Dominic Zöller
51a7f636b0
Use secrets module for generating new API keys and passwords
...
The implementation of `random.choice()` uses the Mersenne Twister, the
output of which is predictable by observing previous output, and is as
such unsuitable for security-sensitive applications. A cryptographically
secure pseudorandom number generator - which the `secrets` module relies
on - should be used instead in those instances.
2021-12-04 16:08:07 +01:00
root
940551e99e
feat: Associate an API Key with accounts ( #1044 )
2021-12-03 14:12:11 +00:00
ManosKoukoularis
1332c8d29d
History Tab Overhaul & Domain Record Modifications Changelog ( #1042 )
...
Co-authored-by: Konstantinos Kouris <85997752+konkourgr@users.noreply.github.com>
Co-authored-by: vmarkop <billy.mark.b.m.10@gmail.com>
Co-authored-by: KostasMparmparousis <mparmparousis.kostas@gmail.com>
Co-authored-by: dimpapac <demispapa@gmail.com>
2021-11-30 11:02:37 +02:00
benshalev849
b3f9b4a2b0
OIDC list accounts ( #994 )
...
Added the function to use lists instead of a single string in account autoprovision.
2021-11-19 17:53:17 +02:00
zoeller-freinet
bfaf5655ae
Clarify salt re-use for API keys ( #1037 )
2021-11-09 22:09:15 +02:00
benshalev849
3081036c2c
Env oauth url ( #1030 )
...
Overriding settings in DB using environment variable in docker
2021-11-05 18:22:38 +02:00
Vitali Quiering
e7d5a3aba0
feat: enable_api_rr_history setting ( #998 )
...
* feat: introduce enable_api_rr_history setting to disable api record
changes
2021-11-05 17:26:38 +02:00
Hidde
f96103db79
Replace [ZONE] placeholder with domain_name ( #960 )
2021-10-30 21:24:16 +02:00
steschuser
bf83662108
allow users to remove domain ( #952 )
2021-10-30 21:21:45 +02:00
Khanh Ngo
ddf2d4788b
Reslove conflicts
...
Signed-off-by: Khanh Ngo <khanh.ngo@taxfix.de>
2021-10-30 21:15:04 +02:00
steschuser
1ec6b76f89
Remove otp field ( #942 )
2021-10-30 21:09:04 +02:00
Mark Zealey
4ce1b71c57
Fix when no records returned by API ( #923 )
...
For some reason when some programs delete a record we get an entry returned with records: []
2021-10-30 21:07:42 +02:00
Kostas Mparmparousis
6e04d0419b
Provision PDA user privileges based On LDAP Attributes ( #980 )
2021-08-05 19:37:48 +02:00
Steffen Schwebel
fd933f8dbc
remove unrelated files and changes as best as possible
2021-06-02 09:41:08 +02:00
Steffen Schwebel
c13dd2d835
add 'custom_css' setting to model; check for 'custom_css' in template; create custom css dir in dockerfile
2021-06-01 16:15:31 +02:00
Steffen Schwebel
43a6e46e66
add setting to hide otp_token field on login page
2021-05-27 22:51:07 +02:00
jyoung15
32983635c6
Delete blank comments. Fix for ngoduykhanh/PowerDNS-Admin#919 ( #920 )
2021-05-07 23:43:44 +02:00
jodygilbert
b66b37ecfd
delete history records when a domain is deleted ( #916 )
...
Co-authored-by: Jody <jody.gilbert@edftrading.com>
2021-05-07 22:55:45 +02:00
jodygilbert
98db953820
Allow user role to view history ( #890 )
2021-03-27 19:33:11 +01:00
jbe-dw
86700f8fd7
upd: improve user api ( #878 )
2021-03-16 19:39:53 +01:00
R. Daneel Olivaw
46993e08c0
Add punycode (IDN) support ( #879 )
2021-03-16 19:37:05 +01:00
jbe-dw
2c18e5c88f
fix: User role was not assigned upon creation ( #860 )
2021-01-07 23:07:20 +01:00
Khanh Ngo
70b1accaa0
Merge pull request #801 from cyso/pr/sync-accounts
...
Implement account update method
2020-10-12 12:48:22 +02:00
Khanh Ngo
7254a94497
Merge pull request #825 from ngoduykhanh/adjustment
...
Add index on history table
2020-10-11 13:11:09 +02:00
Khanh Ngo
3034630bc0
Merge pull request #761 from ngoduykhanh/record_rollback
...
