Matthew Penner
ff37c51eef
Use different clone logic for arrays ( #4402 )
...
Closes <https://github.com/pterodactyl/panel/issues/3985 >
2022-10-04 19:48:08 -06:00
Matthew Penner
44598bf724
Support configuring storage class for S3 backup uploads ( #4399 )
...
Closes <https://github.com/pterodactyl/panel/issues/4072 >
2022-10-04 19:39:25 -06:00
Matthew Penner
2dcc46ecd6
backups: support Cloudflare R2 by listing uploaded parts from Wings
2022-09-26 11:15:52 -06:00
Pascal Zarrad
1ca4b08b48
backups: add S3 part size configuration ( #4382 )
2022-09-25 14:38:49 -06:00
Matthew Penner
68e9100e57
admin(eggs): add force_outgoing_ip
option ( #4323 )
...
Closes #3841
2022-09-25 13:24:54 -06:00
Matthew Penner
8e1a21563e
server: add configuration for install notifications ( #4331 )
...
* server: track `installed_at`, only send install notification on first install
* server: add configuration for install notifications
2022-09-25 13:16:58 -06:00
DaneEveritt
bf2456d0fc
Ensure eggs endpoint always returns an object, even when empty
...
closes #4296
2022-09-17 11:36:41 -07:00
DaneEveritt
2da8042b0f
Fix clock()
usage causing errors in prod environments
2022-07-24 20:43:14 -04:00
DaneEveritt
2eda1995b9
Send server name and description to wings to make available to replacers
2022-07-24 17:15:24 -04:00
DaneEveritt
f8c48214a5
Track file uploads on Wings, not the panel
2022-07-24 17:13:17 -04:00
DaneEveritt
d4708e9e63
Always show IP address to admins
2022-07-10 14:56:19 -04:00
DaneEveritt
d6c30092ec
Utilize a unique ID for activity logs to improve rendering perf
2022-07-10 14:53:29 -04:00
DaneEveritt
7558c0380e
Don't log SFTP logins, it just is noisy
2022-07-10 14:30:11 -04:00
DaneEveritt
33ab762f5a
Add support for tracking more SFTP specific events
2022-07-09 19:30:38 -04:00
DaneEveritt
2e01891074
Account for natural event naming
2022-07-09 17:53:07 -04:00
DaneEveritt
1eee55b27c
Add endpoint needed for recieving and processing activity
2022-07-09 17:45:38 -04:00
DaneEveritt
4a8c3c4a34
Add activity tracking for console/power actions
2022-07-04 18:11:53 -04:00
DaneEveritt
dc90d8b505
Include the "user_uuid" claim on JWTs for easier Wings user tracking
2022-07-04 17:34:56 -04:00
DaneEveritt
0216e3fd5b
Don't log activity if the email wasn't actually changed
2022-07-03 14:29:01 -04:00
DaneEveritt
2d836156d2
Update totp disable modal; require password for enable operation
2022-07-03 14:27:37 -04:00
DaneEveritt
48af9bced1
Fix activity log rendering; closes #4208
2022-06-30 21:06:50 -04:00
DaneEveritt
4aa163b76f
Hide IP addresses from activity logs not generated by the user themselves
2022-06-27 20:52:27 -04:00
DaneEveritt
43156e8d53
Improve error messaging for validation exceptions
2022-06-26 16:31:48 -04:00
DaneEveritt
271197e823
Fix cs-fix run
2022-06-26 16:21:07 -04:00
DaneEveritt
ca39830333
allow filtering servers by description; closes #4150
2022-06-26 13:26:12 -04:00
DaneEveritt
b3a57bd0ad
fix includes for client API keys on admin accounts; closes #4164
2022-06-26 13:23:22 -04:00
DaneEveritt
76472411e3
Some better activity translations
2022-06-18 16:36:19 -04:00
DaneEveritt
cf01490883
Support hiding activity from admin accounts not associated with the server
2022-06-18 15:48:22 -04:00
DaneEveritt
95de4c30fc
Abuse the translation engine to handle more of the formatting for us
2022-06-18 15:28:42 -04:00
DaneEveritt
7224ca81de
Fix bug preventing the creation of API keys with CIDR ranges
2022-06-18 14:21:20 -04:00
DaneEveritt
4f3651b578
Fix typo with identifier
2022-06-18 12:16:54 -04:00
DaneEveritt
0520014c0f
Add support for tracking when an activity event is triggered from an API key
2022-06-18 12:07:44 -04:00
DaneEveritt
92c1c162af
Code cleanup for facades
2022-06-18 12:07:32 -04:00
DaneEveritt
6ffe5730da
Log when an API key is blocked due to IP restrictions
2022-06-18 12:04:51 -04:00
DaneEveritt
68a654f9e8
Selectively show the additional metadata if it isn't in the display string at all
2022-06-12 15:30:49 -04:00
DaneEveritt
2f1c8ae91d
Add basic server activity log view
2022-06-12 15:16:48 -04:00
DaneEveritt
0b4936ff1c
Break out rows for activity; show metadata icon
2022-06-12 15:08:26 -04:00
DaneEveritt
986c375052
Improve support for use of i18next; rely on browser caching to keep things simple
2022-06-11 14:04:09 -04:00
DaneEveritt
d1da46c5aa
Fix incorrect API definitions
2022-06-05 18:28:08 -04:00
DaneEveritt
8771597560
Fix database deletion; closes #4114
...
