Commit Graph

428 Commits

Author SHA1 Message Date
jbe-dw
259bd0a906
Merge pull request #1200 from corubba/feature/modal-consolidation
enh: Consolidate generic modal code
2022-05-23 22:50:48 +02:00
jbe-dw
06c12cc3ac
Merge pull request #1172 from RGanor/master
Added health check
2022-05-23 20:18:17 +02:00
RGanor
1bee833326 Updated the unknown state 2022-05-23 16:46:11 +00:00
jbe-dw
e81453c5e3
Merge pull request #1188 from corubba/bugfix/pyOpenSSL
Small bugfixes
2022-05-23 13:59:18 +02:00
Josh Matthews
715c6b76cd added code to raise user to operator on SAML auth if in the right group 2022-05-23 14:38:16 +10:00
pixelrebel
e4c8c3892f Use HTTP_X_FORWARDED_PROTO header from reverse proxy to rewrite https:// for SAML request URLs 2022-05-19 19:00:38 -07:00
pixelrebel
9221d58a1b Allow SAML AttributeStatements to be optional 2022-05-19 14:52:51 -07:00
corubba
0dfcdb6c3e Fix rrest typo in history detail
There is a misspelling of rrset throughout the history logic, which also
effects the json payload in the database. Code-wise this is a simple
search-and-replace, and the migration will fix the payloads.
2022-05-19 00:53:35 +02:00
corubba
70450315ba Add general modal functions
The two generic modals are defined in the base template, and are used
in various templates. So provide functions and remove duplicate code.
2022-05-19 00:53:20 +02:00
RGanor
3d2ad1abc0 LGTM fix - unused variable 2022-05-15 13:57:13 +00:00
Cloud User
b3271e84d6 Using domain model and added authentication 2022-05-15 12:19:04 +00:00
jbe-dw
6579c9e830
Merge pull request #1182 from jbe-dw/revertCorruptedHistoryFix
fix: Insert valid JSON in history.detail and replace single quotes in the database
2022-05-12 21:30:20 +02:00
corubba
564ec6086d Replace pyOpenSSL with cryptography
This is literally the example from the docs [0]. The only thing I
adapted are the parameters for the keys and certificate, so they
stay the same.

Fixes #1086

[0] https://cryptography.io/en/latest/x509/tutorial/#creating-a-self-signed-certificate
2022-05-07 21:32:19 +02:00
corubba
fec649b747 Header for fixed order column
Semantically and syntactically it is better to have the same number of
`<th>` as `<td>`. Not that anyone will ever see that new header, since
that column is always invisible (except if the user disables javascript).

Plus remove a unmatched closing html element.
2022-05-07 21:14:57 +02:00
corubba
0e2cd063c5 Remove python v2 remnant
As vermin [0] confirms, the codebase has long moved beyond supporting
python v2 (which is not a bad thing). This removes the last explicit py2
piece of code.

And in case anyone wonders, vermin currently reports the minium version
to be v3.6.

