Jeroen Boonstra
734a6d5b32
Enable bg updates
2018-06-08 11:46:17 +02:00
Khanh Ngo
ecdb9b9328
Merge pull request #275 from tmuncks/dont-revoke-your-own-rights
...
Fix user deletion
2018-06-08 09:16:49 +07:00
Thomas M Steenholdt
90f08ee92e
Fix user deletion
...
An improper check causes problems when trying to delete a user. This fixes that error.
(cherry picked from commit 3c838cc0e4a2d4904d0fc919fb88c58ebd4fe4bd)
2018-06-07 15:34:28 -02:00
Khanh Ngo
2958ae663c
Validate user role and DNSSEC_ADMINS_ONLY config on DNSSEC related routes
2018-06-07 09:28:14 +07:00
Khanh Ngo
6f54b1a9de
Merge remote-tracking branch 'tmuncks/dnssec-admin-only'
2018-06-07 08:53:01 +07:00
Khanh Ngo
70b3060f5d
Merge pull request #271 from sinzee/patch-1
...
Update models.py
2018-06-07 08:50:48 +07:00
Khanh Ngo
2c5a98aca4
Merge pull request #273 from tmuncks/dont-revoke-your-own-rights
...
Restrict certain admin changes on the current user
2018-06-07 08:48:44 +07:00
Thomas M Steenholdt
2b3b67a3af
Fix foreign key constraint error on MySQL
...
(cherry picked from commit 2a9108f90482a6be86d0b8af4dfcc30f6651ff28)
2018-06-06 13:57:36 -02:00
Thomas M Steenholdt
5d40c42bbf
Fix OTP validation
...
The result from the form is never an int but rather a string of digits, so that's what we should be checking for.
This fixes OTP validation
(cherry picked from commit 5fe3c8b9f92665db54d74dc6b2334666c318bf0c)
2018-06-06 09:19:30 -02:00
Thomas M Steenholdt
ccec6c37b4
Restrict certain admin changes on the current user
...
Disable the admin toggle and delete operations from the current user, to avoid accidents.
(cherry picked from commit b0f5ac6df5d31f612dc833a88cfca8936c4137d7)
2018-06-06 09:15:25 -02:00
Thomas M Steenholdt
10f47039ec
Add config option to allow DNSSEC changes only for admins
...
DNSSEC requires changes to the parent domain, which in many cases requires special access to a registry or the like.
For that reason, especially the option to disable DNSSEC can be dangerous - if DNSSEC is disabled in PowerDNS but not in the registry, the domain stops working.
For this reason, adding an option to disable DNSSEC changes for non-admins seems reasonable.
(cherry picked from commit 5cdfc0263b07f4658d51cf7c038fea9a8911152a)
2018-06-06 08:53:44 -02:00
Thomas M Steenholdt
a4af4ad4b3
Implement per account domain access
...
Added the possibility for assigning users to an account, providing access to all domains associated with that account automatically.
This makes management easier, especially in installations with lots of domains and lots of managing entities.
The old style per-domain permissions are still there and working as usual. The two methods work perfectly side-by-side and are analogous to "user" (per-domain) and "group" (account) permissions as we know them from Active Directory and such places.
(cherry picked from commit 34fbc634d2848a7f76dc89a03dd8c0604068cc17)
2018-06-05 16:42:44 -02:00
Thomas M Steenholdt
a3a58f16a5
Initial support for Accounts
...
This adds initial support for accounts a concept meant to signify a customer, a department or any other entity that somehow owns or manages one or more domains.
The purpose is to be able to assign an account to any number of domains, making it easy to track who owns or manages a domain, significantly improving manageability in setups with a large number of domains.
An account consists of a mandatory, unique `name` and optional `description`, `contact` name and `mail` address. The account `name` is stripped of spaces and symbols, and lower cased before getting stored in the database and in PowerDNS, to help ensure some type of predictability and uniqueness in the database.
The term *account* is actually taken from the PowerDNS database, where the `domains.account` column is used to store the account relationship, in in the form of the account `name`.
The link to a domain in PowerDNS-Admin is done through the `domain.account_id` FOREIGN KEY, that is linked to the `account.id` PRIMARY KEY.
