jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
7,272 Commits 33 Branches 583 Tags
7c733ae150dc7d657324b9877b8a5bf218457195
Commit Graph

447 Commits

Author SHA1 Message Date
Girish Ramakrishnan f10b80d90d Make apps test great again 2018-10-29 12:49:41 -07:00
Girish Ramakrishnan 2688a57d46 Move version out of config.js 
We now store this in a file called VERSION inside the tarball
itself.
 2018-10-27 11:13:36 -07:00
Girish Ramakrishnan 7ad069fd94 Make config.setVersion hidden 2018-10-27 10:44:21 -07:00
Girish Ramakrishnan a49969f2be Move apphealthmonitor into a cron job 
This makes sure that it only runs post activation

See also a9c1af50f7
 2018-10-22 20:08:49 -07:00
Girish Ramakrishnan 46a00c839b rename create/deleteVolume to avoid confusion 2018-09-15 15:30:26 -07:00
Girish Ramakrishnan 1d0a52404a Fix tests 2018-09-10 13:45:05 -07:00
Johannes Zellner b23afdd32d Fix tests to match the adjusted purchase logic 2018-09-01 11:53:05 +02:00
Girish Ramakrishnan 43055da614 Add route to let admin set user password 2018-08-31 14:35:01 -07:00
Girish Ramakrishnan 2c3f1ab720 Fix the error messages 2018-08-31 14:06:06 -07:00
Johannes Zellner 7a1723d173 Fix app tests 2018-08-30 00:32:38 +02:00
Johannes Zellner b6643518f6 Adjust apps test to how we check subscriptions 2018-08-29 23:57:59 +02:00
Girish Ramakrishnan e49b57294d Give optional name for tokens 2018-08-27 14:59:52 -07:00
Girish Ramakrishnan 442d4e5c6f Fix failing tests 2018-08-21 18:57:11 -07:00
Girish Ramakrishnan 6a1a697820 Split the invite route into two 2018-08-17 16:27:29 -07:00
Ian Fijolek bf1e19f8e6 Add more detailed checking of DMARC 
Fixes #570
 2018-08-12 13:47:24 -07:00
Girish Ramakrishnan fba70d888b Remove tokenScopes 
decided that the UI won't use this any more and will just the admin flag
 2018-08-03 10:07:23 -07:00
Girish Ramakrishnan 78a2176d1d Make admin simply a boolean instead of group 
This simplifies a lot of logic. Keeping an admin group has no benefit
 2018-07-26 22:29:57 -07:00
Girish Ramakrishnan b4d5def56d Revert role support 2018-07-26 13:23:06 -07:00
Johannes Zellner 8a1de81284 Cleanup sysadmin backup trigger test to only test for backup start event 2018-06-30 14:33:51 +02:00
Girish Ramakrishnan 35c9e99102 Move the update info into separate route (since it is sensitive) 2018-06-28 17:50:27 -07:00
Girish Ramakrishnan cab9bc3a61 Unify the config routes into /api/v1/config 
No more separate config routes for different types of user
 2018-06-28 17:40:57 -07:00
Girish Ramakrishnan 712c920b86 Move caas config to separate route 2018-06-28 17:28:46 -07:00
Girish Ramakrishnan dfa318e898 Add ownerId for apps 
This tracks who installed the app.
 2018-06-28 14:13:12 -07:00
Girish Ramakrishnan f932f8b3d3 Add user management scope 
This splits the user and groups API into those who have just 'read' access
and those who have 'manage' access.
 2018-06-25 16:10:00 -07:00
Girish Ramakrishnan 7880a2f9c3 API returns 403 for incorrect password 2018-06-20 09:27:24 -07:00
Girish Ramakrishnan ff73bc121f Make tokenScope plural 2018-06-18 15:10:02 -07:00
Girish Ramakrishnan 1dbcf2a46a Rename to groups.update 2018-06-18 13:41:27 -07:00
Girish Ramakrishnan 898cbd01b3 tokens table always has canonical scope 2018-06-17 23:11:36 -07:00
Girish Ramakrishnan ad6bc191f9 Make hasScopes take an array 2018-06-17 21:06:17 -07:00
Girish Ramakrishnan f24a099e79 Remove user.admin property 
The UI will now base itself entirely off the scopes of the token
 2018-06-17 16:49:56 -07:00
Girish Ramakrishnan 156ffb40c9 Remove scope from users.get 2018-06-17 16:07:20 -07:00
Girish Ramakrishnan e8d9597345 Fix various error codes 
401 - bad password/wrong password
403 - authenticated but not authorized
409 - conflict
 2018-06-15 23:15:30 -07:00
Girish Ramakrishnan 02d5d2f808 Add API to add and update the group roles 2018-06-15 00:28:27 -07:00
Girish Ramakrishnan a77d45f5de Add rolesJson to groups table 
This will contain the roles ('role definition') of a group of
users. We will internally map these to our API scopes.
 2018-06-14 22:54:52 -07:00
Girish Ramakrishnan 55e5c319fe Fix failing log test 2018-06-14 13:43:44 -07:00
Girish Ramakrishnan 32e6b9024c Add email query param to reset code path 
This reduces any attack surface
 2018-06-12 17:56:41 -07:00
Girish Ramakrishnan 4369b3046e Make options non-optional 2018-06-11 15:14:59 -07:00
Girish Ramakrishnan 6534297a5d Remove hat module 
It's not been updated for 6 years!
 2018-06-11 12:38:29 -07:00
Girish Ramakrishnan a1020ec6b8 remove /user from profile route 2018-05-13 21:53:06 -07:00
Girish Ramakrishnan a545bdd574 merge developer.js into clients.js 2018-05-01 14:02:59 -07:00
Girish Ramakrishnan f76a5a7ba7 Move the clients API out of oauth prefix 2018-05-01 11:30:51 -07:00
Girish Ramakrishnan 240ee5f563 Ensure we hand out max user.scope 
The token.scope was valid at token creation time. The user's scope
could since have changed (maybe we got kicked out of a group).
 2018-04-30 22:51:57 -07:00
Girish Ramakrishnan 61d803f528 Use SCOPE_ANY everywhere 2018-04-30 21:44:24 -07:00
Girish Ramakrishnan e7c8791356 lint 2018-04-30 21:41:09 -07:00
Girish Ramakrishnan bc4f9cf596 Remove redundant requireAdmin 
We already hand out scopes based on the user's access control
 2018-04-30 21:38:48 -07:00
Girish Ramakrishnan c84f984205 No need to create a token on password reset 2018-04-30 15:15:05 -07:00
Girish Ramakrishnan f809e359c9 refactor the global variables as functions 2018-04-29 20:17:45 -07:00
Girish Ramakrishnan 922ab3bde1 lint 2018-04-29 17:50:12 -07:00
Girish Ramakrishnan 3b7bcc1f61 refactor scopes into accesscontrol.js 
this will be our authorization layer for oauth and non-oauth tokens.
 2018-04-29 17:50:07 -07:00
Girish Ramakrishnan 6e3b060615 Use SCOPE_PROFILE constant 2018-04-29 17:12:30 -07:00