[0] https://pypi.org/project/vermin/
2022-05-07 21:14:48 +02:00
jbe-dw
fa9bdcfde0
Merge pull request #1134 from jbe-dw/fixAPIDeleteAccount
Fix API Account deletion
2022-05-06 23:35:24 +02:00
Jérôme BECOT
64f7968af9
fix: Use json.dumps instead of str 2022-05-06 17:04:39 +02:00
jbe-dw
82f03a4de2
Merge pull request #1160 from AdvanticGmbH/json_load_error
Json load error
2022-04-26 17:54:08 +02:00
AdvanticGmbH
26c60f175d Remove unnecessary call to str()
* json.dumps() already returns a str
2022-04-26 09:11:05 +02:00
jbe-dw
fc56a168c8
Merge pull request #1174 from gunet/ping-no-login-required
Login requirement removal for /ping endpoint
2022-04-25 16:22:21 +02:00
ManosKoukoularis
5040cf5282
Merge pull request #1159 from AdvanticGmbH/html_entity_domain_fix
Decode domain record data and comment from HTML entity to text
2022-04-25 12:49:10 +03:00
AdvanticGmbH
44c9aff5db Use json.dumps for every detail in history
This works much better instead of just writing a str to the db and
expect it to be loaded just fine from json.loads
2022-04-25 10:43:46 +02:00
AdvanticGmbH
3df36adbf4 Add more detailed info to the history when a msg and status exists 2022-04-25 10:43:40 +02:00
AdvanticGmbH
191e919626 Allow IDNA in SOA
* Previously having characters like "ü" in the SOA wouldnt allow to push
updates to the domain
* Also use the new method to_idna to support characters like "ß"
2022-04-25 10:19:40 +02:00
AdvanticGmbH
40deb3c145 Create method to encode and decode idna
Previously strings with characters like "ß" would throw and exception
This seems to happen because the lib behind encode().decode('idna')
cant handle characters like this
2022-04-25 10:05:46 +02:00
KostasMparmparousis
4d6c6224b4 Login requirement removal for /ping endpoint 2022-04-20 13:31:23 +03:00
RGanor
4958423cc7
Update api.py 2022-04-18 22:11:31 +03:00
root
f41696c310 WIP - Added health check 2022-04-18 09:01:22 +00:00
Vasileios Markopoulos
e891333971
Merge pull request #1166 from LordVeovis/fix/saml
Fix broken SAML login from 9c00e48f
2022-04-13 10:16:58 +03:00
Vasileios Markopoulos
c9c82d4244
Merge pull request #1118 from cropalato/master
Fixing AD login if there is a infinity loop in memberOf groups.
2022-04-13 10:15:54 +03:00
Veovis
bd92c5946c
Fix broken SAML login from 9c00e48f 2022-04-12 17:14:54 +02:00
Ricardo Melo
ee0511ff4c
[Fix] AD recursive problem
- Fixing #1011[https://github.com/PowerDNS-Admin/PowerDNS-Admin/issues/1011]
2022-04-11 08:49:38 -04:00
Vasileios Markopoulos
098224eed1
Merge pull request #1123 from gunet/log-dnssec-enabling
Log DNSSEC status change for a domain
2022-04-11 15:21:59 +03:00
ManosKoukoularis
9e90dde144
Merge pull request #1158 from AdvanticGmbH/domain_xss
Render domain data table fields only as text
2022-04-11 13:05:43 +03:00
vmarkop
9c62208c2e Updated repository URL 2022-04-11 12:21:34 +03:00
jbe-dw
8cf2985335
Merge pull request #979 from mirko/make-onelogin-pkg-optional
routes/index.py: Make package 'onelogin.saml2.utils' optional
2022-04-07 13:37:00 +02:00
jbe-dw
33f1c6ad61
Merge pull request #1027 from mirko/add-WWW-Authenticate-header-for-dyndns
dyndns: Respond with HTTP header 'WWW-Authenticate' to unauthed requests
2022-04-07 13:31:03 +02:00
AdvanticGmbH
b534eadf19 Decode domain record data and comment from HTML entity to text 2022-04-04 14:43:02 +02:00
AdvanticGmbH
e596de37f4 Render Name, Type, Status, TTL, Data and Edit as text 2022-04-04 14:16:40 +02:00
AdvanticGmbH
930932d131 Render domain data table fields only as text 2022-04-04 14:06:31 +02:00
jbe-dw
13ff4df9f9
Merge pull request #1122 from gunet/auth_type_log_fix
Fixed LDAP Authenticator Type logging
2022-04-03 14:59:48 +02:00
jbe-dw
c6de972ed8
Merge pull request #1101 from decryptus/master
[BUG] Fixed delete zone from API
2022-04-03 00:29:47 +02:00
Jérôme BECOT
17b4269e1b
fix: Set Content-Type on backend API calls 2022-03-30 23:39:00 +02:00
ManosKoukoularis
fcb8287f14
Update login.html 2022-02-25 12:59:23 +02:00
Jérôme BECOT
84a183d913
fix: Disassociate domains from account before deletion 2022-02-24 11:24:19 +01:00
Jérôme BECOT
6ba1254759
feat: Make domain update optional in assoc_account 2022-02-24 11:24:12 +01:00
kkmanos
10603fbb36 fixed csrf expiration for login page 2022-02-17 18:10:06 +02:00
kkmanos
e21f53085d added DNSSEC enabling/disabling to history logs 2022-02-17 17:40:48 +02:00
vmarkop
36cee8cddc Fixed 'LOCAL' Authenticator Type showing for LDAP auth 2022-02-17 17:34:54 +02:00
kkmanos
b9cf7245a5 fixed csrf expiration for login page 2022-02-17 17:02:11 +02:00
Adrien Delle Cave
6982e0107c Typo in routes/api.py 2022-01-20 12:49:37 +01:00
Adrien Delle Cave
98bd9634a4 [BUG] Fixed delete zone from API 2022-01-19 13:50:12 +01:00
zoeller-freinet
0b2ad520b7 History table: relocate HTML for modal window (#1090)
- Store HTML for modal window inside an invisible <div> element instead
  of inside the <button> element's value attribute
- Mark history.detailed_msg as safe as it is already manually run
  through the template engine beforehand and would be broken if escaped
  a second time
2022-01-01 21:20:01 +01:00
Christian
302e793665
Add button for admin page in single Domain view (#1076)
* Added button for admin page in domain overview
2021-12-31 00:55:59 +01:00
RGanor
328780e2d4 Revert "Merge branch 'master' into master"
This reverts commit ca4c145a18, reversing
changes made to 7808febad8.
2021-12-25 16:17:54 +02:00
RGanor
ca4c145a18
Merge branch 'master' into master 2021-12-25 16:10:18 +02:00
zoeller-freinet
7808febad8 login.html: don't suggest previous OTP tokens
This change has been tested to work with:
- Chromium 96.0.4664.93
- Firefox 95.0
- Edge 96.0.1054.57
2021-12-17 12:48:11 +01:00
Vasileios Markopoulos
94a923a965
Add 'otp_force' basic setting (#1051)
If the 'otp_force' and 'otp_field_enabled' basic settings are both enabled, automatically enable 2FA for the user after login or signup, if needed, by setting a new OTP secret. Redirect the user to a welcome page for scanning the QR code.