Co-Authored-By: Dawid <minerpl03@gmail.com>
2022-06-05 13:28:46 -04:00
DaneEveritt
03a497fb8a
Use a post request to delete SSH keys, some hashes use slashes which cause 404 errors; closes #4100
2022-05-30 17:28:42 -04:00
DaneEveritt
4213775b5c
Fix mounting behavior to work correctly when adding to a server
2022-05-30 11:33:42 -04:00
Boy132
025e1a21ae
fix validator import ( #4094 )
2022-05-30 10:24:59 -04:00
DaneEveritt
9300e1116d
Fix failing tests
2022-05-29 20:39:51 -04:00
DaneEveritt
a5521ecb79
Add support for returning transforming activity logs on the front-end
2022-05-29 20:34:48 -04:00
DaneEveritt
e15985ea39
Add support for automatically pruning activity logs
2022-05-29 19:45:00 -04:00
DaneEveritt
9b7af02690
Add activity logging to most of the endpoints
2022-05-29 19:26:28 -04:00
DaneEveritt
287fd60891
Log activity when modifying account details
2022-05-29 18:48:35 -04:00
DaneEveritt
0b2c0db170
Remove last references to audit logs
2022-05-29 18:20:54 -04:00
DaneEveritt
0621d8475d
Return tests to passing now that we don't ignore a critical event...
2022-05-29 17:52:14 -04:00
DaneEveritt
09832cc558
Ensure we can properly create an activity log entry; always return soft-deleted models
2022-05-29 17:07:54 -04:00
DaneEveritt
2fc5a734f9
Update backup logic to use activity logs, not audit logs
2022-05-29 16:19:04 -04:00
DaneEveritt
cbecfff6da
Add activity logging for files
2022-05-29 13:56:39 -04:00
DaneEveritt
0999ad7ff0
Add activity logging for authentication events
2022-05-28 17:03:58 -04:00
DaneEveritt
5bb66a00d8
Add new activity logging code to replace audit log
2022-05-28 15:36:26 -04:00
DaneEveritt
c14c7b436e
Pass along new fields to Wings instance when endpoint is used; closes #4048
2022-05-28 13:45:23 -04:00
DaneEveritt
b051718afe
Fix up API handling logic for keys and set a prefix on all keys
2022-05-22 19:03:51 -04:00
DaneEveritt
3f99b00cf7
Fix display exception handling
2022-05-22 18:21:38 -04:00
DaneEveritt
dca53611ff
Ensure we don't cause a mess with the auth providers
2022-05-22 18:16:47 -04:00
DaneEveritt
3ae70efc14
Use existing method to handle the login
2022-05-22 17:26:32 -04:00
DaneEveritt
4d3362b24f
Perform a bit of code cleanup
2022-05-22 17:23:48 -04:00
DaneEveritt
be88e4e893
Ignore migrations, pass credentials
2022-05-22 17:01:39 -04:00
DaneEveritt
56f15c15a1
We can make this middleware significantly simpler
2022-05-22 16:54:07 -04:00
DaneEveritt
0fa33e0438
Mark a request as being stateful if a cookie for the session is provided at all
...
This accounts for poorly configured API clients that try to use cookies for authentication purposes. Treat everything with a session cookie as being a stateful request from the front-end.
2022-05-22 16:50:36 -04:00
DaneEveritt
33bafe9277
Simplify transformer logic
2022-05-22 16:23:22 -04:00
DaneEveritt
f7fc67344e
Ensure tokens are found in the database using the expected logic
2022-05-22 16:05:58 -04:00
DaneEveritt
e9c633fd03
Update transformers and controllers to no longer pull an API key attribute
2022-05-22 15:37:39 -04:00
DaneEveritt
bd37978a98
Initial pass at implementing Laravel Sanctum for authorization on the API
2022-05-22 14:57:06 -04:00
DaneEveritt
e313dff674
Massively simplify API binding logic
...
Changes the API internals to use normal Laravel binding which automatically supports nested-models and can determine their relationships. This removes a lot of confusingly complex internal logic and replaces it with standard Laravel code.
