Commit graph

466 commits

Author SHA1 Message Date
Nicola Murino
f03f1b0156
improve test cases coverage
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-04-08 10:01:48 +02:00
Nicola Murino
184b99d500
user: add a field to indicate whether the password is set
A structure similar to the one used for secrets would be better,
but we don't want to break backwards compatibility.

Also document that omitting the password field in the request body
will preserve the current password when updating a user using the
REST API. Added a test case for this.

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-04-06 18:22:09 +02:00
Nicola Murino
74f05e5305
EventManager: check the parent directory before creating a zip
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-04-03 18:53:13 +02:00
Nicola Murino
aefa7f77c2
add a link to the Terraform provider
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-04-02 18:48:56 +02:00
Nicola Murino
084d4109b8
WebAdmin: ensure to sanitize data before rendering
Thanks to Polina Zvorykina, VK for reporting this issue

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-03-28 12:28:38 +02:00
Nicola Murino
b60d3f680e
user as JSON: rename 2fa_protocols to two_factor_protocols
This is a breaking change, but it is necessary to make JSON serialization of
users more compatible.
For example, Terraform does not allow JSON fields starting with numbers

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-03-26 15:57:53 +02:00
Nicola Murino
ee90bfb506
add unixcrypt build tag
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-03-26 10:33:30 +02:00
Nicola Murino
e17068a76f
postgres provider: add support for load balancing
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-03-25 09:29:13 +01:00
Nicola Murino
354fc9b3d6
OIDC: allow to extract custom fields from sub-structs
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-03-23 18:15:07 +01:00
Nicola Murino
e29f6857db
EventManager: add IDP login trigger and check account action
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-03-22 19:02:54 +01:00
Nicola Murino
2710207779
update jquery, go deps, actions/setup-go to v4
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-03-15 18:44:08 +01:00
Nicola Murino
b719d03ebe
WebAdmin: improve fs config layout
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-03-12 15:08:32 +01:00
Nicola Murino
14242b59a2
oidc docs: add env vars config
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-03-09 18:58:36 +01:00
Nicola Murino
dad346cee8
add codeql
update deps

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-03-05 16:38:29 +01:00
Nicola Murino
0423e8f157
httpd: generate defender events for failed 2fa and password resets
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-03-04 13:55:48 +01:00
Nicola Murino
4ba3ae876d
allow to set password strength at user/group level
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-03-02 09:11:30 +01:00
Nicola Murino
662164c7ff
smtp: require templates only if a server is configured or in service mode
This regression was introduced after recent changes to allow setting the SMTP
settings from the WebAdmin UI.

Fixes #1217

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-03-01 18:31:02 +01:00
Nicola Murino
fad6af11e5
don't expose error messages from pre-actions and post connect hooks
always return a generic error instead to avoid leaking internal info

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-28 18:01:09 +01:00
Nicola Murino
a23fdea9e3
ftpd: allow hostnames as passive IP
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-27 19:19:50 +01:00
Nicola Murino
561976bcd0
WebClient: return proper status code for http.MaxBytesError
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-27 11:03:05 +01:00
Nicola Murino
874776bd12
also capture logs for pre-login and check-password commands
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-26 15:15:34 +01:00
Nicola Murino
df9d47900a
eventmanager: add user/folders as comma separated string in errors
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-25 15:26:38 +01:00
Nicola Murino
7bcd79a70a
telemetry: improve test cases
remove an unnecessary nil check in tlsutils added as workaround
to make telemetry test cases work

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-24 11:05:46 +01:00
Nicola Murino
8805d85377
configs: add ACME section
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-23 19:25:20 +01:00
Nicola Murino
fcf9a8c673
scheduler: disable verbose logs
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-21 18:18:24 +01:00
Nicola Murino
2c1319985d
sql providers: remove unnecessary []byte to string conversion
always check affected rows for updates

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-20 18:14:02 +01:00
Nicola Murino
a3fff56da5
WebAdmin: add configs section
Setting configurations is an experimental feature and is not currently
supported in the REST API

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-19 19:03:45 +01:00
Nicola Murino
78cd5d8eba
groups: add expiration date override
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-13 19:32:36 +01:00
Nicola Murino
2df2803a37
ipfilter plugin: add protocol
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-13 13:45:45 +01:00
Nicola Murino
157d1db0b1
fs events: add elapsed field to notifications
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-12 18:56:53 +01:00
Nicola Murino
7e85356325
WebClient shares: replace basic auth with a login form
basic auth will continue to work for REST API

Fixes #1166

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-12 08:29:53 +01:00
Nicola Murino
04ab8e72f6
WebUI: make error messages user dismissible
Fixes #1171

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-10 18:07:23 +01:00
Nicola Murino
e0c3a13ac5
azblob: update to the latest SDK
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-09 13:04:12 +01:00
Nicola Murino
1b1745b7f7
move IP/Network lists to the data provider
this is a backward incompatible change, all previous file based IP/network
lists will not work anymore

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-09 09:33:33 +01:00
Nicola Murino
1e14d006b1
defender: set score_no_auth to 0 as default
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-29 18:00:27 +01:00
Nicola Murino
c0fe08b597
defender: allow to set a different score for "no auth tried" events
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-25 18:49:03 +01:00
Nicola Murino
5550a5d2c0
update users: also disconnect users from remote nodes when requested
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-24 18:53:34 +01:00
Nicola Murino
2066ad7c83
WebDAV: allow to define custom MIME type mappings
Fixes #1154

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-23 18:43:25 +01:00
Nicola Murino
3ce4d04b27
EventManager: support placeholders within URL paths
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-22 08:46:58 +01:00
Nicola Murino
7b5bebc588
EventManager: add "on-demand" trigger
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-21 15:41:24 +01:00
Nicola Murino
53f17b5715
allow to disable event rules
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-19 18:33:04 +01:00
Nicola Murino
f2618e7de6
switch from go-simple-mail to go-mail
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-15 15:28:31 +01:00
Nicola Murino
09dea57850
back to development
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-07 13:07:41 +01:00
Nicola Murino
8cad436421
conditional support for recursive renaming for cloud providers
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-06 12:33:50 +01:00
Nicola Murino
f0dedbfabf
eventmanager: auto-create destination folder for renames
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-03 18:13:01 +01:00
Nicola Murino
7fa0959af4
eventmanager: add support for global star path matching
This introduce a backward incompatible change for filesystem path matching
in the Event Manager, now patterns like "*.txt" will no longer match any
file with the "txt" suffix, you need to change them to "/**/*.txt".

Also change pre-delete behaviour, now if an error is returned the client
will get a permission denied error. This is the same as the other pre-*
action. Previously it was not possible to deny deletion of a file.

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-02 15:59:00 +01:00
Nicola Murino
2611dd2c98
eventmanager: add support for pre-* actions
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-01 17:59:41 +01:00
Nicola Murino
6cebc037a0
eventmanager: check disk quota before executing the compress action
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-12-31 16:41:32 +01:00
Nicola Murino
15ad31da54
WebClient: add copy action
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-12-30 19:30:16 +01:00
Nicola Murino
fe9904a54d
docs full-configuration: improve formatting
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-12-28 18:51:25 +01:00