4ed6fbbd74
eslint: add no-shadow
2026-02-18 08:18:37 +01:00
36aa641cb9
migrate to "export default"
...
also, set no-use-before-define in linter
2026-02-14 15:43:24 +01:00
96dc79cfe6
Migrate codebase from CommonJS to ES Modules
...
- Convert all require()/module.exports to import/export across 260+ files
- Add "type": "module" to package.json to enable ESM by default
- Add migrations/package.json with "type": "commonjs" to keep db-migrate compatible
- Convert eslint.config.js to ESM with sourceType: "module"
- Replace __dirname/__filename with import.meta.dirname/import.meta.filename
- Replace require.main === module with process.argv[1] === import.meta.filename
- Remove 'use strict' directives (implicit in ESM)
- Convert dynamic require() in switch statements to static import lookup maps
(dns.js, domains.js, backupformats.js, backupsites.js, network.js)
- Extract self-referencing exports.CONSTANT patterns into standalone const
declarations (apps.js, services.js, locks.js, users.js, mail.js, etc.)
- Lazify SERVICES object in services.js to avoid circular dependency TDZ issues
- Add clearMailQueue() to mailer.js for ESM-safe queue clearing in tests
- Add _setMockApp() to ldapserver.js for ESM-safe test mocking
- Add _setMockResolve() wrapper to dig.js for ESM-safe DNS mocking in tests
- Convert backupupload.js to use dynamic imports so --check exits before
loading the module graph (which requires BOX_ENV)
- Update check-install to use ESM import for infra_version.js
- Convert scripts/ (hotfix, release, remote_hotfix.js, find-unused-translations)
- All 1315 tests passing
Migration stats (AI-assisted using Cursor with Claude):
- Wall clock time: ~3-4 hours
- Assistant completions: ~80-100
- Estimated token usage: ~1-2M tokens
Co-authored-by: Cursor <cursoragent@cursor.com >
2026-02-14 15:11:45 +01:00
4108047644
Dump ldap group search results on sync to help finding correct configs
2025-11-24 15:46:40 +01:00
ae2f74777b
rename some variables for clarity
2025-11-23 15:35:18 +01:00
28feadd6c5
typo: forgot to amend previous commit
2025-11-04 09:20:12 +01:00
af3ed04b7f
externalldap: only set group members if they changed
2025-11-04 09:12:25 +01:00
43e426ab9f
Revert "Add no-use-before-define linter rule"
...
This reverts commit fdcc5d68a2
2025-10-08 21:17:52 +02:00
9226baa63c
externalldap: remove usage of secret placeholder
2025-10-08 19:42:35 +02:00
12e073e8cf
use node: prefix for requires
...
mostly because code is being autogenerated by all the AI stuff using
this prefix. it's also used in the stack trace.
2025-08-14 12:55:35 +05:30
d9c104613c
tasks: rework the startTask API
...
it is now async. change was required to reset the pending flag
2025-06-17 19:32:46 +02:00
148e3dc65b
boxerror: error must be string or Error
2025-02-27 16:55:12 +01:00
1197693591
test: add root dn response
2025-02-26 14:14:42 +01:00
f78f6634fa
ldap: automatically detect if server supports pagination
2025-02-26 12:18:32 +01:00
3b9d617e37
groups: add events to eventlog
2024-12-04 11:30:30 +01:00
55a880c9ac
Fix typo
...
