Veovis
bd92c5946c
Fix broken SAML login from 9c00e48f
2022-04-12 17:14:54 +02:00
Ricardo Melo
ee0511ff4c
[Fix] AD recursive problem
...
- Fixing #1011[https://github.com/PowerDNS-Admin/PowerDNS-Admin/issues/1011 ]
2022-04-11 08:49:38 -04:00
Vasileios Markopoulos
098224eed1
Merge pull request #1123 from gunet/log-dnssec-enabling
...
Log DNSSEC status change for a domain
2022-04-11 15:21:59 +03:00
ManosKoukoularis
9e90dde144
Merge pull request #1158 from AdvanticGmbH/domain_xss
...
Render domain data table fields only as text
2022-04-11 13:05:43 +03:00
vmarkop
9c62208c2e
Updated repository URL
2022-04-11 12:21:34 +03:00
jbe-dw
8cf2985335
Merge pull request #979 from mirko/make-onelogin-pkg-optional
...
routes/index.py: Make package 'onelogin.saml2.utils' optional
2022-04-07 13:37:00 +02:00
jbe-dw
33f1c6ad61
Merge pull request #1027 from mirko/add-WWW-Authenticate-header-for-dyndns
...
dyndns: Respond with HTTP header 'WWW-Authenticate' to unauthed requests
2022-04-07 13:31:03 +02:00
AdvanticGmbH
b534eadf19
Decode domain record data and comment from HTML entity to text
2022-04-04 14:43:02 +02:00
AdvanticGmbH
e596de37f4
Render Name, Type, Status, TTL, Data and Edit as text
2022-04-04 14:16:40 +02:00
AdvanticGmbH
930932d131
Render domain data table fields only as text
2022-04-04 14:06:31 +02:00
jbe-dw
13ff4df9f9
Merge pull request #1122 from gunet/auth_type_log_fix
...
Fixed LDAP Authenticator Type logging
2022-04-03 14:59:48 +02:00
jbe-dw
c6de972ed8
Merge pull request #1101 from decryptus/master
...
[BUG] Fixed delete zone from API
2022-04-03 00:29:47 +02:00
Jérôme BECOT
17b4269e1b
fix: Set Content-Type on backend API calls
2022-03-30 23:39:00 +02:00
ManosKoukoularis
fcb8287f14
Update login.html
2022-02-25 12:59:23 +02:00
Jérôme BECOT
84a183d913
fix: Disassociate domains from account before deletion
2022-02-24 11:24:19 +01:00
Jérôme BECOT
6ba1254759
feat: Make domain update optional in assoc_account
2022-02-24 11:24:12 +01:00
kkmanos
10603fbb36
fixed csrf expiration for login page
2022-02-17 18:10:06 +02:00
kkmanos
e21f53085d
added DNSSEC enabling/disabling to history logs
2022-02-17 17:40:48 +02:00
vmarkop
36cee8cddc
Fixed 'LOCAL' Authenticator Type showing for LDAP auth
2022-02-17 17:34:54 +02:00
kkmanos
b9cf7245a5
fixed csrf expiration for login page
2022-02-17 17:02:11 +02:00
Adrien Delle Cave
6982e0107c
Typo in routes/api.py
2022-01-20 12:49:37 +01:00
Adrien Delle Cave
98bd9634a4
[BUG] Fixed delete zone from API
2022-01-19 13:50:12 +01:00
zoeller-freinet
0b2ad520b7
History table: relocate HTML for modal window ( #1090 )
...
- Store HTML for modal window inside an invisible <div> element instead
of inside the <button> element's value attribute
- Mark history.detailed_msg as safe as it is already manually run
through the template engine beforehand and would be broken if escaped
a second time
2022-01-01 21:20:01 +01:00
Christian
302e793665
Add button for admin page in single Domain view ( #1076 )
...
* Added button for admin page in domain overview
2021-12-31 00:55:59 +01:00
RGanor
328780e2d4
Revert "Merge branch 'master' into master"
...
This reverts commit ca4c145a18
, reversing
changes made to 7808febad8
.
2021-12-25 16:17:54 +02:00
RGanor
ca4c145a18
Merge branch 'master' into master
2021-12-25 16:10:18 +02:00
zoeller-freinet
7808febad8
login.html: don't suggest previous OTP tokens
...
This change has been tested to work with:
- Chromium 96.0.4664.93
- Firefox 95.0
- Edge 96.0.1054.57
2021-12-17 12:48:11 +01:00
Vasileios Markopoulos
94a923a965
Add 'otp_force' basic setting ( #1051 )
...
If the 'otp_force' and 'otp_field_enabled' basic settings are both enabled, automatically enable 2FA for the user after login or signup, if needed, by setting a new OTP secret. Redirect the user to a welcome page for scanning the QR code.
Also show the secret key in ASCII form on the user profile page for easier copying into other applications.
2021-12-17 11:41:51 +01:00
Kateřina Churanová
eb70f6a066
fix: making the key name in the config database unique
2021-12-12 20:32:14 +01:00
Jérôme BECOT
0da9b2185e
fix: Error in the swagger AccountSummary definition
2021-12-08 23:11:13 +01:00
zoeller-freinet
07f0d215a7
PDNS-API: factor in 'dnssec_admins_only' basic setting ( #1055 )
...
`GET cryptokeys/{cryptokey_id}` returns the private key, which justifies
that the setting is honored in this case.
