Commit Graph

1504 Commits

Author SHA1 Message Date
benshalev849
3081036c2c
Env oauth url (#1030)
Overriding settings in DB using environment variable in docker
2021-11-05 18:22:38 +02:00
Daniel Molkentin
c7b4aa3434
fix: actually store OIDC logout URL (#988) 2021-11-05 17:28:21 +02:00
Vitali Quiering
e7d5a3aba0
feat: enable_api_rr_history setting (#998)
* feat: introduce enable_api_rr_history setting to disable api record
changes
2021-11-05 17:26:38 +02:00
zoeller-freinet
20b866a784
strip() whitespace from new local user master data (#1019)
When creating a new local user, there is a chance that, due to a copy &
paste or typing error, whitespace will be introduced at the start or end
of the username. This can lead to issues when trying to log in using the
affected username, as such a condition can easily be overlooked - no
user will be found in the database if entering the username without the
aforementioned whitespace. This commit therefore strip()s the username
string within routes/{admin,index}.py.

The firstname, lastname and email strings within
routes/{admin,index,user}.py are also strip()ped on this occasion.
2021-11-05 17:04:35 +02:00
Khanh Ngo
1662a812ba Update CI
Signed-off-by: Khanh Ngo <khanh.ngo@taxfix.de>
2021-10-31 14:34:35 +01:00
Khanh Ngo
c49df09ac8 Update CI
Signed-off-by: Khanh Ngo <khanh.ngo@taxfix.de>
2021-10-31 14:31:14 +01:00
Khanh Ngo
924537b468 Update CI
Signed-off-by: Khanh Ngo <khanh.ngo@taxfix.de>
2021-10-31 14:25:22 +01:00
Khanh Ngo
4f8a547d47 Update CI
Signed-off-by: Khanh Ngo <khanh.ngo@taxfix.de>
2021-10-31 14:23:49 +01:00
Khanh Ngo
ee9f568a8d
Update README.md 2021-10-31 13:16:42 +01:00
Khanh Ngo
d7ae34ed53 Update CI
Signed-off-by: Khanh Ngo <khanh.ngo@taxfix.de>
2021-10-31 13:08:22 +01:00
jbe-dw
1c9ca60508
fix: jsmin 2.2.2 no longer available. Use 3.0.0 (#1021) 2021-10-30 21:30:53 +02:00
zoeller-freinet
0e655c1357
user_profile tpl: set email input type attr to "email" (#1020)
It is then consistent with the email address input elements declared in
admin_edit_account.html, admin_edit_user.html and register.html.
2021-10-30 21:30:26 +02:00
steschuser
ba2423d6f5
fix if condition in pretty_domain_name (#1008) 2021-10-30 21:29:55 +02:00
Andreas Dirnberger
46e51f16cb
Remove unnecessary build step (#1003)
The builder image does not need to cleanup itself, 
the whole purpose of it is to be dropped after the final artifacts are copied out.
2021-10-30 21:29:23 +02:00
jbe-dw
b8ee91ab9a
fix: Accounts API is broken (#996) 2021-10-30 21:28:36 +02:00
RGanor
c246775ffe
bg_domain button for operators and higher (#993) 2021-10-30 21:26:46 +02:00
Hidde
f96103db79
Replace [ZONE] placeholder with domain_name (#960) 2021-10-30 21:24:16 +02:00
steschuser
bf83662108
allow users to remove domain (#952) 2021-10-30 21:21:45 +02:00
steschuser
1f34dbf810
fix for api key (#950) 2021-10-30 21:19:49 +02:00
Khanh Ngo
b7197948c1 Reslove conflicts
Signed-off-by: Khanh Ngo <khanh.ngo@taxfix.de>
2021-10-30 21:19:01 +02:00
Khanh Ngo
ddf2d4788b Reslove conflicts
Signed-off-by: Khanh Ngo <khanh.ngo@taxfix.de>
2021-10-30 21:15:04 +02:00
steschuser
1ec6b76f89
Remove otp field (#942) 2021-10-30 21:09:04 +02:00
Mark Zealey
4ce1b71c57
Fix when no records returned by API (#923)
For some reason when some programs delete a record we get an entry returned with records: []
2021-10-30 21:07:42 +02:00
steschuser
79457bdc85
Bug domain parse (#936) 2021-10-30 21:06:44 +02:00
Mirko Vogt
282c630eb8 dyndns: Respond with HTTP header 'WWW-Authenticate' to unauthed requests
The common procedure for HTTP Basic Auth is that a client does /not/
immediately send out credentials via an 'Authorization'-header, but to
wait until the server tells the client to do so - which the server
indicates via the 'WWW-Authenticate'-header.

