7214ce2ede
support: remove ssh manipulation routes
...
this is now moved entirely to cloudron-support --enable-remote-access.
this emphasizes more that users have to get ssh access to the server before
we can do anything about it. it's far too simple for people to click this
button.
we have now also added clear terms to understand what remote access entails.
(what happens if support personnel makes a mistake. who is liable? etc)
2025-07-16 17:53:19 +02:00
4b79881472
system: route to get filesystem
2025-07-16 17:20:28 +02:00
622aecfd6d
users: add unset route for avatar
...
also add missing tests for avatar and profile locking
2025-07-15 10:06:26 +02:00
7adae569f5
Remove last usage of auth/branding route
2025-07-14 11:12:05 +02:00
04de621e37
Fix crash when req.query handling
...
https://expressjs.com/en/5x/api.html#req.query
"As req.query’s shape is based on user-controlled input, all properties and values in this object
are untrusted and should be validated before trusting"
In essence, req.query.xx can be an array OR an array of strings.
2025-07-13 13:21:38 +02:00
e1433cbf2a
Always share the same meta info headers in dashboard views
2025-07-11 15:29:46 +02:00
66d1de0821
Add initial dashboard entrypoint server side rendering routes
2025-07-11 12:28:02 +02:00
bba48f455e
use @connect-lastmile
2025-07-10 11:00:31 +02:00
3bd41013c0
profile: avatar cannot be changed when profile locked
...
admins can now upload user avatars
2025-07-02 13:03:15 +02:00
a357f5a1b8
apps: add live metrics route
2025-07-01 12:23:38 +02:00
713f1239c6
Allow admins to set users avatars
2025-06-30 22:44:59 +02:00
2486aee24d
AppsView: updateInfo is now part of app object
2025-06-26 16:57:55 +02:00
19c9d7d59d
updateInfo: move updateInfo into apps table
...
this has many advantages:
* easy to deliver the updateInfo via the apps object
* after updating, the task can clear it
* when apps are deleted, the info is automatically gone
otherwise, it's a mess of deps between apps/updater/apptask/rest routes
box update info is still in a file
2025-06-26 15:47:15 +02:00
4d94700375
remove dead comment
2025-06-19 16:12:46 +02:00
1ca8eeeb50
split oidc into server and clients
2025-06-11 22:26:23 +02:00
2e4bc5e218
Start using req.resources = { app, volume, ...} pattern
...
Reason was that req.app was clashing with expressjs v5 which
stores the main expressjs app object there
2025-06-10 11:02:43 +02:00
a93c85ebc9
profile: drop gravatar support
...
gravatar is owned by an external entity (Automattic) and we have an
unnecessary dep to this service. users can just upload a profile pic
2025-06-08 18:12:40 +02:00
344782099f
add explicit unset for the image routes
...
the initial motivation was to fix up the profile avatar rule which
had a mix of json or multipart. this style does not work well with
express 5
2025-06-06 18:58:49 +02:00
dffa3b7986
do not mix multipart and json
2025-06-06 17:18:39 +02:00
0f7bc9be52
GET requests should not use json middleware
2025-06-06 17:18:39 +02:00
05fc8ed5db
Fix crash with express 5
...
express.json does not enforce json. this means it will pass it through
but let req.body be undefined. this causes all our asserts to crash
2025-06-06 16:30:43 +02:00
40631a753f
Fix express 5 crashes
2025-06-06 16:23:07 +02:00
c49050ea69
appstore: removed old route and rename to reset_cloudron_id
2025-06-06 13:39:30 +02:00
3ccad9ada9
cloudron-setup: remove --generate-setup-token
...
this code path is hardly ever tested and seems unnecesary
2025-06-06 10:22:06 +02:00
2c2a24c31b
support: remove createTicket
...
there is no form to create tickets anymore since a while
2025-06-06 09:51:07 +02:00
a88d523559
Add button to reset the cloudron id if appstore token is invalid
2025-05-23 15:49:57 +02:00
c0f0084e56
metrics: add stream api for system info
2025-05-21 18:09:02 +02:00
8779de448d
rename /graphs route to /metrics
2025-05-21 16:26:36 +02:00
1bbdabc42f
registry config: create table and migrate existing setting
2025-05-07 15:56:13 +02:00
7e1fbb3017
groups: add appIds field to groups object
2025-02-12 13:07:41 +01:00
edb9bac503
server: close all connections
...
without this the server still holds on to active connections in node 18
2025-02-06 15:00:28 +01:00
fa64191082
assert.strictEqual results in oom, go figure
2025-02-05 19:11:02 +01:00
b8c36b034b
fix comment
2025-01-29 10:01:18 +01:00
17fee93002
apps: hide update indicator for normal users
2024-12-19 12:36:47 +01:00
6004cd17bf
notifications: per user email prefs
2024-12-11 19:12:20 +01:00
0e181cdc82
archive: implement unarchive
...
made a separate route instead of reusing install route. this was
because we want to copy over all the old app config as much as
possible.
2024-12-10 16:49:19 +01:00
2ad93c114e
archive: add appConfig, icon and appStoreIcon
2024-12-09 23:25:31 +01:00
9200e6fc63
add archives api
2024-12-09 22:39:28 +01:00
710bd270d7
apps: add archive action
2024-12-09 18:51:49 +01:00
8493022f75
Allow apps to specify custom devices
2024-12-05 14:21:07 +01:00
2bfa49cc2e
applinks: add tests
2024-12-04 16:17:07 +01:00
fdf8025a02
style: remove -> del
2024-12-03 17:36:50 +01:00
1230e5c9e7
oidc: add load pattern
2024-12-02 08:36:03 +01:00
dc3d23c27b
oidc: flatten the export list
2024-12-02 08:31:35 +01:00
1ecb853309
mail: attachment search
2024-11-30 17:42:26 +01:00
78cb36ea0e
Start using POST /api/v1/apps to install
2024-11-20 16:18:37 +01:00
305d877896
operator: fix resource view
...
app resources view requires the cpu and memory information
2024-09-13 16:47:13 +02:00
a932a5251a
update: all operators to update an app
...
previously, the update info was restricted to admins. this can now be queried
by any authenticated user. update information can be gathered from listing apps and
then checking against appstore anyway.
2024-09-13 16:46:58 +02:00
7ebf5ca16a
Bring back upload route to keep e2e happy
...
let's maybe remove it in next release
2024-07-23 08:28:44 +02:00
185c16c3e2
remove apps upload api in favor of sftp container api
2024-07-22 16:20:15 +02:00
Girish Ramakrishnan