Murino
830116bcf2
shares: allow to force an expiration date
...
this is a soft requirement, users can reactivate expired shares by
updating the expiration date
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-08-07 19:07:20 +02:00
Nicola Murino
af0d7b48ad
sftpd: refactor multi-step authentication
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-08-04 20:56:23 +02:00
Nicola Murino
0413c0471c
add a specific permission to manage folders
...
creating/updating folders embedded in users is no longer supported.
Fixes #1349
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-07-23 18:48:49 +02:00
Nicola Murino
00366fce07
shares: respect password strength
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-07-16 16:51:38 +02:00