2021-12-06 22:38:16 +01:00
Jérôme BECOT
d2f35a4059
fix: Check user zone create/delete permission
...
Co-authored-by: zoeller-freinet <86965592+zoeller-freinet@users.noreply.github.com>
2021-12-05 14:16:45 +01:00
zoeller-freinet
737e1fb93b
routes/admin.py: DetailedHistory: backward-compatibility
...
See https://github.com/ngoduykhanh/PowerDNS-Admin/pull/1066
2021-12-04 17:38:48 +01:00
zoeller-freinet
f0008ce401
routes/admin.py: refactor DetailedHistory
...
- Run HTML through the template engine, preventing XSS from various
vectors
- Fix uncaught exception when a history entry about domain template
deletion is processed
- Adapt indentation to 4 space characters per level
2021-12-04 16:09:53 +01:00
Dominic Zöller
6f12b783a8
models.user: get_accounts(): order by name
...
The order of account names returned by User.get_accounts() affects the
order account names are displyed in on /domain/add if the current user
neither has the Administrator role nor the Operator role and the
`allow_user_create_domain` setting is enabled at the same time.
If the current user does have the Administrator or Operator role,
routes.domain.add() already returns accounts ordered by name, so this
change makes it consistent.
2021-12-04 16:09:15 +01:00
Dominic Zöller
51a7f636b0
Use secrets module for generating new API keys and passwords
...
The implementation of `random.choice()` uses the Mersenne Twister, the
output of which is predictable by observing previous output, and is as
such unsuitable for security-sensitive applications. A cryptographically
secure pseudorandom number generator - which the `secrets` module relies
on - should be used instead in those instances.
2021-12-04 16:08:07 +01:00
ManosKoukoularis
9f46188c7e
Quotes fix ( #1066 )
...
* minor fix in history
* made key access more generic
2021-12-03 20:14:14 +02:00
root
caa48b7fe5
Merge branch 'quotes-fix'
...
Conflicts:
powerdnsadmin/routes/admin.py
2021-12-03 14:17:39 +00:00
root
940551e99e
feat: Associate an API Key with accounts ( #1044 )
2021-12-03 14:12:11 +00:00
ManosKoukoularis
6c1dfd2408
Datepicker replace ( #1059 )
...
* replaced jquery-ui-datepicker with bootstrap-datepicker
* removed obsolete static files
2021-12-02 11:59:36 +01:00
Dominic Zöller
701a442d12
default config: add exemplary URL encoding step for SQLA DB URL params
...
SQLAlchemy database URLs follow RFC-1738, so parameters like username
and password need to be encoded accordingly.
https://docs.sqlalchemy.org/en/13/core/engines.html#database-urls
2021-11-30 22:29:00 +01:00
ManosKoukoularis
1332c8d29d
History Tab Overhaul & Domain Record Modifications Changelog ( #1042 )
...
Co-authored-by: Konstantinos Kouris <85997752+konkourgr@users.noreply.github.com>
Co-authored-by: vmarkop <billy.mark.b.m.10@gmail.com>
Co-authored-by: KostasMparmparousis <mparmparousis.kostas@gmail.com>
Co-authored-by: dimpapac <demispapa@gmail.com>
2021-11-30 11:02:37 +02:00
benshalev849
b3f9b4a2b0
OIDC list accounts ( #994 )
...
Added the function to use lists instead of a single string in account autoprovision.
2021-11-19 17:53:17 +02:00
zoeller-freinet
bfaf5655ae
Clarify salt re-use for API keys ( #1037 )
2021-11-09 22:09:15 +02:00
benshalev849
3081036c2c
Env oauth url ( #1030 )
...
Overriding settings in DB using environment variable in docker
2021-11-05 18:22:38 +02:00
Daniel Molkentin
c7b4aa3434
fix: actually store OIDC logout URL ( #988 )
2021-11-05 17:28:21 +02:00
Vitali Quiering
e7d5a3aba0
feat: enable_api_rr_history setting ( #998 )
...
* feat: introduce enable_api_rr_history setting to disable api record
changes
2021-11-05 17:26:38 +02:00
zoeller-freinet
20b866a784
strip() whitespace from new local user master data ( #1019 )
...
When creating a new local user, there is a chance that, due to a copy &
paste or typing error, whitespace will be introduced at the start or end
of the username. This can lead to issues when trying to log in using the
affected username, as such a condition can easily be overlooked - no
user will be found in the database if entering the username without the
aforementioned whitespace. This commit therefore strip()s the username
string within routes/{admin,index}.py.
The firstname, lastname and email strings within
routes/{admin,index,user}.py are also strip()ped on this occasion.
2021-11-05 17:04:35 +02:00
zoeller-freinet
0e655c1357
user_profile tpl: set email input type attr to "email" ( #1020 )
...
It is then consistent with the email address input elements declared in
admin_edit_account.html, admin_edit_user.html and register.html.
2021-10-30 21:30:26 +02:00
steschuser
ba2423d6f5
fix if condition in pretty_domain_name ( #1008 )
2021-10-30 21:29:55 +02:00
jbe-dw
b8ee91ab9a
fix: Accounts API is broken ( #996 )
2021-10-30 21:28:36 +02:00
RGanor
c246775ffe
bg_domain button for operators and higher ( #993 )
2021-10-30 21:26:46 +02:00
Hidde
f96103db79
Replace [ZONE] placeholder with domain_name ( #960 )
2021-10-30 21:24:16 +02:00
steschuser
bf83662108
allow users to remove domain ( #952 )
2021-10-30 21:21:45 +02:00
steschuser
1f34dbf810
fix for api key ( #950 )
2021-10-30 21:19:49 +02:00
Khanh Ngo
b7197948c1
Reslove conflicts
...
