Commit graph

833 commits

Author SHA1 Message Date
Dane Everitt
15b436d26e
Add endpoints required to store the results of a backup 2020-04-04 16:07:09 -07:00
Matthew Penner
fd4de9168a
Merge branch 'develop' into feature/server-transfers-actually 2020-04-04 16:28:02 -06:00
Matthew Penner
5c7c1f60cf Fix StyleCI issues #2 2020-04-04 16:25:41 -06:00
Matthew Penner
142bf16aae Fix StyleCI issues 2020-04-04 16:24:58 -06:00
Matthew Penner
454ce6ce45 Add successful column to server_transfers table, get server transfers working properly :) 2020-04-04 16:16:18 -06:00
Matthew Penner
6ba6c34252 Add ServerTransfer relation in Models/Server.php, notify the new daemon about the incoming server transfer 2020-04-04 14:10:18 -06:00
Dane Everitt
d27f0c6f2a
Basic backend support to at least store a backup model in the DB 2020-04-04 12:26:39 -07:00
Dane Everitt
9991989f89
Very basic implemention of frontend logic required to display backups and create a new one 2020-04-04 10:59:25 -07:00
Matthew Penner
5007ce0b1c Get to the point where we can start notifying the other daemon, remove TransferJob.php, add DaemonTransferRepository.php 2020-04-04 00:50:12 -06:00
Matthew Penner
a2eab3ca43 Add ui elements for handling server transfers, add TransferJob.php and TransferService.php 2020-04-03 21:45:37 -06:00
Dane Everitt
85e3945cd7
Add support for client-side server reinstallation 2020-04-03 14:43:24 -07:00
AreYouScared
2561e3e8d5 Add CPU Thread assignments
Added CPU Thread assignments for each server
2020-03-29 14:41:55 -04:00
Dane Everitt
cb945b1f13
Fix permissions handling; do not allow a subuser to assign permissions they do not have 2020-03-27 16:57:49 -07:00
Dane Everitt
39f79a8f3c
Finish cleaning up subuser view 2020-03-27 16:42:27 -07:00
Dane Everitt
1270e51248
Add support for deleting a subuser from a server 2020-03-27 15:32:33 -07:00
Dane Everitt
a6f46d36ba
Implement basic code for creating/updating a subuser 2020-03-27 14:23:13 -07:00
Dane Everitt
51c5cf4dbb
Get basic modal view for editing/creating a new subuser working 2020-03-25 21:58:37 -07:00
Dane Everitt
8d52e2e1a7
Finalize API key management for accounts 2020-03-22 19:10:49 -07:00
Dane Everitt
933a4733e8
Add base support for creating a new API key for an account 2020-03-22 18:15:38 -07:00
Dane Everitt
32f25170f1
Pass at removing extraneous permissions table and using native MySQL JSON 2020-03-22 16:56:00 -07:00
Dane Everitt
23d594f655
Update all of the permissions checking to be constant based 2020-03-22 15:31:25 -07:00
Dane Everitt
605c154812
Remove unused controllers 2020-03-22 15:15:42 -07:00
Dane Everitt
1e0d630e1f
Finish building out schedule management functionality 2020-03-22 13:56:15 -07:00
Dane Everitt
ef38a51d6d
Add base support for editing an existing task 2020-03-18 22:28:32 -07:00
Dane Everitt
78ed343a34
Support deleting a task from a schedule 2020-03-18 21:08:32 -07:00
Dane Everitt
5345a2a3e1
Add initial task listing for schedules 2020-03-17 23:33:53 -07:00
Dane Everitt
32e9fb0346
Add basic listing of server schedules 2020-02-08 15:23:08 -08:00
Dane Everitt
11c430cf69
Correctly mark server as installed 2020-01-19 14:08:28 -08:00
Dane Everitt
dbc7c597d0
Route and handle install state updates 2020-01-19 13:50:38 -08:00
Dane Everitt
3b11ba9fca
Basic support for installation process 2020-01-18 15:26:15 -08:00
Dane Everitt
158958d82d
Password change needs to require user login to reset some cookies
