19d4db13be
feat(api): rewrite access control management in Docker ( #3337 )
...
* feat(api): decorate Docker resource creation response with resource control
* fix(api): fix a potential resource control conflict between stacks/volumes
* feat(api): generate a default private resource control instead of admin only
* fix(api): fix default RC value
* fix(api): update RC authorizations check to support admin only flag
* refactor(api): relocate access control related methods
* fix(api): fix a potential conflict when fetching RC from database
* refactor(api): refactor access control logic
* refactor(api): remove the concept of DecoratedStack
* feat(api): automatically remove RC when removing a Docker resource
* refactor(api): update filter resource methods documentation
* refactor(api): update proxy package structure
* refactor(api): renamed proxy/misc package
* feat(api): re-introduce ResourceControlDelete operation as admin restricted
* refactor(api): relocate default endpoint authorizations
* feat(api): migrate RBAC data
* feat(app): ResourceControl management refactor
* fix(api): fix access control issue on stack deletion and automatically delete RC
* fix(api): fix stack filtering
* fix(api): fix UpdateResourceControl operation checks
* refactor(api): introduce a NewTransport builder method
* refactor(api): inject endpoint in Docker transport
* refactor(api): introduce Docker client into Docker transport
* refactor(api): refactor http/proxy package
* feat(api): inspect a Docker resource labels during access control validation
* fix(api): only apply automatic resource control creation on success response
* fix(api): fix stack access control check
* fix(api): use StatusCreated instead of StatusOK for automatic resource control creation
* fix(app): resource control fixes
* fix(api): fix an issue preventing administrator to inspect a resource with a RC
* refactor(api): remove useless error return
* refactor(api): document DecorateStacks function
* fix(api): fix invalid resource control type for container deletion
* feat(api): support Docker system networks
* feat(api): update Swagger docs
* refactor(api): rename transport variable
* refactor(api): rename transport variable
* feat(networks): add system tag for system networks
* feat(api): add support for resource control labels
* feat(api): upgrade to DBVersion 22
* refactor(api): refactor access control management in Docker proxy
* refactor(api): re-implement docker proxy taskListOperation
* refactor(api): review parameters declaration
* refactor(api): remove extra blank line
* refactor(api): review method comments
* fix(api): fix invalid ServerAddress property and review method visibility
* feat(api): update error message
* feat(api): update restrictedVolumeBrowserOperation method
* refactor(api): refactor method parameters
* refactor(api): minor refactor
* refactor(api): change Azure transport visibility
* refactor(api): update struct documentation
* refactor(api): update struct documentation
* feat(api): review restrictedResourceOperation method
* refactor(api): remove unused authorization methods
* feat(api): apply RBAC when enabled on stack operations
* fix(api): fix invalid data migration procedure for DBVersion = 22
* fix(app): RC duplicate on private resource
* feat(api): change Docker API version logic for libcompose/client factory
* fix(api): update access denied error message to be Docker API compliant
* fix(api): update volume browsing authorizations data migration
* fix(api): fix an issue with access control in multi-node agent Swarm cluster
2019-11-13 12:41:42 +13:00
198e92c734
feat(registry): gitlab support ( #3107 )
...
* feat(api): gitlab registry type
* feat(registries): early support for gitlab registries
* feat(app): registry service selector
* feat(registry): gitlab support : list repositories and tags - remove features missing
* feat(registry): gitlab registry remove features
* feat(registry): gitlab switch to registry V2 API for repositories and tags
* feat(api): use development extension binary
* fix(registry): avoid 401 on gitlab retrieve to disconnect the user
* feat(registry): gitlab browse projects without extension
* style(app): code cleaning
* refactor(app): PR review changes + refactor on types
* fix(gitlab): remove gitlab info from registrymanagementconfig and force gitlab type
* style(api): go fmt
* feat(api): update APIVersion and ExtensionDefinitionsURL
* fix(api): fix invalid RM extension URL
* feat(registry): PAT scope help
* feat(registry): defaults on registry creation
* style(registry-creation): update layout and text for Gitlab registry
* feat(registry-creation): update gitlab notice
2019-11-12 16:28:31 +13:00
03d9d6afbb
Revert "fix(api): fix invalid resource control check ( #3225 )" ( #3327 )
...