Also show the secret key in ASCII form on the user profile page for easier copying into other applications.
2021-12-17 11:41:51 +01:00
Kateřina Churanová
eb70f6a066
fix: making the key name in the config database unique 2021-12-12 20:32:14 +01:00
Jérôme BECOT
0da9b2185e fix: Error in the swagger AccountSummary definition 2021-12-08 23:11:13 +01:00
zoeller-freinet
07f0d215a7 PDNS-API: factor in 'dnssec_admins_only' basic setting (#1055)
`GET cryptokeys/{cryptokey_id}` returns the private key, which justifies
that the setting is honored in this case.
2021-12-06 22:38:16 +01:00
Jérôme BECOT
d2f35a4059 fix: Check user zone create/delete permission
Co-authored-by: zoeller-freinet <86965592+zoeller-freinet@users.noreply.github.com>
2021-12-05 14:16:45 +01:00
zoeller-freinet
737e1fb93b routes/admin.py: DetailedHistory: backward-compatibility
See https://github.com/ngoduykhanh/PowerDNS-Admin/pull/1066
2021-12-04 17:38:48 +01:00
zoeller-freinet
f0008ce401 routes/admin.py: refactor DetailedHistory
- Run HTML through the template engine, preventing XSS from various
  vectors
- Fix uncaught exception when a history entry about domain template
  deletion is processed
- Adapt indentation to 4 space characters per level
2021-12-04 16:09:53 +01:00
Dominic Zöller
6f12b783a8 models.user: get_accounts(): order by name
The order of account names returned by User.get_accounts() affects the
order account names are displyed in on /domain/add if the current user
neither has the Administrator role nor the Operator role and the
`allow_user_create_domain` setting is enabled at the same time.

If the current user does have the Administrator or Operator role,
routes.domain.add() already returns accounts ordered by name, so this
change makes it consistent.
2021-12-04 16:09:15 +01:00
Dominic Zöller
51a7f636b0 Use secrets module for generating new API keys and passwords
The implementation of `random.choice()` uses the Mersenne Twister, the
output of which is predictable by observing previous output, and is as
such unsuitable for security-sensitive applications. A cryptographically
secure pseudorandom number generator - which the `secrets` module relies
on - should be used instead in those instances.
2021-12-04 16:08:07 +01:00
ManosKoukoularis
9f46188c7e
Quotes fix (#1066)
* minor fix in history
* made key access more generic
2021-12-03 20:14:14 +02:00
root
caa48b7fe5 Merge branch 'quotes-fix'
Conflicts:
	powerdnsadmin/routes/admin.py
2021-12-03 14:17:39 +00:00
root
940551e99e feat: Associate an API Key with accounts (#1044) 2021-12-03 14:12:11 +00:00
ManosKoukoularis
6c1dfd2408
Datepicker replace (#1059)
* replaced jquery-ui-datepicker with bootstrap-datepicker

