* fix(edge-jobs): HTTP 404 on file upload
* fix(edge-jobs): state 'edge job' in message on edge job removal instead of 'stack'
* fix(api/edge-jobs): save changes on edge-jobs update
* feat(password) EE-2690 enforce strong password policy
* feat(password) EE-2690 disable create user button if password is not valid
* feat(password) EE-2690 show force password change warning only when week password is detected
* feat(password) EE-2690 prevent users leave account page by clicking add access token button
Co-authored-by: Simon Meng <simon.meng@portainer.io>
* EE-2128 take agent_sceret into account
* EE-2128 align output code
* EE-2128 fix copy command error
* EE-2128 align code
* EE-2128 fix typo
* Update endpoint.html
remove glint auto changes
* EE-2128 Format html with Prettier
* EE-2128 Adjust UI for dark mode and adopt AGENT_SECRET on k8s automatically
* EE-2128 fix bug created by merge
* EE-2128 Move the initailization of AGENT_SECRET to main.go
* EE-2128 read AGENT_SECRET when settings is initializing
* feat(app/registries): add name uniqueness validation on registry creation
* feat(api/registry): enforce name uniqueness on registry creation
* feat(api/registry): enforce name uniqueness on registry update
* feat(app/registry): enforce name uniqueness on registry update
* feat(registries): allow non-admin users to see environment registries
* remove unused function
* fix error message
* fix test
* fix imports order
* feat(registry): check access first, add parameters name
* use registryID
* fix(sidebar): allow standard users to see endpoint registries view
Co-authored-by: LP B <xAt0mZ@users.noreply.github.com>
This PR solves the issue that the Portainer instance will be always accessible in certain cases, like `restart: always` setting with docker run, even if the administrator is not created in the first 5 minutes.
The solution is that the user will be redirected to a timeout page when any actions, such as refresh the page and click button, are made after administrator initialisation window(5 minutes) timeout.
* refactor(azure/aci): migrate sidebar to react [EE-2569]
* add test files
* add story
* fix(sidebar): get styles from sidebar
* make suggested changes + update icon story
* use template in second story + change some english
* use camel case in test
* use icon instead of span
* refactor(types): use existing environmentid type
Co-authored-by: Chaim Lev-Ari <chiptus@gmail.com>
* refactor(http): parse axios errors (#6325)
* refactor(home): use endpoint-list as react component [EE-1814] (#6060)
* refactor(home): use endpoint-list as react component
fix(home): add missing features and refactors
- kubebutton
- group name
- poll when endpoint is off
- state management
refactor(endpoints): use stat component
fix(endpoints): add space between items
refactor(endpoints): move stats to components
refactor(endpoints): fetch time
refactor(home): move logic
refactor(home): move fe render logic
refactor(settings): use vanilla js for publicSettings
refactor(kube): remove angular from kube config service
feat(home): add kubeconfig button
feat(home): send analytics when opening kubeconfig modal
fix(home): memoize footer
refactor(home): use react-query for loading
fix(home): show correct control for kubeconfig modal
refactor(home): use debounce
refactor(home): use new components
refactor(home): replace endpoints with environments
refactor(home): move endpoint-list component to home
fix(home): show group name
refactor(home): use switch for environment icon
fix(kubeconfig): fix default case
refactor(axios): use parse axios error
refactor(home): use link components for navigate
fix(home): align azure icon
refactor(home): refactor stats
refactor(home): export envstatusbadge
refactor(home): remove unused bindings
* chore(home): write tests for edge indicator
* chore(home): basic stories for environment item
* style(settings): reformat
* fix(environments): add publicurl
* refactor(home): use table components
* refactor(datatables): merge useSearchBarState
* refactor(home): fetch group in env item
* chore(tests): basic tests
* chore(home): test when no envs
* refactor(tags): use axios for tagService
* refactor(env-groups): use axios for getGroups
* feat(app): ui-state context provider
* refactor(home): create MotdPanel
* refactor(app): create InformationPanel
* feat(endpoints): fetch number of total endpoints
* refactor(app): merge hooks
* refactor(home): migrate view to react [EE-1810]
fixes [EE-1810]
refactor(home): wip use react view
feat(home): show message if no endpoints
refactor(home): show endpoint list
refactor(home): don't use home to manage link
refactor(home): move state
refactor(home): check if edge using util
refactor(home): move inf panels
chore(home): tests
refactor(home): load groups and tags in env-item
refactor(settings): revert publicSettings change
refactor(home): move confirm snapshot method
* fix(home): show tags
* fix(environments): handle missing snapshots
* fix(kube/volumes): fetch pesistent volume claims
* refactor(kube): remove use of endpointProvider
* refactor(endpoints): set current endpoint
* chore(home): add data-cy for tests
* chore(tests): mock axios-progress-bar
* refactor(home): move use env list to env module
* feat(app): sync home view changes with ee
* fix(home): sort page header
* fix(app): fix tests
* chore(github): use yarn cache
* refactor(environments): load list of groups
* chore(babel): remove auto 18n keys extraction
* chore(environments): fix tests
* refactor(k8s/application): use current endpoint
* fix(app/header): add margin to header
* refactor(app): remove unused types
* refactor(app): use rq onError handler
* refactor(home): wrap element with button
* fix(endpoints): fix broken style (release) [EE-2659]
* fix(endpoints): show margin under env var field [EE-2659]
Co-authored-by: Chaim Lev-Ari <chiptus@gmail.com>
* refactor(azure/aci): migrate dashboard view to react [EE-2189]
* move aggregate function to azure utils file
* fix type
* introduce dashboard item component
* add error notificatons
* hide resource groups widget if failed to load
* make dashboard a default export
* revert mistake
* refactor based on suggestions
* use object for error data instead of array
* return unused utils file
