deblan/PowerDNS-Admin
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
1025 commits 4 branches 6 tags 35 MiB
Commit graph

87 commits

Author SHA1 Message Date
Vasileios Markopoulos 94a923a965
Add 'otp_force' basic setting (#1051) 
If the 'otp_force' and 'otp_field_enabled' basic settings are both enabled, automatically enable 2FA for the user after login or signup, if needed, by setting a new OTP secret. Redirect the user to a welcome page for scanning the QR code.

Also show the secret key in ASCII form on the user profile page for easier copying into other applications.
 2021-12-17 11:41:51 +01:00
Dominic Zöller 6f12b783a8 models.user: get_accounts(): order by name 
The order of account names returned by User.get_accounts() affects the
order account names are displyed in on /domain/add if the current user
neither has the Administrator role nor the Operator role and the
`allow_user_create_domain` setting is enabled at the same time.

If the current user does have the Administrator or Operator role,
routes.domain.add() already returns accounts ordered by name, so this
change makes it consistent.
 2021-12-04 16:09:15 +01:00
Dominic Zöller 51a7f636b0 Use secrets module for generating new API keys and passwords 
The implementation of `random.choice()` uses the Mersenne Twister, the
output of which is predictable by observing previous output, and is as
such unsuitable for security-sensitive applications. A cryptographically
secure pseudorandom number generator - which the `secrets` module relies
on - should be used instead in those instances.
 2021-12-04 16:08:07 +01:00
root 940551e99e feat: Associate an API Key with accounts (#1044) 2021-12-03 14:12:11 +00:00
ManosKoukoularis 1332c8d29d
History Tab Overhaul & Domain Record Modifications Changelog (#1042) 
Co-authored-by: Konstantinos Kouris <85997752+konkourgr@users.noreply.github.com>
Co-authored-by: vmarkop <billy.mark.b.m.10@gmail.com>
Co-authored-by: KostasMparmparousis <mparmparousis.kostas@gmail.com>
Co-authored-by: dimpapac <demispapa@gmail.com>
 2021-11-30 11:02:37 +02:00
benshalev849 b3f9b4a2b0
OIDC list accounts (#994) 
Added the function to use lists instead of a single string in account autoprovision.
 2021-11-19 17:53:17 +02:00
zoeller-freinet bfaf5655ae
Clarify salt re-use for API keys (#1037) 2021-11-09 22:09:15 +02:00
benshalev849 3081036c2c
Env oauth url (#1030) 
Overriding settings in DB using environment variable in docker
 2021-11-05 18:22:38 +02:00
Vitali Quiering e7d5a3aba0
feat: enable_api_rr_history setting (#998) 
* feat: introduce enable_api_rr_history setting to disable api record
changes
 2021-11-05 17:26:38 +02:00
Hidde f96103db79
Replace [ZONE] placeholder with domain_name (#960) 2021-10-30 21:24:16 +02:00
steschuser bf83662108
allow users to remove domain (#952) 2021-10-30 21:21:45 +02:00
Khanh Ngo ddf2d4788b Reslove conflicts 
Signed-off-by: Khanh Ngo <khanh.ngo@taxfix.de>
 2021-10-30 21:15:04 +02:00
steschuser 1ec6b76f89
Remove otp field (#942) 2021-10-30 21:09:04 +02:00
Mark Zealey 4ce1b71c57
Fix when no records returned by API (#923) 
For some reason when some programs delete a record we get an entry returned with records: []
 2021-10-30 21:07:42 +02:00
Kostas Mparmparousis 6e04d0419b
Provision PDA user privileges based On LDAP Attributes (#980) 2021-08-05 19:37:48 +02:00
Steffen Schwebel fd933f8dbc remove unrelated files and changes as best as possible 2021-06-02 09:41:08 +02:00
Steffen Schwebel c13dd2d835 add 'custom_css' setting to model; check for 'custom_css' in template; create custom css dir in dockerfile 2021-06-01 16:15:31 +02:00
Steffen Schwebel 43a6e46e66 add setting to hide otp_token field on login page 2021-05-27 22:51:07 +02:00
jyoung15 32983635c6
Delete blank comments. Fix for ngoduykhanh/PowerDNS-Admin#919 (#920) 2021-05-07 23:43:44 +02:00
jodygilbert b66b37ecfd
delete history records when a domain is deleted (#916) 
Co-authored-by: Jody <jody.gilbert@edftrading.com>
 2021-05-07 22:55:45 +02:00
jodygilbert 98db953820
Allow user role to view history (#890) 2021-03-27 19:33:11 +01:00
jbe-dw 86700f8fd7
upd: improve user api (#878) 2021-03-16 19:39:53 +01:00
R. Daneel Olivaw 46993e08c0
