deblan/PowerDNS-Admin
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
1026 commits 4 branches 6 tags 35 MiB
Commit graph

1026 commits

This branch
This branch
All branches
Author SHA1 Message Date
kkmanos d83a333f0b testing 2021-12-08 16:05:42 +02:00
kkmanos 92a47ce286 minor changes 2021-12-08 15:35:02 +02:00
vmarkop 26da010e79 Merge remote-tracking branch 'origin/master' into saml_interface 2021-12-07 15:34:56 +02:00
vmarkop c08f9b1cfd Migrated SAML settings from app.config to Settings(), SAML exception catching 2021-12-07 15:32:31 +02:00
vmarkop 3255bc26d0 Migrated settings from app.config to Settings() 2021-12-07 10:29:32 +02:00
Jérôme BECOT d2f35a4059 fix: Check user zone create/delete permission 
Co-authored-by: zoeller-freinet <86965592+zoeller-freinet@users.noreply.github.com>
 2021-12-05 14:16:45 +01:00
zoeller-freinet 737e1fb93b routes/admin.py: DetailedHistory: backward-compatibility 
See https://github.com/ngoduykhanh/PowerDNS-Admin/pull/1066
 2021-12-04 17:38:48 +01:00
zoeller-freinet f0008ce401 routes/admin.py: refactor DetailedHistory 
- Run HTML through the template engine, preventing XSS from various
  vectors
- Fix uncaught exception when a history entry about domain template
  deletion is processed
- Adapt indentation to 4 space characters per level
 2021-12-04 16:09:53 +01:00
Dominic Zöller 6f12b783a8 models.user: get_accounts(): order by name 
The order of account names returned by User.get_accounts() affects the
order account names are displyed in on /domain/add if the current user
neither has the Administrator role nor the Operator role and the
`allow_user_create_domain` setting is enabled at the same time.

If the current user does have the Administrator or Operator role,
routes.domain.add() already returns accounts ordered by name, so this
change makes it consistent.
 2021-12-04 16:09:15 +01:00
Dominic Zöller 51a7f636b0 Use secrets module for generating new API keys and passwords 
The implementation of `random.choice()` uses the Mersenne Twister, the
output of which is predictable by observing previous output, and is as
such unsuitable for security-sensitive applications. A cryptographically
secure pseudorandom number generator - which the `secrets` module relies
on - should be used instead in those instances.
 2021-12-04 16:08:07 +01:00
ManosKoukoularis 9f46188c7e
Quotes fix (#1066) 
* minor fix in history
* made key access more generic
 2021-12-03 20:14:14 +02:00
root caa48b7fe5 Merge branch 'quotes-fix' 
Conflicts:
	powerdnsadmin/routes/admin.py
 2021-12-03 14:17:39 +00:00
root 591055d4aa Merge branch 'master' of https://github.com/ngoduykhanh/PowerDNS-Admin 2021-12-03 14:12:32 +00:00
root 940551e99e feat: Associate an API Key with accounts (#1044) 2021-12-03 14:12:11 +00:00
jbe-dw f45ff2ce03
feat: Associate an API Key with accounts (#1044) 2021-12-03 15:35:15 +02:00
ManosKoukoularis 6c1dfd2408
Datepicker replace (#1059) 
* replaced jquery-ui-datepicker with bootstrap-datepicker

* removed obsolete static files
 2021-12-02 11:59:36 +01:00
Dominic Zöller 701a442d12 default config: add exemplary URL encoding step for SQLA DB URL params 
SQLAlchemy database URLs follow RFC-1738, so parameters like username
and password need to be encoded accordingly.

