Nicola Murino
b524da11e9
EventManager: disable commands by default
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-10 12:08:17 +01:00
Nicola Murino
3dd412f6e3
WebAdmin and REST API: remove too granular permissions
...
Our permissions system for admin users is too granular and some
permissions overlap. For example, you can define an administrator
with the "manage_system" permission and not with the "manage_admins"
or "manage_user" permission, but the "manage_system" permission
allows you to restore a backup and then create users and
administrators. The following permissions will be removed:
"manage_admins", "manage_apikeys", "manage_system", "retention_checks",
"manage_event_rules", "manage_roles", "manage_ip_lists". Now you
need to add the "*" permission to replace the removed granular
permissions because the removed permissions allow actions that
should only be allowed to super administrators.
There is no point in having separate, overlapping permissions.
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-10 10:46:28 +01:00
Nicola Murino
ef98ee7d11
don't allow admins to change their own permissions
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-09 20:24:35 +01:00
Nicola Murino
88b1850b58
EventManager: allow to define the allowed system commands
...
CI / Test and deploy (push) Has been cancelled
Code scanning - action / CodeQL-Build (push) Has been cancelled
CI / Test build flags (push) Has been cancelled
CI / Test with PgSQL/MySQL/Cockroach (push) Has been cancelled
CI / Build Linux packages (push) Has been cancelled
CI / golangci-lint (push) Has been cancelled
Docker / Build (push) Has been cancelled
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-01 11:37:33 +01:00
Nicola Murino
ae1487d733
fix connection limits
...
an SFTP client can start multiple transfers on a single connection
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-10-26 21:18:19 +02:00
Nicola Murino
d8691d1e1a
update translations
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-10-13 17:00:17 +02:00
Nicola Murino
eba4c93efd
user: add additional emails
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-10-11 19:20:51 +02:00
Nicola Murino
424999dacd
kms: add support for Oracle Key Vault
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-10-02 18:14:05 +02:00
Nicola Murino
eeef23139d
EventManager: filter action execution based on event status
...
Docker / Build (distroless, false, ubuntu-latest) (push) Has been cancelled
CI / golangci-lint (push) Has been cancelled
Docker / Build (alpine, false, ubuntu-latest) (push) Has been cancelled
Docker / Build (alpine, true, ubuntu-latest) (push) Has been cancelled
Docker / Build (debian, false, ubuntu-latest) (push) Has been cancelled
Docker / Build (debian, true, ubuntu-latest) (push) Has been cancelled
Code scanning - action / CodeQL-Build (push) Has been cancelled
CI / Test and deploy (1.22, macos-latest, true) (push) Has been cancelled
CI / Test and deploy (1.22, ubuntu-latest, true) (push) Has been cancelled
CI / Test and deploy (1.22, windows-latest, false) (push) Has been cancelled
CI / Test build flags (push) Has been cancelled
CI / Test with PgSQL/MySQL/Cockroach (push) Has been cancelled
CI / Build Linux packages (aarch64, ubuntu18.04, go1.22.7, arm64) (push) Has been cancelled
CI / Build Linux packages (amd64, ubuntu:18.04, go1.22.7, amd64) (push) Has been cancelled
CI / Build Linux packages (armv7, ubuntu18.04, go1.22.7, arm7) (push) Has been cancelled
CI / Build Linux packages (ppc64le, ubuntu18.04, go1.22.7, ppc64le) (push) Has been cancelled
Docker / Build (debian-plugins, true, ubuntu-latest) (push) Has been cancelled
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-09-23 19:55:03 +02:00
Nicola Murino
6896d2bfb1
httpd: validate reference also for CSRF token in headers
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-09-14 21:45:25 +02:00
Nicola Murino
14cabda5c2
update shortuid to v4
...
CI / golangci-lint (push) Has been cancelled
Docker / Build (alpine, false, ubuntu-latest) (push) Has been cancelled
Docker / Build (alpine, true, ubuntu-latest) (push) Has been cancelled
Docker / Build (debian, false, ubuntu-latest) (push) Has been cancelled
Docker / Build (debian, true, ubuntu-latest) (push) Has been cancelled
Docker / Build (debian-plugins, true, ubuntu-latest) (push) Has been cancelled
Docker / Build (distroless, false, ubuntu-latest) (push) Has been cancelled
Code scanning - action / CodeQL-Build (push) Has been cancelled
CI / Test and deploy (1.22, macos-latest, true) (push) Has been cancelled
CI / Test and deploy (1.22, ubuntu-latest, true) (push) Has been cancelled
CI / Test and deploy (1.22, windows-latest, false) (push) Has been cancelled
CI / Test build flags (push) Has been cancelled
CI / Test with PgSQL/MySQL/Cockroach (push) Has been cancelled
CI / Build Linux packages (aarch64, ubuntu18.04, go1.22.6, arm64) (push) Has been cancelled
CI / Build Linux packages (amd64, ubuntu:18.04, go1.22.6, amd64) (push) Has been cancelled
CI / Build Linux packages (armv7, ubuntu18.04, go1.22.6, arm7) (push) Has been cancelled
CI / Build Linux packages (ppc64le, ubuntu18.04, go1.22.6, ppc64le) (push) Has been cancelled
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-09-08 18:01:14 +02:00
Nicola Murino
2fbf608895
S3: add SSE customer key
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-08-15 10:09:06 +02:00
Nicola Murino
fa710b36c2
httpd: allow to configure cache control header
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-08-12 21:19:44 +02:00
Nicola Murino
81433e00d1
event action: add update modtime to fs rename
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-08-09 20:18:33 +02:00
Nicola Murino
d94f80c8da
replace utils.Contains with slices.Contains
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-07-24 18:27:13 +02:00
Nicola Murino
b5c821795a
allow to customize name and log from the WebUI
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-07-24 09:14:27 +02:00
Nicola Murino
b2926377b7
WebUI: switch favicon from ico to png
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-07-20 16:11:21 +02:00
Nicola Murino
fef388d8cb
don't track quota for private virtual folders
...