* removed obsolete static files
2021-12-02 11:59:36 +01:00
Dominic Zöller
701a442d12 default config: add exemplary URL encoding step for SQLA DB URL params
SQLAlchemy database URLs follow RFC-1738, so parameters like username
and password need to be encoded accordingly.

https://docs.sqlalchemy.org/en/13/core/engines.html#database-urls
2021-11-30 22:29:00 +01:00
ManosKoukoularis
1332c8d29d
History Tab Overhaul & Domain Record Modifications Changelog (#1042)
Co-authored-by: Konstantinos Kouris <85997752+konkourgr@users.noreply.github.com>
Co-authored-by: vmarkop <billy.mark.b.m.10@gmail.com>
Co-authored-by: KostasMparmparousis <mparmparousis.kostas@gmail.com>
Co-authored-by: dimpapac <demispapa@gmail.com>
2021-11-30 11:02:37 +02:00
benshalev849
b3f9b4a2b0
OIDC list accounts (#994)
Added the function to use lists instead of a single string in account autoprovision.
2021-11-19 17:53:17 +02:00
zoeller-freinet
bfaf5655ae
Clarify salt re-use for API keys (#1037) 2021-11-09 22:09:15 +02:00
benshalev849
3081036c2c
Env oauth url (#1030)
Overriding settings in DB using environment variable in docker
2021-11-05 18:22:38 +02:00
Daniel Molkentin
c7b4aa3434
fix: actually store OIDC logout URL (#988) 2021-11-05 17:28:21 +02:00
Vitali Quiering
e7d5a3aba0
feat: enable_api_rr_history setting (#998)
* feat: introduce enable_api_rr_history setting to disable api record
changes
2021-11-05 17:26:38 +02:00
zoeller-freinet
20b866a784
strip() whitespace from new local user master data (#1019)
When creating a new local user, there is a chance that, due to a copy &
paste or typing error, whitespace will be introduced at the start or end
of the username. This can lead to issues when trying to log in using the
affected username, as such a condition can easily be overlooked - no
user will be found in the database if entering the username without the
aforementioned whitespace. This commit therefore strip()s the username
string within routes/{admin,index}.py.

The firstname, lastname and email strings within
routes/{admin,index,user}.py are also strip()ped on this occasion.
2021-11-05 17:04:35 +02:00
zoeller-freinet
0e655c1357
user_profile tpl: set email input type attr to "email" (#1020)
It is then consistent with the email address input elements declared in
admin_edit_account.html, admin_edit_user.html and register.html.
2021-10-30 21:30:26 +02:00
steschuser
ba2423d6f5
fix if condition in pretty_domain_name (#1008) 2021-10-30 21:29:55 +02:00
jbe-dw
b8ee91ab9a
fix: Accounts API is broken (#996) 2021-10-30 21:28:36 +02:00
RGanor
c246775ffe
bg_domain button for operators and higher (#993) 2021-10-30 21:26:46 +02:00
Hidde
f96103db79
Replace [ZONE] placeholder with domain_name (#960) 2021-10-30 21:24:16 +02:00
steschuser
bf83662108
allow users to remove domain (#952) 2021-10-30 21:21:45 +02:00
steschuser
1f34dbf810
fix for api key (#950) 2021-10-30 21:19:49 +02:00
Khanh Ngo
b7197948c1 Reslove conflicts
Signed-off-by: Khanh Ngo <khanh.ngo@taxfix.de>
2021-10-30 21:19:01 +02:00
Khanh Ngo
ddf2d4788b Reslove conflicts
Signed-off-by: Khanh Ngo <khanh.ngo@taxfix.de>
2021-10-30 21:15:04 +02:00
steschuser
1ec6b76f89
Remove otp field (#942) 2021-10-30 21:09:04 +02:00
Mark Zealey
4ce1b71c57
Fix when no records returned by API (#923)
For some reason when some programs delete a record we get an entry returned with records: []
2021-10-30 21:07:42 +02:00
steschuser
79457bdc85
Bug domain parse (#936) 2021-10-30 21:06:44 +02:00
Mirko Vogt
282c630eb8 dyndns: Respond with HTTP header 'WWW-Authenticate' to unauthed requests
The common procedure for HTTP Basic Auth is that a client does /not/
immediately send out credentials via an 'Authorization'-header, but to
wait until the server tells the client to do so - which the server
indicates via the 'WWW-Authenticate'-header.

