Commit graph

91 commits

Author SHA1 Message Date
Nicola Murino
f03f1b0156
improve test cases coverage
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-04-08 10:01:48 +02:00
Nicola Murino
184b99d500
user: add a field to indicate whether the password is set
A structure similar to the one used for secrets would be better,
but we don't want to break backwards compatibility.

Also document that omitting the password field in the request body
will preserve the current password when updating a user using the
REST API. Added a test case for this.

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-04-06 18:22:09 +02:00
Nicola Murino
354fc9b3d6
OIDC: allow to extract custom fields from sub-structs
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-03-23 18:15:07 +01:00
Nicola Murino
e29f6857db
EventManager: add IDP login trigger and check account action
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-03-22 19:02:54 +01:00
Nicola Murino
2710207779
update jquery, go deps, actions/setup-go to v4
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-03-15 18:44:08 +01:00
Nicola Murino
84396343da
fix some codeql warnings
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-03-10 17:30:06 +01:00
Nicola Murino
dba088daed
printf: replace %#v with the more explicit %q
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-27 19:19:57 +01:00
Nicola Murino
a3fff56da5
WebAdmin: add configs section
Setting configurations is an experimental feature and is not currently
supported in the REST API

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-19 19:03:45 +01:00
Nicola Murino
157d1db0b1
fs events: add elapsed field to notifications
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-12 18:56:53 +01:00
Nicola Murino
1b1745b7f7
move IP/Network lists to the data provider
this is a backward incompatible change, all previous file based IP/network
lists will not work anymore

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-09 09:33:33 +01:00
Nicola Murino
27c4ffd663
sftpd: fix duplicate defender error introduced in the previous commit
improve the defender test cases by verifying the expected score

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-25 21:57:27 +01:00
Nicola Murino
c0fe08b597
defender: allow to set a different score for "no auth tried" events
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-25 18:49:03 +01:00
Nicola Murino
7b5bebc588
EventManager: add "on-demand" trigger
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-21 15:41:24 +01:00
Nicola Murino
93e5cb36df
copy: use server side copy if available
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-07 16:28:46 +01:00
Nicola Murino
8cad436421
conditional support for recursive renaming for cloud providers
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-06 12:33:50 +01:00
Nicola Murino
0190d0b849
update Copyright year
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-03 10:18:30 +01:00
Nicola Murino
7fa0959af4
eventmanager: add support for global star path matching
This introduce a backward incompatible change for filesystem path matching
in the Event Manager, now patterns like "*.txt" will no longer match any
file with the "txt" suffix, you need to change them to "/**/*.txt".

Also change pre-delete behaviour, now if an error is returned the client
will get a permission denied error. This is the same as the other pre-*
action. Previously it was not possible to deny deletion of a file.

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-02 15:59:00 +01:00
Nicola Murino
ea4c4dd57f
eventmanager: add copy action
refactor sftpgo-copy and sftpgo-remove commands

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-12-27 18:51:53 +01:00
Nicola Murino
0841c7d7bd
REST API: remove merging of fields on updates
we use PUT verb not PATCH. We keep merging only to allow to preserve
hidden/encrypted fields.

This is a backward incompatible change, but is necessary to avoid unexpected
issues.
You have to pass complete objects on updates.

Fixes #1088

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-12-23 09:36:20 +01:00
Nicola Murino
ad5d657a1a
add support for password policies
you can now set a password expiration and the password change requirement

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-12-11 17:15:34 +01:00
Nicola Murino
1f9cf194fe
add role to events
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-12-03 11:45:27 +01:00
Nicola Murino
e87118d2a8
allow WebClient login with multi-step auth enabled
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-11-29 18:43:48 +01:00
Nicola Murino
2017cb60e9
Per-directory permissions: add wildcards support
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-11-18 18:12:04 +01:00
Nicola Murino
a22282f275
add support for DHGEX
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-11-17 18:15:53 +01:00
Nicola Murino
5a222807b7
add roles
Fixes #837

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-11-16 19:04:50 +01:00
Nicola Murino
e3e85867b1
sftpfs: reuse connections
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-11-01 12:22:54 +01:00
Nicola Murino
db0e58ae7e
Add support for graceful shutdown
Fixes #1014

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-10-22 11:56:41 +02:00
Nicola Murino
7e0b62b703
update swagger-ui, codemirror, video-js
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-10-16 18:29:42 +02:00
Nicola Murino
4b4edef0ad
disable self connections by default
now that the event manager can create files, self connections may create
even more issues than before

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-10-12 18:12:12 +02:00
Nicola Murino
8a43486730
postgres driver: add multi hosts support
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-10-02 12:43:26 +02:00
Nicola Murino
0e8c41bbd1
sftpd: fix relative symlinks handling
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-09-30 19:23:54 +02:00
Nicola Murino
1e21aa9453
add support for checking sha256crypt passwords
they will be converted to the configured password hashing algorithm after
the first user login

Fixes #1000

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-09-28 19:15:02 +02:00
Nicola Murino
e54237ff70
allow a client if its IP is both allowed and denied
this allows you to define a group deny policy that can be overridden
on a per-user basis.

This is a backward incompatible change

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-09-15 19:51:17 +02:00
Nicola Murino
95e9106902
use the new atomic types introduced in Go 1.19
we depend on Go 1.19 anyway

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-08-30 15:47:41 +02:00
Nicola Murino
3e8254e398
fs actions: add first upload/download
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-08-21 19:01:08 +02:00
Nicola Murino
2b463d61e3
use epoch timestamp instead of current timestamp for unknown modification times
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-08-16 17:59:13 +02:00
Nicola Murino
ced4206c5f
allow cross folder renaming if the underlying resource is the same
this was only allowed for the local filesystem before this change

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-08-15 21:39:04 +02:00
Nicola Murino
b1efe8d0b5
eventmanager: add support for data retention checks
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-08-04 21:50:38 +02:00
Nicola Murino
9d2b5dc07d
refactor: move eventmanager to common package
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-08-01 18:48:54 +02:00
Nicola Murino
ef0a3bc571
add support for anonymous users
Fixes #935

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-07-27 18:54:25 +02:00
Nicola Murino
c8158e14e0
move SFTPGo package to the internal folder
SFTPGo is a daemon and command line tool, not a library.

The public API are provided by the SDK

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-07-24 16:18:54 +02:00