Add punycode (IDN) support (#879) 2021-03-16 19:37:05 +01:00
jbe-dw 2c18e5c88f
fix: User role was not assigned upon creation (#860) 2021-01-07 23:07:20 +01:00
Khanh Ngo 70b1accaa0
Merge pull request #801 from cyso/pr/sync-accounts 
Implement account update method
 2020-10-12 12:48:22 +02:00
Khanh Ngo 7254a94497
Merge pull request #825 from ngoduykhanh/adjustment 
Add index on history table
 2020-10-11 13:11:09 +02:00
Khanh Ngo 3034630bc0
Merge pull request #761 from ngoduykhanh/record_rollback 
Fix #752 - Rollback the removed record if apply operation failed
 2020-10-11 13:01:26 +02:00
Khanh Ngo d72709e0f4
Add index on history table 2020-10-11 12:49:28 +02:00
Khanh Ngo 76562f8a46
Fix typo 
Remove space from oidc_oauth_last_name default value
 2020-10-10 21:03:34 +02:00
Khanh Ngo 55ad73d92e
Merge pull request #800 from cyso/pr/oidc-account 
OIDC User and Account management during login
 2020-10-10 14:32:14 +02:00
Khanh Ngo a679073928
Merge pull request #773 from terbolous/azure-oauth 
Add Account creation/permission handling based on Azure oAuth group membership
 2020-10-10 14:20:26 +02:00
Nick Douma 70c2744f29 Log amount of accounts found in PowerDNS 2020-08-06 17:45:05 +02:00
Nick Douma 3c59ba6f84 Account does not have username 2020-08-06 17:44:54 +02:00
Nick Douma b4d7f66e29 Use Account.delete_account to also handle unlinking of Users 2020-08-06 16:33:00 +02:00
Nick Douma f9f966df75 Allow for configuration of logout url 2020-08-06 15:29:02 +02:00
Nick Douma 27f5c89f70 Manage Account membership on oidc login 2020-08-06 15:28:54 +02:00
Nick Douma 7ef6f5db4e Check if plain_text_password is falsish instead of empty string 2020-08-06 15:28:45 +02:00
Nick Douma 0ef57b2f9f Implement account update method 
Allow syncing of all known accounts from PowerDNS, in the same
way that Domain().update() does for domains.
 2020-08-06 15:22:28 +02:00
Erik Weber 25db119d02
Add Account creation/permission handling based on Azure oAuth group membership 2020-07-03 08:55:31 +02:00
Khanh Ngo 5123d542e4
Fix #752 - Rollback the removed record if apply operation failed 2020-06-19 09:34:33 +07:00
Khanh Ngo a3fd856dd8
Code refactoring and bug fixes 2020-06-19 08:47:51 +07:00
Khanh Ngo cfc8567180
Merge pull request #742 from nfantone/feat/remote-user 
Support authenticating using REMOTE_USER environment variable
 2020-05-26 15:36:47 +07:00
Khanh Ngo 125883330e Merge branch 'pull/679' 2020-05-24 21:19:04 +07:00
Nicolás Fantone 52298f8289 Support login in through REMOTE_USER environment variable 
Support redirecting remote users to logout URL and clearing remote login cookies
 2020-05-22 15:31:24 +01:00
Steve Shipway 3476c8a9ec SJS Sort rrset members by content before comparison to ensure correct compare. Also default comment to blank entry rather than missing entry, to allow sorting to work correctly. 2020-05-20 16:21:28 +12:00
root 2044ce4737 oidc custom claims 2020-05-04 07:12:48 +00:00
Scott Howard 417338d826 Remove blank comments from rrsets before sending for compatibility with some pdns backends 2020-03-07 02:07:41 -06:00
Enrico Tröger eabbcedf08 Perform domain sync within a single transaction 
This increases data inconsistency and also performance of the whole
update process: SqlAlchemy can use its own caching better with a single
transaction as it does not need to mark already fetched objects as dirty
and so re-fetch them again on later use. So after deleting a domain,
we can still use the previously fetched domain objects for the update
operations afterwards. Otherwise SqlAlchemy had to fetch each domain
object again with single SELECT statements which leads to bad
performance with many domains (>> 1000).

The introduced "do_commit" variable controls whether the database
changes are to be committed by the caller or in the called method
itself. So we can use a single transaction for the Domain.update()
method while still preserving the previous behavior for other callers.

Closes #428.
 2020-02-02 15:15:20 +01:00
Khanh Ngo 4cfb6ef81f
Merge branch 'master' of github.com:ngoduykhanh/PowerDNS-Admin 2020-01-29 22:33:32 +07:00
Khanh Ngo 31d19b19ab Merge remote-tracking branch 'eht16/add_ssl_verify_setting' 2020-01-29 22:33:24 +07:00