Signed-off-by: Khanh Ngo <khanh.ngo@taxfix.de>
2021-10-30 21:19:01 +02:00
Khanh Ngo
ddf2d4788b
Reslove conflicts
...
Signed-off-by: Khanh Ngo <khanh.ngo@taxfix.de>
2021-10-30 21:15:04 +02:00
steschuser
1ec6b76f89
Remove otp field ( #942 )
2021-10-30 21:09:04 +02:00
Mark Zealey
4ce1b71c57
Fix when no records returned by API ( #923 )
...
For some reason when some programs delete a record we get an entry returned with records: []
2021-10-30 21:07:42 +02:00
steschuser
79457bdc85
Bug domain parse ( #936 )
2021-10-30 21:06:44 +02:00
Mirko Vogt
282c630eb8
dyndns: Respond with HTTP header 'WWW-Authenticate' to unauthed requests
...
The common procedure for HTTP Basic Auth is that a client does /not/
immediately send out credentials via an 'Authorization'-header, but to
wait until the server tells the client to do so - which the server
indicates via the 'WWW-Authenticate'-header.
PowerDNS-Admin (and flask in general), though, abort the whole
communication if no Authorization header was found in the initial
request - resulting in '200 "badauth"'.
While this might work for /some/ HTTP clients - which right away add an
Authorization header crafted from provided credentials (via args or
extracted from given URL), this is /not/ standard and /not/ common.
Hence add the 'WWW-Authenticate'-header for every unauthenticated call
checking for dyndns authorisation.
Note, though, this changes the status code from 200 to 401 in this case,
which - given the explanation why 200 was chosen in the first place -
might cause side effects.
2021-10-20 15:12:17 +00:00
RoeiGanor
10dc2b0273
bg_domain button for operators and higher
2021-08-13 20:03:06 +03:00
steschuser
993e02b635
limit user to only create domains for the accounts he belongs to ( #970 )
2021-08-05 19:42:58 +02:00
steschuser
07c71fb0bf
setting account_user_ids to empty list on GET /account/edit ( #966 )
2021-08-05 19:41:28 +02:00
steschuser
c4a9498898
respect_bg_domain_updates in routes/api ( #962 )
2021-08-05 19:39:26 +02:00
Kostas Mparmparousis
6e04d0419b
Provision PDA user privileges based On LDAP Attributes ( #980 )
2021-08-05 19:37:48 +02:00
Mirko Vogt
9c00e48f0f
routes/index.py: Make package 'onelogin.saml2.utils' optional
...
The onelogin package is not part of all saml packages for whatever
reason (e.g. Debian) and not easily installable from pypi (requires
CC toolchain).
As the onelogin functionality is already guarded by whether
SAML_ENABLED is set in other places (services/saml.py), also do so
in routes/index.py.
2021-07-23 06:56:09 +00:00
Carsten Rosenberg
d6e64dce8e
fix some jinja typos
2021-06-04 15:24:49 +02:00
Steffen Schwebel
b069cea8d1
add css to base as well
2021-06-02 09:44:15 +02:00
Steffen Schwebel
fd933f8dbc
remove unrelated files and changes as best as possible
2021-06-02 09:41:08 +02:00
Steffen Schwebel
0505b934a1
remove unrelated files and changes as best as possible
2021-06-02 09:39:39 +02:00
Steffen Schwebel
083a023e57
fix include
2021-06-01 16:41:26 +02:00
Steffen Schwebel
054e0e6eba
add rule for 'custom_css' setting
2021-06-01 16:24:07 +02:00
Steffen Schwebel
c13dd2d835
add 'custom_css' setting to model; check for 'custom_css' in template; create custom css dir in dockerfile
2021-06-01 16:15:31 +02:00
Steffen Schwebel
43a6e46e66
add setting to hide otp_token field on login page
2021-05-27 22:51:07 +02:00
Steffen Schwebel
36fdb3733f
Merge remote-tracking branch 'origin/master' into remove_otp_field
2021-05-25 15:30:32 +02:00
Steffen Schwebel
b197491a86
remove traceback
2021-05-25 12:44:07 +02:00
Steffen Schwebel
d23a57da50
handle decode error, output warning
2021-05-25 12:35:53 +02:00
Steffen Schwebel
4180882fb7
show traceback
2021-05-21 15:10:17 +02:00
root
bbbcf271fe
remove otp token from login page, depending on Setting
2021-05-20 15:21:56 +02:00
jyoung15
32983635c6
Delete blank comments. Fix for ngoduykhanh/PowerDNS-Admin#919 ( #920 )
2021-05-07 23:43:44 +02:00
Ian Bobbitt
39cddd3b34
SAML improvements for Docker ( #929 )
...
* Fix typo in managing user account membership with SAML assertion
* Support more config options from Docker env.
* Improve support for SAML key and cert from Docker secrets
Co-authored-by: Ian Bobbitt <ibobbitt@globalnoc.iu.edu>
2021-05-07 23:36:55 +02:00
jodygilbert
b66b37ecfd
delete history records when a domain is deleted ( #916 )
...
