Josh Matthews
715c6b76cd
added code to raise user to operator on SAML auth if in the right group
2022-05-23 14:38:16 +10:00
RGanor
83ed5cfb28
Create codeql-analysis.yml ( #1204 )
2022-05-21 11:26:40 +03:00
pixelrebel
8c85e80c2b
Add SAML_ATTRIBUTE_GROUP and SAML_GROUP_ADMIN_NAME to the development config, with instructions for use
2022-05-19 20:36:28 -07:00
pixelrebel
e4c8c3892f
Use HTTP_X_FORWARDED_PROTO header from reverse proxy to rewrite https:// for SAML request URLs
2022-05-19 19:00:38 -07:00
pixelrebel
9221d58a1b
Allow SAML AttributeStatements to be optional
2022-05-19 14:52:51 -07:00
pixelrebel
5b36ad034d
Rename incorrect SAML cert/key config variables
2022-05-19 14:02:04 -07:00
corubba
0dfcdb6c3e
Fix rrest typo in history detail
...
There is a misspelling of rrset throughout the history logic, which also
effects the json payload in the database. Code-wise this is a simple
search-and-replace, and the migration will fix the payloads.
2022-05-19 00:53:35 +02:00
corubba
70450315ba
Add general modal functions
...
The two generic modals are defined in the base template, and are used
in various templates. So provide functions and remove duplicate code.
2022-05-19 00:53:20 +02:00
jbe-dw
1961581527
Merge pull request #1195 from Metrax/git-ignore
...
Adding venv and yarn-error.log to gitignore
2022-05-17 23:45:16 +02:00
Metrax
8b105d8aff
Adding venv and yarn-error.log to gitignore
...
venv: in the wiki, the installation is described with creating the venv into "venv", but only ".venv" is in gitignore
yarn-error.log: file is created if yarn fails, it should not be commited to the repo accidentally
2022-05-17 16:31:05 +02:00
RGanor
3d2ad1abc0
LGTM fix - unused variable
2022-05-15 13:57:13 +00:00
Cloud User
b3271e84d6
Using domain model and added authentication
2022-05-15 12:19:04 +00:00
jbe-dw
6579c9e830
Merge pull request #1182 from jbe-dw/revertCorruptedHistoryFix
...
fix: Insert valid JSON in history.detail and replace single quotes in the database
2022-05-12 21:30:20 +02:00
corubba
564ec6086d
Replace pyOpenSSL with cryptography
...
This is literally the example from the docs [0]. The only thing I
adapted are the parameters for the keys and certificate, so they
stay the same.
Fixes #1086
[0] https://cryptography.io/en/latest/x509/tutorial/#creating-a-self-signed-certificate
2022-05-07 21:32:19 +02:00
corubba
fec649b747
Header for fixed order column
...
Semantically and syntactically it is better to have the same number of
`<th>` as `<td>`. Not that anyone will ever see that new header, since
that column is always invisible (except if the user disables javascript).
Plus remove a unmatched closing html element.
2022-05-07 21:14:57 +02:00
corubba
0e2cd063c5
Remove python v2 remnant
...
As vermin [0] confirms, the codebase has long moved beyond supporting
python v2 (which is not a bad thing). This removes the last explicit py2
piece of code.
And in case anyone wonders, vermin currently reports the minium version
to be v3.6.
[0] https://pypi.org/project/vermin/
2022-05-07 21:14:48 +02:00
corubba
68045cc60c
Fix revision in migration filename
...
This has no functional impact, flask-migrate aka alembic was and will
continue to work as expected. It is just a cosmetic change for
consistency.
2022-05-07 21:14:29 +02:00
jbe-dw
fa9bdcfde0
Merge pull request #1134 from jbe-dw/fixAPIDeleteAccount
...
Fix API Account deletion
2022-05-06 23:35:24 +02:00
Jérôme BECOT
64f7968af9
fix: Use json.dumps instead of str
2022-05-06 17:04:39 +02:00
Jérôme BECOT
06ffee18a0
fix: Provide an Alembic update script to fixe quotes
2022-05-06 17:04:35 +02:00
Vasileios Markopoulos
9e999e7202
Merge pull request #1180 from gunet/dependency-fix
...
cryptography-dependency-addition
2022-04-27 16:35:24 +03:00
KostasMparmparousis
c8d14d91fe
cryptography-dependency-addition
2022-04-27 16:11:09 +03:00
jbe-dw
82f03a4de2
Merge pull request #1160 from AdvanticGmbH/json_load_error
...
Json load error
2022-04-26 17:54:08 +02:00
AdvanticGmbH
26c60f175d
Remove unnecessary call to str()
...
