Skynet/misc_pterodactyl-panel
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
4259 commits 62 branches 124 tags 29 MiB
Commit graph

1826 commits

Author SHA1 Message Date
Dane Everitt
e8dcd30e0c
[security] fix resources not properly returning an error when they don't match the server in the URL 
Prior to this fix certain resources were accessible even when their assigned server was not the same as the server in the URL. This causes the resource server relationship to not match the server variable present on the request.

Due to this failed logic it was possible for users to access resources they should not have been able to access otherwise for some areas of the panel.
 2021-01-19 21:19:17 -08:00
Dane Everitt
f24193801a
Add endpoint for triggering restoration completion 2021-01-18 21:14:49 -08:00
Dane Everitt
e700b4da78
Whoops, don't store the model until we've successfully completed the transaction internals 2021-01-18 20:14:38 -08:00
Dane Everitt
8d69a60e28
Only allow restoring valid backups, set the server correctly on the repository 2021-01-18 20:11:49 -08:00
Dane Everitt
575eab9072
Less obtuse error messaging, include the request ID in the output 2021-01-17 20:51:41 -08:00
Dane Everitt
87371901c0
Add base logic to support sending a request to restore a backup for a server 2021-01-17 17:51:09 -08:00
Dane Everitt
8db3a05498
;-; 2021-01-17 16:08:41 -08:00
Dane Everitt
b38b8f6465
Mark some fields as deprecated in the API 2021-01-17 16:02:11 -08:00
Dane Everitt
cb40b280a4
Fix single failing test 2021-01-17 15:55:46 -08:00
Dane Everitt
a75a347d65
Remove suspended & installing fields, replace with single status field 2021-01-17 15:51:56 -08:00
Dane Everitt
4c29be2e54
Adjust some naming real quick 2021-01-17 15:25:49 -08:00
Dane Everitt
bfc6f34c50
Audit when a backup is successful or fails 2021-01-17 15:22:02 -08:00
Dane Everitt
291c65275a
Update audit design 2021-01-17 11:52:44 -08:00
Dane Everitt
ccecaa6694
Add basic auditing for filesystem actions 
Specifically skipping read actions since there isn't much to say there, and it generally wouldn't be very helpful (plus, likely to generate lots of logs).
 2021-01-17 11:46:08 -08:00
Dane Everitt
b15679d3bb
Add base logic for audit logging 2021-01-17 10:49:36 -08:00
Charles Morgan
ffeedf17e4 Adds months for schedules 
Adds month variable for schedules
 2021-01-16 22:07:39 -05:00
Dane Everitt
9684456480
Add a todo for later 2021-01-10 17:05:41 -08:00
Dane Everitt
239984f92c
Add internal support for file denylist on eggs; closes #569 2021-01-10 17:02:14 -08:00
Dane Everitt
ff21d83e2d
Add endpoint to get all nodes meeting memory & disk requirements for a server; closes #1012 2021-01-10 13:08:43 -08:00
Dane Everitt
7666aee1c7
Merge pull request #2956 from pterodactyl/fix/files-urlencoding 
fix urlencoding in the file manager
 2021-01-03 17:19:42 -08:00
Jakob Schrettenbrunner
44c668e208 url encode email in password reset link 2021-01-02 03:30:27 +01:00
Jakob Schrettenbrunner
4fd2af028d fix urlencoding in the filemanager 2021-01-02 02:15:32 +01:00
Oreo Oreoniv
421d838e35
Fix retry after header 2020-12-29 19:11:47 +03:00
Dane Everitt
dbb6f69e00
Use proper newline, not literal \n 2020-12-27 16:47:51 -08:00
Dane Everitt
794cf9d9dd
Make backup throttling configurable 2020-12-27 16:41:53 -08:00
Dane Everitt
a7fef8b736