Co-authored-by: Jody <jody.gilbert@edftrading.com>
2021-05-07 22:55:45 +02:00
jodygilbert
98db953820
Allow user role to view history ( #890 )
2021-03-27 19:33:11 +01:00
jbe-dw
86700f8fd7
upd: improve user api ( #878 )
2021-03-16 19:39:53 +01:00
R. Daneel Olivaw
46993e08c0
Add punycode (IDN) support ( #879 )
2021-03-16 19:37:05 +01:00
jodygilbert
4c19f95928
Improve account creation/permission handling based on Azure oAuth group membership ( #877 )
2021-01-31 11:31:56 +01:00
jbe-dw
3a4efebf95
enh: display b64 encoded apikey on creation through the API ( #870 )
2021-01-24 09:43:51 +01:00
jodygilbert
7f86730909
allow-server-side-sessions ( #855 )
2021-01-24 09:09:53 +01:00
jbe-dw
8f6a800836
fix: account API output^ ( #874 )
2021-01-24 09:08:32 +01:00
jbe-dw
3cd98251b3
fix: API (apikeys) behaviour does not match swagger definition ( #868 )
2021-01-24 09:06:51 +01:00
jbe-dw
54b257768f
feat: Implement apikeys/<id> endpoint from swagger spec. ( #864 )
2021-01-16 20:49:41 +01:00
jbe-dw
718b41e3d1
feat: limit zone list for users on servers endpoint ( #862 )
2021-01-16 20:45:02 +01:00
jbe-dw
dd0a5f6326
feat: Allow sync domain with basic auth ( #861 )
2021-01-16 20:37:11 +01:00
jbe-dw
c3d438842f
fix: user jsonify to set response headers to json ( #863 )
2021-01-16 20:29:40 +01:00
jbe-dw
33e7ffb747
fix: Follow PDNS Api return format ( #858 )
2021-01-07 23:26:48 +01:00
jbe-dw
2c18e5c88f
fix: User role was not assigned upon creation ( #860 )
2021-01-07 23:07:20 +01:00
WhatshallIbreaktoday
c6e0293177
Tweaks to allow user apikey usage with powerdns terraform provider ( #845 )
2020-12-07 22:06:37 +01:00
Andrew Nimmo
680e4cf431
Avoid Safari telephone number detection
...
Using PowerDNS-Admin on an iPad with Safari can cause incorrect identification of some record data as a telephone number. When submitted, the record with the incorrectly identified data causes an error because of the additional markup present on the submitted data. This was noted in particular with the SOA record.
The proposed change is to add the Safari meta tag to disable format detection:
https://developer.apple.com/library/archive/documentation/AppleApplications/Reference/SafariHTMLRef/Articles/MetaTags.html#//apple_ref/doc/uid/TP40008193-SW5
2020-10-14 17:21:59 +02:00
Khanh Ngo
70b1accaa0
Merge pull request #801 from cyso/pr/sync-accounts
...
Implement account update method
2020-10-12 12:48:22 +02:00
Khanh Ngo
7254a94497
Merge pull request #825 from ngoduykhanh/adjustment
...
Add index on history table
2020-10-11 13:11:09 +02:00
Khanh Ngo
3034630bc0
Merge pull request #761 from ngoduykhanh/record_rollback
...
Fix #752 - Rollback the removed record if apply operation failed
2020-10-11 13:01:26 +02:00
Khanh Ngo
d72709e0f4
Add index on history table
2020-10-11 12:49:28 +02:00
Khanh Ngo
76562f8a46
Fix typo
...
Remove space from oidc_oauth_last_name default value
2020-10-10 21:03:34 +02:00
Khanh Ngo
0dfced4968
Upgrade pip packages
2020-10-10 20:27:09 +02:00
Khanh Ngo
55ad73d92e
Merge pull request #800 from cyso/pr/oidc-account
...
OIDC User and Account management during login
2020-10-10 14:32:14 +02:00
Khanh Ngo
a679073928
Merge pull request #773 from terbolous/azure-oauth
...
Add Account creation/permission handling based on Azure oAuth group membership
2020-10-10 14:20:26 +02:00
Khanh Ngo
b5fc9045f2
Merge pull request #766 from frei-style/sort_accounts
...
Sort accounts by name on 'New Domain' and domain 'Admin'
2020-10-10 14:18:02 +02:00
Khanh Ngo
f3bcf1b834
Merge pull request #763 from RoeiGanor/fix_gravatar
...
Fix gravatar offline mode
2020-10-10 14:16:57 +02:00
Khanh Ngo
b8ffb1dae9
Merge pull request #804 from RoeiGanor/api_key
...
Add API Key to the UI
2020-10-10 14:11:09 +02:00
Tom Hetmer
cf62658e19
do not fail with wildcard PTRs
2020-09-10 01:18:07 +07:00
root
74b89b1b7e
Add API Key to the UI
2020-08-08 13:41:18 +00:00
Nick Douma
70c2744f29
Log amount of accounts found in PowerDNS
2020-08-06 17:45:05 +02:00
Nick Douma
3c59ba6f84
Account does not have username
2020-08-06 17:44:54 +02:00
Nick Douma
b4d7f66e29
Use Account.delete_account to also handle unlinking of Users
2020-08-06 16:33:00 +02:00
Nick Douma
f9f966df75
Allow for configuration of logout url
2020-08-06 15:29:02 +02:00
Nick Douma
27f5c89f70
Manage Account membership on oidc login
2020-08-06 15:28:54 +02:00
Nick Douma
7ef6f5db4e
Check if plain_text_password is falsish instead of empty string
2020-08-06 15:28:45 +02:00
Nick Douma
ab6480a4b4
Update user with info from oidc during login
2020-08-06 15:28:27 +02:00
Nick Douma
0ef57b2f9f
Implement account update method
...