This also removes a deprecated "getModel" method and fully replaces it with a "parameter" method that does stricter type-checking.
2022-05-22 14:10:01 -04:00
DaneEveritt
05f41a2ca8
Don't trim strings on file manager endpoints; ref #4081
2022-05-21 16:58:06 -04:00
DaneEveritt
d4bf6bd46a
Add test coverage and fix permissions mistake
2022-05-15 17:30:57 -04:00
DaneEveritt
a9364061c1
Store keys in standard format; query with fingerprint not public key
2022-05-15 16:41:15 -04:00
DaneEveritt
b563f13d09
Trim the key provided to query correctly; don't increment throttles when keys aren't found
2022-05-15 16:23:17 -04:00
DaneEveritt
3d6a30c9fd
Oops, don't make this abstract
2022-05-15 16:06:00 -04:00
DaneEveritt
412ac5ef39
Have the panel handle all of the authorization for both public key and password based attempts
2022-05-15 16:00:08 -04:00
DaneEveritt
e856daee19
Reject requests for public key auth when the user has no keys
2022-05-15 15:47:06 -04:00
DaneEveritt
12927a3202
Update SFTP authentication endpoint to support returning user public keys
2022-05-15 15:37:58 -04:00
DaneEveritt
cca0010a00
Update egg import/update logic to all use the same pathwaus
2022-05-15 14:40:19 -04:00
DaneEveritt
6554164252
Add test coverage for the SSH key endpoints
2022-05-14 18:08:48 -04:00
DaneEveritt
97280a62a2
Add support for storing SSH keys on user accounts
2022-05-14 17:31:53 -04:00
DaneEveritt
5705d7dbdd
Run php-cs-fixer
2022-05-14 16:03:50 -04:00
DaneEveritt
65f27d41a2
Switch to more recent Laravel route definition methods
2022-05-14 15:51:05 -04:00
DaneEveritt
97a7959096
Support outputting all of the nodes on the instance
2022-05-13 21:49:06 -04:00
DaneEveritt
3f47d7a12c
Allow returning the node configuration from the CLI; closes pterodactyl/panel#4047
2022-05-13 21:30:16 -04:00
DaneEveritt
100d4ee726
Remove more unnecessary translations
2022-05-12 17:53:29 -04:00
DaneEveritt
c8faf64059
Support naming docker images on eggs; closes #4052
...
Bumps PTDL_v1 export images to PTDL_v2, updates the Minecraft specific eggs to use named images.
2022-05-07 17:45:22 -04:00
DaneEveritt
634b80ed42
Add support for filtering allocations to determine if they're assigned or not; closes #3872
2022-05-07 16:16:11 -04:00
DaneEveritt
e88d24e0db
Don't allow allocations to be deleted by users if no limit is defined; closes #3703
2022-05-07 15:05:28 -04:00
DaneEveritt
c751ce7f44
Allow more values for remote field when creating a database; closes #3842
2022-05-07 14:17:10 -04:00
DaneEveritt
b07fdc100c
Don't run schedules when a server is suspended or installing; closes #4008
2022-05-04 20:41:53 -04:00
DaneEveritt
8c63eebf13
Fix fractal errors
2022-05-04 19:35:10 -04:00
DaneEveritt
530558b0f8
Update deprecated JSON response creation and unnecessary middleware
2022-05-04 19:23:01 -04:00
DaneEveritt
4252014d18
Update includes definition to match updated package requirements
2022-05-04 19:11:42 -04:00
DaneEveritt
34ffaebd3e
Run cs-fix, ensure we only install dependency versions supporting 7.4+
2022-05-04 19:01:29 -04:00
Jim C K Flaten
2680fe4c8e
Feature/task order ( #3807 )
2022-03-28 12:31:35 -07:00
FabianS
82818414a3
Ability to create nodes with artisan ( #3319 )
2022-03-28 12:28:16 -07:00
Георгий Пронюк
281256e17c
Grant all necessary permissions to generated SQL users ( #3800 )
...
* grant all necessary permissions to users
* fix CREATE TEMPORARY TABLES
Co-authored-by: A248 <theanandbeh@gmail.com>
Co-authored-by: A248 <theanandbeh@gmail.com>
Co-authored-by: Matthew Penner <me@matthewp.io>
2022-03-28 12:22:37 -07:00
Alex
5120590e47
ref: remove google analytics ( #3912 )
2022-02-05 09:08:43 -08:00
Dane Everitt
0a4ba6a7dc
Force https on URLs when behind proxy; closes #3623
2022-01-23 12:58:44 -05:00
Dane Everitt
dfa329ddf2
[security] ensure session is only for that request when authenticating user API key
...
https://github.com/pterodactyl/panel/security/advisories/GHSA-7v3x-h7r2-34jv
2022-01-19 21:09:17 -05:00