* move length calculations out of return statement
* only return first error of resource groups queries
* refactor imports/exports, fix bug with errors & add test
* WIP dashboard tests
* allow mocking multiple resource groups
* test for total number of resource groups
* update lock file to fix lint action issue
* finish dashboard tests
* dashboarditem story
* fix(auth): remove caching of user
* add option for link to dashboard item
* rename dashboard test case to match file
* remove optional link and update storybook
* create aria label based on already provided text
* change param name to be clearer
* fix(templates): EE-2117: show docker-compose app templates when in swarm mode and the user selects 'showContainers
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* fix(templates): keep original behavior for standalone
* fix(templates): display all templates on Swarm
* refactor(templates): update method name
Co-authored-by: deviantony <anthony.lapenna@portainer.io>
* fix(settings): clear helm url if requested [EE-2494]
fix [EE-2494]
before this PR, helm url would clear when updating settings, if the helm url key wasn't provided.
in this PR, it will be changed only if required
* fix(settings): allow empty helm repo
* chore(deps): run yarn
* fix(settings): set helm repo url
* refactor(storidge): remove Storidge support from backend
* refactor(storidge): remove Storidge support from backend
* refactor(storidge): remove Storidge support from frontend
* refactor(app): create access-control-form react component [EE-2332]
fix [EE-2332]
* chore(tests): setup msw for async tests and stories
chore(sb): add msw support for storybook
* refactor(access-control): move loading into component
* fix(app): fix users and teams selector stories
* chore(access-control): write test for validation
* feat(webhook) EE-2125 add some helpers to registry utils
* feat(webhook) EE-2125 persist registryID when creating a webhook
* feat(webhook) EE-2125 send registry auth header when executing a webhook
* feat(webhook) EE-2125 send registryID to backend when creating a service with webhook
* feat(webhook) EE-2125 use the initial registry ID to create webhook on editing service screen
* feat(webhook) EE-2125 update webhook when update registry
* feat(webhook) EE-2125 add endpoint of update webhook
* feat(webhook) EE-2125 code cleanup
* feat(webhook) EE-2125 fix a typo
* feat(webhook) EE-2125 fix circle import issue with unit test
Co-authored-by: Simon Meng <simon.meng@portainer.io>
* fix(k8s/ingress): ensure new ports are only added to ingress only if app is published via ingress
* refactor(k8s/ingress): removed deleted ports of ingress in a single pass
* feat(access-token): Multi-auth middleware support EE-1891 (#5936)
* AnyAuth middleware initial implementation with tests
* using mux.MiddlewareFunc instead of custom definition
* removed redundant comments
* - ExtractBearerToken bouncer func made private
- changed helm token handling functionality to use jwt service to convert token to jwt string
- updated tests
- fixed helm list broken test due to missing token in request context
* rename mwCheckAuthentication -> mwCheckJWTAuthentication
* - introduce initial api-key auth support using X-API-KEY header
- added tests to validate x-api-key request header presence
* updated core mwAuthenticatedUser middleware to support multiple auth paradigms
* - simplified anyAuth middleware
- enforcing authmiddleware to implement verificationFunc interface
- created tests for middleware
* simplify bouncer
Co-authored-by: Dmitry Salakhov <to@dimasalakhov.com>
* feat(api-key): user-access-token generation endpoint EE-1889 EE-1888 EE-1895 (#6012)
* user-access-token generation endpoint
* fix comment
* - introduction of apikey service
- seperation of repository from service logic - called in handler
* fixed tests
* - fixed api key prefix
- added tests
* added another test for digest matching
* updated swagger spec for access token creation
* api key response returns raw key and struct - easing testability
* test for api key prefix length
* added another TODO to middleware
* - api-key prefix rune -> string (rune does not auto-encode when response sent back to client)
- digest -> pointer as we want to allow nil values and omit digest in responses (when nil)
* - updated apikey struct
- updated apikey service to support all common operations
- updated apikey repo
- integration of apikey service into bouncer
- added test for all apikey service functions
- boilerplate code for apikey service integration
* - user access token generation tests
- apiKeyLookup updated to support query params
- added api-key tests for query params
- added api-key tests for apiKeyLookup
* get and remove access token handlers
* get and remove access token handler tests
* - delete user deletes all associated api keys
- tests for this functionality
* removed redundant []byte cast
* automatic api-key eviction set within cache for 1 hour
* fixed bug with loop var using final value
* fixed service comment
* ignore bolt error responses
* case-insensitive query param check
* simplified query var assignment
* - added GetAPIKey func to get by unique id
- updated DeleteAPIKey func to not require user ID
- updated tests
* GenerateRandomKey helper func from github.com/gorilla/securecookie moved to codebase
* json response casing for api-keys fixed
* updating api-key will update the cache
* updated golang LRU cache
* using hashicorps golang-LRU cache for api keys
* simplified jwt check in create user access token
* fixed api-key update logic on cache miss
* Prefix generated api-keys with `ptr_` (#6067)
* prefix api-keys with 'ptr_'
* updated apikey description
* refactor
Co-authored-by: Dmitry Salakhov <to@dimasalakhov.com>
* helm list test refactor
* fixed user delete test
* reduce test nil pointer errors
* using correct http 201 created status code for token creation; updated tests
* fixed swagger doc user id path param for user access token based endpoints
* added api-key security openapi spec to existing jwt secured endpoints (#6091)
* fixed flaky test
* apikey datecreated and lastused attrs converted to unix timestamp
* feat(user): added access token datatable. (#6124)
* feat(user): added access token datatable.
