jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
16,964 Commits 33 Branches 583 Tags
e6079ee275b5cb29984e793d5dde3d4e46022d31
Commit Graph

16964 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Girish Ramakrishnan
a1217e52c8 group: cannot set name of ldap group 2024-01-19 22:28:48 +01:00
Girish Ramakrishnan
a8d37b917a groups: remove unused addMember 2024-01-19 17:25:36 +01:00
Girish Ramakrishnan
06ce351d82 externalldap: set group members as a single transaction 2024-01-19 17:24:35 +01:00
Girish Ramakrishnan
f43a601e86 profile: email change now requires password 2024-01-18 18:11:42 +01:00
Johannes Zellner
0dfadc5922 remove extra quotes on digitalocean DNS TXT records 2024-01-17 18:35:48 +01:00
Johannes Zellner
c8cd67258a dashboard: show mailbox login in eventlog correctly 2024-01-17 16:17:22 +01:00
Johannes Zellner
7499aa9201 Do not fail is we don't have a servicesConfig yet 2024-01-17 13:13:48 +01:00
Johannes Zellner
0f4ea17f29 dashboard: ensure we show postinstall also from app config screen 2024-01-16 13:54:42 +01:00
Johannes Zellner
b7631689b0 Add useVectorRsExtension for postgresql service 2024-01-16 12:53:43 +01:00
Girish Ramakrishnan
afe670b49c cloudflare: use response.text since json may not be valid 2024-01-16 12:34:18 +01:00
Girish Ramakrishnan
ee43dff35f externalldap: reset group source when disabled 2024-01-13 22:35:23 +01:00
Girish Ramakrishnan
1faf83afe4 groups: external groups cannot be updated 2024-01-13 22:33:46 +01:00
Girish Ramakrishnan
ce0b66db7d login: show error on password reset 2024-01-13 21:56:18 +01:00
Girish Ramakrishnan
01d33c45bd profile: hide password reset for external users 2024-01-13 21:45:03 +01:00
Girish Ramakrishnan
63766dd10f do not send email reset for external users 2024-01-13 21:37:02 +01:00
Girish Ramakrishnan
8771158f10 Fix test 2024-01-13 21:29:40 +01:00
Girish Ramakrishnan
46a589f794 Use BAD_STATE consistently for demo mode 2024-01-13 21:15:41 +01:00
Girish Ramakrishnan
a007a8e40c externalldap: sync log history 2024-01-13 16:50:10 +01:00
Girish Ramakrishnan
6e42cf4ec5 externalldap: available on all plans 
looks like an oversight that this needs a subscription
 2024-01-13 16:49:35 +01:00
Girish Ramakrishnan
257dc4e271 external ldap: run syncer every 4 hours 
hardcoded for now but we should make this configurable
 2024-01-13 15:53:14 +01:00
Girish Ramakrishnan
4136272382 externalldap: add eventlog 2024-01-13 13:22:26 +01:00
Girish Ramakrishnan
4f9e43859c directoryserver: comments can be provided in allowlist 2024-01-13 12:54:10 +01:00
Girish Ramakrishnan
b57ad9b8c1 directoryserver: allowlist always needs a single IP/range 2024-01-13 12:30:43 +01:00
Girish Ramakrishnan
b8c297b178 ldap allow list is not a json 2024-01-13 12:29:00 +01:00
Girish Ramakrishnan
a389b863f9 directory server: add eventlog entry 2024-01-13 12:24:28 +01:00
Girish Ramakrishnan
40c82b3e48 external directory: reset auth source when disabled 
this allows existing users to login (including the owner itself)

The alternative is to have some system where we have unique superadmin users across cloudrons which don’t get trampled upon by a sync. This is a bit unrealistic. For the future, we could also design this such that ldap auth is asked for in the initial step i.e at superadmin creation time.

