Commit Graph

194 Commits

Author SHA1 Message Date
corubba
607caa1a2d Rework user image handling
Moved all the logic out of the template into a separate endpoint. This
makes it easy to extend to also support images from different sources
like LDAP/SAML/OIDC. Session-based caching is hard to do, so to allow
time-based caching in the browser, the url needs to be unique for every
user by using a query parameter.

Replaced the default/fallback user image with a new one. It is based on
the old one, but does not need css to be visible. And removed said css.

Gravatar has now its own setting named `gravatar_enabled`, which is
disabled by default.
2022-06-18 19:11:13 +02:00
corubba
b795f1eadf Use the doc search directly 2022-06-18 19:07:23 +02:00
corubba
fee26b84ba Remove IE8 polyfills
These old browsers are EOL since 2016 [0], let them finally rest in
peace.

This effectively reverts/replaces commit b8dee5d17056788c2dc9940d14308648e32186d8.

[0] https://web.archive.org/web/20160115070611/https://www.microsoft.com/en-us/WindowsForBusiness/End-of-IE-support
2022-06-18 19:07:23 +02:00
corubba
54b2c5918f Serve the IE8 polyfills from local 2022-06-18 19:07:23 +02:00
corubba
674704609b Always use local fonts 2022-06-18 19:07:23 +02:00
Jérôme BECOT
eb13b37e09
feat: Add the extra chars as an option 2022-06-18 14:30:56 +02:00
Jérôme BECOT
a3c50828a6
feat: Allow underscores and hyphens in account name 2022-06-18 14:28:32 +02:00
TomSebty
1926b862b8
feat: Option to forbid the creation of domain if it exists as a record (#1127)
When enabled, forbids the creation of a domain if it exists as a record in one of its parent domains (administrators and operators are not limited though).
2022-06-17 17:50:51 +02:00
Vasileios Markopoulos
41343fd598
Merge pull request #1199 from corubba/bugfix/rrest-typo
Fix rrest typo in history detail
2022-05-25 10:45:50 +03:00
jbe-dw
259bd0a906
Merge pull request #1200 from corubba/feature/modal-consolidation
enh: Consolidate generic modal code
2022-05-23 22:50:48 +02:00
corubba
0dfcdb6c3e Fix rrest typo in history detail
There is a misspelling of rrset throughout the history logic, which also
effects the json payload in the database. Code-wise this is a simple
search-and-replace, and the migration will fix the payloads.
2022-05-19 00:53:35 +02:00
corubba
70450315ba Add general modal functions
The two generic modals are defined in the base template, and are used
in various templates. So provide functions and remove duplicate code.
2022-05-19 00:53:20 +02:00
corubba
fec649b747 Header for fixed order column
Semantically and syntactically it is better to have the same number of
`<th>` as `<td>`. Not that anyone will ever see that new header, since
that column is always invisible (except if the user disables javascript).

Plus remove a unmatched closing html element.
2022-05-07 21:14:57 +02:00
ManosKoukoularis
9e90dde144
Merge pull request #1158 from AdvanticGmbH/domain_xss
Render domain data table fields only as text
2022-04-11 13:05:43 +03:00
vmarkop
9c62208c2e Updated repository URL 2022-04-11 12:21:34 +03:00
AdvanticGmbH
e596de37f4 Render Name, Type, Status, TTL, Data and Edit as text 2022-04-04 14:16:40 +02:00
AdvanticGmbH
930932d131 Render domain data table fields only as text 2022-04-04 14:06:31 +02:00
ManosKoukoularis
fcb8287f14
Update login.html 2022-02-25 12:59:23 +02:00
kkmanos
10603fbb36 fixed csrf expiration for login page 2022-02-17 18:10:06 +02:00
kkmanos
b9cf7245a5 fixed csrf expiration for login page 2022-02-17 17:02:11 +02:00
zoeller-freinet
0b2ad520b7 History table: relocate HTML for modal window (#1090)
- Store HTML for modal window inside an invisible <div> element instead
  of inside the <button> element's value attribute
- Mark history.detailed_msg as safe as it is already manually run
  through the template engine beforehand and would be broken if escaped
  a second time
2022-01-01 21:20:01 +01:00
Christian
302e793665
Add button for admin page in single Domain view (#1076)
* Added button for admin page in domain overview
2021-12-31 00:55:59 +01:00
zoeller-freinet
7808febad8 login.html: don't suggest previous OTP tokens
This change has been tested to work with:
- Chromium 96.0.4664.93
- Firefox 95.0
- Edge 96.0.1054.57
2021-12-17 12:48:11 +01:00
Vasileios Markopoulos
94a923a965
Add 'otp_force' basic setting (#1051)
If the 'otp_force' and 'otp_field_enabled' basic settings are both enabled, automatically enable 2FA for the user after login or signup, if needed, by setting a new OTP secret. Redirect the user to a welcome page for scanning the QR code.