Correctly handle backups that fail without an upload_id attached to them 2020-12-27 11:56:28 -08:00
Dane Everitt
952715facc
Fix handling of upload IDs on backups 2020-12-27 11:34:55 -08:00
Matthew Penner
951d92b143 Store S3 upload_id in the database for backups 2020-12-26 11:59:21 -07:00
Dane Everitt
6c39288def
Clarify error messaging for transfers 2020-12-24 10:14:10 -08:00
Dane Everitt
a2548c14ac
Fix logic since this accepts arrays now 2020-12-24 10:12:01 -08:00
Dane Everitt
25e53d9f22
Merge branch 'matthewpi/transfer-improvements' of https://github.com/Pterodactyl/Panel into matthewpi/transfer-improvements 2020-12-24 10:10:41 -08:00
Dane Everitt
2ee08a1a3d
Update logic for server transfer controller 2020-12-24 10:10:40 -08:00
Dane Everitt
6c61577699
Simplify logic in websocket control 2020-12-24 09:20:23 -08:00
Dane Everitt
6fa24d4979
Merge branch 'develop' into matthewpi/transfer-improvements 2020-12-24 09:17:21 -08:00
Dane Everitt
9a57011071
Merge branch 'develop' of https://github.com/Pterodactyl/Panel into develop 2020-12-24 09:15:05 -08:00
Dane Everitt
087c41d5ac
Add endpoint to pull a remote file down 2020-12-24 09:15:03 -08:00
Dane Everitt
2f17e75395
Merge pull request #2879 from pterodactyl/fix/backups-failing-early 
Allow changing the prune age for backups
 2020-12-24 09:12:59 -08:00
Matthew Penner
4b9eab8950 Send ignored_files as a string to wings 2020-12-22 19:31:52 -07:00
Matthew Penner
17ca3659c5 Change 'backups.prune_age' default to 6 hours 2020-12-19 11:50:35 -07:00
Matthew Penner
d8f75fa0b7 Fix failed transfers locking a server into a unaccessible state 2020-12-17 11:14:58 -07:00
Matthew Penner
37cfa151b6 Use ServerTransferringException 2020-12-17 10:37:14 -07:00
Matthew Penner
e69d9b2c26 Update comment in AuthenticateServerAccess.php 2020-12-17 10:35:54 -07:00
Matthew Penner
fd848985ee Add ServerTransferringException, use is_null 2020-12-17 10:35:54 -07:00
Matthew Penner
8d297a0918 Release reserved allocations upon archive failure 2020-12-17 10:35:54 -07:00
Matthew Penner
01926e2896 Improve logic for logging into the websocket of the target node 2020-12-17 10:35:54 -07:00
Matthew Penner
5c5e2e24f1 📯 tRaNsFeR lOgS 📯 2020-12-17 10:35:54 -07:00
Matthew Penner
e6c4a68e4a Update logic for tracking a server's transfer state 2020-12-17 10:35:54 -07:00
Dane Everitt
5d03c0d2e5
Properly handle loading files with special characters 2020-12-16 21:38:46 -08:00
Matthew Penner
e34d31a58c Allow changing the prune age for backups 2020-12-16 14:15:07 -07:00
Dane Everitt
5bbb36b3cf
Support updating docker image for a server from the frontend 2020-12-13 11:07:29 -08:00
Dane Everitt
1dacd703df
Fix egg importing from seeder 2020-12-13 10:34:51 -08:00
Dane Everitt
638ea2e815
Support creating/updating docker images on eggs 2020-12-13 10:13:32 -08:00
Dane Everitt
78c4ac80bc
Basic implemention of multiple selectable images for an egg 
The admin side of this is quite ugly when creating/editing a server, but I'm not putting effort into that right now with React Admin soon™
 2020-12-13 09:53:17 -08:00
Dane Everitt
3e65a2d055
Pass one at unfucking the stupid file encoding issues 2020-12-08 21:24:17 -08:00
Matthew Penner
911d85c230 Delete the oldest backup, not the newest backup, closes #2800 2020-12-07 09:31:44 -07:00
Dane Everitt
fcff9085b8
Merge pull request #2781 from pterodactyl/matthewpi/server-details-patch-1 
