Nicola Murino
fb8f013ea7
web: update permissions on cookie refresh
2021-11-20 10:48:39 +01:00
Nicola Murino
46157ebbb6
CI docker: remove armv7 support
...
CI is still unreliable if we enable armv7 support
2021-11-16 09:07:10 +01:00
Nicola Murino
24b0352eb6
GCS: add ACL support
2021-11-15 21:57:41 +01:00
Nicola Murino
52f3a98cc8
preserve GCS credentials on update if not set
...
credentials were not preserved if "prefer_database_credentials" was
set to true
Fixes #613
2021-11-15 19:12:58 +01:00
Nicola Murino
ca730e77a5
add separate permissions to delete and rename files and dirs
...
perm_delete and perm_rename still exist for backward compatibility,
now they are an alias to assign both new split permissions
2021-11-14 16:23:33 +01:00
Nicola Murino
0833b4698e
httpd service: add CORS support
2021-11-13 23:14:50 +01:00
Nicola Murino
ee5c5e033d
S3: add ACL support
...
Fixes #610
2021-11-13 16:05:40 +01:00
Nicola Murino
78233ff9a3
web UI/REST API: add password reset
...
In order to reset the password from the admin/client user interface,
an SMTP configuration must be added and the user/admin must have an email
address.
You can prohibit the reset functionality on a per-user basis by using a
specific restriction.
Fixes #597
2021-11-13 13:25:43 +01:00
Nicola Murino
094ee1522e
logger: add a flag to use UTC time for logging
2021-11-06 15:18:16 +01:00
Nicola Murino
3bc58f5988
WebClient/REST API: add sharing support
2021-11-06 14:13:20 +01:00
Nicola Murino
74fc3aaf37
REST API: add events search
2021-10-23 15:47:21 +02:00
Nicola Murino
97d0a48557
plugins: improve notifier and searcher
2021-10-20 19:39:49 +02:00
Nicola Murino
a80ac80fcd
pkgs: update nfpm to 2.7 and use xz as compression for both deb and rpm
2021-10-13 09:15:04 +02:00
Nicola Murino
4aa9686e3b
refactor custom actions
...
SFTPGo is now fully auditable, all fs and provider events that change
something are notified and can be collected using hooks/plugins.
There are some backward incompatible changes for command hooks
2021-10-10 13:08:05 +02:00
Nicola Murino
64e87d64bd
web client UI: allow to edit plain text files
...
Fixes #567
2021-10-09 14:17:28 +02:00
Nicola Murino
1b4a1fbbe5
add data retention check hook
2021-10-03 15:17:49 +02:00
Nicola Murino
cc134cad9a
data retention: allow to notify results via e-mail
2021-10-02 22:25:41 +02:00
Nicola Murino
e6f969cb04
web UI: update js and css deps
2021-09-30 10:23:25 +02:00
Nicola Murino
ba1febba73
rework user and admin profiles
...
users and admins can now also update their email and description
2021-09-29 18:46:15 +02:00
Maharanjan
0661876e99
Added email field for user account
2021-09-25 19:06:13 +02:00
Nicola Murino
da5a061b65
add basic REST APIs for data retention
...
Fixes #495
2021-09-25 12:20:31 +02:00
Nicola Murino
bf4b3e6840
httpd: move the check connection middleware before the logger middleware
...
Fixes #543
2021-09-19 08:14:59 +02:00
Nicola Murino
6ea38188e8
minor fixes and doc improvements
2021-09-18 10:50:17 +02:00
Nicola Murino
b5639a51fd
don't generate defender events for HTTP/WebDAV requests with no auth
...
it is quite common for HTTP clients to send a first request without
the Authorization header and then send the credentials after receiving
a 401 response. We don't want to generate defender events in this case
2021-09-11 18:23:11 +02:00
Nicola Murino
5c34d814d6
fix a possible nil pointer dereference
...
it can happen by upgrading from very old versions
2021-09-11 14:19:17 +02:00
Nicola Murino
7bad65a43e
user: add a permission to disable changing api key authentication
...
also implement the missing APIs to enable/disable api key authentication
2021-09-06 18:46:35 +02:00
Nicola Murino
101c2962ab
web client UI: add a permission to disable password change
...