This reverts commit 1fbe6a12f1
2019-11-01 17:46:53 +13:00
9aa52a6975
feat(settings): add new settings to disable volume browser ( #3239 )
...
* feat(settings): add new settings to disable volume browser
* feat(api): update setting to be compliant with RBAC
* refactor(api): update method comment
* fix(api): remove volume browsing authorizations by default
* feat(settings): rewrite volume management setting description
* feat(settings): rewrite volume management setting tooltip
* Update app/portainer/views/settings/settings.html
Co-Authored-By: William <william.conquest@portainer.io>
2019-10-08 13:17:58 +13:00
2912e78f68
fix(api): add access validation for agent browse requests ( #3235 )
...
* fix(api): add access validation for agent browse requests
* fix(api): review query parameter retrieval
* refactor(api): remove useless else case
2019-10-07 16:24:08 +13:00
1fbe6a12f1
fix(api): fix invalid resource control check ( #3225 )
2019-10-07 16:09:35 +13:00
7d76bc89e7
feat(api): relocate authorizations outside of JWT ( #3079 )
...
* feat(api): relocate authorizations outside of JWT
* fix(api): update user authorization after enabling the RBAC extension
* feat(api): add PortainerEndpointList operation in the default portainer authorizations
* feat(auth): retrieve authorization from API instead of JWT
* refactor(auth): move permissions retrieval to function
* refactor(api): document authorizations methods
2019-09-10 10:58:26 +12:00
e11df28df6
fix(api): fix missing windows dependency
2019-07-28 10:30:12 +12:00
12a512f01f
feat(edge): introduce support for Edge agent ( #3031 )
...
* feat(edge): fix webconsole and agent deployment command
* feat(edge): display agent features when connected to IoT endpoint
* feat(edge): add -e CAP_HOST_MANAGEMENT=1 to agent command
* feat(edge): add -v /:/host and --name portainer_agent_iot to agent command
* style(endpoint-creation): refactor IoT agent to Edge agent
* refactor(api): rename AgentIoTEnvironment to AgentEdgeEnvironment
* refactor(api): rename AgentIoTEnvironment to AgentEdgeEnvironment
* feat(endpoint-creation): update Edge agent deployment instructions
* feat(edge): wip edge
* feat(edge): refactor key creation
* feat(edge): update deployment instructions
* feat(home): update Edge agent endpoint item
* feat(edge): support dynamic ports
* feat(edge): support sleep/wake and snapshots
* feat(edge): support offline mode
* feat(edge): host job support for Edge endpoints
* feat(edge): introduce STANDBY state
* feat(edge): update Edge agent deployment command
* feat(edge): introduce EDGE_ID support
* feat(edge): update default inactivity interval to 5min
* feat(edge): reload Edge schedules after restart
* fix(edge): fix execution of endpoint job against an Edge endpoint
* fix(edge): fix minor issues with scheduling UI/UX
* feat(edge): introduce EdgeSchedule version management
* feat(edge): switch back to REQUIRED state from ACTIVE on error
* refactor(edge): remove comment
* feat(edge): updated tunnel status management
* feat(edge): fix flickering UI when accessing Edge endpoint from home view
* feat(edge): remove STANDBY status
* fix(edge): fix an issue with console and Swarm endpoint
* fix(edge): fix an issue with stack deployment
* fix(edge): reset timer when applying active status
* feat(edge): add background ping for Edge endpoints
* fix(edge): fix infinite loading loop after Edge endpoint connection failure
* fix(home): fix an issue with merge
* feat(api): remove SnapshotRaw from EndpointList response
* feat(api): add pagination for EndpointList operation
* feat(api): rename last_id query parameter to start
* feat(api): implement filter for EndpointList operation
* fix(edge): prevent a pointer issue after removing an active Edge endpoint
* feat(home): front - endpoint backend pagination (#2990 )
* feat(home): endpoint pagination with backend
* feat(api): remove default limit value
* fix(endpoints): fix a minor issue with column span
* fix(endpointgroup-create): fix an issue with endpoint group creation
* feat(app): minor loading optimizations
* refactor(api): small refactor of EndpointList operation
* fix(home): fix minor loading text display issue
* refactor(api): document bolt services functions
* feat(home): minor optimization
* fix(api): replace seek with index scanning for EndpointPaginated
* fix(api): fix invalid starting index issue