(cherry picked from commits 4e95f33dfb0676d1c401a033c28bca3be7d6ec26, da0d596bd019a339549e2c59630a8fdee65d0e22, 7f06e6aaf4fd8011c784f24b7bbbba5f52aef319, 1c624dad8749024033d1d15dd6242ca52b39f135)
2018-06-04 13:10:02 -02:00
sinzee
4daef97666
Update models.py
...
Fix update_from_master
2018-05-28 00:28:40 +09:00
Thomas M Steenholdt
a7e91b6f40
Fix SOA-EDIT-API options
...
The options for SOA-EDIT-API included was actually the options used for SOA-EDIT, which is a very different beast.
Those options have been swapped out for the options allowed in SOA-EDIT-API and SOA-EDIT-DNSUPDATE.
2018-05-24 16:12:12 -02:00
Khanh Ngo
4daf6f72a7
Merge pull request #256 from rene-dekkers/nonint_error
...
Fail when non-numeric otp token was inserted
2018-05-18 10:43:26 +07:00
René Dekkers
08335cdedc
Fail when non-numeric otp token was inserted
2018-05-07 15:32:15 +02:00
Ian Bobbitt
73d5215d3a
Improve SAML support
...
Accept IdP EntityID to use when metadata contains more than one IdP.
Allow specifying attribute names to get given name, surname, and email address.
Allow specifying NameIDFormat to request.
Allow specifying whether to get username from a named attribute, or NameID.
Allow getting administrator state from attribute.
2018-05-02 22:56:22 +00:00
Khanh Ngo
77f0deade8
Fix #247
2018-04-18 13:29:29 +07:00
Khanh Ngo
3d8d94f280
Validate registration process. Change copyright year.
2018-04-18 13:16:02 +07:00
Khanh Ngo
bd45c4ef87
Adjustment to have History sorts by oldest first. Fix #245
2018-04-18 12:11:00 +07:00
chinkung
be7e012faf
Display history date/time using local timezone
2018-04-17 13:30:08 +07:00
chinkung
34d8e7392c
Display history date/time using local timezone
2018-04-17 13:28:54 +07:00
chinkung
d466a5dd3e
Load moment.js in base.html
2018-04-17 13:26:18 +07:00
Khanh Ngo
01a5528c4a
Merge remote-tracking branch 'mind04/template-relative'
2018-04-13 09:25:23 +07:00
Kees Monshouwer
df9e392e26
domain stripping was not limited to the end of a name
2018-04-12 12:01:59 +02:00
Khanh Ngo
8b7653ad4a
Change data column data type of DomainTemplateRecord to TEXT
2018-04-12 11:44:56 +07:00
Khanh Ngo
52b6966c83
Check zone serial before allowing user to submit their change. #183
2018-04-12 11:18:44 +07:00
Kees Monshouwer
a12af5345d
fix clear history
2018-04-12 02:11:34 +02:00
Kees Monshouwer
fc737cf61f
strip domain part from names while cloning a zone to a template
2018-04-11 18:14:42 +02:00
Khanh Ngo
84d4bfaed0
Mark LDAP authentication as external_auth. Fix OTP secret update. #237
2018-04-10 08:59:28 +07:00
Khanh Ngo
fdf849744b
Fix #238
2018-04-10 07:08:22 +07:00
Khanh Ngo
060e0917bc
Fix #236
2018-04-09 18:50:55 +07:00
Khanh Ngo
5354d27f88
Fix #234
2018-04-08 09:09:08 +07:00
Khanh Ngo
fc4e9dc9a0
#233 . Make sure password hash is string before inserting to the db
2018-04-06 18:05:38 +07:00
Khanh Ngo
0826702537
Update config template
2018-04-06 13:22:09 +07:00
Khanh Ngo
ca1290d1ac
Change license information
2018-04-02 14:01:35 +07:00
Khanh Ngo
17a892b18d
Resolve the conflicts for #228
2018-04-02 13:38:53 +07:00
Khanh Ngo
3efafecb30
Fix #194
2018-04-01 15:51:56 +07:00
Khanh Ngo
6fa8ae37f0
Fix #180 . Adjustment in table style.