Allow syncing of all known accounts from PowerDNS, in the same
way that Domain().update() does for domains.
2020-08-06 15:22:28 +02:00
Erik Weber
22eabef06a
Use the correct matching group
2020-07-03 11:01:17 +02:00
Erik Weber
e993422106
Add regex matching for group/account description
2020-07-03 10:55:06 +02:00
Erik Weber
25db119d02
Add Account creation/permission handling based on Azure oAuth group membership
2020-07-03 08:55:31 +02:00
Manuel Frei
9946f72a85
Order accounts by name on 'New Domain' and domain admin
2020-06-28 01:59:12 +02:00
Roei Ganor
0f9a5f8652
Fix gravatar offline mode
2020-06-24 11:17:45 +03:00
Khanh Ngo
f3f91d56e2
Adjust html code
2020-06-20 11:08:14 +07:00
Khanh Ngo
1b4fe8935d
Merge branch 'master' into record_rollback
2020-06-20 10:17:52 +07:00
Khanh Ngo
4e63f8380b
Merge pull request #756 from RoeiGanor/master
...
Changed default TTL
2020-06-20 09:55:41 +07:00
Khanh Ngo
1f4580a27a
Log failed domain apply operation
2020-06-20 09:51:30 +07:00
Khanh Ngo
5123d542e4
Fix #752 - Rollback the removed record if apply operation failed
2020-06-19 09:34:33 +07:00
Khanh Ngo
a3fd856dd8
Code refactoring and bug fixes
2020-06-19 08:47:51 +07:00
Roei
84ae753db2
Changed default TTL
2020-06-14 09:13:01 +03:00
Ymage
4e39d5a461
Fix session clearing
2020-05-29 17:41:20 +02:00
Khanh Ngo
cfc8567180
Merge pull request #742 from nfantone/feat/remote-user
...
Support authenticating using REMOTE_USER environment variable
2020-05-26 15:36:47 +07:00
Nicolás Fantone
39db31b5ae
Add missing ensure_list util function
2020-05-25 14:16:33 +01:00
Khanh Ngo
831fbf3cb3
Merge pull request #738 from ymage/url_for_static_assets
...
Add url_for() for static assets
2020-05-24 21:22:33 +07:00
Khanh Ngo
125883330e
Merge branch 'pull/679'
2020-05-24 21:19:04 +07:00
Khanh Ngo
73c267848c
Merge branch 'master' into url_for_static_assets
2020-05-24 21:16:00 +07:00
Khanh Ngo
5ac126f349
Merge pull request #739 from sshipway/sorting
...
Sort rrset members by content before comparison to ensure correct compare
2020-05-24 21:06:51 +07:00
Nicolás Fantone
52298f8289
Support login in through REMOTE_USER environment variable
...
Support redirecting remote users to logout URL and clearing remote login cookies
2020-05-22 15:31:24 +01:00
Khanh Ngo
a598c52729
Fix base template
...
current_user is Anonymous when we are not authenticated. Need to check if
email attribute is defined before using it
2020-05-22 17:37:39 +07:00
Steve Shipway
3476c8a9ec
SJS Sort rrset members by content before comparison to ensure correct compare. Also default comment to blank entry rather than missing entry, to allow sorting to work correctly.
2020-05-20 16:21:28 +12:00
Ymage
99f12df748
Add url_for() for static assets
2020-05-20 00:03:36 +02:00
Khanh Ngo
0ef132a7be
Update swagger yaml
2020-05-17 21:00:13 +07:00
Khanh Ngo
fd0485d897
Merge remote-tracking branch 'keesbos/mgmt'
2020-05-17 19:43:45 +07:00
Khanh Ngo
ab7e1eb71b
Fix email confirmation template
2020-05-17 16:11:52 +07:00
Khanh Ngo
edb2a354d1
Merge pull request #725 from Monogramm/ui/favicon
...
fix: Add favicon to fix #724
2020-05-17 13:47:18 +07:00
Khanh Ngo
78245d339f
Merge pull request #717 from RoeiGanor/master
...
OIDC custom claims
2020-05-17 13:44:52 +07:00
mathieu.brunot
9f562714f2
fix: Add favicon to fix #724
...
Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
2020-05-09 23:56:19 +02:00
root
2044ce4737
oidc custom claims
2020-05-04 07:12:48 +00:00
Khanh Ngo
33eff6313f
Fix loading zone with Slave type
2020-05-02 09:41:01 +07:00
Khanh Ngo
978c0b6c62
Merge pull request #711 from terbolous/azure_oauth
...