* json.dumps() already returns a str
2022-04-26 09:11:05 +02:00
jbe-dw
fc56a168c8
Merge pull request #1174 from gunet/ping-no-login-required
...
Login requirement removal for /ping endpoint
2022-04-25 16:22:21 +02:00
ManosKoukoularis
5040cf5282
Merge pull request #1159 from AdvanticGmbH/html_entity_domain_fix
...
Decode domain record data and comment from HTML entity to text
2022-04-25 12:49:10 +03:00
AdvanticGmbH
44c9aff5db
Use json.dumps for every detail in history
...
This works much better instead of just writing a str to the db and
expect it to be loaded just fine from json.loads
2022-04-25 10:43:46 +02:00
AdvanticGmbH
3df36adbf4
Add more detailed info to the history when a msg and status exists
2022-04-25 10:43:40 +02:00
AdvanticGmbH
191e919626
Allow IDNA in SOA
...
* Previously having characters like "ü" in the SOA wouldnt allow to push
updates to the domain
* Also use the new method to_idna to support characters like "ß"
2022-04-25 10:19:40 +02:00
AdvanticGmbH
40deb3c145
Create method to encode and decode idna
...
Previously strings with characters like "ß" would throw and exception
This seems to happen because the lib behind encode().decode('idna')
cant handle characters like this
2022-04-25 10:05:46 +02:00
KostasMparmparousis
4d6c6224b4
Login requirement removal for /ping endpoint
2022-04-20 13:31:23 +03:00
RGanor
4958423cc7
Update api.py
2022-04-18 22:11:31 +03:00
root
f41696c310
WIP - Added health check
2022-04-18 09:01:22 +00:00
Vasileios Markopoulos
e891333971
Merge pull request #1166 from LordVeovis/fix/saml
...
Fix broken SAML login from 9c00e48f
2022-04-13 10:16:58 +03:00
Vasileios Markopoulos
c9c82d4244
Merge pull request #1118 from cropalato/master
...
Fixing AD login if there is a infinity loop in memberOf groups.
2022-04-13 10:15:54 +03:00
Veovis
bd92c5946c
Fix broken SAML login from 9c00e48f
2022-04-12 17:14:54 +02:00
Ricardo Melo
ee0511ff4c
[Fix] AD recursive problem
...
- Fixing #1011[https://github.com/PowerDNS-Admin/PowerDNS-Admin/issues/1011 ]
2022-04-11 08:49:38 -04:00
Vasileios Markopoulos
098224eed1
Merge pull request #1123 from gunet/log-dnssec-enabling
...
Log DNSSEC status change for a domain
2022-04-11 15:21:59 +03:00
ManosKoukoularis
9e90dde144
Merge pull request #1158 from AdvanticGmbH/domain_xss
...
Render domain data table fields only as text
2022-04-11 13:05:43 +03:00
Vasileios Markopoulos
0ab2610064
Merge pull request #1165 from gunet/update_repo_url
...
Updated repository URL
2022-04-11 12:26:15 +03:00
vmarkop
9c62208c2e
Updated repository URL
2022-04-11 12:21:34 +03:00
jbe-dw
8cf2985335
Merge pull request #979 from mirko/make-onelogin-pkg-optional
...
routes/index.py: Make package 'onelogin.saml2.utils' optional
2022-04-07 13:37:00 +02:00
jbe-dw
33f1c6ad61
Merge pull request #1027 from mirko/add-WWW-Authenticate-header-for-dyndns
...
dyndns: Respond with HTTP header 'WWW-Authenticate' to unauthed requests
2022-04-07 13:31:03 +02:00
AdvanticGmbH
b534eadf19
Decode domain record data and comment from HTML entity to text
2022-04-04 14:43:02 +02:00
AdvanticGmbH
e596de37f4
Render Name, Type, Status, TTL, Data and Edit as text
2022-04-04 14:16:40 +02:00
AdvanticGmbH
930932d131
Render domain data table fields only as text
2022-04-04 14:06:31 +02:00
jbe-dw
13ff4df9f9
Merge pull request #1122 from gunet/auth_type_log_fix
...
Fixed LDAP Authenticator Type logging
2022-04-03 14:59:48 +02:00
jbe-dw
c6de972ed8
Merge pull request #1101 from decryptus/master
...
[BUG] Fixed delete zone from API
2022-04-03 00:29:47 +02:00
jbe-dw
bff020443f
Merge pull request #1154 from jbe-dw/fixBackendContentType
...
fix: Set Content-Type on backend API calls
2022-04-02 21:36:56 +02:00
Jérôme BECOT
17b4269e1b
fix: Set Content-Type on backend API calls
2022-03-30 23:39:00 +02:00