14a18a42b7
2024-10-30 17:41:57 +01:00
61341b8380
boxerror: always pass second error string
2024-10-30 17:32:12 +01:00
14a18a42b7
Avoid crash in externalldap if search result has no username
2024-10-22 14:49:14 +02:00
2c28eddc2b
Fix linter errors
2024-10-22 14:40:53 +02:00
793ee38f79
external ldap: show proper error message on timeout
2024-01-23 23:27:06 +01:00
4f0bbcc73b
externaldap: 2fa validation for supported sources
...
a request to verify password to externaldap.js logic can come from
* cloudron app (via ldapserver.js)
* dashboard (via oidc.js) or proxy auth (proxyauth.js) or CLI (accesscontrol.js)
the only supported source is the 'cloudron' provider at this point
2024-01-22 21:35:19 +01:00
13b9bed48b
externalldap: when using cloudron source, disable local 2fa setup
2024-01-20 12:44:19 +01:00
8bdcdd7810
groups: members cannot be set for external groups
2024-01-19 23:23:25 +01:00
06ce351d82
externalldap: set group members as a single transaction
2024-01-19 17:24:35 +01:00
ee43dff35f
externalldap: reset group source when disabled
2024-01-13 22:35:23 +01:00
8771158f10
Fix test
2024-01-13 21:29:40 +01:00
46a589f794
Use BAD_STATE consistently for demo mode
2024-01-13 21:15:41 +01:00
257dc4e271
external ldap: run syncer every 4 hours
...
hardcoded for now but we should make this configurable
2024-01-13 15:53:14 +01:00
4136272382
externalldap: add eventlog
2024-01-13 13:22:26 +01:00
40c82b3e48
external directory: reset auth source when disabled
...
this allows existing users to login (including the owner itself)
The alternative is to have some system where we have unique superadmin users across cloudrons which don’t get trampled upon by a sync. This is a bit unrealistic. For the future, we could also design this such that ldap auth is asked for in the initial step i.e at superadmin creation time.
If LDAP connection is lost/down, user can always use 'cloudron-support —owner-login'
2024-01-13 11:51:12 +01:00
5b7667fa4d
external ldap: ensure dashboard login does totp check
2024-01-08 11:55:35 +01:00
053f81a53e
externalldap: add tests
2024-01-07 22:04:22 +01:00
1ca46a064c
ldap: use proper error message instead of dn
...
the dn is already in lde_dn field of the error object.
lde_message is the message
2024-01-03 15:23:22 +01:00
d2c702f890
eventlog: always use AuditSource objects as source field
2023-08-28 08:13:56 +05:30
6aad89ae6e
demo is just a constant, not a setting
2023-08-04 14:13:30 +05:30
bbc6ba1a35
settings: move service setting into services.js
...
this also introduces getJson/setJson
2023-08-03 11:50:00 +05:30
4a34c390f8
settings: move externaldap setting
2023-08-03 02:43:26 +05:30
65769e5701
ldap uses lower-case attributes
2023-07-31 13:12:39 +02:00
057e4db6c1
use debug instead of console.error
2023-04-30 21:49:34 +02:00
c4f4f3e914
logs: use %o to format error
...
otherwise, they are printed as multi-line and this messes up tail+date formatting
2023-04-16 10:49:59 +02:00
53e9eccf72
unify totp check
...
the totp check is done in several places causing errors like 3552232e99
2023-03-12 16:01:12 +01:00
41b03e3fef
Ensure ldap client always has an error handler
2023-01-12 14:39:58 +01:00
88eb809c6e
For ldap users created on first login, make sure we also check 2fa if enabled
2022-08-03 18:20:43 +02:00
a2a60ff426
Add support for LDAP cn=...+totptoken=.. support
2022-08-02 15:27:34 +02:00
0cd48bd239
Ensure LDAP usernames are always treated lowercase
2022-04-23 11:21:14 +02:00
7f89dfd261
add once.js
2022-04-15 19:01:35 -05:00
b54c4bb399
Fixup cn attribute for ldap to be according to spec
2022-02-18 17:43:47 +01:00
63fe75ecd2
Reduce noisy externalldap debug()s
2021-11-26 09:55:59 +01:00
92f0f56fae
do not strictly require fallbackEmail on user creation but provide a fallback
2021-10-28 10:29:02 +02:00
cef5c1e78c
Use normal bind()
2021-10-26 18:47:51 +02:00
Girish Ramakrishnan