* fix(api): first implementation of working filter
* fix(home): endpoints list keeps backend pagination when it needs to
* fix(api): endpoint pagination doesn't drop the first item on pages >=2 anymore
* fix(home): UI flickering on page/filter load/change
* feat(auth): login spinner
* feat(api): support searching in associated endpoint group data
* refactor(api): remove unused API endpoint
* refactor(api): remove comment
* refactor(api): refactor proxy manager
* feat(api): declare EndpointList params as optional
* feat(api): support groupID filter on endpoints route
* feat(api): add new API operations endpointGroupAddEndpoint and endpointGroupDeleteEndpoint
* feat(edge): new icon for Edge agent endpoint
* fix(edge): fix missing exec quick action
* fix(edge): add loading indicator when connecting to Edge endpoint
* feat(edge): disable service webhooks for Edge endpoints
* feat(endpoints): backend pagination for endpoints view (#3004 )
* feat(edge): dynamic loading for stack migration feature
* feat(edge): wordwrap edge key
* feat(endpoint-groups): backend pagination support for create and edit
* feat(endpoint-groups): debounce on filter for create/edit views
* feat(endpoint-groups): filter assigned on create view
* (endpoint-groups): unassigned endpoints edit view
* refactor(endpoint-groups): code clean
* feat(endpoint-groups): remove message for Unassigned group
* refactor(websocket): minor refactor associated to Edge agent
* feat(endpoint-group): enable backend pagination (#3017 )
* feat(api): support groupID filter on endpoints route
* feat(api): add new API operations endpointGroupAddEndpoint and endpointGroupDeleteEndpoint
* feat(endpoint-groups): backend pagination support for create and edit
* feat(endpoint-groups): debounce on filter for create/edit views
* feat(endpoint-groups): filter assigned on create view
* (endpoint-groups): unassigned endpoints edit view
* refactor(endpoint-groups): code clean
* feat(endpoint-groups): remove message for Unassigned group
* refactor(api): endpoint group endpoint association refactor
* refactor(api): rename files and remove comments
* refactor(api): remove usage of utils
* refactor(api): optional parameters
* Merge branch 'feat-endpoint-backend-pagination' into edge
# Conflicts:
# api/bolt/endpoint/endpoint.go
# api/http/handler/endpointgroups/endpointgroup_update.go
# api/http/handler/endpointgroups/handler.go
# api/http/handler/endpoints/endpoint_list.go
# app/portainer/services/api/endpointService.js
* fix(api): fix default tunnel server credentials
* feat(api): update endpointListOperation behavior and parameters
* fix(api): fix interface declaration
* feat(edge): support configurable Edge agent checkin interval
* feat(edge): support dynamic tunnel credentials
* feat(edge): update Edge agent deployment commands
* style(edge): update Edge agent settings text
* refactor(edge): remove unused credentials management methods
* feat(edge): associate a remote addr to tunnel credentials
* style(edge): update Edge endpoint icon
* feat(edge): support encrypted tunnel credentials
* fix(edge): fix invalid pointer cast
* feat(bolt): decode endpoints with jsoniter
* feat(edge): persist reverse tunnel keyseed
* refactor(edge): minor refactor
* feat(edge): update chisel library usage
* refactor(endpoint): use controller function
* feat(api): database migration to DBVersion 19
* refactor(api): refactor AddSchedule function
* refactor(schedules): remove comment
* refactor(api): remove comment
* refactor(api): remove comment
* feat(api): tunnel manager now only manage Edge endpoints
* refactor(api): clean-up and clarification of the Edge service
* refactor(api): clean-up and clarification of the Edge service
* fix(api): fix an issue with Edge agent snapshots
* refactor(api): add missing comments
* refactor(api): update constant description
* style(home): remove loading text on error
* feat(endpoint): remove 15s timeout for ping request
* style(home): display information about associated Edge endpoints
* feat(home): redirect to endpoint details on click on unassociated Edge endpoint
* feat(settings): remove 60s Edge poll frequency option
2019-07-26 10:38:07 +12:00
7a8a54c96a
refactor(api): introduce ExtensionServer constant
2019-06-23 11:36:45 +12:00
851607394c
feat(integrations): storidge evolution ( #2711 )
...