closes #1793
2019-12-28 12:07:42 -08:00
Dane Everitt
5f13531c69
Fix up subuser API response for clients 2019-12-28 12:03:19 -08:00
Dane Everitt
51defae917
Merge branch 'master' into develop 2019-12-28 11:49:08 -08:00
Oreo Oreoniv
741ae27f18 Fixed TooManyLoginAttempts not work correctly (#1668) 2019-12-28 11:10:39 -08:00
Dane Everitt
9a0ed6b291
Add ability to disable two factor authentication 2019-12-22 20:41:25 -08:00
Dane Everitt
eb39826f46
Add base logic to configure two factor on account 2019-12-22 17:03:44 -08:00
Dane Everitt
34ffcdae7a
Remove unnecessary API calls to daemon 2019-12-22 13:45:40 -08:00
Dane Everitt
59bfc212c9
Include all server information in details endpoints for daemon to use 2019-12-22 13:28:51 -08:00
Dane Everitt
03f2c61431
Fix error when creating user 2019-12-16 21:25:48 -08:00
Dane Everitt
2a92304023
Fix server creation logic 2019-12-16 21:02:30 -08:00
Dane Everitt
14b1f13fe0
Obliterate swaths of old template code 2019-12-15 18:11:56 -08:00
Dane Everitt
81bd67cc76
Add ability for user to change server's name 2019-12-09 22:03:10 -08:00
Dane Everitt
564d947f7e
[#3c9g25] Add support for new endpoint to collect node information 2019-12-09 21:05:39 -08:00
Dane Everitt
979bdc1f9f
Use YAML for configuration file 2019-12-08 11:29:46 -08:00
Dane Everitt
c087f6429f
Temporary patch to get user management pages displaying correctly 2019-12-08 11:02:59 -08:00
Dane Everitt
24f340c9a1
Fix up SFTP endpoint 2019-12-07 16:14:04 -08:00
Dane Everitt
ed50259484
[#3896cn] Clean up code handling server suspension 2019-11-30 15:37:13 -08:00
Dane Everitt
547e8840e2
Untested code to perform an update of server build settings 2019-11-24 15:08:54 -08:00
Dane Everitt
c17f9ba8a9
Move server view management parts to new controller and clean up code 2019-11-24 12:50:16 -08:00
Dane Everitt
8f0044575f
Update server creation data logic 2019-11-16 13:33:01 -08:00
Dane Everitt
2848d182ef
Break server creation logic into own controller 2019-11-16 13:08:46 -08:00
Dane Everitt
01d81bd548
Getting somewhere on subuser stuff, adds i18n packages 2019-11-16 12:46:19 -08:00
Arnaud Lier
88c5bb4f97 Added a return in DatabaseController when a error occurs (#1742)
* Added a return in DatabaseController when a error occurs

* add return on database update too
2019-11-11 09:01:38 -08:00
Dane Everitt
d69f816d9d
Add handler to fetch all of the system permissions and load them into the state 2019-11-03 17:37:06 -08:00
Dane Everitt
867dbf3bd2
Update all the client API endpoints to use new permissions codes 2019-11-03 17:13:47 -08:00
Dane Everitt
543884876f
Add basic subuser listing for servers 2019-11-03 12:20:11 -08:00
Dane Everitt
0b9c6bd21d
Proxy file downloads through the panel rather than having to get creative with download tokens 2019-10-26 14:36:37 -07:00
Dane Everitt
ac52810ef6
Don't try to parse JSON being returned from the API 2019-09-29 15:32:22 -07:00
Dane Everitt
326d346f92
Handle errors sent back over the sockt 2019-09-28 13:09:47 -07:00
Dane Everitt
030b8ed4fd
Change to support websocket JWT connections 2019-09-24 21:22:11 -07:00
Dane Everitt
18c4b951e6
First pass at converting websocket to send a token along with every call 2019-09-24 20:20:29 -07:00
Dane Everitt
67ff67a1bd
Add endpoints to return a server's egg configuration 2019-09-22 15:30:53 -07:00
Dane Everitt
086018751d