Azure oauth fixes
2020-05-01 10:25:27 +07:00
Roei Ganor
483c767d26
Offline installation and searchable inputs
2020-04-30 17:20:37 +00:00
Erik Weber
b03cbdea65
Azure oauth: Graph api calls it mail, not email
2020-04-30 12:15:19 +02:00
Erik Weber
b8442c4c5c
Azure oauth: remove preferredName from query
2020-04-30 12:14:32 +02:00
Khanh Ngo
9e8401ae46
Merge branch 'master' of github.com:ngoduykhanh/PowerDNS-Admin
2020-04-30 10:17:32 +07:00
Khanh Ngo
02692c7759
Code formating
2020-04-30 10:17:08 +07:00
Khanh Ngo
bbd00865dc
Merge pull request #681 from eht16/fix_create_template_from_zone_url
...
Remove $SCRIPT_ROOT from 'admin.create_template_from_zone' URL
2020-04-30 09:12:04 +07:00
Marcus Knight
0e093d4eec
Support only having one auth method enabled (which isn't ldap/local)
2020-04-16 16:04:10 +08:00
Attila DEBRECZENI
def06bee41
set SAML wantAssertionsEncrypted from config
2020-04-03 13:44:03 +00:00
Attila DEBRECZENI
cc26174a48
wantAssertionsEncrypted to false
2020-03-27 02:19:06 +01:00
Attila DEBRECZENI
a581aa3cf2
add SAML_ASSERTION_ENCRYPTED envrionment
2020-03-25 21:35:20 +00:00
Attila DEBRECZENI
e550b0a109
SAML debug attributes
2020-03-25 21:05:30 +00:00
Enrico Tröger
bc2e7c9786
Remove $SCRIPT_ROOT from 'admin.create_template_from_zone' URL
...
As the URL here is contructed from Flask's "url_for" which already
takes the script root into account, we do not need to add it here
explicitly. This would result in a duplicate script root otherwise.
2020-03-09 17:08:27 +01:00
Scott Howard
417338d826
Remove blank comments from rrsets before sending for compatibility with some pdns backends
2020-03-07 02:07:41 -06:00
Khanh Ngo
f2704649f1
Merge pull request #668 from pprietosanchez/fix_search_API_request
...
Correct request method
2020-03-06 14:08:39 +07:00
Khanh Ngo
026dcead7f
Merge pull request #671 from eht16/add_missing_format_arguments
...
Add missing format arguments for error message
2020-03-06 13:58:10 +07:00
Khanh Ngo
7024404f73
Merge pull request #674 from sshipway/patch-1
...
Corrections to Azure auth service definition after refactor
2020-03-06 13:57:09 +07:00
Enrico Tröger
b421b9b38a
Fix token name in session for OIDC and GitHub authentication
2020-03-05 17:07:13 +01:00
Steve Shipway
7ac6529e0a
Corrections to Azure auth service definition after refactor
2020-03-04 17:34:01 +13:00
Enrico Tröger
2d55832729
Add missing format arguments for error message
2020-03-04 00:27:48 +01:00
pprietosanchez
a2d98d38e2
Correct request method
2020-02-28 16:25:19 +01:00
Khanh Ngo
52eb62a911
Fix unit tests
...
The python float number formatting causes unit tests failed
2020-02-13 16:22:07 +07:00
Khanh Ngo
d497fdee8e
Merge pull request #655 from eht16/issue428_sync_performance
...
Perform domain sync within a single transaction
2020-02-12 09:56:41 +07:00
Khanh Ngo
13aab7f6ee
Merge pull request #645 from eht16/outgoing_request_logging
...
Add log message after remote server request
2020-02-12 09:45:12 +07:00
Enrico Tröger
81bfde5a79
Add log message after remote server request
...
This might be handy to detect remote server problems or debugging
timeouts and the like.
2020-02-02 15:23:00 +01:00
Enrico Tröger
eabbcedf08
Perform domain sync within a single transaction
...
This increases data inconsistency and also performance of the whole
update process: SqlAlchemy can use its own caching better with a single
transaction as it does not need to mark already fetched objects as dirty
and so re-fetch them again on later use. So after deleting a domain,
we can still use the previously fetched domain objects for the update
operations afterwards. Otherwise SqlAlchemy had to fetch each domain
object again with single SELECT statements which leads to bad
performance with many domains (>> 1000).
The introduced "do_commit" variable controls whether the database
changes are to be committed by the caller or in the called method
itself. So we can use a single transaction for the Domain.update()
method while still preserving the previous behavior for other callers.
Closes #428 .
2020-02-02 15:15:20 +01:00
Khanh Ngo
4cfb6ef81f
Merge branch 'master' of github.com:ngoduykhanh/PowerDNS-Admin
2020-01-29 22:33:32 +07:00
Khanh Ngo
31d19b19ab
Merge remote-tracking branch 'eht16/add_ssl_verify_setting'
2020-01-29 22:33:24 +07:00
Khanh Ngo
faeb8d1f94
Merge pull request #652 from ngoduykhanh/fix_import
...
Fix logging in models
2020-01-29 22:31:56 +07:00
Khanh Ngo
a069fdd8cb
Merge pull request #648 from eht16/adjustable_log_level
...
Introduce PDNS_ADMIN_LOG_LEVEL to change the log level
2020-01-29 22:28:03 +07:00
Khanh Ngo
dbb181d575
Merge pull request #647 from eht16/fix_typos
...
