cwinfo/powerdns-admin
4
0
Fork 0
mirror of https://github.com/cwinfo/powerdns-admin.git synced 2025-06-14 03:57:01 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,037 Commits 1 Branch 6 Tags
c9d97642b34f46ec43362a35d6e7c89eacb97db7
Commit Graph

109 Commits

Author SHA1 Message Date
RGanor
328780e2d4 Revert "Merge branch 'master' into master" 
This reverts commit ca4c145a18, reversing
changes made to 7808febad8.
 2021-12-25 16:17:54 +02:00
RGanor
ca4c145a18 Merge branch 'master' into master 2021-12-25 16:10:18 +02:00
Vasileios Markopoulos
94a923a965 Add 'otp_force' basic setting (#1051) 
If the 'otp_force' and 'otp_field_enabled' basic settings are both enabled, automatically enable 2FA for the user after login or signup, if needed, by setting a new OTP secret. Redirect the user to a welcome page for scanning the QR code.

Also show the secret key in ASCII form on the user profile page for easier copying into other applications.
 2021-12-17 11:41:51 +01:00
zoeller-freinet
07f0d215a7 PDNS-API: factor in 'dnssec_admins_only' basic setting (#1055) 
`GET cryptokeys/{cryptokey_id}` returns the private key, which justifies
that the setting is honored in this case.
 2021-12-06 22:38:16 +01:00
Jérôme BECOT
d2f35a4059 fix: Check user zone create/delete permission 
Co-authored-by: zoeller-freinet <86965592+zoeller-freinet@users.noreply.github.com>
 2021-12-05 14:16:45 +01:00
zoeller-freinet
737e1fb93b routes/admin.py: DetailedHistory: backward-compatibility 
See https://github.com/ngoduykhanh/PowerDNS-Admin/pull/1066
 2021-12-04 17:38:48 +01:00
zoeller-freinet
f0008ce401 routes/admin.py: refactor DetailedHistory 
- Run HTML through the template engine, preventing XSS from various
  vectors
- Fix uncaught exception when a history entry about domain template
  deletion is processed
- Adapt indentation to 4 space characters per level
 2021-12-04 16:09:53 +01:00
Dominic Zöller
51a7f636b0 Use secrets module for generating new API keys and passwords 
The implementation of `random.choice()` uses the Mersenne Twister, the
output of which is predictable by observing previous output, and is as
such unsuitable for security-sensitive applications. A cryptographically
secure pseudorandom number generator - which the `secrets` module relies
on - should be used instead in those instances.
 2021-12-04 16:08:07 +01:00
ManosKoukoularis
9f46188c7e Quotes fix (#1066) 
* minor fix in history
* made key access more generic
 2021-12-03 20:14:14 +02:00
root
caa48b7fe5 Merge branch 'quotes-fix' 
Conflicts:
	powerdnsadmin/routes/admin.py
 2021-12-03 14:17:39 +00:00
root
940551e99e feat: Associate an API Key with accounts (#1044) 2021-12-03 14:12:11 +00:00
ManosKoukoularis
1332c8d29d History Tab Overhaul & Domain Record Modifications Changelog (#1042) 
Co-authored-by: Konstantinos Kouris <85997752+konkourgr@users.noreply.github.com>
Co-authored-by: vmarkop <billy.mark.b.m.10@gmail.com>
Co-authored-by: KostasMparmparousis <mparmparousis.kostas@gmail.com>
Co-authored-by: dimpapac <demispapa@gmail.com>
 2021-11-30 11:02:37 +02:00
benshalev849
b3f9b4a2b0 OIDC list accounts (#994) 
Added the function to use lists instead of a single string in account autoprovision.
 2021-11-19 17:53:17 +02:00
Daniel Molkentin
c7b4aa3434 fix: actually store OIDC logout URL (#988) 2021-11-05 17:28:21 +02:00
Vitali Quiering
e7d5a3aba0 feat: enable_api_rr_history setting (#998) 
* feat: introduce enable_api_rr_history setting to disable api record
changes
 2021-11-05 17:26:38 +02:00
zoeller-freinet
20b866a784 strip() whitespace from new local user master data (#1019) 
When creating a new local user, there is a chance that, due to a copy &
paste or typing error, whitespace will be introduced at the start or end
of the username. This can lead to issues when trying to log in using the
affected username, as such a condition can easily be overlooked - no
user will be found in the database if entering the username without the
aforementioned whitespace. This commit therefore strip()s the username
string within routes/{admin,index}.py.