PowerDNS-Admin (and flask in general), though, abort the whole
communication if no Authorization header was found in the initial
request - resulting in '200 "badauth"'.

While this might work for /some/ HTTP clients - which right away add an
Authorization header crafted from provided credentials (via args or
extracted from given URL), this is /not/ standard and /not/ common.

Hence add the 'WWW-Authenticate'-header for every unauthenticated call
checking for dyndns authorisation.

Note, though, this changes the status code from 200 to 401 in this case,
which - given the explanation why 200 was chosen in the first place -
might cause side effects.
2021-10-20 15:12:17 +00:00
RoeiGanor
10dc2b0273 bg_domain button for operators and higher 2021-08-13 20:03:06 +03:00
steschuser
993e02b635
limit user to only create domains for the accounts he belongs to (#970) 2021-08-05 19:42:58 +02:00
steschuser
07c71fb0bf
setting account_user_ids to empty list on GET /account/edit (#966) 2021-08-05 19:41:28 +02:00
steschuser
c4a9498898
respect_bg_domain_updates in routes/api (#962) 2021-08-05 19:39:26 +02:00
Kostas Mparmparousis
6e04d0419b
Provision PDA user privileges based On LDAP Attributes (#980) 2021-08-05 19:37:48 +02:00
Mirko Vogt
9c00e48f0f routes/index.py: Make package 'onelogin.saml2.utils' optional
The onelogin package is not part of all saml packages for whatever
reason (e.g. Debian) and not easily installable from pypi (requires
CC toolchain).

As the onelogin functionality is already guarded by whether
SAML_ENABLED is set in other places (services/saml.py), also do so
in routes/index.py.
2021-07-23 06:56:09 +00:00
Carsten Rosenberg
d6e64dce8e fix some jinja typos 2021-06-04 15:24:49 +02:00
Steffen Schwebel
b069cea8d1 add css to base as well 2021-06-02 09:44:15 +02:00
Steffen Schwebel
fd933f8dbc remove unrelated files and changes as best as possible 2021-06-02 09:41:08 +02:00
Steffen Schwebel
0505b934a1 remove unrelated files and changes as best as possible 2021-06-02 09:39:39 +02:00
Steffen Schwebel
083a023e57 fix include 2021-06-01 16:41:26 +02:00
Steffen Schwebel
054e0e6eba add rule for 'custom_css' setting 2021-06-01 16:24:07 +02:00
Steffen Schwebel
c13dd2d835 add 'custom_css' setting to model; check for 'custom_css' in template; create custom css dir in dockerfile 2021-06-01 16:15:31 +02:00
Steffen Schwebel
43a6e46e66 add setting to hide otp_token field on login page 2021-05-27 22:51:07 +02:00
Steffen Schwebel
36fdb3733f Merge remote-tracking branch 'origin/master' into remove_otp_field 2021-05-25 15:30:32 +02:00
Steffen Schwebel
b197491a86 remove traceback 2021-05-25 12:44:07 +02:00
Steffen Schwebel
d23a57da50 handle decode error, output warning 2021-05-25 12:35:53 +02:00
Steffen Schwebel
4180882fb7 show traceback 2021-05-21 15:10:17 +02:00
root
bbbcf271fe remove otp token from login page, depending on Setting 2021-05-20 15:21:56 +02:00
jyoung15
32983635c6
Delete blank comments. Fix for ngoduykhanh/PowerDNS-Admin#919 (#920) 2021-05-07 23:43:44 +02:00
Ian Bobbitt
39cddd3b34
SAML improvements for Docker (#929)
* Fix typo in managing user account membership with SAML assertion

* Support more config options from Docker env.

