Commit Graph

22 Commits

Author SHA1 Message Date
Chaim Lev-Ari b8ecadb314 feat(useractivity): introduce auth logs (#203) 2021-04-07 16:54:07 +12:00
Dmitry Salakhov e15b908983 Feat(backup): add the ability to backup and restore portainer from file [EE-279] (#204)
* EE-319: backup endpoint (#193)

* feat(backup):
* add an orbiter to block writes while backup
* add backup handler
* add an ability to tar.gz a dir
* add aes encryption support

* EE-320: restore endpoint (#196)

* feat(backup):
* add restore handler
* re-init system state after restore

* feat(backup): Update server to respect readonly lock (#199)

* feat(backup): EE-322 Add backup and restore screen (#198)

Co-authored-by: Simon Meng <simon.meng@portainer.io>

* name archive as portainer-backup_yyyy-mm-dd_hh-mm-ss

* backup custom templates and edge jobs

* restart http and proxy servers after restore to re-init internal state

* feat(backup): EE-322 hide password field if password protect toggle is off

* feat(backup): EE-322 add tooltip for password field of restore backup

* feat(backup): EE-322 wait for backend restart after restoring

* Shutdown background go-routines

* changed restore err message when cannot extract

* fix: symlinks are ignored from backups

* replace single admin check with a restartable monitor (#238)

* clean log

Co-authored-by: Maxime Bajeux <max.bajeux@gmail.com>
Co-authored-by: cong meng <mcpacino@gmail.com>
Co-authored-by: Simon Meng <simon.meng@portainer.io>
2021-04-06 15:41:41 +12:00
Stéphane Busso 428ac54b08 fix(license): better error message when login with no valid license (#99)
* fix(license): better error message when login with no valid license

* add authenticateOAuth
2020-11-21 08:37:48 +13:00
Chaim Lev-Ari 15ce12e7b7 feat(license): introduce license management (#31)
* feat(license): add liblicense dep

* feat(license): add bolt license service

* feat(license): introduce license service

* feat(license): validate license before adding

* feat(license): aggregate info after changing of licenses

* feat(http): implement http handlers

* feat(license-management): introduce license service

* feat(licenses): introduce empty view

* feat(license-management): add datatable

* feat(licenses): show license info

* fix(license): inject services

* feat(licenses): add buttons to buy/renew license

* feat(licenses): introduce add license route

* feat(licenses): add license form

* feat(license): datatable

* feat(license): show more details about license

* refactor(license): rename components name

* feat(licenses): show expiration date

* feat(license): introduce init license route

* feat(license): validate license

* feat(license): save licenses

* feat(bouncer): check if license is valid on restricted

* feat(bouncer): remove license check on api

* feat(home): add node warning

* feat(licenses): remove license

* feat(licenses): listen to info changes

* feat(license): show license expiration message

* feat(license): block regular users from licenses view

* feat(license): prevent removing of last license

* fix(license): show message when failed delete

* feat(license): remove trial license when applying oneoff

* feat(license): hide the number of nodes for trial

* feat(auth): disable login if license is invalid

* feat(licenses): add confirmation before removal of license

* feat(nodes): count nodes in env

* feat(license): show message if nodes exceed allowed

* feat(deps): update liblicense

* feat(licenses): show validation errors

* feat(license): use information panel for node info

* fix(license): reload license data on remove

* fix(license): always send list of failed keys

* fix(license): rename buttons

* feat(license): replace icon

* feat(license): add link to licenses page in add license

* fix(licenses): show green valid icon

* fix(licenses): rename expires at

* fix(licenses): rename Attach to add

* fix(licenses): show license type label

* feat(license): aggregate revoked info

* chore(deps): update liblicense

* fix(license): remove space

* fix(sidebar): align icon

* fix(license): change info layout

* feat(license): aggregate only valid licenses

* fix(licenses): move add license to a new line

* style(license): remove console

* refactor(license): move license line to component

* feat(license): check server validation

* fix(licenses): check form validation before submit

* feat(licenses): send only invalid licenses

* fix(license):  hide panels when not needed

* feat(licnese): receive a single license on init

* refactor(header): move header to module

* feat(license): move license panel to header

* fix(header): set min height

* fix(home): show node warning only if subscription

* feat(licenses): minor UI updates

* feat(licenses): minor UI update

* feat(licenses-datatable): add copy button

* fix(licenses-datatable): show date without hours

* feat(license): show expiration message

* fix(users): get user info only on restriced access

* fix(license): clear check for single license

Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
2020-11-02 19:10:57 +13:00
Chaim Lev-Ari 8dba19694a feat(roles-management): integrate rbac extension (#6)
* refactor(rbac): move client extension code

* feat(app): remove checks for extension

* feat(rbac): remove checks for extensions

* feat(extensions): remove reference to rbac extensions

* feat(roles): add changes from codebase before removal of rbac

* refactor(security): remove rbac service

* refactor(security): use AdminAccess as an alias

* fix(access): rename policies type

* style(security): add comment about Aliasing AdminAccess to RestrictedAccess

* feat(bolt): add auth migration from ce to ee

* feat(stacks): use authorized access to stop/start stacks

* fix(bolt): supply right params to migrator

* feat(rbac): get authorization on client side
2020-10-07 23:21:14 +13:00
Chaim Lev-Ari 9d18d47194 feat(extensions): remove rbac extension (#4157)
* feat(extensions): remove rbac extension client code

