Commit Graph

275 Commits

Author SHA1 Message Date
Vadim Aleksandrov
52a5789c85 Add first working draft of domain templating functionality 2018-02-07 22:30:29 +03:00
thomasDOTde
92d7ca3870 added application certificate handling for signed SAML messages 2018-01-20 17:17:02 +01:00
thomasDOTde
050b822636 cleaup after merged pr 2017-12-05 12:59:08 +01:00
NomenNescio
d5b2dedd7f small fixes for return url after saml logout 2017-12-05 12:28:54 +01:00
thomasDOTde
85c07210db fixed name-id formating and name-id 2017-12-05 03:48:18 +01:00
thomasDOTde
e535ce0822 fixed session check 2017-12-05 00:23:10 +01:00
thomasDOTde
60086d5d15 added standard SAML logout method using metadata 2017-12-05 00:14:31 +01:00
thomasDOTde
049a8a4547 optimized domain permission check for normal users 2017-12-04 22:18:28 +01:00
NomenNescio
47cf1aff4a added configurable logout redirect URL 2017-12-04 14:43:58 +01:00
NomenNescio
620b0b55e8 replaced non-existent method with code that checks whether user has rights on the domain at hand 2017-12-04 14:00:30 +01:00
Radnik
9855bc70dc Fixed iCheck for multiple pages 2017-11-27 11:02:21 +01:00
thomasDOTde
971d6b2e28 fixed issue when not using LDAP 2017-11-10 12:28:42 +01:00
thomasDOTde
d65efe477a ensure authentication isn't possible without password 2017-11-06 23:36:11 +01:00
thomasDOTde
5a1a4b0161 Merge remote-tracking branch 'origin/master' 2017-11-03 12:24:54 +01:00
thomasDOTde
54e61bf072 added custom error page for SAML authentication errors 2017-11-03 12:24:25 +01:00
Thomas
4a4b03a7d0 Merge pull request #11 from ssendev/patch-1
Allow to change root domain record via dyndns
2017-11-03 00:36:06 +01:00
Thomas
cd6a58446d Merge pull request #9 from toxicvengeance/master
Add CAA record helper implemented by toxicvengeance
2017-11-03 00:32:12 +01:00
thomasDOTde
9e719a3a98 fixed merge 2017-11-03 00:00:04 +01:00
Thomas
2354eb69c3 Merge branch 'master' into ldap_group_security 2017-11-02 23:23:36 +01:00
thomasDOTde
37fee207a5 marked google oauth users as external 2017-11-01 22:30:08 +01:00
Thomas
83a0396350 Merge branch 'master' into feature-google-oauth 2017-11-01 22:18:43 +01:00
Thomas
c7fbc0ecd7 Merge pull request #4 from thomasDOTde/fix-Issue#176
Fix for #176
2017-11-01 22:06:42 +01:00
Thomas
e76063dbef Merge pull request #3 from thomasDOTde/fix-show-srvhelper
Corrected SRV record helper not showing
2017-11-01 21:59:48 +01:00
Thomas
ff9a6fcfba Merge pull request #2 from thomasDOTde/upstream-access-control
Add access control for non-admin users from hackedd
2017-11-01 21:47:14 +01:00
Paul Hooijenga
9a4021d5e5 Add access control for non-admin users
(cherry picked from commit 6e5b704)
2017-11-01 21:40:15 +01:00
thomasDOTde
12cb6f28fb implemented dynamic metadata lookup
removed saml json-templates