Fixes #528
2021-09-05 18:49:13 +02:00
Nicola Murino
59140a6d51
add additional data to MFA secrets and fix pointers management
2021-09-05 14:10:12 +02:00
Nicola Murino
8a4c21b64a
add builtin two-factor auth support
...
The builtin two-factor authentication is based on time-based one time
passwords (RFC 6238) which works with Authy, Google Authenticator and
other compatible apps.
2021-09-04 12:11:04 +02:00
Nicola Murino
b903a6e46f
data provider: remove default admin
...
you need to load initial data or set "create_default_admin" to true
and the appropriate env vars if you don't want to use the web admin
setup screen to create the default admin
2021-08-20 10:37:51 +02:00
Nicola Murino
be3857d572
dataprovider: add timestamp fields for users and admins
2021-08-19 15:51:43 +02:00
Nicola Murino
fe953d6b38
REST API: add support for API key authentication
2021-08-17 18:08:32 +02:00
Nicola Murino
ced2e16f41
add support for password validation rules
...
Fixes #494
2021-08-06 18:56:07 +02:00
Nicola Murino
0503215e7a
web client: try to prevent browsers from caching requests
...
Fixes #493
2021-08-03 19:58:03 +02:00
Nicola Murino
90b324d707
Add a link on the login pages to switch between admin and web client login
...
The links are hidden if only the web admin or only thw web client is
enabled and can also be controlled using the "hide_login_url" setting
Fixes #485
2021-07-27 18:43:00 +02:00
Nicola Murino
3a22aae34f
web UI: add support for upload, create dirs, rename, delete
2021-07-26 20:55:49 +02:00
Nicola Murino
c41ae116eb
improve logging
...
Fixes #381
2021-07-24 20:11:17 +02:00
Nicola Murino
83c7453957
user API: allow to disable writes ...
...
... even if the user has permissions for these actions
2021-07-23 21:41:02 +02:00
Nicola Murino
85a47810ff
S3: expose more properties, possible backward incompatible change
...
Before these changes we implictly set S3ForcePathStyle if an endpoint
was provided.
This can cause issues with some S3 compatible object storages and must
be explicitly set now.
AWS is also deprecating this setting
https://aws.amazon.com/it/blogs/aws/amazon-s3-path-deprecation-plan-the-rest-of-the-story/
2021-07-23 16:56:48 +02:00
Nicola Murino
ae8ccadad2
users API: add API to create, delete, rename files and directories
2021-07-23 10:19:27 +02:00
Nicola Murino
776dffcf12
kms: improve modularity
2021-07-13 21:17:21 +02:00
Nicola Murino
e1a2451c22
s3: allow to configure the chunk download timeout
2021-07-11 18:39:45 +02:00
Nicola Murino
bd5191dfc5
add experimental plugin system
2021-07-11 15:26:51 +02:00
Nicola Murino
ff19879ffd
allow to use a persistent signing key for JWT and CSRF tokens
...
Fixes #466
2021-07-01 20:17:40 +02:00
Nicola Murino
076b2f0ee0
modules: add v2 support
2021-06-26 07:31:41 +02:00
Manuel Reithuber
fd4c388b23
added vfs.ListProviders() and using it in template fsconfig.html (added a new ListFSProviders template function for that)
2021-06-19 19:27:54 +02:00
Manuel Reithuber
88b10da596
updated utils.LoadTemplate() to call template.ParseFiles() directly and added a way to specify a base template (will be used in the next commit)
2021-06-19 19:27:54 +02:00
Manuel Reithuber
0ff010cc94
added vfs.GetProviderByName(), using it in for sftpgo portable and for parsing the webadmin form field
2021-06-19 19:27:54 +02:00
Nicola Murino
c1b862394d
move other errors to utils package
2021-06-19 13:06:01 +02:00
Manuel Reithuber
f19937b715
move Filesystem config validation to vfs
2021-06-19 12:24:43 +02:00