* Improve support for SAML key and cert from Docker secrets

Co-authored-by: Ian Bobbitt <ibobbitt@globalnoc.iu.edu>
2021-05-07 23:36:55 +02:00
jodygilbert
b66b37ecfd
delete history records when a domain is deleted (#916)
Co-authored-by: Jody <jody.gilbert@edftrading.com>
2021-05-07 22:55:45 +02:00
jodygilbert
98db953820
Allow user role to view history (#890) 2021-03-27 19:33:11 +01:00
jbe-dw
86700f8fd7
upd: improve user api (#878) 2021-03-16 19:39:53 +01:00
R. Daneel Olivaw
46993e08c0
Add punycode (IDN) support (#879) 2021-03-16 19:37:05 +01:00
jodygilbert
4c19f95928
Improve account creation/permission handling based on Azure oAuth group membership (#877) 2021-01-31 11:31:56 +01:00
jbe-dw
3a4efebf95
enh: display b64 encoded apikey on creation through the API (#870) 2021-01-24 09:43:51 +01:00
jodygilbert
7f86730909
allow-server-side-sessions (#855) 2021-01-24 09:09:53 +01:00
jbe-dw
8f6a800836
fix: account API output^ (#874) 2021-01-24 09:08:32 +01:00
jbe-dw
3cd98251b3
fix: API (apikeys) behaviour does not match swagger definition (#868) 2021-01-24 09:06:51 +01:00
jbe-dw
54b257768f
feat: Implement apikeys/<id> endpoint from swagger spec. (#864) 2021-01-16 20:49:41 +01:00
jbe-dw
718b41e3d1
feat: limit zone list for users on servers endpoint (#862) 2021-01-16 20:45:02 +01:00
jbe-dw
dd0a5f6326
feat: Allow sync domain with basic auth (#861) 2021-01-16 20:37:11 +01:00
jbe-dw
c3d438842f
fix: user jsonify to set response headers to json (#863) 2021-01-16 20:29:40 +01:00
jbe-dw
33e7ffb747
fix: Follow PDNS Api return format (#858) 2021-01-07 23:26:48 +01:00
jbe-dw
2c18e5c88f
fix: User role was not assigned upon creation (#860) 2021-01-07 23:07:20 +01:00
WhatshallIbreaktoday
c6e0293177
Tweaks to allow user apikey usage with powerdns terraform provider (#845) 2020-12-07 22:06:37 +01:00
Andrew Nimmo
680e4cf431
Avoid Safari telephone number detection
Using PowerDNS-Admin on an iPad with Safari can cause incorrect identification of some record data as a telephone number. When submitted, the record with the incorrectly identified data causes an error because of the additional markup present on the submitted data. This was noted in particular with the SOA record. 

