jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
10,516 Commits 33 Branches 583 Tags
b0bdfbd8703e157b50a5061d61fa96e554db4e3d
Commit Graph

10516 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Girish Ramakrishnan
06e5f9baa1 operators: make the terminal work 2021-09-21 18:27:54 -07:00
Girish Ramakrishnan
6c9b8c8fa8 apps: fix various operators issues 
part of #791
 2021-09-21 18:20:03 -07:00
Girish Ramakrishnan
fabd0323e1 Add missing await 2021-09-21 17:47:42 -07:00
Girish Ramakrishnan
bb2ad0e986 Implement operator role for apps 
There are two main use cases:
* A consultant/contractor/external developer is given access to just an app.
* A "service" personnel (say upstream app author) is to be given access to single app
for debugging.

Since, this is an "app admin", they are also given access to apps to be consistent with
the idea that Cloudron admin has access to all apps.

part of #791
 2021-09-21 12:30:02 -07:00
Girish Ramakrishnan
f44fa2cf47 apps: hasAccessTo -> canAccess 2021-09-21 10:13:06 -07:00
Johannes Zellner
737412653f Fix renamed function call 2021-09-21 18:58:18 +02:00
Girish Ramakrishnan
0cfc3e03bb Use concrete resource name instead of generic "resource" 2021-09-20 22:42:34 -07:00
Girish Ramakrishnan
d1e8fded65 mail: expose 465 for mail submission 
Port 465 is implicit TLS. rfc8314 is now pushing this as a standard
and some mail clients like outlook have already taken this to heart.

Note that this port is sometimes confused with SMTPS. Unlike SMTPS,
this is being used for "submissions" (by a client) as opposed to
server transfer protocol.

This is more secure than port 587+STARTTLS. We reject credentials
on insecure connections but it's too late.

See also:

https://www.fastmail.help/hc/en-us/articles/360058753834
https://www.agwa.name/blog/post/starttls_considered_harmful
https://linuxguideandhints.com/misc/port465.html
 2021-09-20 15:42:16 -07:00
Girish Ramakrishnan
2a667cb985 attach debug object for background safe() 2021-09-20 10:36:49 -07:00
Girish Ramakrishnan
a36c51483c no need to re-throw 2021-09-20 10:36:46 -07:00
Girish Ramakrishnan
e2fc785e80 rename getServiceIds to listServices 2021-09-20 09:15:49 -07:00
Johannes Zellner
5a1a439224 Adjust comment about getAll 2021-09-20 18:04:01 +02:00
Johannes Zellner
212d025579 Do not send new login notification if we have ghost user login 2021-09-20 17:56:37 +02:00
Johannes Zellner
7c70b9050d Fixup ghost tests 2021-09-20 14:59:26 +02:00
Johannes Zellner
ca2cc0b86c Make cloudron-support --owner-login use the settings table 2021-09-20 13:20:41 +02:00
Johannes Zellner
c6c62de68a Move ghosts into settings table 2021-09-20 13:05:42 +02:00
Girish Ramakrishnan
f66af19458 page number starts from 1 2021-09-19 18:36:08 -07:00
Girish Ramakrishnan
50c68cd499 notifications: better oom message for redis 
fixes #795
 2021-09-19 17:34:41 -07:00
Girish Ramakrishnan
05b4f96854 eslint: bump ecmaVersion 
we can now use the optional chaining operator ?. that is available
in node 14
 2021-09-19 17:32:01 -07:00
Girish Ramakrishnan
8c66ec5d18 tokens: ID_CLI is never used 2021-09-17 15:21:56 -07:00
Girish Ramakrishnan
66a907ef48 Logout users without 2FA when mandatory 2fa is enabled 
Fixes #803
 2021-09-17 14:52:24 -07:00
Girish Ramakrishnan
e8aaad976b backups: make test config funcs return error 2021-09-17 10:14:26 -07:00
Girish Ramakrishnan
2554c47632 add missing apps.delPortBinding 
this got lost in async/db translation
 2021-09-17 09:52:21 -07:00
Girish Ramakrishnan
c5794b5ecd get rid of all the NOOP_CALLBACKs 2021-09-17 09:40:26 -07:00
Johannes Zellner
b3fe2a4b84 Set correct default ghost expiration 2021-09-17 16:08:03 +02:00
Johannes Zellner
2ea5786fcc Fix setGhost api usage 2021-09-17 15:52:52 +02:00
Johannes Zellner
f75b0ebff9 Add set ghost route 2021-09-17 12:52:41 +02:00
Johannes Zellner
8fde4e959c Support ghost password expiration in ghost file 2021-09-17 11:48:56 +02:00
Girish Ramakrishnan
ac59a7dcc2 disable col stats in test mode (mysql 5.7) or non-ubuntu 20 2021-09-16 17:25:09 -07:00
Girish Ramakrishnan
9a2ed4f2c8 apptask: asyncify 2021-09-16 17:25:05 -07:00
Girish Ramakrishnan
b5539120f1 tests: cache dhparams in /tmp 2021-09-16 16:39:13 -07:00
Johannes Zellner
7277727307 Fixup some of app route tests 2021-09-16 17:20:19 +02:00
Johannes Zellner
f13e641af4 Also generate dhparams in test to let the platform finish startup 2021-09-16 17:19:59 +02:00
Johannes Zellner
da23bae09e return error if purchase fails 2021-09-16 17:19:38 +02:00
Johannes Zellner
9da18d3acb Fixup user tests 2021-09-16 15:38:06 +02:00
Johannes Zellner
d92f4c2d2b Ensure a whole test run succeeds for me on archlinux 2021-09-16 15:20:26 +02:00
Johannes Zellner
6785253377 Invitation is now also just a single route like password reset 2021-09-16 15:03:48 +02:00
Johannes Zellner
074ce574dd Return password reset link on reset request route 2021-09-16 14:34:56 +02:00
Johannes Zellner
ecd35bd08d Fixup 2fa reset route 2021-09-16 13:18:22 +02:00
Johannes Zellner
df864a8b6e Add missing safe() call 2021-09-16 08:40:01 +02:00
Girish Ramakrishnan
48eab7935c sftp: add missing safe() 2021-09-15 15:31:20 -07:00
Johannes Zellner
4080d111c1 We now map ldap users instead of ignoring them if usernames match 2021-09-15 11:44:39 +02:00
Girish Ramakrishnan
a78178ec47 redact password immediately after verify 2021-09-14 10:36:14 -07:00
Girish Ramakrishnan
d947be8683 Add to changes 2021-09-14 09:16:20 -07:00
Johannes Zellner
48056d7451 If we detect a local user with the same username as found on LDAP/AD we map it 2021-09-13 21:17:41 +02:00
Girish Ramakrishnan
2f0297d97e Use the debug argument 2021-09-13 11:29:55 -07:00
Girish Ramakrishnan
cdf6988156 Update node to 14.17.6 2021-09-10 14:34:11 -07:00
Girish Ramakrishnan
ae13fe60a7 make startBackupTask async 2021-09-10 12:10:10 -07:00
Girish Ramakrishnan
242fad137c update safetydance 2021-09-10 11:51:44 -07:00
Girish Ramakrishnan
bb7eb6d50e database: remove callback support 2021-09-10 11:40:01 -07:00