The compaitibility for backends that don't support comments broke the
normal deletion of comments. This is fixed by limiting the
compaitibility to when we don't know for certain whether the backend of
that zone supports comments or not. This is done by checking if the
zone currently contains any comments: If it does, the backend definitly
supports comment; if it doesn't, we don't know and have to assume it
doesn't. The check is done by the "modified_at" attribute, because this
only exists on persistent comments from pdns and not on the "fill-up"
comments that PDA adds.
Luckily this also works perfectly for the deletion case, because to
delete a comment it had to already exist previously.
Fixes#1516
Added `VERSION` file to repository root for easy tracking of current app version.
Corrected bug with the latest changes to the settings model that can lead to a JSON decoding error for installations without a properly stored value.
Previous behavior required the specification of all three group security groups before the
"Save Settings" button would be enabled.
This adds a check into users.py which checks that the group is set before searching and
removes the javascript preventing the specification of any combination of groups.
Tested:
- Tested all combinations on AD after MR 1238
- Tested all combinations on OpenLDAP
- Tested enabling the Group Security with no groups set which correctly prevents login
Resolves#1462
This commit adds support for the `oidc_oauth_metadata_url` configuration
option. This option specifies the URL of the OIDC server's
metadata endpoint, which contains information about the OIDC server's
endpoints, supported scopes, and other configuration details. By using this
option, we can ensure compatibility with different OIDC servers and reduce
the risk of errors due to manual endpoint configuration.
PowerDNS 4.7 is supporting 2 new zone types: "producer" & "consumer"
Due to the domain type variable is limited to 6 chars, PDA Zone update will fail if producer or cusomer zones exist.
To solve this problem, this commit increases the lenght of the domain model type variable to 8 chars.
I added the parentheses to the `db.session.rollback` line to call the method, which will now properly roll back any changes made to the database if an error occurs.
PDNS checks that when a `CNAME` rrset is created that no other rrset of
the same name but a different rtype exists. When changing a record type
to `CNAME`, PDA will send two operations in one api call to PDNS: A
deletion of the old rrset, and the addition of the new rrset. For the
check in PDNS to pass, the deletion needs to happen before the addition.
Before PR #1201 that was the case, the first api call did deletions and
the second handled additions and changes. Currently the api payload
contains additions first and deletions last. PDNS applies these in the
order they are passed in the payload to the api, so to restore the
original/correct/working behaviour the order of operations in the api
payload has to be reversed.
fixes#1251
PyOTP's totp.verify defaults to the valid_window of zero, which means
it will reject valid codes, if submitted just past the 30 sec window.
It also means, users will run into authentication issues very quickly
if their phones time-sync isn't perfect.
Therefore valid_window should at the very least be 1 or more, settting
it higher trades security for robustness, especially with regard to
time desync issues.
