Dane Everitt
e8dcd30e0c
[security] fix resources not properly returning an error when they don't match the server in the URL
...
Prior to this fix certain resources were accessible even when their assigned server was not the same as the server in the URL. This causes the resource server relationship to not match the server variable present on the request.
Due to this failed logic it was possible for users to access resources they should not have been able to access otherwise for some areas of the panel.
2021-01-19 21:19:17 -08:00
Dane Everitt
239984f92c
Add internal support for file denylist on eggs; closes #569
2021-01-10 17:02:14 -08:00
Dane Everitt
ff21d83e2d
Add endpoint to get all nodes meeting memory & disk requirements for a server; closes #1012
2021-01-10 13:08:43 -08:00
Dane Everitt
a7fef8b736
Correctly handle backups that fail without an upload_id attached to them
2020-12-27 11:56:28 -08:00
Dane Everitt
952715facc
Fix handling of upload IDs on backups
2020-12-27 11:34:55 -08:00
Matthew Penner
951d92b143
Store S3 upload_id in the database for backups
2020-12-26 11:59:21 -07:00
Dane Everitt
6c39288def
Clarify error messaging for transfers
2020-12-24 10:14:10 -08:00
Dane Everitt
a2548c14ac
Fix logic since this accepts arrays now
2020-12-24 10:12:01 -08:00
Dane Everitt
25e53d9f22
Merge branch 'matthewpi/transfer-improvements' of https://github.com/Pterodactyl/Panel into matthewpi/transfer-improvements
2020-12-24 10:10:41 -08:00
Dane Everitt
2ee08a1a3d
Update logic for server transfer controller
2020-12-24 10:10:40 -08:00
Dane Everitt
6c61577699
Simplify logic in websocket control
2020-12-24 09:20:23 -08:00
Dane Everitt
6fa24d4979
Merge branch 'develop' into matthewpi/transfer-improvements
2020-12-24 09:17:21 -08:00
Dane Everitt
9a57011071
Merge branch 'develop' of https://github.com/Pterodactyl/Panel into develop
2020-12-24 09:15:05 -08:00
Dane Everitt
087c41d5ac
Add endpoint to pull a remote file down
2020-12-24 09:15:03 -08:00
Dane Everitt
2f17e75395
Merge pull request #2879 from pterodactyl/fix/backups-failing-early
...
Allow changing the prune age for backups
2020-12-24 09:12:59 -08:00
Matthew Penner
d8f75fa0b7
Fix failed transfers locking a server into a unaccessible state
2020-12-17 11:14:58 -07:00
Matthew Penner
37cfa151b6
Use ServerTransferringException
2020-12-17 10:37:14 -07:00
Matthew Penner
e69d9b2c26
Update comment in AuthenticateServerAccess.php
2020-12-17 10:35:54 -07:00
Matthew Penner
fd848985ee
Add ServerTransferringException, use is_null
2020-12-17 10:35:54 -07:00
Matthew Penner
8d297a0918
Release reserved allocations upon archive failure
2020-12-17 10:35:54 -07:00
Matthew Penner
01926e2896
Improve logic for logging into the websocket of the target node
2020-12-17 10:35:54 -07:00
Matthew Penner
5c5e2e24f1
📯 tRaNsFeR lOgS 📯
2020-12-17 10:35:54 -07:00
Matthew Penner
e6c4a68e4a
Update logic for tracking a server's transfer state
2020-12-17 10:35:54 -07:00
Dane Everitt
5d03c0d2e5
Properly handle loading files with special characters
2020-12-16 21:38:46 -08:00
Matthew Penner
e34d31a58c
Allow changing the prune age for backups
2020-12-16 14:15:07 -07:00
Dane Everitt
5bbb36b3cf
Support updating docker image for a server from the frontend
2020-12-13 11:07:29 -08:00
Dane Everitt
638ea2e815
Support creating/updating docker images on eggs
2020-12-13 10:13:32 -08:00
Dane Everitt
78c4ac80bc
Basic implemention of multiple selectable images for an egg
...
The admin side of this is quite ugly when creating/editing a server, but I'm not putting effort into that right now with React Admin soon™
2020-12-13 09:53:17 -08:00
Dane Everitt
3e65a2d055
Pass one at unfucking the stupid file encoding issues
2020-12-08 21:24:17 -08:00
Dane Everitt
fcff9085b8
Merge pull request #2781 from pterodactyl/matthewpi/server-details-patch-1
...
Show installing status instead of offline when a server is installing
2020-12-06 15:27:03 -08:00
Dane Everitt
3ad1e90bad
Merge branch 'develop' into matthewpi/backups-patch-1
2020-12-06 15:17:12 -08:00
Matthew Penner
00429c3911
Cleanup remote backup controllers
2020-12-06 15:19:54 -07:00
Dane Everitt
d22456d9ca
Block API access when 2FA is required on account; closes #2791
2020-12-06 13:56:14 -08:00
Matthew Penner
a5cebd6bcf
s3 backups: handle CompleteMultipartUpload and AbortMultipartUpload on the panel instead of in wings, add BACKUP_PRESIGNED_URL_LIFESPAN environment variable
2020-12-06 13:53:55 -07:00
Matthew Penner
ac8b7fec28
Merge branch 'develop' into matthewpi/server-details-patch-1
2020-12-06 13:30:56 -07:00
Dane Everitt
11054de5b3
Attempt revocation of JWT access when changing a server's owner
...
closes #2771
2020-12-06 12:16:12 -08:00
Dane Everitt
af360d49dd
Merge branch 'develop' of https://github.com/Pterodactyl/Panel into develop
2020-12-06 12:01:43 -08:00
Dane Everitt
a8d9eccf9c
Support pagination of server backups, closes #2787
2020-12-06 12:01:42 -08:00
Matthew Penner
f9a1bc6c9b
Show installing status instead of offline when a server is installing
2020-12-04 09:48:47 -07:00
Matthew Penner
3e1dbbaedd
Fix validation rules for ChmodFilesRequest.php, again..
2020-12-04 09:24:06 -07:00
Matthew Penner
bd0b7127d2
Fix validation rules for ChmodFilesRequest.php
2020-12-04 09:24:06 -07:00
Matthew Penner
8611ebb2d6
Add /api/client/servers/{server}/files/chmod endpoint
2020-12-04 09:24:06 -07:00
Dane Everitt
7ebe04fb91
Don't allow blank passwords on the password change endpoint; closes #2750
2020-11-29 13:28:46 -08:00
Matt Malec
df64026449
Update AuthenticateIPAccess.php
...
Fix a 500 error when processing a request with an IP filter
2020-11-08 21:57:22 -05:00
Dane Everitt
f99ac0ecde
Fix some failing test cases
2020-11-06 22:33:39 -08:00
Dane Everitt
625fd92130
Fix URKL encoding hellscape; closes #2664 closes #2663
2020-11-06 20:47:03 -08:00
Dane Everitt
009f9c297d
Revoke JWT JTIs when modifying a subuser's permissions
2020-11-03 21:01:15 -08:00
Dane Everitt
b482632af4
Remove unnecessary calls to Wings to add/remove mounts
2020-11-02 19:58:14 -08:00
Dane Everitt
964a1436ce
Code cleanup for signed URL generation endpoint
2020-11-01 14:46:01 -08:00
Matthew Penner
6af848ccea
Tweaks to BackupRemoteUploadController.php
2020-11-01 15:27:43 -07:00