* feat(tokens): only display lastUsed time when it is not the default date
* Update app/portainer/views/account/accountController.js
Co-authored-by: zees-dev <63374656+zees-dev@users.noreply.github.com>
* Update app/portainer/views/account/accountController.js
Co-authored-by: zees-dev <63374656+zees-dev@users.noreply.github.com>
* Update app/portainer/views/account/accountController.js
Co-authored-by: zees-dev <63374656+zees-dev@users.noreply.github.com>
* Update app/portainer/components/datatables/access-tokens-datatable/accessTokensDatatableController.js
Co-authored-by: zees-dev <63374656+zees-dev@users.noreply.github.com>
* Update app/portainer/services/api/userService.js
Co-authored-by: zees-dev <63374656+zees-dev@users.noreply.github.com>
* feat(improvements): proposed datatable improvements to speed up dev time (#6138)
* modal code update
* updated datatable filenames, updated controller to be default class export
* fix(access-token): code improvement.
Co-authored-by: zees-dev <63374656+zees-dev@users.noreply.github.com>
* feat(apikeys): create access token view initial implementation EE-1886 (#6129)
* CopyButton implementation
* Code component implementation
* ToolTip component migration to another folder
* TextTip component implementation - continued
* form Heading component
* Button component updated to be more dynamic
* copybutton - small size
* form control pass tip error
* texttip small text
* CreateAccessToken react feature initial implementation
* create user access token angularjs view implementation
* registration of CreateAccessToken component in AngularJS
* user token generation API request moved to angular service, method passed down instead
* consistent naming of access token operations; clustered similar code together
* any user can add access token
* create access token page routing
* moved code component to the correct location
* removed isadmin check as all functionality applicable to all users
* create access token angular view moved up a level
* fixed PR issues, updated PR
* addressed PR issues/improvements
* explicit hr for horizontal line
* fixed merge conflict storybook build breaking
* - apikey test
- cache test
* addressed testing issues:
- description validations
- remove token description link on table
* fix(api-keys): user role change evicts user keys in cache EE-2113 (#6168)
* user role change evicts user api keys in cache
* EvictUserKeyCache -> InvalidateUserKeyCache
* godoc for InvalidateUserKeyCache func
* additional test line
* disable add access token button after adding token to prevent spam
Co-authored-by: Dmitry Salakhov <to@dimasalakhov.com>
Co-authored-by: fhanportainer <79428273+fhanportainer@users.noreply.github.com>
* feat(logs): added orange border to export button.
* fix(ldap): fixed connectivity check radio button alignment issue
* fix(be-feature): added box shadow to limited feature border
* fix(be-feature): fixed hide internal auth toggle issue.
* feat(ldap): added isLimitedFeatureSelfContained config to ldap-custom-admin-group and test-login components
* feat(auth): moved save settings button in auth page to a component.
* feat(oauth): use saveSettingsButton component in oauth
* feat(oauth): use saveSettingsButton component in internal auth
* feat(oauth): use saveSettingsButton component in MS active directory auth
* feat(oauth): use saveSettingsButton component in ldap auth
* feat(auth): added new component to index.js
* removed css inline styles.
* feat(ad): added disable check method to ad auth.
* feat(ldap): moved save settings disable method to parent component
* removed inline styles.
* fix(ldap): fixed test login misalignment issue
* fix(ldap): pass isLdapFormValid function from page component
* fix(ldap): made the toggle button in custom admin group orange when it's limited to CE.
* fix(auth): fixed save setting button in Microsoft Active Directory auth
* fix(ldap): made the assign admin toggle bright orange
Chao Geng