If LDAP connection is lost/down, user can always use 'cloudron-support —owner-login'
 2024-01-13 11:51:12 +01:00
Girish Ramakrishnan
2ca94f3159 user: remove make local feature 
we discussed a bit on what this does and it's confusing as it stands:

* Use case of this is lost in the realms of time
* Possible guess by is that it was to move users of different Cloudron to a central cloudron
* Currently, the design is a bit flawed because the make user local button doesn’t pin the user. The state is lost in next synchronization.
* Maybe, one should use export/import user for this use case
* Let’s disable this button for now, feature is not complete.
 2024-01-13 11:02:25 +01:00
Girish Ramakrishnan
33a97d0e50 cloudflare: validate response fields 2024-01-12 14:52:24 +01:00
Girish Ramakrishnan
cef0b6d0d8 test: bump retries 2024-01-11 16:31:12 +01:00
Girish Ramakrishnan
7a5e990ad4 email: rewrite loading of email status using async 
we start a bunch of requests in the background for each domain. when
we switch views immediately, to say the eventlog, these requests are
still active in the background.

canceling the requests will require a much bigger refactor.

https://forum.cloudron.io/topic/10434/email-event-log-loading-very-slowly-seems-tied-to-overall-email-domain-list-health-checks
 2024-01-09 17:34:54 +01:00
Girish Ramakrishnan
ca31dc8d78 namecheap: fix TLD 
continuation of 6cdb448f62
 2024-01-09 09:44:24 +01:00
Girish Ramakrishnan
5b7667fa4d external ldap: ensure dashboard login does totp check 2024-01-08 11:55:35 +01:00
Girish Ramakrishnan
6cdb448f62 namecheap: pass the TLD correctly 
this is safe because namecheap does not allow external domains to be hosted.
otherwise, we would have to use tldjs
 2024-01-08 11:54:37 +01:00
Girish Ramakrishnan
053f81a53e externalldap: add tests 2024-01-07 22:04:22 +01:00
Girish Ramakrishnan
c842d02d6f namecheap: slow down requests for rate limit 
https://www.namecheap.com/support/knowledgebase/article.aspx/9739/63/api-faq/#z
 2024-01-07 22:01:42 +01:00
Girish Ramakrishnan
4ddcd547ba directoryserver: leave it to client to decide totp check 
initially, the idea was to make the server enforce it. this is more secure. however,
we have 3 kinds of clients - an external cloudron dashboard which needs totp,
an external cloudron app, which doesn't have totp and external apps that don't have totp either.

given that the directory server is IP restricted, this is a reasonable compromise until
we move wholesale to oidc.

a directoryserver setting like "enforce totp" also does not work since this policy will be
applied to all clients.
 2024-01-07 20:38:36 +01:00
Girish Ramakrishnan
7bb68ea6b5 rename ldap.js to ldapserver.js 
this makes it clearer it is server module and not some generic ldap thing
 2024-01-06 13:31:32 +01:00
Girish Ramakrishnan
e13f427267 directoryserver: 2fa validation tests 2024-01-06 13:25:12 +01:00
Girish Ramakrishnan
c422e2d570 users: add tests for 2fa and relaxed 2fa 2024-01-06 13:15:55 +01:00
Girish Ramakrishnan
b3f91c4868 make branding and email config available to admin 2024-01-04 21:46:46 +01:00
Johannes Zellner
19dd56c160 filemanager: Skip rename if name didn't change 2024-01-04 16:00:28 +01:00
Johannes Zellner
c577d3d91f filemanager: ask user for confirmation on rename conflict 2024-01-04 15:47:26 +01:00
Johannes Zellner
4f57bed03a Update translation 2024-01-04 15:46:59 +01:00
Johannes Zellner
29663a1229 Update sftp addon 2024-01-04 11:59:56 +01:00
Johannes Zellner
d9d4798f69 frontend: update dependencies 2024-01-04 11:59:48 +01:00
Girish Ramakrishnan
32d3c0b920 cloudron-support: suppress mysql message 2024-01-03 22:01:53 +01:00
Girish Ramakrishnan
2224ccab7c fix doc links 2024-01-03 21:25:37 +01:00
Johannes Zellner
8d3d3ba875 dashboard: fix crash on uninstalled app 2024-01-03 18:49:49 +01:00
Johannes Zellner
4ad2b2829b dashboard: remove console.log 2024-01-03 18:48:49 +01:00
Girish Ramakrishnan
1ca46a064c ldap: use proper error message instead of dn 
the dn is already in lde_dn field of the error object.
lde_message is the message
 2024-01-03 15:23:22 +01:00