Fix #752 - Rollback the removed record if apply operation failed
2020-10-11 13:01:26 +02:00
Khanh Ngo
d72709e0f4
Add index on history table
2020-10-11 12:49:28 +02:00
Khanh Ngo
76562f8a46
Fix typo
...
Remove space from oidc_oauth_last_name default value
2020-10-10 21:03:34 +02:00
Khanh Ngo
55ad73d92e
Merge pull request #800 from cyso/pr/oidc-account
...
OIDC User and Account management during login
2020-10-10 14:32:14 +02:00
Khanh Ngo
a679073928
Merge pull request #773 from terbolous/azure-oauth
...
Add Account creation/permission handling based on Azure oAuth group membership
2020-10-10 14:20:26 +02:00
Nick Douma
70c2744f29
Log amount of accounts found in PowerDNS
2020-08-06 17:45:05 +02:00
Nick Douma
3c59ba6f84
Account does not have username
2020-08-06 17:44:54 +02:00
Nick Douma
b4d7f66e29
Use Account.delete_account to also handle unlinking of Users
2020-08-06 16:33:00 +02:00
Nick Douma
f9f966df75
Allow for configuration of logout url
2020-08-06 15:29:02 +02:00
Nick Douma
27f5c89f70
Manage Account membership on oidc login
2020-08-06 15:28:54 +02:00
Nick Douma
7ef6f5db4e
Check if plain_text_password is falsish instead of empty string
2020-08-06 15:28:45 +02:00
Nick Douma
0ef57b2f9f
Implement account update method
...
Allow syncing of all known accounts from PowerDNS, in the same
way that Domain().update() does for domains.
2020-08-06 15:22:28 +02:00
Erik Weber
25db119d02
Add Account creation/permission handling based on Azure oAuth group membership
2020-07-03 08:55:31 +02:00
Khanh Ngo
5123d542e4
Fix #752 - Rollback the removed record if apply operation failed
2020-06-19 09:34:33 +07:00
Khanh Ngo
a3fd856dd8
Code refactoring and bug fixes
2020-06-19 08:47:51 +07:00
Khanh Ngo
cfc8567180
Merge pull request #742 from nfantone/feat/remote-user
...
Support authenticating using REMOTE_USER environment variable
2020-05-26 15:36:47 +07:00
Khanh Ngo
125883330e
Merge branch 'pull/679'
2020-05-24 21:19:04 +07:00
Nicolás Fantone
52298f8289
Support login in through REMOTE_USER environment variable
...
Support redirecting remote users to logout URL and clearing remote login cookies
2020-05-22 15:31:24 +01:00
Steve Shipway
3476c8a9ec
SJS Sort rrset members by content before comparison to ensure correct compare. Also default comment to blank entry rather than missing entry, to allow sorting to work correctly.
2020-05-20 16:21:28 +12:00
root
2044ce4737
oidc custom claims
2020-05-04 07:12:48 +00:00
Scott Howard
417338d826
Remove blank comments from rrsets before sending for compatibility with some pdns backends
2020-03-07 02:07:41 -06:00
Enrico Tröger
eabbcedf08
Perform domain sync within a single transaction
...
This increases data inconsistency and also performance of the whole
update process: SqlAlchemy can use its own caching better with a single
transaction as it does not need to mark already fetched objects as dirty
and so re-fetch them again on later use. So after deleting a domain,
we can still use the previously fetched domain objects for the update
operations afterwards. Otherwise SqlAlchemy had to fetch each domain
object again with single SELECT statements which leads to bad
performance with many domains (>> 1000).
The introduced "do_commit" variable controls whether the database
changes are to be committed by the caller or in the called method
itself. So we can use a single transaction for the Domain.update()
method while still preserving the previous behavior for other callers.
Closes #428 .
2020-02-02 15:15:20 +01:00
Khanh Ngo
4cfb6ef81f
Merge branch 'master' of github.com:ngoduykhanh/PowerDNS-Admin
2020-01-29 22:33:32 +07:00
Khanh Ngo
31d19b19ab
Merge remote-tracking branch 'eht16/add_ssl_verify_setting'
2020-01-29 22:33:24 +07:00
Khanh Ngo
faeb8d1f94
Merge pull request #652 from ngoduykhanh/fix_import
...
Fix logging in models
2020-01-29 22:31:56 +07:00
Khanh Ngo
dbb181d575
Merge pull request #647 from eht16/fix_typos
...
Fiy typos in logging messages
2020-01-29 22:21:29 +07:00