2018-04-01 15:48:08 +07:00
Khanh Ngo
bfb54e8bda
Add LDAP_ENABLE in config file
2018-04-01 15:08:55 +07:00
Khanh Ngo
b7aefc57b2
Fix 169: enabling/disabling Two Factor Authentication doesn't work
2018-04-01 14:49:40 +07:00
Khanh Ngo
f172a64ddd
Remove DNSSEC modal. Adjustment in domain table css
2018-04-01 14:45:13 +07:00
Khanh Ngo
5df7fe445f
Emphasis on zone name
2018-04-01 14:32:20 +07:00
Khanh Ngo
1c54f008f4
Change string to new format
2018-04-01 07:57:41 +07:00
Khanh Ngo
65da9a7a4f
Adjustment in LDAP feature to work with python 3
2018-04-01 07:23:53 +07:00
Khanh Ngo
41d691e2db
Merge remote-tracking branch 'maysara/master' into development
2018-04-01 07:01:00 +07:00
Khanh Ngo
cecc0ac9df
Merge branch 'hotfix-ldap' into development
2018-03-31 08:26:50 +07:00
Khanh Ngo
29d1cf4117
Adjustment in domain template feature to work with python3
2018-03-31 08:21:02 +07:00
Khanh Ngo
aa2b29dac3
Adjustment to give user access to granted domain only
2018-03-31 07:32:46 +07:00
Khanh Ngo
ce6c3c21f1
Show user email address in user management table
2018-03-31 06:53:57 +07:00
Khanh Ngo
51cdba8228
User path: instead of string: in routes
2018-03-31 06:52:14 +07:00
Khanh Ngo
c668c21fc9
Adjustment to prevent exception in Google/Github authentication when local user cannot be created
2018-03-30 17:43:34 +07:00
Khanh Ngo
358510b4e5
Merge remote-tracking branch 'softcat/SRV' into development
2018-03-30 16:45:36 +07:00
Khanh Ngo
7a9474c3f3
Fix cancel button in domain adding page
2018-03-30 16:40:53 +07:00
Khanh Ngo
896abdbdbc
Merge remote-tracking branch 'dkeightley/ns-record-support' into development
2018-03-30 15:49:35 +07:00
Khanh Ngo
63e7d89df1
Adjustment to be able to show ALL domain in dashboard table
2018-03-30 15:40:43 +07:00
Khanh Ngo
f318c437c1
Merge remote-tracking branch 'hackedd/feature/server-side-domain-list' into development
2018-03-30 15:34:07 +07:00
Khanh Ngo
7419a5990c
Merge remote-tracking branch 'toxicvengeance/master' into development
2018-03-30 14:23:40 +07:00
Khanh Ngo
5bd5dd8d18
Merge pull request #177 from Znuff/patch-1
...
Fix for #176
2018-03-30 14:11:15 +07:00
Khanh Ngo
b5b3b77acb
Adjustment to work with Python3
2018-03-30 13:49:35 +07:00
thomasDOTde
f5a0052a06
fixed template for #28
2018-03-28 14:19:48 +02:00
thomasDOTde
88c6d6ee33
missed to change one import for issue #19
2018-03-28 11:43:54 +02:00
thomasDOTde
f014798374
fixed ngoduykhanh/PowerDNS-Admin issue 194
2018-03-28 02:06:09 +02:00
thomasDOTde
c30cffd91c
fixed build issues. refactored PEP8
2018-03-28 01:52:48 +02:00
thomasDOTde
5ed8a33c7e
added feature requested in issue #28
2018-03-28 01:41:33 +02:00
thomasDOTde
c1d33a8354
fix issue #19
2018-03-28 00:03:51 +02:00
Jeroen Boonstra
dcfa98ac59
Add disable button
2018-03-05 15:26:45 +01:00
Jeroen Boonstra
c8d9f4bf22
changes response
2018-03-05 15:11:42 +01:00
Jeroen Boonstra
5ea70023ff
remove dnssec keys
2018-03-05 15:06:40 +01:00
Jeroen Boonstra
197f555dfc
Add disable dnssec function
2018-03-05 14:59:32 +01:00
Jeroen Boonstra
8c6a9346c0
Add domain to request
2018-03-05 14:50:33 +01:00
Jeroen Boonstra
747de090f9
enable dnssec ui functions
2018-03-05 11:18:29 +01:00
Jeroen Boonstra
a829509324
enable dnssec endpoint added
2018-03-01 08:27:10 +01:00
Jeroen Boonstra
38be504d17
enable_dns_sec function added
2018-03-01 08:26:29 +01:00
Jeroen Boonstra
1b93803d6e
Add enable dnssec button
2018-02-28 14:47:10 +01:00
Jeroen Boonstra
d5d0948ab8
Export PDNS version to frontend
2018-02-28 13:39:05 +01:00
unknown
b832fc1768
Reverse zone PTR type entries not shown bug fix. Added NS, LOC and TXT types in reverse zones. Added LOC type in forward zone.