Add underlying code to handle authenticating websocket credentials 2019-09-08 17:48:37 -07:00
Dane Everitt
b99ea53ca1
Update client API endpoints to not use deprecated function 2019-09-05 21:41:20 -07:00
Dane Everitt
7543ef085d
Format files 2019-09-05 21:32:57 -07:00
Dane Everitt
26e4ff1f62
Update to use new repository and standard laravel notation for controllers 2019-09-05 21:31:12 -07:00
Dane Everitt
62cd03d684
Fix command sending error handling and bad assertion order 2019-09-05 21:16:36 -07:00
Dane Everitt
ee0da206c1
Update command sending from server API to use new daemon code 2019-09-05 21:11:19 -07:00
Dane Everitt
161e0f6165
Deprecate old way of using repositories for daemon things 2019-09-05 20:33:27 -07:00
Dane Everitt
bd8b708c32
[L6] Update cache methods to use defined times and not ints 2019-09-04 20:24:46 -07:00
Dane Everitt
fb9c106448
Update server listing and associated logic to pull from the panel dynamiacally 2019-08-17 16:03:10 -07:00
Lance Pioch
37631a1d49 Missing return statement (#1673)
Otherwise this errors out with $host not being found
2019-08-10 13:19:52 -07:00
Dane Everitt
81143e231a
Merge branch 'master' into develop 2019-08-04 13:49:26 -07:00
Dane Everitt
eb81e1ed20
Support special characters in database password, closes #1508 2019-08-03 14:42:32 -07:00
Dane Everitt
81409947cf
Default to OOM killer being disabled, add back configuration option per-server 2019-08-03 13:41:24 -07:00
Dane Everitt
fe9d86b66b
Add support for filtering servers in client list-all endpoint
closes #1608
2019-08-03 12:44:15 -07:00
Dane Everitt
02ac308042
Fix database host modification not properly showing SQL errors
This is caused by an old bug relating to not rolling back transactions properly causing session data to not be flashed back to the user properly.
2019-08-03 12:33:28 -07:00
Dane Everitt
c90fcea519
Add basic file listing functionality 2019-07-27 20:23:51 -07:00
Dane Everitt
48c39abfcb
Add database password rotation to view 2019-07-27 15:17:50 -07:00
Dane Everitt
212773d63c
Finish authentication flow for 2FA 2019-06-22 13:33:11 -07:00
Dane Everitt
56640253b9
Merge branch 'release/v0.7.14' into feature/react 2019-06-22 12:28:44 -07:00
Dane Everitt
092e7e79ff
Change 2FA service to generate the secret on our own and use an external QR service to display the image 2019-06-21 21:55:09 -07:00
Dane Everitt
2db7928b76
Don't expose existence of account when an incorrect password is provided and the user has 2FA enabled 2019-06-21 21:39:24 -07:00
Dane Everitt
19ef901768
Show success message to the user 2019-06-11 23:19:43 -07:00
Dane Everitt
bfdc1f766b
Support saving existing files 2019-05-27 15:30:49 -07:00
Dane Everitt
a8462bf109
Add initial support for opening a file in the file manager, still needs more work 2019-05-25 16:24:13 -07:00
Dane Everitt
d79fe6982f
Add support for file copy and deletion 2019-05-04 17:26:24 -07:00
Dane Everitt
811026895b
Update support for moving/renaming files and folders 2019-05-04 16:04:59 -07:00
Dane Everitt
95d19bf09e
Update logic that handles creation of folders for a server 2019-05-01 21:45:39 -07:00
Dane Everitt
5c99cae779
Merge branch 'develop' into feature/vuejs 2019-05-01 20:57:49 -07:00
Dane Everitt
c80c8564b8
Switch file manager listing to use panel API endpoint 2019-05-01 20:54:40 -07:00
Dane Everitt
0757d8856b
Add base code to support retrieving allocations as a client 2019-03-23 17:47:20 -07:00
Arnaud Lier
