a2a4ab05c8
Corrected permissions to go with the more logical thought process
2017-04-09 15:35:49 -04:00
820d2bf172
Node and user API routes implemented.
...
More attempts at the logic for API permissions, most likely will need
continued tweaking in the future, but base is there.
2017-04-09 15:31:10 -04:00
f24b238e30
Base node route implementation
2017-04-09 13:52:31 -04:00
75b8753533
Simplify server and api key policy.
2017-04-09 13:34:47 -04:00
c492446513
Implement initial server and location API routes.
...
Also fixes a few exception handler issues causing incorrect HTTP status
codes on authorization errors.
2017-04-09 13:15:15 -04:00
10ee777eb7
Whoopsies! (fix route names)
2017-04-08 16:15:57 -04:00
463f465dea
Block viewing node allocations and location unless user has permission
...
Blocks viewing the allocation list and location for a node unless a
user has permission to view the node in the first place.
2017-04-08 12:07:17 -04:00
4479d3bf19
Improved logic for handling permissions on API routes.
...
Still only partially implemented, however this method will allow the
inclusion of data that is granted with servers (such as viewing more
about the node, node location, allocations, etc) while still limiting
someone from doing `?include=node.servers` and listing all servers when
they don’t have list-servers as a permission.
2017-04-08 12:05:29 -04:00
db4df2bfa1
Push basis of new API key policy
...
Will need to revisit this another day when I’m fresh to figure out the
best method to do this.
2017-04-07 21:25:17 -04:00
51204b8d9d
Add all of the potential transformers that might be needed for now.
2017-04-07 20:28:58 -04:00
faa437b77b
Use the `current_password` not `password` field when verifying passwords.
2017-04-04 12:14:24 -04:00
65630bdcce
Move API to use JSON:API standards and fractal serializer
...
Makes the data slightly more complex, but forces a standard and can
always be changed down the road simply by changing the default
serializer.
2017-04-02 16:51:56 -04:00
c071efd008
Finish API routes for users.
2017-04-02 15:52:53 -04:00
97773300ed
Better middleware for routes, cleaned up API, removed old API calls
...
New API routes for Server allow specifying which fractal objects to
load into the request, thus making it possible to fine-tune what data
is returned.
2017-04-02 13:19:39 -04:00
93dc52bbc4
Fix broken status route spamming logs.
2017-04-02 11:06:44 -04:00
ddb82ac3ca
Add initial user server transformer for API.
2017-04-02 00:49:53 -04:00
87530cdc01
Initial moves to new API scheme.
...
Implements a better middleware for handling API authentication, as well
as cleaner route handling.
2017-04-02 00:11:52 -04:00
55bf26e518
Fix broken status route spamming logs.
2017-04-01 22:52:27 -04:00
e5f3678c62
Fix login routes
2017-04-01 21:18:56 -04:00
5927e0e12a
Merge remote-tracking branch 'origin/develop' into develop
...
# Conflicts:
# app/Http/Controllers/Base/LanguageController.php
# app/Http/Kernel.php
# app/Http/Middleware/TrimStrings.php
# app/Providers/RouteServiceProvider.php
2017-04-01 21:03:10 -04:00
d80c59aad3
Cleanup routing mechanisms
2017-04-01 21:01:10 -04:00
9c303456fb
Update codebase to L5.4 ( #367 )
2017-04-01 17:59:43 -04:00
0a95d97d7f
Better support for redis as a backend
2017-04-01 16:31:18 -04:00
cbeecfe5e4
Implement front-end server searching 🍬
2017-04-01 13:14:49 -04:00
27d472195f
Misc. bug fixes
2017-04-01 12:29:56 -04:00
844ebfaf64
Add support for starting server on creation.
2017-04-01 12:29:49 -04:00
482bf4804d
Catch potential undefined result.
2017-03-31 23:37:46 -04:00
edaa270a33
Add server descriptions, closes #338 🐖
...
🐷 https://s3.kelp.in/D0n2Z.png
2017-03-31 23:07:19 -04:00
660cdca940
Hide random whitespace if there is only a single page
2017-03-31 22:14:56 -04:00
536865b22a
Remove deletion queue for servers. Just immediately delete.
2017-03-31 22:12:31 -04:00
2dec659dd1
Fix syntax error.
2017-03-31 21:47:53 -04:00
75119611b9
Update API settings page to display checkboxes correctly.
2017-03-31 21:46:40 -04:00
c7d4c3aa76
Send default response
2017-03-31 21:16:00 -04:00
ff57e2ff85
Cleanup recaptcha middleware
2017-03-31 21:12:49 -04:00
451dd7ebc8
Apply fixes from StyleCI ( #364 )
2017-03-31 20:48:35 -04:00
fe6a19096f
update CHANGELOG
2017-04-01 02:04:51 +02:00
e613e44749
fix #363
2017-04-01 01:58:05 +02:00
0ee80b1fec
fix captcha middleware using wrong function when disabled
2017-04-01 01:54:42 +02:00
fa04bb1aea
Delete .githold
2017-03-31 16:43:49 -04:00
14946eea31
closes #336
2017-03-31 16:42:12 -04:00
ac2e29e4a1
show users server where he is a subuser
...
fixes #209
2017-03-31 13:54:20 +02:00
ec0b55bcfe
fix missing path for Permission model in SubuserRepository
2017-03-31 12:50:58 +02:00
a51cf1ff47
remove ReCaptcha from views if it is disabled
2017-03-31 12:26:57 +02:00
207e0131fc
Merge branch 'develop' of github.com:Pterodactyl/Panel into improve-password-reset
2017-03-31 12:20:41 +02:00
142cbb0641
Add invisible ReCAPTCHA to login and password reset
2017-03-31 12:19:44 +02:00
1f0e95790a
🔒 Don't disclose if account exists when resetting passwords, closes #358
2017-03-30 17:44:20 -04:00
9106971565
closes #362
2017-03-30 16:30:22 -04:00
da003efb03
Fixes issue with DOCTYPE being discarded on JS injected views
2017-03-30 16:23:25 -04:00
b165f04b78
Fix up file display in sidebar as well as socket.io warnings, closes #357
2017-03-30 16:20:51 -04:00
95c739a3f3
Update subusers view
2017-03-30 15:31:02 -04:00
Dane Everitt
Jakob Schrettenbrunner