The proposed change is to add the Safari meta tag to disable format detection:
https://developer.apple.com/library/archive/documentation/AppleApplications/Reference/SafariHTMLRef/Articles/MetaTags.html#//apple_ref/doc/uid/TP40008193-SW5
2020-10-14 17:21:59 +02:00
Khanh Ngo
70b1accaa0
Merge pull request #801 from cyso/pr/sync-accounts
Implement account update method
2020-10-12 12:48:22 +02:00
Khanh Ngo
7254a94497
Merge pull request #825 from ngoduykhanh/adjustment
Add index on history table
2020-10-11 13:11:09 +02:00
Khanh Ngo
3034630bc0
Merge pull request #761 from ngoduykhanh/record_rollback
Fix #752 - Rollback the removed record if apply operation failed
2020-10-11 13:01:26 +02:00
Khanh Ngo
d72709e0f4
Add index on history table 2020-10-11 12:49:28 +02:00
Khanh Ngo
76562f8a46
Fix typo
Remove space from oidc_oauth_last_name default value
2020-10-10 21:03:34 +02:00
Khanh Ngo
0dfced4968
Upgrade pip packages 2020-10-10 20:27:09 +02:00
Khanh Ngo
55ad73d92e
Merge pull request #800 from cyso/pr/oidc-account
OIDC User and Account management during login
2020-10-10 14:32:14 +02:00
Khanh Ngo
a679073928
Merge pull request #773 from terbolous/azure-oauth
Add Account creation/permission handling based on Azure oAuth group membership
2020-10-10 14:20:26 +02:00
Khanh Ngo
b5fc9045f2
Merge pull request #766 from frei-style/sort_accounts
Sort accounts by name on 'New Domain' and domain 'Admin'
2020-10-10 14:18:02 +02:00
Khanh Ngo
f3bcf1b834
Merge pull request #763 from RoeiGanor/fix_gravatar
Fix gravatar offline mode
2020-10-10 14:16:57 +02:00
Khanh Ngo
b8ffb1dae9
Merge pull request #804 from RoeiGanor/api_key
Add API Key to the UI
2020-10-10 14:11:09 +02:00
Tom Hetmer
cf62658e19
do not fail with wildcard PTRs 2020-09-10 01:18:07 +07:00
root
74b89b1b7e Add API Key to the UI 2020-08-08 13:41:18 +00:00
Nick Douma
70c2744f29 Log amount of accounts found in PowerDNS 2020-08-06 17:45:05 +02:00
Nick Douma
3c59ba6f84 Account does not have username 2020-08-06 17:44:54 +02:00
Nick Douma
b4d7f66e29 Use Account.delete_account to also handle unlinking of Users 2020-08-06 16:33:00 +02:00
Nick Douma
f9f966df75 Allow for configuration of logout url 2020-08-06 15:29:02 +02:00
Nick Douma
27f5c89f70 Manage Account membership on oidc login 2020-08-06 15:28:54 +02:00
Nick Douma
7ef6f5db4e Check if plain_text_password is falsish instead of empty string 2020-08-06 15:28:45 +02:00
Nick Douma
ab6480a4b4 Update user with info from oidc during login 2020-08-06 15:28:27 +02:00
Nick Douma
0ef57b2f9f Implement account update method
Allow syncing of all known accounts from PowerDNS, in the same
way that Domain().update() does for domains.
2020-08-06 15:22:28 +02:00
Erik Weber
22eabef06a
Use the correct matching group 2020-07-03 11:01:17 +02:00
Erik Weber
e993422106
Add regex matching for group/account description 2020-07-03 10:55:06 +02:00
Erik Weber
25db119d02
Add Account creation/permission handling based on Azure oAuth group membership 2020-07-03 08:55:31 +02:00
Manuel Frei
9946f72a85 Order accounts by name on 'New Domain' and domain admin 2020-06-28 01:59:12 +02:00
Roei Ganor
0f9a5f8652 Fix gravatar offline mode 2020-06-24 11:17:45 +03:00
Khanh Ngo
f3f91d56e2
Adjust html code 2020-06-20 11:08:14 +07:00
Khanh Ngo
1b4fe8935d Merge branch 'master' into record_rollback 2020-06-20 10:17:52 +07:00
Khanh Ngo
4e63f8380b
Merge pull request #756 from RoeiGanor/master
Changed default TTL
2020-06-20 09:55:41 +07:00
Khanh Ngo
1f4580a27a
Log failed domain apply operation 2020-06-20 09:51:30 +07:00
Khanh Ngo
5123d542e4
Fix #752 - Rollback the removed record if apply operation failed 2020-06-19 09:34:33 +07:00
Khanh Ngo
a3fd856dd8
Code refactoring and bug fixes 2020-06-19 08:47:51 +07:00
Roei
84ae753db2 Changed default TTL 2020-06-14 09:13:01 +03:00
Ymage
4e39d5a461 Fix session clearing 2020-05-29 17:41:20 +02:00
Khanh Ngo
cfc8567180
Merge pull request #742 from nfantone/feat/remote-user
Support authenticating using REMOTE_USER environment variable
2020-05-26 15:36:47 +07:00
Nicolás Fantone
39db31b5ae Add missing ensure_list util function 2020-05-25 14:16:33 +01:00
Khanh Ngo
831fbf3cb3
Merge pull request #738 from ymage/url_for_static_assets
Add url_for() for static assets