2017-11-01 17:31:51 +01:00
thomasDOTde
cd3b41553d fixed link for alternative login methods 2017-11-01 13:55:57 +01:00
thomasDOTde
f92661c753 remove unnecessary controls from profile for ext. auth. 2017-11-01 13:40:26 +01:00
thomasDOTde
baa960aad6 raised password length to 30 for external accounts.
fixed error_checking for saml-authentication
2017-11-01 13:31:41 +01:00
thomasDOTde
12c957bf5f disabled profile usage when authenticated externally 2017-11-01 01:34:29 +01:00
thomasDOTde
31eaee8e0b added saml authentication 2017-10-31 22:38:26 +01:00
thomasDOTde
805439e6ee updated preapre_flask_request to support frontend-ssl 2017-10-31 20:42:13 +01:00
thomasDOTde
933d678e83 added SAML auth basics and metadata 2017-10-31 19:21:22 +01:00
patito
a4b9722d47 Google OAuth 2017-09-22 15:28:09 +01:00
Nils Sandmann
168f19950d Corrected SRV record helper not showing
Signed-off-by: Nils Sandmann <git@softcat.org>
2017-09-19 12:11:09 +02:00
Paul Hooijenga
5d09daf8eb Fix dashboard domain query for non-admin users 2017-09-15 15:14:04 +02:00
Paul Hooijenga
a48417ac23 Add missing template 2017-09-04 15:34:01 +02:00
Maysara Abdulhaq
28c7a195e8 add LDAP direct binding and GROUP_SECURITY 2017-09-03 14:23:18 -04:00
Maysara A
501c5292ab binding with user credentials instead of preset LDAP user/pass 2017-07-24 21:08:25 -04:00
dkeightley
8cdfab1c7c Added NS record for forward and reverse domains 2017-07-03 15:53:26 +12:00
Paul Hooijenga
bcb2b06124 Do filtering and pagination of domains server-side. 2017-06-30 18:18:06 +02:00
toxicvengeance
5c5beec2d6 added default values 2017-05-10 23:25:32 +02:00
toxicvengeance
c9bfe00e59 added example caa values 2017-05-10 23:15:01 +02:00
toxicvengeance
300af22859 added caa record helper 2017-05-10 22:33:44 +02:00
Christopher Himmel
85694e4e93 added caa record helper 2017-05-10 22:30:06 +02:00
Znuff
8f31953b6d Fix for #176
Fixes #176. Tested briefly with my data.
2017-01-13 16:53:11 +02:00
Khanh Ngo
b6ed658cbd Merge pull request #156 from petersipos/feature/automatic-reverse-domain-creation
Feature/automatic reverse domain creation
2016-12-10 12:38:44 +07:00
SIPOS, Peter
72e3a82e9e Change reverse domain creation order
With refactoring the get_reverse_domain_name
function, we change the reverse domain checking to
a reverse order. In this way we check the lowest class
(more specific) reverse zone first. When an existing domain found we use it to create the reverse PTR records. If no one existing can be find, The most specific address will be used.
2016-11-28 08:39:07 +01:00
SIPOS, Peter
e6e3c39778 Add get_reverse_domain_name functionality
In this way the reverse it is possible to create
auto-ptr records in higher ip classes (eg. class A in IPv4).
Only works with existing higher class domain.