4460b6835a Match original database password length when doing a password reset (#1509) 2019-03-23 14:04:57 -07:00
Dane Everitt
8955b5a660
Initial attempt trying to get file downloading to work 2019-03-16 17:10:04 -07:00
Dane Everitt
a66d7a3417
Merge branch 'develop' into feature/vuejs 2019-03-09 11:19:07 -08:00
Dane Everitt
f15449f17b
Fix servers not being marked as install failed 2019-03-03 13:44:28 -08:00
Dane Everitt
d9593b23ab
Paginate server results when viewing a node, closes #1404 2019-03-02 15:58:56 -08:00
Lance Pioch
db937af616 Apply fixes from StyleCI
[ci skip] [skip ci]
2019-01-26 23:26:15 +00:00
Dane Everitt
136e4b5b7b
Fix some issues 2018-12-30 12:45:57 -08:00
Dane Everitt
21ffa08d66
Merge branch 'develop' into feature/vuejs 2018-12-16 14:20:35 -08:00
Dane Everitt
7c73f21b30
Fix Node daemon secret not being reset, closes #1390 2018-12-02 13:40:12 -08:00
Dane Everitt
d6e9770937
Merge branch 'develop' into patch-1 2018-12-02 13:01:31 -08:00
Oreo Oreoniv
adcf0c9fee
Fixed Failed event
Thank you very much Laravel for not pointing out the changes to be made when upgrading from 5.6 to 5.7
2018-11-28 23:24:43 +03:00
zKoz210
2d7e889bcc Fixed StyleCI 2018-11-26 03:28:14 +03:00
zKoz210
0b4b1a3443 Initial update 2018-11-26 03:25:18 +03:00
Matthew Penner
0cbedd9c90 Fix LocationController#store() 2018-11-19 22:04:05 -07:00
Matthew Penner
afe128042f
Wait a second, that method doesn't return an array 2018-11-19 21:54:15 -07:00
Dane Everitt
9b654d2c76
Fix bug with client API denying access to routes, closes #1366 2018-11-10 15:27:50 -08:00
Dane Everitt
a9fa60a6fb
Respect pagination settings on frontend
closes #1335
2018-11-10 12:38:35 -08:00
mrkrabs
8ef368faa4
Rename app/Http/Controllers/API/Remote/ValidateKeyController.php to app/Http/Controllers/Api/Remote/ValidateKeyController.php 2018-11-07 18:17:27 +02:00
mrkrabs
7c64492557
Rename app/Http/Controllers/API/Remote/SftpController.php to app/Http/Controllers/Api/Remote/SftpController.php 2018-11-07 18:17:08 +02:00
mrkrabs
c9e207c15d
Rename app/Http/Controllers/API/Remote/EggRetrievalController.php to app/Http/Controllers/Api/Remote/EggRetrievalController.php 2018-11-07 18:16:50 +02:00
mrkrabs
cfbdf07b80
Rename app/Http/Controllers/API/Remote/EggInstallController.php to app/Http/Controllers/Api/Remote/EggInstallController.php 2018-11-07 18:16:28 +02:00
ayan4m1
c5608b1827 rework UI of mail settings page to allow for saving settings before testing 2018-10-13 21:30:47 -04:00
ayan4m1
8b61175c3b add exception message to fail message for mail test 2018-10-13 21:30:47 -04:00
ayan4m1
df9f0be839 styleci tweaks 2018-10-13 21:30:47 -04:00
ayan4m1
670efa3544 styleci tweaks 2018-10-13 21:30:47 -04:00
ayan4m1
ace58dd1df allow test of mail system no matter the type 2018-10-13 21:30:47 -04:00
ayan4m1
1b03ae2efe remove Log::debug() call 2018-10-13 21:30:47 -04:00
ayan4m1
fd3e5fc73e add SMTP mail tester 2018-10-13 21:30:47 -04:00
Dane Everitt
b6205463db
Merge branch 'develop' into feature/vuejs 2018-09-23 13:14:46 -07:00
Andrew DeLisa
262ef78fae Allow deletion of multiple allocations at once (#1322) 2018-09-18 21:43:18 -07:00
Dane Everitt
5ca13839cf
Merge branch 'develop' into feature/vue-serverview 2018-09-05 21:34:59 -07:00
Dane Everitt
f9542c98e2
Fix tests broken by bad namespaces 2018-09-03 15:59:30 -07:00
Dane Everitt
4d62e4c7b9
Merge branch 'develop' into pr/1128 2018-09-03 15:10:23 -07:00
