463f465dea
Block viewing node allocations and location unless user has permission
...
Blocks viewing the allocation list and location for a node unless a
user has permission to view the node in the first place.
2017-04-08 12:07:17 -04:00
4479d3bf19
Improved logic for handling permissions on API routes.
...
Still only partially implemented, however this method will allow the
inclusion of data that is granted with servers (such as viewing more
about the node, node location, allocations, etc) while still limiting
someone from doing `?include=node.servers` and listing all servers when
they don’t have list-servers as a permission.
2017-04-08 12:05:29 -04:00
db4df2bfa1
Push basis of new API key policy
...
Will need to revisit this another day when I’m fresh to figure out the
best method to do this.
2017-04-07 21:25:17 -04:00
51204b8d9d
Add all of the potential transformers that might be needed for now.
2017-04-07 20:28:58 -04:00
faa437b77b
Use the `current_password` not `password` field when verifying passwords.
2017-04-04 12:14:24 -04:00
65630bdcce
Move API to use JSON:API standards and fractal serializer
...
Makes the data slightly more complex, but forces a standard and can
always be changed down the road simply by changing the default
serializer.
2017-04-02 16:51:56 -04:00
c071efd008
Finish API routes for users.
2017-04-02 15:52:53 -04:00
97773300ed
Better middleware for routes, cleaned up API, removed old API calls
...
New API routes for Server allow specifying which fractal objects to
load into the request, thus making it possible to fine-tune what data
is returned.
2017-04-02 13:19:39 -04:00
93dc52bbc4
Fix broken status route spamming logs.
2017-04-02 11:06:44 -04:00
ddb82ac3ca
Add initial user server transformer for API.
2017-04-02 00:49:53 -04:00
87530cdc01
Initial moves to new API scheme.
...
Implements a better middleware for handling API authentication, as well
as cleaner route handling.
2017-04-02 00:11:52 -04:00
55bf26e518
Fix broken status route spamming logs.
2017-04-01 22:52:27 -04:00
e5f3678c62
Fix login routes
2017-04-01 21:18:56 -04:00
5927e0e12a
Merge remote-tracking branch 'origin/develop' into develop
...
# Conflicts:
# app/Http/Controllers/Base/LanguageController.php
# app/Http/Kernel.php
# app/Http/Middleware/TrimStrings.php
# app/Providers/RouteServiceProvider.php
2017-04-01 21:03:10 -04:00
d80c59aad3
Cleanup routing mechanisms
2017-04-01 21:01:10 -04:00
9c303456fb
Update codebase to L5.4 ( #367 )
2017-04-01 17:59:43 -04:00
0a95d97d7f
Better support for redis as a backend
2017-04-01 16:31:18 -04:00
cbeecfe5e4
Implement front-end server searching 🍬
2017-04-01 13:14:49 -04:00
27d472195f
Misc. bug fixes
2017-04-01 12:29:56 -04:00
844ebfaf64
Add support for starting server on creation.
2017-04-01 12:29:49 -04:00
482bf4804d
Catch potential undefined result.
2017-03-31 23:37:46 -04:00
edaa270a33
Add server descriptions, closes #338 🐖
...
🐷 https://s3.kelp.in/D0n2Z.png
2017-03-31 23:07:19 -04:00
660cdca940
Hide random whitespace if there is only a single page
2017-03-31 22:14:56 -04:00
536865b22a
Remove deletion queue for servers. Just immediately delete.
2017-03-31 22:12:31 -04:00
2dec659dd1
Fix syntax error.
2017-03-31 21:47:53 -04:00
75119611b9
Update API settings page to display checkboxes correctly.
2017-03-31 21:46:40 -04:00
c7d4c3aa76
Send default response
2017-03-31 21:16:00 -04:00
ff57e2ff85
Cleanup recaptcha middleware
2017-03-31 21:12:49 -04:00
451dd7ebc8
Apply fixes from StyleCI ( #364 )
2017-03-31 20:48:35 -04:00
fe6a19096f
update CHANGELOG
2017-04-01 02:04:51 +02:00
e613e44749
fix #363
2017-04-01 01:58:05 +02:00
0ee80b1fec
fix captcha middleware using wrong function when disabled
2017-04-01 01:54:42 +02:00
fa04bb1aea
Delete .githold
2017-03-31 16:43:49 -04:00
14946eea31
closes #336
2017-03-31 16:42:12 -04:00
ac2e29e4a1
show users server where he is a subuser
...
fixes #209
2017-03-31 13:54:20 +02:00
ec0b55bcfe
fix missing path for Permission model in SubuserRepository
2017-03-31 12:50:58 +02:00
a51cf1ff47
remove ReCaptcha from views if it is disabled
2017-03-31 12:26:57 +02:00
207e0131fc
Merge branch 'develop' of github.com:Pterodactyl/Panel into improve-password-reset
2017-03-31 12:20:41 +02:00
142cbb0641
Add invisible ReCAPTCHA to login and password reset
2017-03-31 12:19:44 +02:00
1f0e95790a
🔒 Don't disclose if account exists when resetting passwords, closes #358
2017-03-30 17:44:20 -04:00
9106971565
closes #362
2017-03-30 16:30:22 -04:00
da003efb03
Fixes issue with DOCTYPE being discarded on JS injected views
2017-03-30 16:23:25 -04:00
b165f04b78
Fix up file display in sidebar as well as socket.io warnings, closes #357
2017-03-30 16:20:51 -04:00
95c739a3f3
Update subusers view
2017-03-30 15:31:02 -04:00
f2f834af49
update gitignore to ignore docker files
2017-03-28 00:13:24 +02:00
769b723913
Merge pull request #354 from Pterodactyl/analysis-zeLNpe
...
Apply fixes from StyleCI
2017-03-19 19:52:20 -04:00
f0057353ad
Apply fixes from StyleCI
2017-03-19 23:52:11 +00:00
c98d1dda26
Store sami configuration for others to use.
2017-03-19 19:51:26 -04:00
0312c974f5
Update doc blocks for all app/
2017-03-19 19:36:50 -04:00
5e27772fef
Very rough go at getting API back into operational state.
...
Not spending a lot of time on this as its a pre-release and I have
plans to overhaul the API to actually work and be easy to maintain.
2017-03-19 13:20:33 -04:00
Dane Everitt
Jakob Schrettenbrunner