https://docs.sqlalchemy.org/en/13/core/engines.html#database-urls
 2021-11-30 22:29:00 +01:00
Nick Bouwhuis a3b70a8f47
Add Keycloak documentation (#1053) 2021-11-30 12:26:58 +02:00
ManosKoukoularis 1332c8d29d
History Tab Overhaul & Domain Record Modifications Changelog (#1042) 
Co-authored-by: Konstantinos Kouris <85997752+konkourgr@users.noreply.github.com>
Co-authored-by: vmarkop <billy.mark.b.m.10@gmail.com>
Co-authored-by: KostasMparmparousis <mparmparousis.kostas@gmail.com>
Co-authored-by: dimpapac <demispapa@gmail.com>
 2021-11-30 11:02:37 +02:00
vmarkop d223eba0a1 Added UI interface for SAML settings 2021-11-26 15:58:54 +02:00
benshalev849 b3f9b4a2b0
OIDC list accounts (#994) 
Added the function to use lists instead of a single string in account autoprovision.
 2021-11-19 17:53:17 +02:00
zoeller-freinet bfaf5655ae
Clarify salt re-use for API keys (#1037) 2021-11-09 22:09:15 +02:00
Khanh Ngo dd04a837bb
Update docker image build script 2021-11-06 15:44:20 +01:00
Khanh Ngo 5bb1a7ee29
Update docker image build script 2021-11-06 15:37:13 +01:00
Khanh Ngo c85a5dac24
Update docker image build script 2021-11-06 15:25:20 +01:00
benshalev849 3081036c2c
Env oauth url (#1030) 
Overriding settings in DB using environment variable in docker
 2021-11-05 18:22:38 +02:00
Daniel Molkentin c7b4aa3434
fix: actually store OIDC logout URL (#988) 2021-11-05 17:28:21 +02:00
Vitali Quiering e7d5a3aba0
feat: enable_api_rr_history setting (#998) 
* feat: introduce enable_api_rr_history setting to disable api record
changes
 2021-11-05 17:26:38 +02:00
zoeller-freinet 20b866a784
strip() whitespace from new local user master data (#1019) 
When creating a new local user, there is a chance that, due to a copy &
paste or typing error, whitespace will be introduced at the start or end
of the username. This can lead to issues when trying to log in using the
affected username, as such a condition can easily be overlooked - no
user will be found in the database if entering the username without the
aforementioned whitespace. This commit therefore strip()s the username
string within routes/{admin,index}.py.

The firstname, lastname and email strings within
routes/{admin,index,user}.py are also strip()ped on this occasion.
 2021-11-05 17:04:35 +02:00
Khanh Ngo 1662a812ba Update CI 
Signed-off-by: Khanh Ngo <khanh.ngo@taxfix.de>
 2021-10-31 14:34:35 +01:00
Khanh Ngo c49df09ac8 Update CI 
Signed-off-by: Khanh Ngo <khanh.ngo@taxfix.de>
 2021-10-31 14:31:14 +01:00
Khanh Ngo 924537b468 Update CI 
Signed-off-by: Khanh Ngo <khanh.ngo@taxfix.de>
 2021-10-31 14:25:22 +01:00
Khanh Ngo 4f8a547d47 Update CI 
Signed-off-by: Khanh Ngo <khanh.ngo@taxfix.de>
 2021-10-31 14:23:49 +01:00
Khanh Ngo ee9f568a8d
Update README.md 2021-10-31 13:16:42 +01:00
Khanh Ngo d7ae34ed53 Update CI 
Signed-off-by: Khanh Ngo <khanh.ngo@taxfix.de>
 2021-10-31 13:08:22 +01:00
jbe-dw 1c9ca60508
fix: jsmin 2.2.2 no longer available. Use 3.0.0 (#1021) 2021-10-30 21:30:53 +02:00
zoeller-freinet 0e655c1357
user_profile tpl: set email input type attr to "email" (#1020) 
It is then consistent with the email address input elements declared in
admin_edit_account.html, admin_edit_user.html and register.html.
 2021-10-30 21:30:26 +02:00
steschuser ba2423d6f5
fix if condition in pretty_domain_name (#1008) 2021-10-30 21:29:55 +02:00
Andreas Dirnberger 46e51f16cb
Remove unnecessary build step (#1003) 
The builder image does not need to cleanup itself, 
the whole purpose of it is to be dropped after the final artifacts are copied out.
 2021-10-30 21:29:23 +02:00
jbe-dw b8ee91ab9a
fix: Accounts API is broken (#996) 2021-10-30 21:28:36 +02:00
RGanor c246775ffe
bg_domain button for operators and higher (#993) 2021-10-30 21:26:46 +02:00
Hidde f96103db79
Replace [ZONE] placeholder with domain_name (#960) 2021-10-30 21:24:16 +02:00
steschuser bf83662108
allow users to remove domain (#952) 2021-10-30 21:21:45 +02:00
steschuser 1f34dbf810
fix for api key (#950) 2021-10-30 21:19:49 +02:00
Khanh Ngo b7197948c1 Reslove conflicts 
Signed-off-by: Khanh Ngo <khanh.ngo@taxfix.de>
 2021-10-30 21:19:01 +02:00
Khanh Ngo ddf2d4788b Reslove conflicts 
Signed-off-by: Khanh Ngo <khanh.ngo@taxfix.de>
 2021-10-30 21:15:04 +02:00
steschuser 1ec6b76f89
Remove otp field (#942) 2021-10-30 21:09:04 +02:00
Mark Zealey 4ce1b71c57
Fix when no records returned by API (#923) 
For some reason when some programs delete a record we get an entry returned with records: []
 2021-10-30 21:07:42 +02:00
steschuser 79457bdc85
Bug domain parse (#936) 2021-10-30 21:06:44 +02:00
steschuser 993e02b635
limit user to only create domains for the accounts he belongs to (#970) 2021-08-05 19:42:58 +02:00