A structure similar to the one used for secrets would be better,
but we don't want to break backwards compatibility.
Also document that omitting the password field in the request body
will preserve the current password when updating a user using the
REST API. Added a test case for this.
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
this is a backward incompatible change, all previous file based IP/network
lists will not work anymore
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
add groups section in the getting started guide.
Suggest to prefer configuration with env vars instead of modifying
the default configuration file
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
This makes it easier to set environment variables on some operating systems.
Setting configuration options from environment variables is recommended if
you want to avoid the time-consuming task of merging your changes with the
default configuration file after upgrading SFTPGo
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
if you share a single folder with read scope, you can now browse the share
and download single files
Fixes#674
See #677
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
currently xgo don't allow to choose the building OS, this could cause
unexpected issues, for example v2.0.3 packages for arm64 and ppc64
don't run on Ubuntu 18.04
For each user you can now configure:
- TLS certificate auth
- TLS certificate auth and password
- Password auth
For TLS auth, the certificate common name must match the name provided
using the "USER" FTP command
- add JWT authentication
- admins are now stored inside the data provider
- admin access can be restricted based on the source IP: both proxy
header and connection IP are checked
- deprecate REST API CLI: it is not relevant anymore
Some other changes to the REST API can still happen before releasing
SFTPGo 2.0.0
Fixes#197
hooks
doing something like this:
err = provider.updateUser(u)
...
return provider.userExists(username)
could be racy if another update happen before
provider.userExists(username)
also pass a pointer to updateUser so if the user is modified inside
"validateUser" we can just return the modified user without do a new
query