2018-02-16 21:02:16 +02:00
thomasDOTde
534b9739c2
Merge branch 'hotfix-ldap' of https://github.com/verdel/PowerDNS-Admin into ldapfix-verdel
2018-02-10 13:01:04 +01:00
Vadim Aleksandrov
0436d69ea6
Adding the ability to use 'LDAP_USERNAMEFIELD' and 'LDAP_FILTER' in case of use with Active Directory for authorization
2018-02-09 15:41:19 +03:00
Vadim Aleksandrov
b0caf0ca48
Fix issue with inserting into the database fields 'firstname' and 'lastname' containing non-ascii characters that can be retrieved from LDAP
2018-02-09 15:37:28 +03:00
Vadim Aleksandrov
6f4cc42805
Fix issue with LDAP search filter. It is necessary to bracket the expression with additional filter conditions
2018-02-09 15:32:50 +03:00
Vadim Aleksandrov
cff534890f
Deny to delete 'SOA' record
2018-02-07 22:47:52 +03:00
Vadim Aleksandrov
0355fe4293
Join "Edit" and "Delete" button into th on templates page
2018-02-07 22:44:59 +03:00
Vadim Aleksandrov
12cfc4dbc1
Added the ability to create a template based on the zone records
2018-02-07 22:44:46 +03:00
Vadim Aleksandrov
52a5789c85
Add first working draft of domain templating functionality
2018-02-07 22:30:29 +03:00
thomasDOTde
92d7ca3870
added application certificate handling for signed SAML messages
2018-01-20 17:17:02 +01:00
thomasDOTde
050b822636
cleaup after merged pr
2017-12-05 12:59:08 +01:00
NomenNescio
d5b2dedd7f
small fixes for return url after saml logout
2017-12-05 12:28:54 +01:00
thomasDOTde
85c07210db
fixed name-id formating and name-id
2017-12-05 03:48:18 +01:00
thomasDOTde
e535ce0822
fixed session check
2017-12-05 00:23:10 +01:00
thomasDOTde
60086d5d15
added standard SAML logout method using metadata
2017-12-05 00:14:31 +01:00
thomasDOTde
049a8a4547
optimized domain permission check for normal users
2017-12-04 22:18:28 +01:00
NomenNescio
47cf1aff4a
added configurable logout redirect URL
2017-12-04 14:43:58 +01:00
NomenNescio
620b0b55e8
replaced non-existent method with code that checks whether user has rights on the domain at hand
2017-12-04 14:00:30 +01:00
Radnik
9855bc70dc
Fixed iCheck for multiple pages
2017-11-27 11:02:21 +01:00
thomasDOTde
971d6b2e28
fixed issue when not using LDAP
2017-11-10 12:28:42 +01:00
thomasDOTde
d65efe477a
ensure authentication isn't possible without password
2017-11-06 23:36:11 +01:00
thomasDOTde
5a1a4b0161
Merge remote-tracking branch 'origin/master'
2017-11-03 12:24:54 +01:00
thomasDOTde
54e61bf072
added custom error page for SAML authentication errors
2017-11-03 12:24:25 +01:00