If is isn't find higher class domain, create a lowest class domain, and add there the reverse PTRs.

Also works with IPv6!
2016-11-21 19:44:10 +01:00
SIPOS, Peter
b9f95da906 Implement of checking existing higher class ip reverse zones
iteratively checking of existing domains with higher IP
classes. When this function find an existing higher class
domain return with that reverse address. eg. 192.in-addr.arpa

If it is not find  any existing higher class domain it returns with the lowest class domain reverse domain name. eg, 39.168.192.in-addr.arpa
2016-11-21 19:40:43 +01:00
SIPOS, Peter
d7db0d5e7a Fix create reverse domain function
Using of wrong variable
2016-11-21 19:36:43 +01:00
SIPOS, Peter
c53d9ace89 Extend reverse domain regexp with classes
With this modification it can be possible, to detect
custom IP classes for domains. It just need to 
modify the multipler in regexp {4} or {1}.

In the future it will works automaticly, but not now
2016-11-21 16:55:03 +01:00
SIPOS, Peter
1538cf0239 Limit record selection in reverse lookup domain to PTR
And also fix the default type selection of a new record
2016-11-21 15:52:07 +01:00
SIPOS, Peter
4ec70f4143 Change serial displaying in dashboard
When pdns not give us serial just notified serial, we need
to display that.
2016-11-21 14:51:36 +01:00
SIPOS, Peter
bbfbe3683e Make my record modal inputs more clear
Add "eg." before the placeholder texts.
Some user missed to fill out the priority field, and
then they got errors.
2016-11-21 14:50:22 +01:00
SIPOS, Peter
cc1a3def5d Add setting read and extra check to adding an auto-ptr record
It is using domain sepcific or global auto-ptr setting
to determine the using of auto-ptr creation.
2016-11-21 13:46:54 +01:00
SIPOS, Peter
3911935e3b Add an extra check into reverse domain creation
and also import strtobool
2016-11-21 13:45:17 +01:00
SIPOS, Peter
2d61c56e7b Add auto-ptr setting injection 2016-11-21 13:42:00 +01:00
SIPOS, Peter
85eaa8dd69 Add domain specific auto-dns preference to domain_management.html
It uses exactly the same method as the dyndns 
preferences. just copy-paste
2016-11-21 13:38:45 +01:00
SIPOS, Peter
94b0d26142 Delete settings related to domain on domain deleting
Because this bug domain deleting isn't possible when 
a domain specific attribute is set (eg. dyndns).

This modification delete domain settings before domain
deleting.
2016-11-21 13:30:16 +01:00
SIPOS, Peter
c81deb0044 Fix SOE-EDIT-API value in reverse-domain creation 2016-11-18 08:30:24 +01:00
SIPOS, Peter
7d72cf6088 Put a "." char in a safe way to the records name fields end
First of all we cut all of dot char at the end of the rstring and than we put one there.
this way we make sure that our string contains just
one dot at its end.
2016-11-17 15:04:07 +01:00
SIPOS, Peter
3dbbfc16ce Implement auto-ptr deleting functionality
this way we safely remove the corresponding auto created reverse ptr
2016-11-17 11:37:09 +01:00
SIPOS, Peter
58ef114f7f Move auto-ptr functionality into a new function 2016-11-17 11:35:09 +01:00
SIPOS, Peter
43f1289b98 Remove unnecessary record field in Record.delete()
refferring to pdns api documentation the fields inside the
of the entry delete json is not necessary.
2016-11-17 11:32:28 +01:00
SIPOS, Peter
d224bd6798 Fix typo error 2016-11-17 11:29:01 +01:00
SIPOS, Peter
3d7511f013 Add reverse PTR record adding to reverse domain
At this point we just create the new records and we don't
care about the record updates, so now this is a little bit buggy.
2016-11-16 15:15:35 +01:00
SIPOS, Peter
0e8a41f58e Move dns.reversename import to head of models.py
It is necessary because we use this function it the
pretty_ipv6_ptr don't turned on.
2016-11-16 15:13:02 +01:00
SIPOS, Peter
f430ed014b Add reverse domain creation into Record.apply()
When a record successefully added to a domain, it will
try to create a reverse lookup domain for that record.
In this point we aren't create the records yet...
2016-11-16 14:12:40 +01:00
SIPOS, Peter
562b7e2053 Add create_reverse_domain function to Domain
This function will create automatically the reverse lookup 
domain for the applied record of a Domain.
And also grant the privileges from the original Domain.
2016-11-16 14:09:13 +01:00
SIPOS, Peter
bbb71f401c Add try block into domain.get_id_by_name function
If we try to check if a domain exists, and we fetch with
get_id_by_name() function it will return with None if
the domain not exists, and return the id when yes.
2016-11-16 14:03:14 +01:00
bergzand
28f3dba050 Fix issue #133. Store hash as '*' for external users
Set password to '*' for users created by the create_user method. Should cause an invalid password hash for non local users added to the database
2016-09-28 10:50:37 +02:00
Felix Kaechele
d7a218a212 Ensure correct encoding when hashing and verifying
Depending on the database backend the string might not be UTF-8 encoded.
This makes sure that the hashing function works regardless of that.

