Commit graph

374 commits

Author SHA1 Message Date
Stepan Fedotov
1cd08e2f8d
Fix XSS in server owner selection (#2441)
Co-authored-by: Stepan Fedotov <stepan@crident.com>
Co-authored-by: Sergej <me@sergiz.com>
2020-10-03 09:55:35 -07:00
Dane Everitt
dcf5cb3cd3
Update changelog 2020-07-26 11:58:27 -07:00
Dane Everitt
468d426ebd
Limit to 5 API keys at a time.
Ref advisory #GHSA-pjmh-7xfm-r4x9
2020-03-15 17:05:53 -07:00
Dane Everitt
41cbdb8d59
Dont require an IP address for hostnames; closes #1728 2020-03-15 16:29:05 -07:00
Dane Everitt
05d859c985
Ensure password used when creating a database is valid; closes #1852 2020-03-15 16:25:29 -07:00
Dane Everitt
66ead2f682
Update subuser API output to work correctly 2019-12-28 11:39:44 -08:00
Dane Everitt
34bf452bef
Update CHANGELOG.md 2019-12-28 11:23:07 -08:00
TrixterTheTux
ab09c7db28 Fix couple of issues with /api/application/servers 2019-08-31 11:29:44 +03:00
TrixterTheTux
20c594ae3b Include the egg name in egg model's response from the application API 2019-08-24 15:47:11 +03:00
Dane Everitt
d430acf768
LOCK TABLES not LOCK 2019-08-03 14:57:01 -07:00
Dane Everitt
e200277655
Add LOCK permission 2019-08-03 14:52:35 -07:00
Dane Everitt
eb81e1ed20
Support special characters in database password, closes #1508 2019-08-03 14:42:32 -07:00
Dane Everitt
e7e41d8ee8
Fix bulk power when spanning multiple nodes, closes #1526 2019-08-03 14:04:31 -07:00
Dane Everitt
81409947cf
Default to OOM killer being disabled, add back configuration option per-server 2019-08-03 13:41:24 -07:00
Dane Everitt
2198269a65
Fix allocations requiring an alias when generated via API. 2019-08-03 13:03:54 -07:00
Dane Everitt
58796e7441
Fix Server model to use correct relationship when returning subusers, closes #1589 2019-08-03 12:56:32 -07:00
Dane Everitt
fe9d86b66b
Add support for filtering servers in client list-all endpoint
closes #1608
2019-08-03 12:44:15 -07:00
Dane Everitt
47c12929c4
Fix two-factor token creation for iOS devices, closes #1624 2019-08-03 12:37:02 -07:00
Dane Everitt
02ac308042
Fix database host modification not properly showing SQL errors
This is caused by an old bug relating to not rolling back transactions properly causing session data to not be flashed back to the user properly.
2019-08-03 12:33:28 -07:00
Dane Everitt
2cda14bffb
Update CHANGELOG.md 2019-08-03 12:05:27 -07:00
Dane Everitt
a5be993796
Update CHANGELOG.md 2019-06-21 21:56:30 -07:00
Dane Everitt
06ff76e2e9
Fix security vulnerability in file manager allowing XSS attack 2019-06-21 21:04:42 -07:00
Dane Everitt
f15449f17b
Fix servers not being marked as install failed 2019-03-03 13:44:28 -08:00
Dane Everitt
cf31d4276c
Fix a bug causing DataIntegrityExceptions to not be caught correctly and cause a second exception... whoops. 2019-03-03 13:42:32 -08:00
Dane Everitt
114afb8646
Fix error transaction handling when creating a server.
There is a bug in the design of the application that affects users who encounter an exception under certain code pathways who are using the database to maintain their sessions.

What is happening is that a transaction is started, and I made the mistake of just assuming it would auto-rollback once the exception was caught by the handler. This is technically true, since once the request terminates the transaction is discarded by the SQL server. However, this also means that the session data set on that request would not be persisted as it runs in a middleware termination function, after the transaction is started.

Theoretically this would also affect any other terminable middleware as well, but the session is the only one I can think of right now

Co-Authored-By: Oreo Oreoniv <zkoz210@users.noreply.github.com>
Co-Authored-By: Stepan Fedotov <trixterthetux@users.noreply.github.com>
2019-03-02 18:28:28 -08:00
Dane Everitt
d9593b23ab
Paginate server results when viewing a node, closes #1404 2019-03-02 15:58:56 -08:00
Dane Everitt
50eb2a10ad
Fixes redis password saving, closes #1428 2019-03-02 15:38:46 -08:00
Dane Everitt
8253246955
Prevent an exception when creating databases with the same name on multiple hosts.
closes #1456
2019-03-02 15:31:25 -08:00
Dane Everitt
91c9cbba6f
[#1500] Correctly require disk_overallocate 2019-03-02 14:48:05 -08:00
Dane Everitt
50c5ab92aa
[#1500] Add support for limits array or base level values 2019-03-02 14:44:59 -08:00
Michael (Parker) Parker
62e68ec66f Fix for Locations PATCH endpoint (#1499) 2019-03-02 13:27:36 -08:00
stashenko
7b4e69b5d2 Add russian translation (#1460) 2019-02-02 14:07:58 -08:00
Dane Everitt
f448927df6
Update CHANGELOG.md 2019-02-02 14:05:32 -08:00
Dane Everitt
7c0dce5900
Update CHANGELOG.md 2019-02-02 13:36:39 -08:00
Dane Everitt
c33e9fc4f5
Merge branch 'develop' into feature/zhimprove 2019-02-02 13:36:22 -08:00
F0rb1d
c1bc895248 Modified CHANGELOG. 2019-02-03 00:13:59 +08:00
Sir3lit
3ae2ecde83
Update CHANGELOG.md
Added Pull - 1411 (Fixed checking of language changes)
Added Pull - 1419 (Fixed Spigot egg not building versions other than `latest`.)
Added Pull - 1449 (Fixed the Forge egg install script.)
2019-01-26 00:38:03 -05:00
Dane Everitt
1a8592b3b3
Add support for python files, closes #1395 2018-12-02 13:52:47 -08:00
Dane Everitt
3dd2e50e4b
Update CHANGELOG.md 2018-12-02 13:42:38 -08:00
Dane Everitt
c543b3caa9
Update CHANGELOG.md 2018-12-02 13:00:09 -08:00
Dane Everitt
8dd31f895e
Fix test, update changelog 2018-11-10 15:30:11 -08:00
Dane Everitt
b5c13f14e6
Update CHANGELOG.md 2018-11-10 15:08:11 -08:00
Dane Everitt
a9fa60a6fb
Respect pagination settings on frontend
closes #1335
2018-11-10 12:38:35 -08:00
Dane Everitt
8af50e1d1a
Update changelog 2018-11-10 12:21:15 -08:00
Dane Everitt
9706a8dc34
Update changelog 2018-09-03 15:14:59 -07:00
Dane Everitt
3bb9bf04e5
Pass the updated model through for updating node config, rather than old model, ref #1237 2018-09-03 14:54:50 -07:00
Dane Everitt
7ed9c7cb93
Correctly store changes to upload size limit, closes #1237 2018-09-03 14:53:58 -07:00
Dane Everitt
e404918bff
Dont limit length of variable values, closes #1264 2018-09-03 14:43:05 -07:00
Dane Everitt
5bd3f59455
Fix schedules running twice, closes #1288 2018-09-03 14:32:33 -07:00
Dane Everitt
d9948f2876
Update changelog 2018-07-04 11:42:57 -07:00