they are included within the user quota.
This is a backward incompatible change.
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-07-13 21:02:40 +02:00
Nicola Murino
58de410850
nt: fix unused write warnings
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-07-03 20:42:51 +02:00
Nicola Murino
363770ab84
WebClient shares: add a logout button
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-06-18 19:10:32 +02:00
Nicola Murino
01b666a78f
WebUIs: check login conditions before allowing password reset
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-06-14 19:34:42 +02:00
Nicola Murino
8294952474
WebUIs: refactor CSRF
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-06-14 18:09:32 +02:00
Nicola Murino
08526da153
REST API: fix token invalidation after password change
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-06-07 18:19:05 +02:00
Nicola Murino
a1af33c6aa
WebClient: allow to set TLS certificates
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-05-03 18:30:03 +02:00
Nicola Murino
e1fdc10ef8
remove robots.txt endpoint
...
This reverts #833 because the contributor did not respond to our
request to sign the CLA
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-04-26 11:00:55 +02:00
Nicola Murino
1196727448
dataretention: remove ignore_user_permissions
...
Required permissions are now automatically granted as for any other
filesystem action
Fixes #1564
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-04-01 15:07:03 +02:00
Nicola Murino
db577b154e
webclient: add more test cases for shares
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-04-01 11:42:22 +02:00
Nicola Murino
cb3bc3f604
update OpenAPI definition
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-03-18 19:32:01 +01:00
Nicola Murino
cc9a0d4dc2
add time-based access restrictions
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-03-17 11:30:03 +01:00
Nicola Murino
26d3105f54
groups: add role placeholder
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-03-12 18:21:50 +01:00
Nicola Murino
f38966c6ac
WebClient: refactor long-running tasks to improve browser compatibility
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-03-11 18:19:57 +01:00
Nicola Murino
4d357a6a57
EventManager: allow to check for inactive users
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-03-04 19:48:10 +01:00
Nicola Murino
12f599fd65
WebUI: skip checks for static resource
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-25 18:19:21 +01:00
Nicola Murino
92911bda2b
require at least 2048 bits for RSA certificates/keys
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-25 11:12:57 +01:00
Nicola Murino
f7d9e56cac
ssh: remove moduli, log negotiated algorithms
...
Fixes #1324
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-24 20:35:09 +01:00
Nicola Murino
a577d8b3cd
WebAdmin: allow to disable 2FA
...
Before it was only possible using REST API
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-23 18:24:07 +01:00
Nicola Murino
76ffa107dd
check admins' two-factor requirements in the disable API as well
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-22 19:05:16 +01:00
Nicola Murino
9a6a65931e
two-factor auth: fixed validation of conflicting settings
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-22 18:20:51 +01:00
Nicola Murino
de089e51fd
Web: allow to require password change and two-factor for admins
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-21 20:45:10 +01:00
Nicola Murino
51ae2d7301
add copy permission
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-20 18:19:09 +01:00
Nicola Murino
e61fb42cbc
remove metadata plugin
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-17 12:30:47 +01:00
Nicola Murino
ad75543172
fix some new lint warnings
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-15 21:13:45 +01:00
Nicola Murino
1ff55bbfa7
add DirLister interface
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-15 20:53:56 +01:00
Nicola Murino
8385acd0e3
Redirect to two-factor auth page after creating the first admin
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-04 20:58:29 +01:00
Nicola Murino
e5836c8118
WebUI: add a JSON helper function
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-04 18:16:10 +01:00
Nicola Murino
c23d779280
WebClient: load shares using an async request
...
instead of rendering them directly within the template
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-04 14:33:51 +01:00
Nicola Murino
3158190945
WebClient: respect second factor requirements enforced at group level
...
Fixes #1506
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-04 12:09:47 +01:00
Nicola Murino
6074ed21f7
dataproviders: return an uniform error for foreign key violations
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-03 14:24:50 +01:00
Nicola Murino
71e01ab26d
new WebAdmin: add test cases
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-02-03 12:42:05 +01:00
Nicola Murino
69da5c10c6
WIP new WebAdmin: configs page
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-01-27 12:48:15 +01:00