* feat(storidge): update storidge routes
* feat(storidge): add new fields on profile create/edit
* feat(storidge): add drives list and details view
* feat(storidge): add node details / cordon / uncordon / remove
* feat(storidge): add volume and snapshot details
* feat(storidge): add snapshot creation on volume details
* feat(storidge): add rescan drives button
* refactor(storidge): move add / remove / put in / put ouf maintenance buttons for cluster nodes
* style(storidge): change cluster / node icon color based on status
* feat(storidge): profiles can enable snapshots without interval + interval in minutes
* refactor(storidge): split cluster and node status badge filter
* fix(storidge): error on volume IOPS update
* fix(storidge): snapshot can now be created without comments
* feat(storidge): remove snapshots panels when volume snapshots are disabled
* fix(app): paginatedItemLimit now retrieved for datables extending GenericDatatableController
* fix(storidge): addDrive is called with the good parameters
* fix(storidge): update model and views for Storidge v2695
* refactor(storidge): webpack migration
* fix(storidge): display modifications + fix js errors
* feat(storidge): snapshots, profile and nodes evolution
* fix(storidge): values for InterfaceDriver on profile create/edit
* feat(storidge): v5 update without style (profile / statuses / volume)
* fix(storidge): description tables on the same view have now the same fixed offset
* fix(app): override rdash-ui select style
* Revert "fix(app): override rdash-ui select style"
This reverts commit e724833261
2019-05-25 09:53:10 +12:00
17765d992e
fix(api): fix missing winio dependency
2019-05-24 19:35:15 +12:00
8057aa45c4
feat(extensions): introduce RBAC extension ( #2900 )
2019-05-24 18:04:58 +12:00
14845a4a53
refactor(api): refactor base import path ( #2788 )
...
* refactor(api): refactor base import path
* fix(build-system): update build_binary_devops
* fix(build-system): fix build_binary_devops for linux
* fix(build-system): fix build_binary_devops for Windows
2019-03-21 14:20:14 +13:00
ce6cb837f9
refactor(api): fix lint issues ( #2760 )
2019-03-11 12:50:10 +13:00
7643f8d08c
feat(oauth): dev build supporting Oauth extension
2019-02-18 14:46:34 +13:00
8a186b4024
feat(api): update DigitalSignatureService ( #2539 )
2018-12-12 11:19:23 +13:00
6fd5ddc802
feat(extensions): introduce extension support ( #2527 )
...