2020-05-24 21:22:33 +07:00
Khanh Ngo
125883330e Merge branch 'pull/679' 2020-05-24 21:19:04 +07:00
Khanh Ngo
73c267848c
Merge branch 'master' into url_for_static_assets 2020-05-24 21:16:00 +07:00
Khanh Ngo
5ac126f349
Merge pull request #739 from sshipway/sorting
Sort rrset members by content before comparison to ensure correct compare
2020-05-24 21:06:51 +07:00
Nicolás Fantone
52298f8289 Support login in through REMOTE_USER environment variable
Support redirecting remote users to logout URL and clearing remote login cookies
2020-05-22 15:31:24 +01:00
Khanh Ngo
a598c52729
Fix base template
current_user is Anonymous when we are not authenticated. Need to check if
email attribute is defined before using it
2020-05-22 17:37:39 +07:00
Steve Shipway
3476c8a9ec SJS Sort rrset members by content before comparison to ensure correct compare. Also default comment to blank entry rather than missing entry, to allow sorting to work correctly. 2020-05-20 16:21:28 +12:00
Ymage
99f12df748 Add url_for() for static assets 2020-05-20 00:03:36 +02:00
Khanh Ngo
0ef132a7be
Update swagger yaml 2020-05-17 21:00:13 +07:00
Khanh Ngo
fd0485d897 Merge remote-tracking branch 'keesbos/mgmt' 2020-05-17 19:43:45 +07:00
Khanh Ngo
ab7e1eb71b
Fix email confirmation template 2020-05-17 16:11:52 +07:00
Khanh Ngo
edb2a354d1
Merge pull request #725 from Monogramm/ui/favicon
fix: Add favicon to fix #724
2020-05-17 13:47:18 +07:00
Khanh Ngo
78245d339f
Merge pull request #717 from RoeiGanor/master
OIDC custom claims
2020-05-17 13:44:52 +07:00
mathieu.brunot
9f562714f2
fix: Add favicon to fix #724
Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
2020-05-09 23:56:19 +02:00
root
2044ce4737 oidc custom claims 2020-05-04 07:12:48 +00:00
Khanh Ngo
33eff6313f
Fix loading zone with Slave type 2020-05-02 09:41:01 +07:00
Khanh Ngo
978c0b6c62
Merge pull request #711 from terbolous/azure_oauth
Azure oauth fixes
2020-05-01 10:25:27 +07:00
Roei Ganor
483c767d26 Offline installation and searchable inputs 2020-04-30 17:20:37 +00:00
Erik Weber
b03cbdea65
Azure oauth: Graph api calls it mail, not email 2020-04-30 12:15:19 +02:00
Erik Weber
b8442c4c5c
Azure oauth: remove preferredName from query 2020-04-30 12:14:32 +02:00
Khanh Ngo
9e8401ae46
Merge branch 'master' of github.com:ngoduykhanh/PowerDNS-Admin 2020-04-30 10:17:32 +07:00
Khanh Ngo
02692c7759
Code formating 2020-04-30 10:17:08 +07:00
Khanh Ngo
bbd00865dc
Merge pull request #681 from eht16/fix_create_template_from_zone_url
Remove $SCRIPT_ROOT from 'admin.create_template_from_zone' URL
2020-04-30 09:12:04 +07:00
Marcus Knight
0e093d4eec Support only having one auth method enabled (which isn't ldap/local) 2020-04-16 16:04:10 +08:00
Attila DEBRECZENI
def06bee41 set SAML wantAssertionsEncrypted from config 2020-04-03 13:44:03 +00:00
Attila DEBRECZENI
cc26174a48
wantAssertionsEncrypted to false 2020-03-27 02:19:06 +01:00
Attila DEBRECZENI
a581aa3cf2 add SAML_ASSERTION_ENCRYPTED envrionment 2020-03-25 21:35:20 +00:00
Attila DEBRECZENI
e550b0a109 SAML debug attributes 2020-03-25 21:05:30 +00:00
Enrico Tröger
bc2e7c9786 Remove $SCRIPT_ROOT from 'admin.create_template_from_zone' URL
As the URL here is contructed from Flask's "url_for" which already
takes the script root into account, we do not need to add it here
explicitly. This would result in a duplicate script root otherwise.
2020-03-09 17:08:27 +01:00
Scott Howard
417338d826 Remove blank comments from rrsets before sending for compatibility with some pdns backends 2020-03-07 02:07:41 -06:00
Khanh Ngo
f2704649f1
Merge pull request #668 from pprietosanchez/fix_search_API_request
Correct request method
2020-03-06 14:08:39 +07:00
Khanh Ngo
026dcead7f
Merge pull request #671 from eht16/add_missing_format_arguments
Add missing format arguments for error message
2020-03-06 13:58:10 +07:00
Khanh Ngo
7024404f73
Merge pull request #674 from sshipway/patch-1
Corrections to Azure auth service definition after refactor
2020-03-06 13:57:09 +07:00
Enrico Tröger
b421b9b38a Fix token name in session for OIDC and GitHub authentication 2020-03-05 17:07:13 +01:00
Steve Shipway
7ac6529e0a
Corrections to Azure auth service definition after refactor 2020-03-04 17:34:01 +13:00