Dane Everitt
3bb9bf04e5
Pass the updated model through for updating node config, rather than old model, ref #1237 2018-09-03 14:54:50 -07:00
Dane Everitt
5bd3f59455
Fix schedules running twice, closes #1288 2018-09-03 14:32:33 -07:00
Dane Everitt
178b8f8ce6
More logical time handling 2018-08-31 21:00:13 -07:00
Dane Everitt
e906ada528
Better handling when deleting a database 2018-08-26 14:01:00 -07:00
Dane Everitt
9be2aa4ca9
Push beginning of DB deletion stuff 2018-08-25 14:43:21 -07:00
Dane Everitt
c28e9c1ab7
Add ability to create new database through the UI 2018-08-22 22:29:20 -07:00
Dane Everitt
17796fb1c4
Add basic database listing for server 2018-08-21 21:47:01 -07:00
Dane Everitt
e9f8751c4c
More filemanager work, directory browsing working 2018-08-13 22:58:58 -07:00
Dane Everitt
92a9146b61
Improve filemanager, get first level folders listing 2018-08-06 23:14:13 -07:00
Dane Everitt
8db9d9bbee
Very rough go at connecting to socket and rendering console data for server 2018-07-20 23:45:07 -07:00
Dane Everitt
f2d2725ca0
Merge branch 'feature/vuejs' into feature/vue-serverview 2018-07-15 16:50:11 -07:00
Dane Everitt
550c622d3b
Obliterate JWT from codebase 2018-07-14 22:48:09 -07:00
Dane Everitt
6336e5191f
Strip out JWT usage and use cookies to track the currently logged in user 2018-07-14 22:42:58 -07:00
Dane Everitt
6c20ea9881
Add tests for changed controllers 2018-07-04 19:20:33 -07:00
Dane Everitt
5010c0c756
Merge branch 'feature/vuejs' into feature/vuejs-account 2018-07-04 18:12:57 -07:00
Dane Everitt
af9af78938
Merge branch 'develop' into feature/vuejs 2018-07-04 18:09:07 -07:00
Dane Everitt
8f5bd214a4
[Security] Address 2FA bypass in password reset functionality
Thanks to Trixter#0001 on Discord for this security report.

There was a two-factor authentication bypass present in all previous versions of Pterodactyl that would allow a user to login without providing a token by going through the password reset process. A person would still have to have access to the targeted account's email, but if they did manage to get a password reset link they would be able to reset the account password and then proceede to login without a token being required.

This logic has since been changed to check if 2FA is enabled on an account, and if so they will NOT be logged in when their password is changed. This will force them to continue through the normal login pathway where a token will be needed.

Overall the impact of this issue is minor, but I am still addressing it and disclosing the mechanism behind it.
2018-07-04 11:41:56 -07:00
Dane Everitt
603b8a3094
Merge branch 'feature/vuejs' into feature/vuejs-account 2018-07-02 21:01:04 -07:00
Dane Everitt
48cb01f438
Merge branch 'develop' into feature/vuejs 2018-07-02 21:00:42 -07:00
Stan
1ffb5acfad Send an email when a server is marked as installed (#1213)
Co-authored-by: @stanjg
2018-07-01 14:34:40 -07:00
Dane Everitt
304d947536
Allow creating subuser with no permissions 2018-06-30 18:25:46 -07:00
Dane Everitt
974318ffb4
Logout other sessions when password is changed
closes #1222
2018-06-30 17:50:58 -07:00
Dane Everitt
7711b697ad
Finalize two-factor handling on account. 2018-06-20 23:05:35 -07:00
Dane Everitt
0cc895f2d5
Finalize email/password changing in UI 2018-06-17 16:53:24 -07:00
Dane Everitt
fce394f6bd
Change email handling and logout function 2018-06-16 14:30:20 -07:00