* wip
* wip: missing repository & tags removal
* feat(registry): private registry management
* style(plugin-details): update view
* wip
* wip
* wip
* feat(plugins): add license info
* feat(plugins): browse feature preview
* feat(registry-configure): add the ability to configure registry management
* style(app): update text in app
* feat(plugins): add plugin version number
* feat(plugins): wip plugin upgrade process
* feat(plugins): wip plugin upgrade
* feat(plugins): add the ability to update a plugin
* feat(plugins): init plugins at startup time
* feat(plugins): add the ability to remove a plugin
* feat(plugins): update to latest plugin definitions
* feat(plugins): introduce plugin-tooltip component
* refactor(app): relocate plugin files to app/plugins
* feat(plugins): introduce PluginDefinitionsURL constant
* feat(plugins): update the flags used by the plugins
* feat(plugins): wip
* feat(plugins): display a label when a plugin has expired
* wip
* feat(registry-creation): update registry creation logic
* refactor(registry-creation): change name/ids for inputs
* feat(api): pass registry type to management configuration
* feat(api): unstrip /v2 in regsitry proxy
* docs(api): add TODO
* feat(store): mockup-1
* feat(store): mockup 2
* feat(store): mockup 2
* feat(store): update mockup-2
* feat(app): add unauthenticated event check
* update gruntfile
* style(support): update support views
* style(support): update product views
* refactor(extensions): refactor plugins to extensions
* feat(extensions): add a deal property
* feat(extensions): introduce ExtensionManager
* style(extensions): update extension details style
* feat(extensions): display license/company when enabling extension
* feat(extensions): update extensions views
* feat(extensions): use ProductId defined in extension schema
* style(app): remove padding left for form section title elements
* style(support): use per host model
* refactor(extensions): multiple refactors related to extensions mecanism
* feat(extensions): update tls file path for registry extension
* feat(extensions): update registry management configuration
* feat(extensions): send license in header to extension proxy
* fix(proxy): fix invalid default loopback address
* feat(extensions): add header X-RegistryManagement-ForceNew for specific operations
* feat(extensions): add the ability to display screenshots
* feat(extensions): center screenshots
* style(extensions): tune style
* feat(extensions-details): open full screen image on click (#2517 )
* feat(extension-details): show magnifying glass on images
* feat(extensions): support extension logo
* feat(extensions): update support logos
* refactor(lint): fix lint issues
2018-12-09 16:49:27 +13:00
d03fd5805a
feat(api): support AGENT_SECRET environment variable ( #2486 )
2018-11-23 11:46:51 +13:00
65291c68e9
feat(jobs): add the job execution API
...
* feat(jobs): add job service interface
* feat(jobs): create job execution api
* style(jobs): remove comment
* feat(jobs): add bindings
* feat(jobs): validate payload different cases
* refactor(jobs): rename endpointJob method
* refactor(jobs): return original error
* feat(jobs): pull image before creating container
* feat(jobs): run jobs with sh
* style(jobs): remove comment
* refactor(jobs): change error names
* feat(jobs): sync pull image
* fix(jobs): close image reader after error check
* style(jobs): remove comment and add docs
* refactor(jobs): inline script command
* fix(jobs): handle pul image error
* refactor(jobs): handle image pull output
* fix(docker): set http client timeout to 100s
* fix(client): remove timeout from http client
2018-10-23 10:03:30 +13:00
b24891a6bc
refactor(api): introduce libhttp usage ( #2263 )
2018-09-10 12:01:38 +02:00
e1e263d8c8
feat(UAC): change default ownership to admininstrators ( #2137 )
...
* #960 feat(UAC): change ownership to admins for externally created ressources
* feat(UAC): change ownership to admins for externally created resources
Deprecated AdministratorsOnly js and go backend
* #960 feat(UAC): remove AdministratorsOnly property and minor GUI fixes
Update swagger definition changing AdministratorsOnly to Public
* #960 feat(UAC): fix create resource with access control data
* #960 feat(UAC): authorization of non-admin users for restricted operations
On stacks, containers networks, services , tasks and volumes.
* #960 feat(UAC): database migration to version 14
The administrator resources are deleted and Public resources are now managed by admins
* #960 feat(UAC): small fixes from PR #2137
* #960 feat(UAC): improve the readability of the source code
* feat(UAC) fix displayed ownership for Swarm related resources (#960 )
2018-08-19 07:57:28 +02:00
c7cb515035
fix(api): fix invalid build related filenames ( #2067 )
2018-07-23 18:50:45 +02:00
98b0ab50fc
feat(api): rewrite SwarmInspect operation ( #2065 )
...
