bf9cbe2c6d
Add consistent CSRF token verification to API endpoints; address security concern with non-CSRF protected endpoints
2021-11-16 20:02:18 -08:00
45999ba4ee
(security) use POST for logout rather than GET
...
see https://github.com/pterodactyl/panel/security/advisories/GHSA-m49f-hcxp-6hm6
2021-10-23 13:00:21 -07:00
22a8b2b3a2
Use more standardized rate limiting in Laravel; apply limits to auth routes
2021-10-23 12:17:16 -07:00
5d5e4ca7b1
Add support for locking backups to prevent any accidental deletions
2021-05-03 21:26:09 -07:00
1b2c4931ee
Add endpoint logic necessary to reset server states if they get stuck installing/restoring when wings restarts
2021-02-23 21:20:02 -08:00
00da092e45
Fix tests
2021-01-30 19:12:22 -08:00
663143de0b
Merge branch 'develop' into dane/restore-backups
2021-01-25 19:16:40 -08:00
a043071e3c
Update to Laravel 8
...
Co-authored-by: Matthew Penner <me@matthewp.io>
2021-01-23 12:12:54 -08:00
e8dcd30e0c
[security] fix resources not properly returning an error when they don't match the server in the URL
...
Prior to this fix certain resources were accessible even when their assigned server was not the same as the server in the URL. This causes the resource server relationship to not match the server variable present on the request.
Due to this failed logic it was possible for users to access resources they should not have been able to access otherwise for some areas of the panel.
2021-01-19 21:19:17 -08:00
f24193801a
Add endpoint for triggering restoration completion
2021-01-18 21:14:49 -08:00
187df97590
Add UI for restoring backup checkpoint text
2021-01-17 18:25:13 -08:00
ddc4c8e54b
Fix route def
2021-01-17 17:57:34 -08:00
ff21d83e2d
Add endpoint to get all nodes meeting memory & disk requirements for a server; closes #1012
2021-01-10 13:08:43 -08:00
87e9d5e82a
Throttle pulls
2020-12-25 15:09:02 -08:00
087c41d5ac
Add endpoint to pull a remote file down
2020-12-24 09:15:03 -08:00
5bbb36b3cf
Support updating docker image for a server from the frontend
2020-12-13 11:07:29 -08:00
d22456d9ca
Block API access when 2FA is required on account; closes #2791
2020-12-06 13:56:14 -08:00
8611ebb2d6
Add /api/client/servers/{server}/files/chmod endpoint
2020-12-04 09:24:06 -07:00
85af073438
Switch to s3 multipart uploads for backups
2020-11-01 15:27:43 -07:00
c6bd7ff661
Improve logic handle auto-allocation of ports for a server
2020-10-31 14:58:15 -07:00
665a4dd8a4
Merge branch 'develop' into develop
2020-10-31 13:47:12 -07:00
c1ee0ac4f8
Add support for executing a scheduled task right now
2020-10-14 20:38:59 -07:00
8f8bd0be83
Added Automatic Allocations
...
Known issues:
- Port range to auto create is hard coded
- React interface is still a WIP.
2020-09-28 11:50:34 -04:00
3c7ffaaadb
Remove all references of packs from the Panel
2020-09-13 11:13:37 -07:00
179885b546
Add endpoint to return startup variables; send back modified startup when a variable is edited
2020-08-25 19:22:17 -07:00
54f9c5f187
Merge branch 'develop' into feature/file-uploads
2020-08-22 18:33:09 -07:00
91cdbd6c2e
Support modifying startup variables for servers
2020-08-22 18:13:59 -07:00
61e9771333
Code cleanup for subuser API endpoints; closes #2247
2020-08-19 20:21:12 -07:00
b52fc0b4d9
Fix recaptcha handling during login & password reset flows; closes #2064
2020-08-01 21:08:35 -07:00
1a6669aa5c
Add endpoint support for decompressing files
2020-07-14 21:16:49 -07:00
1d2acbd5b4
Get basic file upload functionality working
2020-07-12 16:42:32 -06:00
0d35ab95fd
Merge pull request #1915 from pterodactyl/feature/server-mounts
...
Add configurable server mounts
2020-07-11 17:19:25 -07:00
2653321fc2
Support renaming multiple files at once
2020-07-11 16:00:30 -07:00
82bc9e617b
Add support for compressing items in the file manager
2020-07-11 13:38:49 -07:00
295f09ca43
Merge branch 'develop' into feature/server-mounts
2020-07-11 12:29:30 -06:00
2278927fb6
Update allocations to support ids; protect endpoints; support notes
2020-07-09 20:36:08 -07:00
fc9054312d
Support modifying the primary allocation for a server
2020-07-09 19:56:46 -07:00
0eb29dac9c
Add mount_server table, fix wrong field type on other many to many tables, add routes for mounting and unmounting mounts on a server, finish server admin mounts page
2020-05-21 14:23:12 -06:00
fa902cc074
Add mounts page to server admin view
2020-05-21 13:19:59 -06:00
34f718a8b1
Finish mount admin view page, add unique index to migration
2020-05-20 20:50:56 -06:00
0db7debb46
Add mount update and deletion services, add MountController@update and MountController@delete
2020-05-20 19:35:30 -06:00
77150b2551
Add increment id to mount, add basic mount view page
2020-05-20 19:17:35 -06:00
a4af8ec977
Add the ability to create mounts
2020-05-20 18:55:59 -06:00
a750362e5a
Move MountController.php
2020-05-20 18:45:00 -06:00
59a150148a
feature/server-mounts initial commit
2020-05-20 17:29:03 -06:00
57f7aa1638
Remove unused routes; closes #2039
2020-05-17 14:20:43 -07:00
6056b6f45d
Show console when an admin is viewing an installing server
2020-04-26 13:21:39 -07:00
81f7734df2
Update endpoints for managing backups
2020-04-17 10:21:51 -07:00
fda88940f7
Fix up node autodeployment
2020-04-12 17:20:09 -07:00
94d46affb8
Merge branch 'develop' into enhancement/wings-improved-server-loading
2020-04-10 16:23:46 -06:00
Dane Everitt
Matthew Penner
Caleb