* feat(extensions): remove server rbac code

* remove extensions code

* fix(notifications): remove error

* feat(extensions): remove authorizations service

* feat(rbac): deprecate fields

* fix(portainer): revert change

* fix(bouncer): remove rbac authorization check

* feat(sidebar): remove roles link

* fix(portainer): remove portainer module
2020-08-11 17:41:37 +12:00
Chaim Lev-Ari db4a5292be refactor(errors): reorganize errors (#3938)
* refactor(bolt): move ErrObjectNotFound to bolt

* refactor(http): move ErrUnauthorized to http package

* refactor(http): move ErrResourceAccessDenied to http errors

* refactor(http): move security errors to package

* refactor(users): move user errors to users package

* refactor(errors): move single errors to their package

* refactor(schedules): move schedule error to package

* refactor(http): move endpoint error to http package

* refactor(docker): move docker errors to package

* refactor(filesystem): move filesystem errors to package

* refactor(errors): remove portainer.Error

* style(chisel): reorder imports

* fix(stacks): remove portainer.Error
2020-07-08 09:57:52 +12:00
Chaim Lev-Ari 7c3b83f6e5 refactor(portainer): introduce internal package (#3924)
* refactor(auth): move auth helpers to internal package

* refactor(edge-compute): move edge helpers to internal package

* refactor(tags): move tags helper to internal package

* style(portainer): sort imports
2020-06-16 19:58:16 +12:00
Chaim Lev-Ari b02749f877 feat(auth): add custom user timeout (#3871)
* feat(auth): introduce new timeout constant

* feat(auth): pass timeout from handler

* feat(auth): add timeout selector to auth settings view

* feat(settings): add user session timeout property

* feat(auth): load user session timeout from settings

* fix(settings): use correct time format

* feat(auth): remove no-auth flag

* refactor(auth): move timeout mgmt to jwt service

* refactor(client): remove no-auth checks from client

* refactor(cli): remove defaultNoAuth

* feat(settings): create settings with default user timeout value

* refactor(db): save user session timeout always

* refactor(jwt): return error

* feat(auth): set session timeout in jwt service on update

* feat(auth): add description and time settings

* feat(auth): parse duration

* feat(settings): validate user timeout format

* refactor(settings): remove unneccesary import
2020-06-09 21:55:36 +12:00
Anthony Lapenna 25103f08f9 feat(api): introduce new datastore interface (#3802)
* feat(api): introduce new datastore interface

* refactor(api): refactor http and main layers

* refactor(api): refactor http and bolt layers
2020-06-03 11:40:04 +12:00
Anthony Lapenna e0d83db609 fix(authentication/ldap): fix an issue with authorizations not updated after ldap login (#3577) 2020-02-25 18:54:32 +13:00
Anthony Lapenna 29b7eeef5a fix(api): trigger an authorization update after auto-provisioning users (#3428) 2019-12-04 15:32:55 +13:00
Anthony Lapenna 42d4e1e11c fix(api): prevent panic in auth when OAuth is enabled (#3179) 2019-09-24 11:03:44 +12:00
Anthony Lapenna 7d76bc89e7 feat(api): relocate authorizations outside of JWT (#3079)
* feat(api): relocate authorizations outside of JWT

* fix(api): update user authorization after enabling the RBAC extension

* feat(api): add PortainerEndpointList operation in the default portainer authorizations

* feat(auth): retrieve authorization from API instead of JWT

* refactor(auth): move permissions retrieval to function

* refactor(api): document authorizations methods
2019-09-10 10:58:26 +12:00
Anthony Lapenna 4349f5803c fix(api): fix missing default Portainer permissions for users 2019-05-27 09:31:20 +12:00
Anthony Lapenna 8057aa45c4 feat(extensions): introduce RBAC extension (#2900) 2019-05-24 18:04:58 +12:00
Anthony Lapenna 14845a4a53 refactor(api): refactor base import path (#2788)
* refactor(api): refactor base import path

* fix(build-system): update build_binary_devops

* fix(build-system): fix build_binary_devops for linux

* fix(build-system): fix build_binary_devops for Windows
2019-03-21 14:20:14 +13:00
Anthony Lapenna b24891a6bc refactor(api): introduce libhttp usage (#2263) 2018-09-10 12:01:38 +02:00
Anthony Lapenna 113da93145 feat(authentication): add a setting to toggle automatic user provisioning when u… (#2068)
* feat(api): add a setting to toggle automatic user provisioning when using LDAP authentication

* fix(auth): fix an issue with AutoCreateUsers disabled
2018-07-24 08:49:17 +02:00
Olli Janatuinen cec878b01d feat(authentication/ldap): Auto create and assign LDAP users (#2042) 2018-07-23 06:57:38 +02:00
Anthony Lapenna d7ff14777f refactor(api): restructure bolt package (#1981)
* refactor(api): bolt package refactor

* refactor(api): refactor bolt package
2018-06-19 13:15:10 +02:00
Anthony Lapenna e3d564325b feat(stacks): support compose v2.0 stack (#1963) 2018-06-11 15:13:19 +02:00