Commit graph

4296 commits

Author SHA1 Message Date
Dane Everitt
820d2bf172
Node and user API routes implemented.
More attempts at the logic for API permissions, most likely will need
continued tweaking in the future, but base is there.
2017-04-09 15:31:10 -04:00
Dane Everitt
f24b238e30
Base node route implementation 2017-04-09 13:52:31 -04:00
Dane Everitt
75b8753533
Simplify server and api key policy. 2017-04-09 13:34:47 -04:00
Dane Everitt
c492446513
Implement initial server and location API routes.
Also fixes a few exception handler issues causing incorrect HTTP status
codes on authorization errors.
2017-04-09 13:15:15 -04:00
Dane Everitt
10ee777eb7
Whoopsies! (fix route names) 2017-04-08 16:15:57 -04:00
Dane Everitt
463f465dea
Block viewing node allocations and location unless user has permission
Blocks viewing the allocation list and location for a node unless a
user has permission to view the node in the first place.
2017-04-08 12:07:17 -04:00
Dane Everitt
4479d3bf19
Improved logic for handling permissions on API routes.
Still only partially implemented, however this method will allow the
inclusion of data that is granted with servers (such as viewing more
about the node, node location, allocations, etc) while still limiting
someone from doing `?include=node.servers` and listing all servers when
they don’t have list-servers as a permission.
2017-04-08 12:05:29 -04:00
Dane Everitt
db4df2bfa1
Push basis of new API key policy
Will need to revisit this another day when I’m fresh to figure out the
best method to do this.
2017-04-07 21:25:17 -04:00
Dane Everitt
51204b8d9d
Add all of the potential transformers that might be needed for now. 2017-04-07 20:28:58 -04:00
Dane Everitt
faa437b77b Use the current_password not password field when verifying passwords. 2017-04-04 12:14:24 -04:00
Dane Everitt
65630bdcce
Move API to use JSON:API standards and fractal serializer
Makes the data slightly more complex, but forces a standard and can
always be changed down the road simply by changing the default
serializer.
2017-04-02 16:51:56 -04:00
Dane Everitt
c071efd008
Finish API routes for users. 2017-04-02 15:52:53 -04:00
Dane Everitt
97773300ed
Better middleware for routes, cleaned up API, removed old API calls
New API routes for Server allow specifying which fractal objects to
load into the request, thus making it possible to fine-tune what data
is returned.
2017-04-02 13:19:39 -04:00
Dane Everitt
93dc52bbc4
Fix broken status route spamming logs. 2017-04-02 11:06:44 -04:00
Dane Everitt
ddb82ac3ca
Add initial user server transformer for API. 2017-04-02 00:49:53 -04:00
Dane Everitt
87530cdc01
Initial moves to new API scheme.
Implements a better middleware for handling API authentication, as well
as cleaner route handling.
2017-04-02 00:11:52 -04:00
Dane Everitt
55bf26e518
Fix broken status route spamming logs. 2017-04-01 22:52:27 -04:00
Dane Everitt
e5f3678c62
Fix login routes 2017-04-01 21:18:56 -04:00
Dane Everitt
5927e0e12a
Merge remote-tracking branch 'origin/develop' into develop
# Conflicts:
#	app/Http/Controllers/Base/LanguageController.php
#	app/Http/Kernel.php
#	app/Http/Middleware/TrimStrings.php
#	app/Providers/RouteServiceProvider.php
2017-04-01 21:03:10 -04:00
Dane Everitt
d80c59aad3
Cleanup routing mechanisms 2017-04-01 21:01:10 -04:00
Dane Everitt
9c303456fb Update codebase to L5.4 () 2017-04-01 17:59:43 -04:00
Dane Everitt
0a95d97d7f
Better support for redis as a backend 2017-04-01 16:31:18 -04:00
Dane Everitt
cbeecfe5e4
Implement front-end server searching 🍬 2017-04-01 13:14:49 -04:00
Dane Everitt
27d472195f
Misc. bug fixes 2017-04-01 12:29:56 -04:00
Dane Everitt
844ebfaf64
Add support for starting server on creation. 2017-04-01 12:29:49 -04:00
Dane Everitt
482bf4804d
Catch potential undefined result. 2017-03-31 23:37:46 -04:00
Dane Everitt
edaa270a33
Add server descriptions, closes 🐖
🐷 https://s3.kelp.in/D0n2Z.png
2017-03-31 23:07:19 -04:00
Dane Everitt
660cdca940
Hide random whitespace if there is only a single page 2017-03-31 22:14:56 -04:00
Dane Everitt
536865b22a
Remove deletion queue for servers. Just immediately delete. 2017-03-31 22:12:31 -04:00
Dane Everitt
2dec659dd1
Fix syntax error. 2017-03-31 21:47:53 -04:00
Dane Everitt
75119611b9
Update API settings page to display checkboxes correctly. 2017-03-31 21:46:40 -04:00
Dane Everitt
c7d4c3aa76
Send default response 2017-03-31 21:16:00 -04:00
Dane Everitt
ff57e2ff85
Cleanup recaptcha middleware 2017-03-31 21:12:49 -04:00
Dane Everitt
451dd7ebc8 Apply fixes from StyleCI () 2017-03-31 20:48:35 -04:00
Jakob Schrettenbrunner
fe6a19096f update CHANGELOG 2017-04-01 02:04:51 +02:00
Jakob Schrettenbrunner
e613e44749 fix 2017-04-01 01:58:05 +02:00
Jakob Schrettenbrunner
0ee80b1fec fix captcha middleware using wrong function when disabled 2017-04-01 01:54:42 +02:00
Dane Everitt
fa04bb1aea Delete .githold 2017-03-31 16:43:49 -04:00
Dane Everitt
14946eea31 closes 2017-03-31 16:42:12 -04:00
Jakob Schrettenbrunner
ac2e29e4a1 show users server where he is a subuser
fixes 
2017-03-31 13:54:20 +02:00
Jakob Schrettenbrunner
ec0b55bcfe fix missing path for Permission model in SubuserRepository 2017-03-31 12:50:58 +02:00
Jakob Schrettenbrunner
a51cf1ff47 remove ReCaptcha from views if it is disabled 2017-03-31 12:26:57 +02:00
Jakob Schrettenbrunner
207e0131fc Merge branch 'develop' of github.com:Pterodactyl/Panel into improve-password-reset 2017-03-31 12:20:41 +02:00
Jakob Schrettenbrunner
142cbb0641 Add invisible ReCAPTCHA to login and password reset 2017-03-31 12:19:44 +02:00
Dane Everitt
1f0e95790a
🔒 Don't disclose if account exists when resetting passwords, closes 2017-03-30 17:44:20 -04:00
Dane Everitt
9106971565
closes 2017-03-30 16:30:22 -04:00
Dane Everitt
da003efb03
Fixes issue with DOCTYPE being discarded on JS injected views 2017-03-30 16:23:25 -04:00
Dane Everitt
b165f04b78
Fix up file display in sidebar as well as socket.io warnings, closes 2017-03-30 16:20:51 -04:00
Dane Everitt
95c739a3f3
Update subusers view 2017-03-30 15:31:02 -04:00
Jakob Schrettenbrunner
f2f834af49 update gitignore to ignore docker files 2017-03-28 00:13:24 +02:00