* feat(api): rewrite SwarmInspect operation
* refactor(api): remove useless statements
2018-07-23 18:04:11 +02:00
b1227b17e1
fix(api): fix invalid platform build statements ( #2064 )
2018-07-23 16:49:04 +02:00
4129550d44
feat(api): Add npipe support ( #2018 )
2018-07-20 11:02:06 +02:00
48f963398f
refactor(api): remove useless log.printf statement
2018-06-20 20:43:39 +03:00
e3d564325b
feat(stacks): support compose v2.0 stack ( #1963 )
2018-06-11 15:13:19 +02:00
9bb885629a
feat(endpoints): UX enhancements ( #1943 )
...
* feat(endpoints): add details about endpoints in datatable
* feat(endpoint-details): add the ability to inspect/update azure endpoint
* feat(endpoint-selector): disable placeholder selection
2018-06-01 16:13:24 +02:00
9ad9cc5e2d
feat(azure): add experimental Azure endpoint support ( #1936 )
2018-05-28 16:40:33 +02:00
63d338c4da
fix(api): refactor TLS support ( #1909 )
...
* refactor(api): refactor TLS support
* feat(api): migrate endpoint data
* refactor(api): remove unused code and rename functions
* refactor(app): remove console.log statement
2018-05-19 16:25:11 +02:00
5df09923b6
feat(api): add debug statements in response handling
2018-05-15 19:13:27 +02:00
7754933470
fix(api): fix a panic issue when retrieving Docker API response
2018-05-09 16:11:52 +02:00
2327d696e0
feat(agent): add agent support ( #1828 )
2018-05-06 09:15:57 +02:00
f0317d6d87
fix(api): fix the ability to push images to private repositories
2018-04-25 16:58:08 +02:00
4f0e752d00
feat(api): remove any version api before proxying request ( #1806 )
2018-04-11 17:40:29 +02:00
30dfd3d616
fix(api): manage registry authentication in the API ( #1751 )
2018-03-23 08:44:43 +10:00
81de2a5afb
feat(image-build): add the ability to build images ( #1672 )
2018-02-28 07:19:06 +01:00
eb43579378
feat(storidge): introduce endpoint extensions and proxy Storidge API ( #1661 )
2018-02-23 03:10:26 +01:00
407f0f5807
feat(configs): add support for docker configs ( #996 )
2017-11-06 09:47:31 +01:00
587e2fa673
feat(stacks): add support for stack deploy ( #1280 )
2017-10-15 19:24:40 +02:00
912ebf4672
feat(api): filter tasks based on service UAC ( #1207 )
2017-09-19 20:23:48 +02:00
dd0fc6fab8
feat(swarm): restrict access to the node details view to administrators only ( #1204 )
2017-09-19 18:41:03 +02:00
61f652da04
feat(secrets): add UAC ( #1200 )
2017-09-19 17:10:15 +02:00
a2b4cd8050
feat(networks): add UAC ( #1196 )
2017-09-19 16:58:30 +02:00
d653391cdd
feat(api): write Docker response code when using local proxy ( #1192 )
2017-09-14 11:09:36 +02:00
8d4807c9e7
feat(api): TLS endpoint creation and init overhaul ( #1173 )
2017-09-14 08:08:37 +02:00
d27528a771
feat(authentication): add LDAP authentication support ( #1093 )
2017-08-10 10:35:23 +02:00
9909b6d481
feat(backend): make swarm api endpoint admin user protected ( #991 )
2017-07-08 10:34:04 +02:00
c7e306841a
feat(settings): add settings management ( #906 )
2017-06-01 10:14:55 +02:00
5523fc9023
feat(global): introduce user teams and new UAC system ( #868 )
2017-05-23 20:56:10 +02:00
Anthony Lapenna