Fiy typos in logging messages
2020-01-29 22:21:29 +07:00
Khanh Ngo
23c73f6c52
Fix logging in models
2020-01-29 22:18:15 +07:00
Khanh Ngo
2de8bf55f8
Merge branch 'dashboard_search_placeholder'
2020-01-29 22:00:17 +07:00
Kees Bos
4d391ccb34
Extend api with account and user management
2020-01-27 14:04:15 +00:00
Enrico Tröger
0f6b7bdcf6
Introduce PDNS_ADMIN_LOG_LEVEL to change the log level
...
By setting the environment variable PDNS_ADMIN_LOG_LEVEL to a Python
support log level, PowerDNS-Admin will use that log level.
2020-01-27 00:20:32 +01:00
Enrico Tröger
ccaf74646d
Fiy typos in logging messages
2020-01-27 00:05:28 +01:00
Enrico Tröger
68843d9664
Add new setting to verify outgoing SSL connections
...
The new setting 'verify_ssl_connections' tells the requests library to
verify secured outgoing HTTP connections.
Usually verifying is desired and helps to reveal configuration
problems. It also disables an ugly warning when HTTPS connections
are made without verification.
2020-01-25 19:44:11 +01:00
Enrico Tröger
737531d23f
Add dashboard search placeholder to describe search patterns
...
Since ^ and $ for searching from start and to end is supported, let's
tell the user about it.
2020-01-25 19:26:13 +01:00
mathieu.brunot
acef820c54
🐛 Fix logger for LDAP group filter
...
Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
2020-01-08 23:40:14 +01:00
mathieu.brunot
0ea188f8d6
✏️ Fix copy/paste error in div id
...
Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
2020-01-08 23:31:51 +01:00
mathieu.brunot
66ff3426e0
👌 Update LDAP selection flip
...
Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
2020-01-08 23:23:40 +01:00
mathieu.brunot
b4b5673cf1
Merge branch 'master' of github.com:johnwarburton/PowerDNS-Admin into feat/groupofnames
...
Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
2020-01-08 23:19:51 +01:00
Khanh Ngo
1cd423041c
Fix #632
2020-01-07 14:30:28 +07:00
Khanh Ngo
b1ba339a9c
Merge remote-tracking branch 'sshipway/azure'
2020-01-03 21:07:57 +07:00
Khanh Ngo
e1c0b4a1b4
Fix missing import
2020-01-03 10:03:20 +07:00
Steve Shipway
cff4d0af53
Fix some formatting issues
2020-01-03 15:57:07 +13:00
Steve Shipway
765eab999a
Azure OAuth - add Group mappings to Roles
2020-01-03 15:36:38 +13:00
Khanh Ngo
7f8ae003fc
Fix #631 Ipv6 reverse dns with pretty_ipv6_ptr enabled
2020-01-03 09:32:04 +07:00
Khanh Ngo
3bf6e6e9f1
Merge pull request #622 from ngoduykhanh/email_verification
...
Add user email verification
2019-12-22 10:06:43 +07:00
Khanh Ngo
462190a913
Fix API key query
2019-12-22 10:06:02 +07:00
Khanh Ngo
9533d8a5aa
Adjustment in user profile email
...
- Don't allow to update to new email address that currently used by another user
- Reset the confirmed status if verify_user_email setting is enabled
2019-12-22 09:19:35 +07:00
Khanh Ngo
d09a645300
Fix migration script and user model
2019-12-22 08:40:05 +07:00
Khanh Ngo
4bdd433079
Fix migration script and LGTM
2019-12-21 22:26:56 +07:00
Khanh Ngo
7739bf7cfc
Add user email verification
2019-12-21 21:43:03 +07:00
Khanh Ngo
1ea460fc71
Merge remote-tracking branch 'Neven1986/saml_requested_attrs'
2019-12-20 21:08:06 +07:00
Khanh Ngo
8723b7d56b
Fix #529 . Update domain serial columns type
2019-12-20 11:36:27 +07:00
Neven1986
3688cec91a
Support for SAML metadata Requested Attributes
...
Enhancements:
- More robust check when creating self-signed certificates
- Added support for SAML Requested Attributes through "SAML_SP_REQUESTED_ATTRIBUTES" parameter
2019-12-20 03:24:26 +01:00
Khanh Ngo
5567886aa3
Fix #614 . Can not enable dnssec
2019-12-19 21:50:15 +07:00
Khanh Ngo
93cd64ac75
Fix #613 . Create domain from template with SOA record enabled
2019-12-19 21:43:53 +07:00
Khanh Ngo
59110432a0
Merge pull request #612 from Neven1986/saml_certificate_fix
...
SAML certificate fix and enhancement
2019-12-19 09:11:15 +07:00
Neven1986
567430790c
SAML certificate fix and enhancement
...
Problems resolved:
- Method create_self_signed_cert() was invoked nowhere. This puts parameter "SAML_SIGN_REQUEST" description in configs/development.py as incorrect
- Method create_self_signed_cert() was returning error while trying to write out certificate and private key. File handler was opened for writing out TEXT instead of BINARY data
Enhancements:
- Two new parameters are introduced SAML_CERT_FILE and SAML_KEY_FILE. User can now explicitly define own certificate and key file anywhere on file-system.
- If parameters mentioned in previous bullet aren't explicitly defined, in PowerDNS-Admin root directory self-signed certificate will be created.
- Certificates will be used or generated in any case, because in saml.py there are explicit parameters defined which require certificate/key in order to work normally. If they aren't, exception will be thrown. Examples of parameters defined in saml.py requiring certificate: wantAssertionsEncrypted, signMetadata, wantAssertionsSigned.
