jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
9,910 Commits 33 Branches 583 Tags
a5c4b5d8a135bfc46af0b6e99e6b254299dcbc17
Commit Graph

6530 Commits

Author SHA1 Message Date
Girish Ramakrishnan 93a2cab355 Ignore internal mailbox conflict errors 2018-06-26 17:44:14 -07:00
Girish Ramakrishnan 6907475f7a Add app management scope 
This splits the apps API into those who have just 'read' access
and those who have 'manage' access.
 2018-06-26 08:56:30 -07:00
Girish Ramakrishnan 9bf93b026b rename to removeInternalFields 2018-06-25 16:40:16 -07:00
Girish Ramakrishnan f932f8b3d3 Add user management scope 
This splits the user and groups API into those who have just 'read' access
and those who have 'manage' access.
 2018-06-25 16:10:00 -07:00
Girish Ramakrishnan 7ab5d5e50d Add domain management scope 
This splits the domains API into those who have just 'read' access
(i.e without configuration details) and those who have 'manage' access.
 2018-06-25 15:12:22 -07:00
Girish Ramakrishnan 80e9214f5b Reduce password length for sendmail/recvmail 
Fixes #565
 2018-06-22 16:37:34 -07:00
Girish Ramakrishnan 5ca64dd642 Normalize host path to prevent access to arbitrary paths 2018-06-22 08:29:08 -07:00
Girish Ramakrishnan 24d9d3063b Allow specifying bindMounts array to localstorage addon 2018-06-21 22:04:06 -07:00
Girish Ramakrishnan 74b1df17c0 Fix groups test and route to make name optional 2018-06-20 09:31:50 -07:00
Girish Ramakrishnan 7880a2f9c3 API returns 403 for incorrect password 2018-06-20 09:27:24 -07:00
Girish Ramakrishnan 8a84872704 Wrong password logs out the user 2018-06-18 18:52:35 -07:00
Girish Ramakrishnan 5d13cc363f Allow group name to be changed 2018-06-18 18:30:40 -07:00
Girish Ramakrishnan 60ed290179 validate role names against existing roles 2018-06-18 17:32:07 -07:00
Girish Ramakrishnan ff73bc121f Make tokenScope plural 2018-06-18 15:10:02 -07:00
Girish Ramakrishnan 6cd0601629 Map group roles to scopes 2018-06-18 14:52:39 -07:00
Girish Ramakrishnan b5c8e7a52a Rename to getGroups 2018-06-18 14:10:29 -07:00
Girish Ramakrishnan 7f3114e67d Rename to get/setMembership (to indicate IDs and not group objects 2018-06-18 13:57:17 -07:00
Girish Ramakrishnan 1dbcf2a46a Rename to groups.update 2018-06-18 13:41:27 -07:00
Girish Ramakrishnan 898cbd01b3 tokens table always has canonical scope 2018-06-17 23:11:36 -07:00
Girish Ramakrishnan b6b7d08af3 Rename to accesscontrol.canonicalScopeString 2018-06-17 22:43:42 -07:00
Girish Ramakrishnan 6a2dacb08a Make intersectScopes take an array 2018-06-17 22:39:33 -07:00
Girish Ramakrishnan 1015b0ad9c validateScope -> validateScopeString 2018-06-17 22:29:17 -07:00
Girish Ramakrishnan 106e17f7ff caas: verify dns config 
this is so that it fails if someone gives invalid token via API call
 2018-06-17 22:22:05 -07:00
Girish Ramakrishnan 6ca28d9a58 validate dns config parameters 2018-06-17 22:21:51 -07:00
Girish Ramakrishnan ad6bc191f9 Make hasScopes take an array 2018-06-17 21:06:17 -07:00
Girish Ramakrishnan 682f7a710c Add an appstore scope for subscription settings 2018-06-17 18:09:13 -07:00
Girish Ramakrishnan f24a099e79 Remove user.admin property 
The UI will now base itself entirely off the scopes of the token
 2018-06-17 16:49:56 -07:00
Girish Ramakrishnan 156ffb40c9 Remove scope from users.get 2018-06-17 16:07:20 -07:00
Girish Ramakrishnan db8b6838bb Move skip password verification logic to accesscontrol.js 2018-06-17 15:20:27 -07:00
Girish Ramakrishnan c3631350cf We can skip user.scope here since we will intersect at access time anyway 2018-06-17 15:11:10 -07:00
Girish Ramakrishnan 669a1498aa Do not dump token in logs 2018-06-17 15:01:42 -07:00
Girish Ramakrishnan 12e55d1fab Use _.flatten instead 2018-06-16 13:03:52 -07:00
Girish Ramakrishnan ca9cd2cf0f Add groups.getRoles 2018-06-16 00:29:56 -07:00
Girish Ramakrishnan e8d9597345 Fix various error codes 
401 - bad password/wrong password
403 - authenticated but not authorized
409 - conflict
 2018-06-15 23:15:30 -07:00
Girish Ramakrishnan 24b0a96f07 Move passport logic to routes 2018-06-15 17:32:40 -07:00
Girish Ramakrishnan 858ffcec72 Add note 2018-06-15 17:04:18 -07:00
Girish Ramakrishnan 05a8911cca condense the comments 2018-06-15 16:56:35 -07:00
Girish Ramakrishnan 89b41b11a4 Remove bogus accesscontrol logic 2018-06-15 16:26:14 -07:00
Girish Ramakrishnan 491d1c1273 getByResetToken already has the user object 2018-06-15 16:22:28 -07:00
Girish Ramakrishnan 0a0884bf93 lint 2018-06-15 16:10:06 -07:00
Girish Ramakrishnan a1ac7f2ef9 Remove support for authenticating non-oauth2 clients via BasicStrategy 
This is not used anywhere
 2018-06-15 15:38:58 -07:00
Girish Ramakrishnan 6aef9213aa Add notes on the various strategies 2018-06-15 15:38:53 -07:00
Girish Ramakrishnan 2e92172794 Do not dump the entire token 2018-06-15 14:56:52 -07:00
Girish Ramakrishnan c210359046 Create the backup logs dir 2018-06-15 14:56:32 -07:00
Girish Ramakrishnan 042ea081a0 Typo 2018-06-15 14:35:52 -07:00
Girish Ramakrishnan 1c32224a8a Move backup logs to make the REST API work 2018-06-15 09:47:34 -07:00
Johannes Zellner b3fa5afe3a First show apptask logs, then app logs 2018-06-15 14:58:07 +02:00
Johannes Zellner 843fec9dcb Fix wrong hasSubscription logic for digest email 2018-06-15 13:44:33 +02:00
Girish Ramakrishnan 02d5d2f808 Add API to add and update the group roles 2018-06-15 00:28:27 -07:00
Girish Ramakrishnan a77d45f5de Add rolesJson to groups table 
This will contain the roles ('role definition') of a group of
users. We will internally map these to our API scopes.
 2018-06-14 22:54:52 -07:00