Show installing status instead of offline when a server is installing
 2020-12-06 15:27:03 -08:00
Dane Everitt
3ad1e90bad
Merge branch 'develop' into matthewpi/backups-patch-1 2020-12-06 15:17:12 -08:00
Matthew Penner
00429c3911 Cleanup remote backup controllers 2020-12-06 15:19:54 -07:00
Dane Everitt
f9ea96f45d
Less strict type; closes #2681 2020-12-06 14:17:54 -08:00
Dane Everitt
d22456d9ca
Block API access when 2FA is required on account; closes #2791 2020-12-06 13:56:14 -08:00
Matthew Penner
1ce6d3bbba Maybe we should keep that backup rate-limit 2020-12-06 13:55:45 -07:00
Matthew Penner
a5cebd6bcf s3 backups: handle CompleteMultipartUpload and AbortMultipartUpload on the panel instead of in wings, add BACKUP_PRESIGNED_URL_LIFESPAN environment variable 2020-12-06 13:53:55 -07:00
Matthew Penner
ac8b7fec28
Merge branch 'develop' into matthewpi/server-details-patch-1 2020-12-06 13:30:56 -07:00
Dane Everitt
79673ca440
Don't ever block storing node updates if wings returns an error; closes #2712 2020-12-06 12:23:58 -08:00
Dane Everitt
11054de5b3
Attempt revocation of JWT access when changing a server's owner 
closes #2771
 2020-12-06 12:16:12 -08:00
Dane Everitt
af360d49dd
Merge branch 'develop' of https://github.com/Pterodactyl/Panel into develop 2020-12-06 12:01:43 -08:00
Dane Everitt
a8d9eccf9c
Support pagination of server backups, closes #2787 2020-12-06 12:01:42 -08:00
Dane Everitt
7b9a8c8441
Merge pull request #2768 from pterodactyl/feature/chmod-files 
Chmod Files from the File Manager
 2020-12-06 11:30:33 -08:00
Stepan Fedotov
7c2888641f
Fix application API's ServerVariableTransformer 2020-12-04 19:56:44 +02:00
Matthew Penner
f9a1bc6c9b Show installing status instead of offline when a server is installing 2020-12-04 09:48:47 -07:00
Matthew Penner
3e1dbbaedd Fix validation rules for ChmodFilesRequest.php, again.. 2020-12-04 09:24:06 -07:00
Matthew Penner
bd0b7127d2 Fix validation rules for ChmodFilesRequest.php 2020-12-04 09:24:06 -07:00
Matthew Penner
ed5613e207 Show file mode on file listing, add ability to change file mode 2020-12-04 09:24:06 -07:00
Matthew Penner
8611ebb2d6 Add /api/client/servers/{server}/files/chmod endpoint 2020-12-04 09:24:06 -07:00
Dane Everitt
9a1c9f3e46
Merge pull request #2691 from GravityCube/develop 
Backup rotation for schedules.
 2020-11-29 13:42:48 -08:00
Dane Everitt
7ebe04fb91
Don't allow blank passwords on the password change endpoint; closes #2750 2020-11-29 13:28:46 -08:00
Dane Everitt
16f49f8dc1
Close cleanup; only try to run power actions against non-suspended & installed servers; closes #2760 2020-11-29 12:50:22 -08:00
GravityCube
5eebc7221d
Merge branch 'develop' into develop 2020-11-13 01:11:18 -03:00
Gonzalo Chavez
ebc8d40db8 Backup Rotation - Variable name changed 2020-11-11 16:03:57 -03:00
Gonzalo Chavez
e6a4a17922 Backup Rotation - Comment change 2020-11-11 16:02:39 -03:00
Gonzalo Chavez
7b8322e9c9 Backup Rotation - Minor changes 2020-11-11 10:52:28 -03:00
Gonzalo Chavez
1eaf486eaa Backup Rotation - Minor Changes 2020-11-09 21:14:47 -03:00
Gonzalo Chavez
1f01c653f1 Backup rotation for schedules. 2020-11-09 20:35:57 -03:00
Matt Malec
df64026449
Update AuthenticateIPAccess.php 
Fix a 500 error when processing a request with an IP filter
 2020-11-08 21:57:22 -05:00
Dane Everitt
e0a087f077