2019-12-19 00:40:25 +01:00
Khanh Ngo
7205b4a01b
User session improvement
...
- Add session handler on other blueprint's before request
- Adjustment in using jTimeout to close warning popup on
other tabs when we extend the session
2019-12-18 15:25:20 +07:00
Khanh Ngo
9a1b92fbc2
Add session timeout warning
2019-12-17 23:46:34 +07:00
Khanh Ngo
103bf176ed
Fix dashboard domain sorting
2019-12-17 13:34:52 +07:00
Khanh Ngo
3e961d7b21
LGTM fixes
2019-12-16 16:27:18 +07:00
Khanh Ngo
f5b88ebc73
Merge branch 'master' into record_adjustment
2019-12-16 15:54:38 +07:00
Khanh Ngo
3196297f57
Fix domain template. Drop PDNS 3.x support
2019-12-16 14:23:17 +07:00
Khanh Ngo
a891ed38e2
Add more log and history data
2019-12-16 11:01:16 +07:00
Khanh Ngo
4263bccbba
Format the history popup content
2019-12-15 21:42:08 +07:00
Khanh Ngo
de581e9e1d
Yapf code formatting
2019-12-15 09:40:05 +07:00
Neven1986
37f24f9fde
Correction of redirect URL after successful SAML login
...
From my perspective, if agreed, this change can be merged, because the basic SAM auth. functionality is now present
and was tested with "samlidp.io" iDP.
However, there are further improvements which I would like to integrate, but as a separate features in separate pull requests
2019-12-15 01:15:30 +01:00
Neven1986
894756ad96
Invocation of separate threa in get_idp_data() problem resolved
2019-12-14 21:45:51 +01:00
Neven1986
cd3535dcd2
- Variable references inside SAML class were fixed
...
- Function signatures inside SAML class were fixed
- Redirect URL for /saml/login path was modified (saml_authorized -> index.saml_authorized)
Current status is that SAML metadata can be generated under /saml/metadata and communication to SAML iDP is working
Problems remaining:
- SAML Response doesn't contain any attributes (There is no AttributeStatement on the Response). It can be that problem is on iDP side
- Background thread in retrieve_idp_data() cannot be spawned, this part is currently commented out, old code needs to be revisited
2019-12-14 18:59:59 +01:00
Khanh Ngo
5ac58d5503
Re-add pretty_ipv6_ptr. Bug fixes
2019-12-14 23:13:55 +07:00
Khanh Ngo
14658d797e
Adjustment in domain's record applying
2019-12-14 14:47:21 +07:00
Khanh Ngo
ad6b04bd78
LGTM fixes
2019-12-14 08:31:23 +07:00
Khanh Ngo
c0594b2c0b
Fix SAML
2019-12-13 21:55:11 +07:00
Khanh Ngo
d90a20f8da
Fix #602 domain table with long records
2019-12-13 21:22:58 +07:00
Tobias Paepke
81869f4cd8
add history entries for rrsets delivered via zone api which is forwarded to pdns
2019-12-11 14:04:18 +01:00
Khanh Ngo
242e31a490
Merge pull request #599 from ngoduykhanh/global_search
...
Add PDNS global search feature
2019-12-11 16:56:06 +07:00
Khanh Ngo
1d973d1614
Allow update zone kind the domain setting page
2019-12-11 16:02:36 +07:00
Khanh Ngo
798b7abb5b
Show actual result on applyChanges(). Remove generated assets files
2019-12-11 13:45:27 +07:00
Khanh Ngo
c62f9f6936
Formatting
2019-12-11 10:32:02 +07:00
Khanh Ngo
2cc73abbe5
Add PDNS global search feature
...
Remove POST method in global search route
Edit form action
2019-12-11 10:26:17 +07:00
Khanh Ngo
a65b940103
Remove POST method in global search route
2019-12-11 10:02:04 +07:00
Khanh Ngo
de69eaf825
Add PDNS global search feature
2019-12-11 09:55:18 +07:00
Khanh Ngo
67e6df6880
Bug fixes. Adjust logger
2019-12-10 17:08:43 +07:00
Khanh Ngo
9904505867
Bug fixes
2019-12-10 10:36:51 +07:00
Khanh Ngo
bca3c45e37
Add record comment
2019-12-09 17:50:48 +07:00
Khanh Ngo
c1fae6f3dd
Update README and LGTM fixes
2019-12-08 18:23:36 +07:00
Khanh Ngo
354383f0ec
Fix missing import
2019-12-08 08:57:24 +07:00
Khanh Ngo
19401699ca
Fix #596 missing import
2019-12-07 20:46:14 +07:00
Khanh Ngo
6af94df00a
LGTM fixes. Remove unused import and variables
2019-12-07 20:20:40 +07:00
Khanh Ngo
80b6ca19ac
Resolve the conflicts and add adjustment to #591
2019-12-06 14:27:35 +07:00
Khanh Ngo
8de6df4d3b
Fix the tests
...
Fix the tests
Fix the tests
2019-12-06 10:59:19 +07:00
Khanh Ngo
840e2a4750
Update docker stuff and bug fixes
2019-12-04 11:50:46 +07:00
Khanh Ngo
8ea00b9484
Refactoring the code
...
- Use Flask blueprint
- Split model and views into smaller parts
- Bug fixes
- API adjustment
2019-12-02 10:32:03 +07:00