PowerDNS-Admin (and flask in general), though, abort the whole
communication if no Authorization header was found in the initial
request - resulting in '200 "badauth"'.

While this might work for /some/ HTTP clients - which right away add an
Authorization header crafted from provided credentials (via args or
extracted from given URL), this is /not/ standard and /not/ common.

Hence add the 'WWW-Authenticate'-header for every unauthenticated call
checking for dyndns authorisation.

Note, though, this changes the status code from 200 to 401 in this case,
which - given the explanation why 200 was chosen in the first place -
might cause side effects.
2021-10-20 15:12:17 +00:00
RoeiGanor
10dc2b0273 bg_domain button for operators and higher 2021-08-13 20:03:06 +03:00
steschuser
993e02b635
limit user to only create domains for the accounts he belongs to (#970) 2021-08-05 19:42:58 +02:00
steschuser
07c71fb0bf
setting account_user_ids to empty list on GET /account/edit (#966) 2021-08-05 19:41:28 +02:00
steschuser
c4a9498898
respect_bg_domain_updates in routes/api (#962) 2021-08-05 19:39:26 +02:00
Kostas Mparmparousis
6e04d0419b
Provision PDA user privileges based On LDAP Attributes (#980) 2021-08-05 19:37:48 +02:00
Mirko Vogt
9c00e48f0f routes/index.py: Make package 'onelogin.saml2.utils' optional
The onelogin package is not part of all saml packages for whatever
reason (e.g. Debian) and not easily installable from pypi (requires
CC toolchain).

As the onelogin functionality is already guarded by whether
SAML_ENABLED is set in other places (services/saml.py), also do so
in routes/index.py.
2021-07-23 06:56:09 +00:00
Carsten Rosenberg
d6e64dce8e fix some jinja typos 2021-06-04 15:24:49 +02:00
Steffen Schwebel
b069cea8d1 add css to base as well 2021-06-02 09:44:15 +02:00
Steffen Schwebel
fd933f8dbc remove unrelated files and changes as best as possible 2021-06-02 09:41:08 +02:00
Steffen Schwebel
0505b934a1 remove unrelated files and changes as best as possible 2021-06-02 09:39:39 +02:00
Steffen Schwebel
083a023e57 fix include 2021-06-01 16:41:26 +02:00
Steffen Schwebel
054e0e6eba add rule for 'custom_css' setting 2021-06-01 16:24:07 +02:00
Steffen Schwebel
c13dd2d835 add 'custom_css' setting to model; check for 'custom_css' in template; create custom css dir in dockerfile 2021-06-01 16:15:31 +02:00
steschuser
567f66fbde
Merge pull request #4 from uvensys/remove_otp_field
Remove otp field
2021-06-01 15:28:41 +02:00
steschuser
ff5270fbad
Merge pull request #3 from uvensys/add_background_jobs_to_docker
add environment to cron
2021-06-01 15:21:22 +02:00
Steffen Schwebel
92bad7b11c add environment to cron 2021-06-01 14:02:01 +02:00
Steffen Schwebel
43a6e46e66 add setting to hide otp_token field on login page 2021-05-27 22:51:07 +02:00
Steffen Schwebel
ee72fdf9c2 Merge branch 'master' of github.com:uvensys/PowerDNS-Admin into remove_otp_field 2021-05-27 21:56:01 +02:00
steschuser
8f73512d2e
Merge pull request #2 from uvensys/add_background_jobs_to_docker
Add background jobs to docker
2021-05-27 21:33:27 +02:00
Steffen Schwebel
700fa0d9ce add new dockerfile with s6 overlay and multiple proccesses to have background jobs updating accounts and zones 2021-05-27 21:32:00 +02:00
Steffen Schwebel
00dc23f21b added new Dockerfile, to support more than one process running in docker, using s6 overlay 2021-05-27 16:39:51 +02:00
Steffen Schwebel
36fdb3733f Merge remote-tracking branch 'origin/master' into remove_otp_field 2021-05-25 15:30:32 +02:00
steschuser
ce60ca0b9d
Merge pull request #1 from uvensys/bug_domain_parse
Bug domain parse
2021-05-25 12:53:57 +02:00
Steffen Schwebel
b197491a86 remove traceback 2021-05-25 12:44:07 +02:00
Steffen Schwebel
d23a57da50 handle decode error, output warning 2021-05-25 12:35:53 +02:00