Attempt to save a transaction a few times when creating a server; closes #2674 2020-11-08 13:19:52 -08:00
Dane Everitt
74b1776c00
Merge pull request #2646 from AreYouRlyScared/#2608 
Add admin area link to view config
 2020-11-08 11:48:22 -08:00
Dane Everitt
802f88fc78
Merge branch 'develop' into permissions 2020-11-08 11:47:45 -08:00
Dane Everitt
c20d53bb17
Always return the primary allocation for a server, even without the allocation permissions 2020-11-07 09:57:53 -08:00
Dane Everitt
f99ac0ecde
Fix some failing test cases 2020-11-06 22:33:39 -08:00
Dane Everitt
625fd92130
Fix URKL encoding hellscape; closes #2664 closes #2663 2020-11-06 20:47:03 -08:00
Dane Everitt
009f9c297d
Revoke JWT JTIs when modifying a subuser's permissions 2020-11-03 21:01:15 -08:00
Dane Everitt
c4df534722
Handle reconnect events for websocket errors 2020-11-03 20:33:05 -08:00
Charles Morgan
b2d2a931a9
Add missing descriptions for permissions 2020-11-03 16:11:59 -05:00
Dane Everitt
aba7df3afa
Basic concept for the EULA feature to demo how this will all work 2020-11-02 20:52:41 -08:00
Dane Everitt
95d605c1e3
Fix validation schema 2020-11-02 20:24:11 -08:00
Dane Everitt
7618f306bd
Support functionality for per-egg features 2020-11-02 20:20:36 -08:00
Dane Everitt
b482632af4
Remove unnecessary calls to Wings to add/remove mounts 2020-11-02 19:58:14 -08:00
Dane Everitt
ebd81e9d1d
Properly pass along build information to Wings; closes #2552 2020-11-02 19:58:03 -08:00
Charles Morgan
6d909a4a97
Add admin area link to view config 2020-11-02 00:14:02 -05:00
Dane Everitt
964a1436ce
Code cleanup for signed URL generation endpoint 2020-11-01 14:46:01 -08:00
Matthew Penner
6af848ccea Tweaks to BackupRemoteUploadController.php 2020-11-01 15:27:43 -07:00
Matthew Penner
63ac81586d Tweaks to BackupRemoteUploadController.php 2020-11-01 15:27:43 -07:00
Matthew Penner
85af073438 Switch to s3 multipart uploads for backups 2020-11-01 15:27:43 -07:00
Dane Everitt
23d2352a9b
Don't ever return per_page as a string here... 2020-11-01 14:27:14 -08:00
Dane Everitt
b946b20193
Avoid pass-by-reference issues in config parsing leading to duplicated responses; ref #2511 2020-11-01 13:07:00 -08:00
Dane Everitt
48cde2e007
Merge branch 'develop' of https://github.com/Pterodactyl/Panel into develop 2020-11-01 12:25:04 -08:00
Dane Everitt
61f501abc9
Fix file parser failing if multiple configuration values are present on same line; closes #2604 2020-11-01 12:25:02 -08:00
Charles Morgan
f029b7239e
re-remove console limiting options 2020-11-01 03:16:30 -05:00
Dane Everitt
6cb21fb920
Add test coverage for allocation auto-assignment service 2020-10-31 22:17:32 -07:00
Dane Everitt
d493685518
Add test coverage for allocation assignment endpoint 2020-10-31 21:57:27 -07:00
Dane Everitt
b2be067f38
Support deleting an allocation for a server 2020-10-31 21:22:44 -07:00
Dane Everitt
365f5e0806
server_id is irrelevant at this stage 2020-10-31 14:59:06 -07:00
Dane Everitt
c6bd7ff661
Improve logic handle auto-allocation of ports for a server 2020-10-31 14:58:15 -07:00
Dane Everitt
665a4dd8a4
Merge branch 'develop' into develop 2020-10-31 13:47:12 -07:00
Dane Everitt
ff64220741
Avoid N+1 location query for servers 2020-10-31 11:28:31 -07:00
Dane Everitt
c00e5b36a5
Return all servers for a node as a paginated response 
Avoids crashing the PHP process and avoids a bad runaway N+1 query issue that previously existed.
