beenull/sftpgo-mirror
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2024-11-21 23:20:24 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6
sftpgo-mirror/internal/httpd
History
Nicola Murino 3dd412f6e3
WebAdmin and REST API: remove too granular permissions 
Our permissions system for admin users is too granular and some
permissions overlap. For example, you can define an administrator
with the "manage_system" permission and not with the "manage_admins"
or "manage_user" permission, but the "manage_system" permission
allows you to restore a backup and then create users and
administrators. The following permissions will be removed:
"manage_admins", "manage_apikeys", "manage_system", "retention_checks",
"manage_event_rules", "manage_roles", "manage_ip_lists". Now you
need to add the "*" permission to replace the removed granular
permissions because the removed permissions allow actions that
should only be allowed to super administrators.
There is no point in having separate, overlapping permissions.

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-10 10:46:28 +01:00
..
api_admin.go don't allow admins to change their own permissions 2024-11-09 20:24:35 +01:00
api_configs.go WebUIs: refactor CSRF 2024-06-14 18:09:32 +02:00
api_defender.go add an util method to convert []byte to string 2024-05-08 19:01:58 +02:00
api_eventrule.go remove end year from Copyright notice in files 2024-01-01 11:31:45 +01:00
api_events.go notifier plugin: add support for login succeeded events 2024-04-10 18:39:08 +02:00
api_folder.go refactor for secrets management in API and private key handling in SFTPFs 2024-04-26 16:17:24 +02:00
api_group.go refactor for secrets management in API and private key handling in SFTPFs 2024-04-26 16:17:24 +02:00
api_http_user.go fix connection limits 2024-10-26 21:18:19 +02:00
api_iplist.go remove end year from Copyright notice in files 2024-01-01 11:31:45 +01:00
api_keys.go remove end year from Copyright notice in files 2024-01-01 11:31:45 +01:00
api_maintenance.go restore: fix quota scan for users with folders associated via groups 2024-07-03 20:35:12 +02:00
api_mfa.go replace utils.Contains with slices.Contains 2024-07-24 18:27:13 +02:00
api_quota.go restore: fix quota scan for users with folders associated via groups 2024-07-03 20:35:12 +02:00
api_retention.go remove end year from Copyright notice in files 2024-01-01 11:31:45 +01:00
api_role.go remove end year from Copyright notice in files 2024-01-01 11:31:45 +01:00
api_shares.go fix connection limits 2024-10-26 21:18:19 +02:00
api_user.go S3: add SSE customer key 2024-08-15 10:09:06 +02:00
api_utils.go WebAdmin and REST API: remove too granular permissions 2024-11-10 10:46:28 +01:00
auth_utils.go don't allow admins to change their own permissions 2024-11-09 20:24:35 +01:00
file.go vfs: make PipeReader an interface 2024-01-24 19:59:50 +01:00
flash.go remove end year from Copyright notice in files 2024-01-01 11:31:45 +01:00
flash_test.go remove end year from Copyright notice in files 2024-01-01 11:31:45 +01:00
handler.go fix connection limits 2024-10-26 21:18:19 +02:00
httpd.go WebUI: add a token validation mode that allows checking the signature 2024-09-21 14:06:25 +02:00
httpd_test.go WebAdmin and REST API: remove too granular permissions 2024-11-10 10:46:28 +01:00
internal_test.go WebUI: add a token validation mode that allows checking the signature 2024-09-21 14:06:25 +02:00
middleware.go WebUI: add a token validation mode that allows checking the signature 2024-09-21 14:06:25 +02:00
oauth2.go remove end year from Copyright notice in files 2024-01-01 11:31:45 +01:00
oauth2_test.go remove end year from Copyright notice in files 2024-01-01 11:31:45 +01:00
oidc.go WebClient: enforce 2fa and password requirements also with OIDC 2024-10-21 20:40:44 +02:00
oidc_test.go WebUI: add a token validation mode that allows checking the signature 2024-09-21 14:06:25 +02:00
oidcmanager.go remove end year from Copyright notice in files 2024-01-01 11:31:45 +01:00
resetcode.go remove end year from Copyright notice in files 2024-01-01 11:31:45 +01:00
resources.go remove end year from Copyright notice in files 2024-01-01 11:31:45 +01:00
resources_embedded.go remove end year from Copyright notice in files 2024-01-01 11:31:45 +01:00
server.go WebAdmin and REST API: remove too granular permissions 2024-11-10 10:46:28 +01:00
token.go remove end year from Copyright notice in files 2024-01-01 11:31:45 +01:00
web.go Web: add CheckRedirect to pages using baselogin.html 2024-10-12 12:54:21 +02:00
webadmin.go WebAdmin and REST API: remove too granular permissions 2024-11-10 10:46:28 +01:00
webclient.go user: add additional emails 2024-10-11 19:20:51 +02:00
webtask.go WebClient: refactor long-running tasks to improve browser compatibility 2024-03-11 18:19:57 +01:00
webtask_test.go WebClient: refactor long-running tasks to improve browser compatibility 2024-03-11 18:19:57 +01:00