powerdns-admin

mirror of https://github.com/cwinfo/powerdns-admin.git synced 2025-07-25 14:56:47 +00:00

Author	SHA1	Message	Date
vmarkop	36cee8cddc	Fixed 'LOCAL' Authenticator Type showing for LDAP auth	2022-02-17 17:34:54 +02:00
Adrien Delle Cave	6982e0107c	Typo in routes/api.py	2022-01-20 12:49:37 +01:00
Adrien Delle Cave	98bd9634a4	[BUG] Fixed delete zone from API	2022-01-19 13:50:12 +01:00
RGanor	328780e2d4	Revert "Merge branch 'master' into master" This reverts commit `ca4c145a18`, reversing changes made to `7808febad8`.	2021-12-25 16:17:54 +02:00
RGanor	ca4c145a18	Merge branch 'master' into master	2021-12-25 16:10:18 +02:00
Vasileios Markopoulos	94a923a965	Add 'otp_force' basic setting (#1051 ) If the 'otp_force' and 'otp_field_enabled' basic settings are both enabled, automatically enable 2FA for the user after login or signup, if needed, by setting a new OTP secret. Redirect the user to a welcome page for scanning the QR code. Also show the secret key in ASCII form on the user profile page for easier copying into other applications.	2021-12-17 11:41:51 +01:00
zoeller-freinet	07f0d215a7	PDNS-API: factor in 'dnssec_admins_only' basic setting (#1055 ) `GET cryptokeys/{cryptokey_id}` returns the private key, which justifies that the setting is honored in this case.	2021-12-06 22:38:16 +01:00
Jérôme BECOT	d2f35a4059	fix: Check user zone create/delete permission Co-authored-by: zoeller-freinet <86965592+zoeller-freinet@users.noreply.github.com>	2021-12-05 14:16:45 +01:00
zoeller-freinet	737e1fb93b	routes/admin.py: DetailedHistory: backward-compatibility See https://github.com/ngoduykhanh/PowerDNS-Admin/pull/1066	2021-12-04 17:38:48 +01:00
zoeller-freinet	f0008ce401	routes/admin.py: refactor DetailedHistory - Run HTML through the template engine, preventing XSS from various vectors - Fix uncaught exception when a history entry about domain template deletion is processed - Adapt indentation to 4 space characters per level	2021-12-04 16:09:53 +01:00
Dominic Zöller	51a7f636b0	Use secrets module for generating new API keys and passwords The implementation of `random.choice()` uses the Mersenne Twister, the output of which is predictable by observing previous output, and is as such unsuitable for security-sensitive applications. A cryptographically secure pseudorandom number generator - which the `secrets` module relies on - should be used instead in those instances.	2021-12-04 16:08:07 +01:00
ManosKoukoularis	9f46188c7e	Quotes fix (#1066 ) * minor fix in history * made key access more generic	2021-12-03 20:14:14 +02:00
root	caa48b7fe5	Merge branch 'quotes-fix' Conflicts: powerdnsadmin/routes/admin.py	2021-12-03 14:17:39 +00:00
root	940551e99e	feat: Associate an API Key with accounts (#1044 )	2021-12-03 14:12:11 +00:00
ManosKoukoularis	1332c8d29d	History Tab Overhaul & Domain Record Modifications Changelog (#1042 ) Co-authored-by: Konstantinos Kouris <85997752+konkourgr@users.noreply.github.com> Co-authored-by: vmarkop <billy.mark.b.m.10@gmail.com> Co-authored-by: KostasMparmparousis <mparmparousis.kostas@gmail.com> Co-authored-by: dimpapac <demispapa@gmail.com>	2021-11-30 11:02:37 +02:00
benshalev849	b3f9b4a2b0	OIDC list accounts (#994 ) Added the function to use lists instead of a single string in account autoprovision.	2021-11-19 17:53:17 +02:00
Daniel Molkentin	c7b4aa3434	fix: actually store OIDC logout URL (#988 )	2021-11-05 17:28:21 +02:00
Vitali Quiering	e7d5a3aba0	feat: enable_api_rr_history setting (#998 ) * feat: introduce enable_api_rr_history setting to disable api record changes	2021-11-05 17:26:38 +02:00
zoeller-freinet	20b866a784	strip() whitespace from new local user master data (#1019 ) When creating a new local user, there is a chance that, due to a copy & paste or typing error, whitespace will be introduced at the start or end of the username. This can lead to issues when trying to log in using the affected username, as such a condition can easily be overlooked - no user will be found in the database if entering the username without the aforementioned whitespace. This commit therefore strip()s the username string within routes/{admin,index}.py. The firstname, lastname and email strings within routes/{admin,index,user}.py are also strip()ped on this occasion.	2021-11-05 17:04:35 +02:00