 2020-10-31 11:14:28 -07:00
Dane Everitt
73b795faba
Correctly reset a schedule if there is an exception during the run stage; closes #2550 2020-10-26 20:54:15 -07:00
Dane Everitt
bffec5b3dc
Don't abort the entire schedule running process if one schedule encounters an exception; closes #2609 2020-10-26 20:16:39 -07:00
Dane Everitt
092c942764
Fix server owner filtering; improve searching for servers; closes #2581 2020-10-25 17:29:57 -07:00
Dane Everitt
21d4402a55
Merge branch 'develop' of https://github.com/Pterodactyl/Panel into develop 2020-10-25 15:07:13 -07:00
Dane Everitt
996fb5b46f
Set the DB timezone on each connection to match the APP_TIMEZONE value 2020-10-25 15:07:11 -07:00
Dane Everitt
8c6327fd32
Let MySQL do the time logic when looking for tasks 2020-10-25 15:06:54 -07:00
Anders G. Jørgensen
a271b59092
Change SameSite attribute on session cookies to "lax" (#2592) 2020-10-25 13:15:49 -07:00
Dane Everitt
65d04d0c05
Correctly handle schedule task deletion and avoid errors; closes #2534 2020-10-22 20:54:58 -07:00
Dane Everitt
26de4493dd
Set notes to null when assigning allocation; ref #2553 2020-10-19 21:08:40 -07:00
Dane Everitt
1f5e0c0334
Update build modification service and cover logic with test cases 
closes #2553
 2020-10-19 21:07:07 -07:00
Dane Everitt
c370e08f65
[security] add login throttling to the 2FA verification endpoint 2020-10-17 14:46:10 -07:00
Dane Everitt
9621f923f5
Merge branch 'develop' of https://github.com/Pterodactyl/Panel into develop 2020-10-17 14:23:06 -07:00
Dane Everitt
5763493c6c
Allow setting the backup limit via the API; closes #2535 2020-10-17 14:23:00 -07:00
Matthew Penner
8ba291afb2 Fix Mount.php validation rules 2020-10-17 14:43:07 -06:00
Matthew Penner
66b9169458 Cleanup code in MountController.php, again. 2020-10-17 14:42:08 -06:00
Matthew Penner
050075b835 Cleanup code in MountController.php 2020-10-17 14:37:35 -06:00
Matthew Penner
f7520b721b Deny /etc/pterodactyl as a source path for mounts 2020-10-17 14:29:29 -06:00
Matthew Penner
c52c5d6736 Deny certain paths for mounts 2020-10-17 14:28:02 -06:00
Dane Everitt
839e277763
Fix exception when passing location IDs to creation service; closes #2529 2020-10-17 11:52:21 -07:00
Nobody
10548c9d8f Update message and update query 2020-10-17 18:26:34 +01:00
Dane Everitt
cd3572730b
Add test coverage to ensure filters don't unexpectedly get broken 2020-10-15 21:52:26 -07:00
Dane Everitt
f30dab053b
Support much better server querying from frontend 
Search all servers if making a query as an admin, allow searching by a more complex set of data, fix unfocus on search field when loading indicator was rendered
 2020-10-15 21:21:38 -07:00
Dane Everitt
e7c64bc60e
Add test coverage for schedule execution 2020-10-14 21:06:27 -07:00
Dane Everitt
c1ee0ac4f8
Add support for executing a scheduled task right now 2020-10-14 20:38:59 -07:00
Caleb
ea778e9345
Merge branch 'develop' into develop 2020-10-13 15:35:38 -04:00
Dane Everitt
49ddd63dbd
Do not allow running the up or seed commands if migrations have not been run 2020-10-12 20:51:35 -07:00
Dane Everitt
289de72aca
Merge pull request #2497 from pterodactyl/fix/server-mounts 
Fix server mounts
 2020-10-12 20:13:35 -07:00
Dane Everitt
1ad8b3f37d
Do not mark a server as "not installed" when updating it's startup arguments 2020-10-12 20:12:34 -07:00
Matthew Penner
3ef3c2a461 Remove commented code 2020-10-12 11:12:23 -06:00
Matthew Penner
abd60ee6f8 Fix 500 error when mounting a mount and fix the actual mount being deleted instead of the relation 2020-10-12 11:11:40 -06:00
Dane Everitt
9112de4bfb
Merge pull request #2481 from AreYouRlyScared/fix-2435 
Yeh Yeh.... Remove validation rules
 2020-10-11 15:36:18 -07:00
Charles Morgan
4b8a275a78
Update AdvancedSettingsFormRequest.php 2020-10-11 18:33:25 -04:00
Dane Everitt
18fce37565
Fix subuser permissions not migrating correctly from 0.7; closes #2309 2020-10-11 15:13:17 -07:00
Dane Everitt
8697185900
Fix up database creation and handling code for servers; ref #2447 2020-10-11 11:59:46 -07:00