Also show the secret key in ASCII form on the user profile page for easier copying into other applications.
2021-12-17 11:41:51 +01:00
root
caa48b7fe5 Merge branch 'quotes-fix'
Conflicts:
	powerdnsadmin/routes/admin.py
2021-12-03 14:17:39 +00:00
root
940551e99e feat: Associate an API Key with accounts (#1044) 2021-12-03 14:12:11 +00:00
ManosKoukoularis
6c1dfd2408
Datepicker replace (#1059)
* replaced jquery-ui-datepicker with bootstrap-datepicker

* removed obsolete static files
2021-12-02 11:59:36 +01:00
ManosKoukoularis
1332c8d29d
History Tab Overhaul & Domain Record Modifications Changelog (#1042)
Co-authored-by: Konstantinos Kouris <85997752+konkourgr@users.noreply.github.com>
Co-authored-by: vmarkop <billy.mark.b.m.10@gmail.com>
Co-authored-by: KostasMparmparousis <mparmparousis.kostas@gmail.com>
Co-authored-by: dimpapac <demispapa@gmail.com>
2021-11-30 11:02:37 +02:00
Daniel Molkentin
c7b4aa3434
fix: actually store OIDC logout URL (#988) 2021-11-05 17:28:21 +02:00
zoeller-freinet
0e655c1357
user_profile tpl: set email input type attr to "email" (#1020)
It is then consistent with the email address input elements declared in
admin_edit_account.html, admin_edit_user.html and register.html.
2021-10-30 21:30:26 +02:00
steschuser
bf83662108
allow users to remove domain (#952) 2021-10-30 21:21:45 +02:00
steschuser
1f34dbf810
fix for api key (#950) 2021-10-30 21:19:49 +02:00
Khanh Ngo
b7197948c1 Reslove conflicts
Signed-off-by: Khanh Ngo <khanh.ngo@taxfix.de>
2021-10-30 21:19:01 +02:00
Khanh Ngo
ddf2d4788b Reslove conflicts
Signed-off-by: Khanh Ngo <khanh.ngo@taxfix.de>
2021-10-30 21:15:04 +02:00
steschuser
1ec6b76f89
Remove otp field (#942) 2021-10-30 21:09:04 +02:00
Kostas Mparmparousis
6e04d0419b
Provision PDA user privileges based On LDAP Attributes (#980) 2021-08-05 19:37:48 +02:00
Carsten Rosenberg
d6e64dce8e fix some jinja typos 2021-06-04 15:24:49 +02:00
Steffen Schwebel
b069cea8d1 add css to base as well 2021-06-02 09:44:15 +02:00
Steffen Schwebel
fd933f8dbc remove unrelated files and changes as best as possible 2021-06-02 09:41:08 +02:00
Steffen Schwebel
083a023e57 fix include 2021-06-01 16:41:26 +02:00
Steffen Schwebel
c13dd2d835 add 'custom_css' setting to model; check for 'custom_css' in template; create custom css dir in dockerfile 2021-06-01 16:15:31 +02:00
Steffen Schwebel
43a6e46e66 add setting to hide otp_token field on login page 2021-05-27 22:51:07 +02:00
root
bbbcf271fe remove otp token from login page, depending on Setting 2021-05-20 15:21:56 +02:00
jodygilbert
98db953820
Allow user role to view history (#890) 2021-03-27 19:33:11 +01:00
R. Daneel Olivaw
46993e08c0
Add punycode (IDN) support (#879) 2021-03-16 19:37:05 +01:00
Andrew Nimmo
680e4cf431
Avoid Safari telephone number detection
Using PowerDNS-Admin on an iPad with Safari can cause incorrect identification of some record data as a telephone number. When submitted, the record with the incorrectly identified data causes an error because of the additional markup present on the submitted data. This was noted in particular with the SOA record. 