The firstname, lastname and email strings within
routes/{admin,index,user}.py are also strip()ped on this occasion.
 2021-11-05 17:04:35 +02:00
RGanor
c246775ffe bg_domain button for operators and higher (#993) 2021-10-30 21:26:46 +02:00
steschuser
bf83662108 allow users to remove domain (#952) 2021-10-30 21:21:45 +02:00
Khanh Ngo
ddf2d4788b Reslove conflicts 
Signed-off-by: Khanh Ngo <khanh.ngo@taxfix.de>
 2021-10-30 21:15:04 +02:00
steschuser
1ec6b76f89 Remove otp field (#942) 2021-10-30 21:09:04 +02:00
RoeiGanor
10dc2b0273 bg_domain button for operators and higher 2021-08-13 20:03:06 +03:00
steschuser
993e02b635 limit user to only create domains for the accounts he belongs to (#970) 2021-08-05 19:42:58 +02:00
steschuser
07c71fb0bf setting account_user_ids to empty list on GET /account/edit (#966) 2021-08-05 19:41:28 +02:00
steschuser
c4a9498898 respect_bg_domain_updates in routes/api (#962) 2021-08-05 19:39:26 +02:00
Kostas Mparmparousis
6e04d0419b Provision PDA user privileges based On LDAP Attributes (#980) 2021-08-05 19:37:48 +02:00
Steffen Schwebel
fd933f8dbc remove unrelated files and changes as best as possible 2021-06-02 09:41:08 +02:00
Steffen Schwebel
054e0e6eba add rule for 'custom_css' setting 2021-06-01 16:24:07 +02:00
Steffen Schwebel
43a6e46e66 add setting to hide otp_token field on login page 2021-05-27 22:51:07 +02:00
Ian Bobbitt
39cddd3b34 SAML improvements for Docker (#929) 
* Fix typo in managing user account membership with SAML assertion

* Support more config options from Docker env.

* Improve support for SAML key and cert from Docker secrets

Co-authored-by: Ian Bobbitt <ibobbitt@globalnoc.iu.edu>
 2021-05-07 23:36:55 +02:00
jodygilbert
98db953820 Allow user role to view history (#890) 2021-03-27 19:33:11 +01:00
jbe-dw
86700f8fd7 upd: improve user api (#878) 2021-03-16 19:39:53 +01:00
R. Daneel Olivaw
46993e08c0 Add punycode (IDN) support (#879) 2021-03-16 19:37:05 +01:00
jodygilbert
4c19f95928 Improve account creation/permission handling based on Azure oAuth group membership (#877) 2021-01-31 11:31:56 +01:00
jbe-dw
3a4efebf95 enh: display b64 encoded apikey on creation through the API (#870) 2021-01-24 09:43:51 +01:00
jbe-dw
8f6a800836 fix: account API output^ (#874) 2021-01-24 09:08:32 +01:00
jbe-dw
3cd98251b3 fix: API (apikeys) behaviour does not match swagger definition (#868) 2021-01-24 09:06:51 +01:00
jbe-dw
54b257768f feat: Implement apikeys/<id> endpoint from swagger spec. (#864) 2021-01-16 20:49:41 +01:00
jbe-dw
718b41e3d1 feat: limit zone list for users on servers endpoint (#862) 2021-01-16 20:45:02 +01:00
jbe-dw
dd0a5f6326 feat: Allow sync domain with basic auth (#861) 2021-01-16 20:37:11 +01:00
jbe-dw
c3d438842f fix: user jsonify to set response headers to json (#863) 2021-01-16 20:29:40 +01:00
jbe-dw
33e7ffb747 fix: Follow PDNS Api return format (#858) 2021-01-07 23:26:48 +01:00
jbe-dw
2c18e5c88f fix: User role was not assigned upon creation (#860) 2021-01-07 23:07:20 +01:00
WhatshallIbreaktoday
c6e0293177 Tweaks to allow user apikey usage with powerdns terraform provider (#845) 2020-12-07 22:06:37 +01:00
Khanh Ngo
3034630bc0 Merge pull request #761 from ngoduykhanh/record_rollback 
Fix #752 - Rollback the removed record if apply operation failed
 2020-10-11 13:01:26 +02:00
Khanh Ngo
55ad73d92e Merge pull request #800 from cyso/pr/oidc-account 
OIDC User and Account management during login
 2020-10-10 14:32:14 +02:00
Khanh Ngo
a679073928 Merge pull request #773 from terbolous/azure-oauth 
Add Account creation/permission handling based on Azure oAuth group membership
 2020-10-10 14:20:26 +02:00
Khanh Ngo
b5fc9045f2 Merge pull request #766 from frei-style/sort_accounts 
Sort accounts by name on 'New Domain' and domain 'Admin'
 2020-10-10 14:18:02 +02:00
Khanh Ngo
b8ffb1dae9 Merge pull request #804 from RoeiGanor/api_key 
Add API Key to the UI
 2020-10-10 14:11:09 +02:00
Tom Hetmer
cf62658e19 do not fail with wildcard PTRs 2020-09-10 01:18:07 +07:00
root
74b89b1b7e Add API Key to the UI 2020-08-08 13:41:18 +00:00