Signed-off-by: Felix Kaechele <felix@kaechele.ca>
2016-09-17 07:25:05 -07:00
Felix Kaechele
b8e38b4d2f Replace PyQRCode with qrcode
qrcode is more common and better maintained

Signed-off-by: Felix Kaechele <felix@kaechele.ca>
2016-09-17 06:41:22 -07:00
Felix Kaechele
9b8c85c5c1 Replace onetimepass with pyotp
pyotp is more common and better maintained

Signed-off-by: Felix Kaechele <felix@kaechele.ca>
2016-09-17 06:37:20 -07:00
Khanh Ngo
460b4b65fe Adjust field length in History table 2016-09-13 14:07:48 +07:00
Timo Salola
18ed4b528f Fix issue with deleting domain 2016-09-12 12:20:42 +00:00
Peter Schiffer
558279e009 Log file doesn't need to exist before logger can log to it 2016-09-01 09:07:33 +02:00
Peter Schiffer
444be2c060 Log to file only if the file exists
If LOG_FILE config option contained invalid file, pdns admin wouldn't start.
Also, it wasn't possible to log only to stdout/stderr correctly, because
setting the log file to /dev/stdout would double the logs messages as the pdns
admin is already logging to the stderr.
2016-08-31 23:11:04 +02:00
CMGS
04e068787a refactor, make model more pythonic 2016-08-25 14:35:48 +08:00
Khanh Ngo
4a8e607ed2 Adjustment to not require PRETTY_IPV6_PTR config key by default. 2016-08-25 10:00:47 +07:00
Khanh Ngo
02bd378391 Merge pull request #118 from jallakim/pretty-ipv6-ptr
Pretty IPv6 PTR. Use the actual IPv6 address when editing PTR.
2016-08-25 09:51:10 +07:00
Khanh Ngo
e014767802 Merge pull request #121 from jallakim/pretty-history
Pretty history details
2016-08-23 10:31:53 +07:00
CMGS
4a3c4b53cc set user object id after created 2016-08-23 10:52:35 +08:00
Joachim Tingvold
9348afc26e Pretty history details. 2016-08-21 14:46:23 +00:00
Joachim Tingvold
8908c7d69b Cosmetics. 2016-08-19 23:07:36 +00:00
Joachim Tingvold
671a319e93 Pretty IPv6 PTR. Use the actual IPv6 address when editing PTR.
Rather than dealing with ip6.arpa-dotted-strings from hell, you can
now edit IPv6 PTR-records using the IPv6 address.
2016-08-19 23:04:20 +00:00
Joachim Tingvold
4f5b2e5c50 Set focus to the first field when adding a new row. 2016-08-19 18:13:34 +00:00
Joachim Tingvold
480a00bb87 Fix issues when adding a record, and sort and/or search is involved.
Previously this caused the newly added record to either appear at the
bottom, or not appear at all. Now it will always be added at the top,
and whatever search present is cleared.
2016-08-19 17:56:28 +00:00
ssendev
03e0f50795 Allow to change root domain record via dyndns 2016-08-18 22:05:15 +02:00
Khanh Ngo
d5fd1cc6d6 Merge pull request #107 from elitest/fix-gravatar
Fix NoneType error when logging in with AD
2016-08-16 09:37:00 +07:00
Jim Shaver
1b1153c7a6 Fix NoneType error when logging in with AD 2016-08-16 01:47:33 +00:00
Chuyen Vo
4a1d2055de Fix domain delete action if uwsgi path mount is not /
For ex: mount = /pdsn-admin=run.py
2016-08-15 15:06:16 +07:00
timfeirg
683f633d7d minor code style change 2016-08-13 00:49:53 +08:00
CMGS
186aedcfc7 github oauth login 2016-08-13 00:49:46 +08:00
Tamás Dévai
01dd8fd893 Fix route when the zone name containing slash character. 2016-08-02 10:59:31 +02:00
Joachim Tingvold
28796ed286 Fix issue where records could get deleted when different TTL. 2016-07-27 15:01:23 +00:00
Joachim Tingvold
0d1aa7971b Use correct TTL in updates. 2016-07-26 18:34:56 +00:00
Khanh Ngo
2cf88739b9 Fix delete button in records table. #91 2016-07-19 17:38:16 +07:00
Khanh Ngo
e7a4fb5e6a Force loading gravatar over https 2016-07-14 00:05:55 +07:00