The proposed change is to add the Safari meta tag to disable format detection:
https://developer.apple.com/library/archive/documentation/AppleApplications/Reference/SafariHTMLRef/Articles/MetaTags.html#//apple_ref/doc/uid/TP40008193-SW5
2020-10-14 17:21:59 +02:00
Khanh Ngo
3034630bc0
Merge pull request #761 from ngoduykhanh/record_rollback
Fix #752 - Rollback the removed record if apply operation failed
2020-10-11 13:01:26 +02:00
Khanh Ngo
55ad73d92e
Merge pull request #800 from cyso/pr/oidc-account
OIDC User and Account management during login
2020-10-10 14:32:14 +02:00
Khanh Ngo
a679073928
Merge pull request #773 from terbolous/azure-oauth
Add Account creation/permission handling based on Azure oAuth group membership
2020-10-10 14:20:26 +02:00
Khanh Ngo
f3bcf1b834
Merge pull request #763 from RoeiGanor/fix_gravatar
Fix gravatar offline mode
2020-10-10 14:16:57 +02:00
root
74b89b1b7e Add API Key to the UI 2020-08-08 13:41:18 +00:00
Nick Douma
f9f966df75 Allow for configuration of logout url 2020-08-06 15:29:02 +02:00
Nick Douma
27f5c89f70 Manage Account membership on oidc login 2020-08-06 15:28:54 +02:00
Erik Weber
25db119d02
Add Account creation/permission handling based on Azure oAuth group membership 2020-07-03 08:55:31 +02:00
Roei Ganor
0f9a5f8652 Fix gravatar offline mode 2020-06-24 11:17:45 +03:00
Khanh Ngo
f3f91d56e2
Adjust html code 2020-06-20 11:08:14 +07:00
Roei
84ae753db2 Changed default TTL 2020-06-14 09:13:01 +03:00
Khanh Ngo
73c267848c
Merge branch 'master' into url_for_static_assets 2020-05-24 21:16:00 +07:00
Khanh Ngo
a598c52729
Fix base template
current_user is Anonymous when we are not authenticated. Need to check if
email attribute is defined before using it
2020-05-22 17:37:39 +07:00
Ymage
99f12df748 Add url_for() for static assets 2020-05-20 00:03:36 +02:00
Khanh Ngo
ab7e1eb71b
Fix email confirmation template 2020-05-17 16:11:52 +07:00
Khanh Ngo
edb2a354d1
Merge pull request #725 from Monogramm/ui/favicon
fix: Add favicon to fix #724
2020-05-17 13:47:18 +07:00
mathieu.brunot
9f562714f2
fix: Add favicon to fix #724
Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
2020-05-09 23:56:19 +02:00
root
2044ce4737 oidc custom claims 2020-05-04 07:12:48 +00:00
Roei Ganor
483c767d26 Offline installation and searchable inputs 2020-04-30 17:20:37 +00:00
Khanh Ngo
9e8401ae46
Merge branch 'master' of github.com:ngoduykhanh/PowerDNS-Admin 2020-04-30 10:17:32 +07:00
Marcus Knight
0e093d4eec Support only having one auth method enabled (which isn't ldap/local) 2020-04-16 16:04:10 +08:00
Enrico Tröger
bc2e7c9786 Remove $SCRIPT_ROOT from 'admin.create_template_from_zone' URL
As the URL here is contructed from Flask's "url_for" which already
takes the script root into account, we do not need to add it here
explicitly. This would result in a duplicate script root otherwise.
2020-03-09 17:08:27 +01:00