RGanor	c246775ffe	bg_domain button for operators and higher (#993 )	2021-10-30 21:26:46 +02:00
steschuser	bf83662108	allow users to remove domain (#952 )	2021-10-30 21:21:45 +02:00
Khanh Ngo	ddf2d4788b	Reslove conflicts Signed-off-by: Khanh Ngo <khanh.ngo@taxfix.de>	2021-10-30 21:15:04 +02:00
steschuser	1ec6b76f89	Remove otp field (#942 )	2021-10-30 21:09:04 +02:00
RoeiGanor	10dc2b0273	bg_domain button for operators and higher	2021-08-13 20:03:06 +03:00
steschuser	993e02b635	limit user to only create domains for the accounts he belongs to (#970 )	2021-08-05 19:42:58 +02:00
steschuser	07c71fb0bf	setting account_user_ids to empty list on GET /account/edit (#966 )	2021-08-05 19:41:28 +02:00
steschuser	c4a9498898	respect_bg_domain_updates in routes/api (#962 )	2021-08-05 19:39:26 +02:00
Kostas Mparmparousis	6e04d0419b	Provision PDA user privileges based On LDAP Attributes (#980 )	2021-08-05 19:37:48 +02:00
Mirko Vogt	9c00e48f0f	routes/index.py: Make package 'onelogin.saml2.utils' optional The onelogin package is not part of all saml packages for whatever reason (e.g. Debian) and not easily installable from pypi (requires CC toolchain). As the onelogin functionality is already guarded by whether SAML_ENABLED is set in other places (services/saml.py), also do so in routes/index.py.	2021-07-23 06:56:09 +00:00
Steffen Schwebel	fd933f8dbc	remove unrelated files and changes as best as possible	2021-06-02 09:41:08 +02:00
Steffen Schwebel	054e0e6eba	add rule for 'custom_css' setting	2021-06-01 16:24:07 +02:00
Steffen Schwebel	43a6e46e66	add setting to hide otp_token field on login page	2021-05-27 22:51:07 +02:00
Ian Bobbitt	39cddd3b34	SAML improvements for Docker (#929 ) * Fix typo in managing user account membership with SAML assertion * Support more config options from Docker env. * Improve support for SAML key and cert from Docker secrets Co-authored-by: Ian Bobbitt <ibobbitt@globalnoc.iu.edu>	2021-05-07 23:36:55 +02:00
jodygilbert	98db953820	Allow user role to view history (#890 )	2021-03-27 19:33:11 +01:00
jbe-dw	86700f8fd7	upd: improve user api (#878 )	2021-03-16 19:39:53 +01:00
R. Daneel Olivaw	46993e08c0	Add punycode (IDN) support (#879 )	2021-03-16 19:37:05 +01:00
jodygilbert	4c19f95928	Improve account creation/permission handling based on Azure oAuth group membership (#877 )	2021-01-31 11:31:56 +01:00
jbe-dw	3a4efebf95	enh: display b64 encoded apikey on creation through the API (#870 )	2021-01-24 09:43:51 +01:00
jbe-dw	8f6a800836	fix: account API output^ (#874 )	2021-01-24 09:08:32 +01:00
jbe-dw	3cd98251b3	fix: API (apikeys) behaviour does not match swagger definition (#868 )	2021-01-24 09:06:51 +01:00
jbe-dw	54b257768f	feat: Implement apikeys/<id> endpoint from swagger spec. (#864 )	2021-01-16 20:49:41 +01:00
jbe-dw	718b41e3d1	feat: limit zone list for users on servers endpoint (#862 )	2021-01-16 20:45:02 +01:00
jbe-dw	dd0a5f6326	feat: Allow sync domain with basic auth (#861 )	2021-01-16 20:37:11 +01:00
jbe-dw	c3d438842f	fix: user jsonify to set response headers to json (#863 )	2021-01-16 20:29:40 +01:00
jbe-dw	33e7ffb747	fix: Follow PDNS Api return format (#858 )	2021-01-07 23:26:48 +01:00
jbe-dw	2c18e5c88f	fix: User role was not assigned upon creation (#860 )	2021-01-07 23:07:20 +01:00
WhatshallIbreaktoday	c6e0293177	Tweaks to allow user apikey usage with powerdns terraform provider (#845 )	2020-12-07 22:06:37 +01:00
Khanh Ngo	3034630bc0	Merge pull request #761 from ngoduykhanh/record_rollback Fix #752 - Rollback the removed record if apply operation failed	2020-10-11 13:01:26 +02:00
Khanh Ngo	55ad73d92e	Merge pull request #800 from cyso/pr/oidc-account OIDC User and Account management during login	2020-10-10 14:32:14 +02:00
Khanh Ngo	a679073928	Merge pull request #773 from terbolous/azure-oauth Add Account creation/permission handling based on Azure oAuth group membership	2020-10-10 14:20:26 +02:00

1 2 3 4 5

213 Commits