Khanh Ngo
2de8bf55f8 Merge branch 'dashboard_search_placeholder' 2020-01-29 22:00:17 +07:00
Enrico Tröger
737531d23f Add dashboard search placeholder to describe search patterns
Since ^ and $ for searching from start and to end is supported, let's
tell the user about it.
2020-01-25 19:26:13 +01:00
mathieu.brunot
0ea188f8d6
✏️ Fix copy/paste error in div id
Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
2020-01-08 23:31:51 +01:00
mathieu.brunot
66ff3426e0
👌 Update LDAP selection flip
Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
2020-01-08 23:23:40 +01:00
mathieu.brunot
b4b5673cf1
Merge branch 'master' of github.com:johnwarburton/PowerDNS-Admin into feat/groupofnames
Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
2020-01-08 23:19:51 +01:00
Steve Shipway
765eab999a Azure OAuth - add Group mappings to Roles 2020-01-03 15:36:38 +13:00
Khanh Ngo
4bdd433079
Fix migration script and LGTM 2019-12-21 22:26:56 +07:00
Khanh Ngo
7739bf7cfc
Add user email verification 2019-12-21 21:43:03 +07:00
Khanh Ngo
5567886aa3
Fix #614. Can not enable dnssec 2019-12-19 21:50:15 +07:00
Khanh Ngo
7205b4a01b
User session improvement
- Add session handler on other blueprint's before request
- Adjustment in using jTimeout to close warning popup on
other tabs when we extend the session
2019-12-18 15:25:20 +07:00
Khanh Ngo
9a1b92fbc2
Add session timeout warning 2019-12-17 23:46:34 +07:00
Khanh Ngo
103bf176ed
Fix dashboard domain sorting 2019-12-17 13:34:52 +07:00
Khanh Ngo
f5b88ebc73
Merge branch 'master' into record_adjustment 2019-12-16 15:54:38 +07:00
Khanh Ngo
4263bccbba
Format the history popup content 2019-12-15 21:42:08 +07:00
Khanh Ngo
14658d797e
Adjustment in domain's record applying 2019-12-14 14:47:21 +07:00
Khanh Ngo
d90a20f8da
Fix #602 domain table with long records 2019-12-13 21:22:58 +07:00
Khanh Ngo
242e31a490
Merge pull request #599 from ngoduykhanh/global_search
Add PDNS global search feature
2019-12-11 16:56:06 +07:00
Khanh Ngo
1d973d1614
Allow update zone kind the domain setting page 2019-12-11 16:02:36 +07:00
Khanh Ngo
798b7abb5b
Show actual result on applyChanges(). Remove generated assets files 2019-12-11 13:45:27 +07:00
Khanh Ngo
c62f9f6936
Formatting 2019-12-11 10:32:02 +07:00
Khanh Ngo
2cc73abbe5 Add PDNS global search feature
Remove POST method in global search route

Edit form action
2019-12-11 10:26:17 +07:00
Khanh Ngo
de69eaf825
Add PDNS global search feature 2019-12-11 09:55:18 +07:00
Khanh Ngo
bca3c45e37
Add record comment 2019-12-09 17:50:48 +07:00
Khanh Ngo
80b6ca19ac Resolve the conflicts and add adjustment to #591 2019-12-06 14:27:35 +07:00
Khanh Ngo
840e2a4750 Update docker stuff and bug fixes 2019-12-04 11:50:46 +07:00
Khanh Ngo
8ea00b9484
Refactoring the code
- Use Flask blueprint
- Split model and views into smaller parts
- Bug fixes
- API adjustment
2019-12-02 10:32:03 +07:00