[PR #194] [MERGED] access control rules #800

New Issue

Closed

opened 2025-11-13 12:11:11 -06:00 by GiteaMirror · 0 comments

GiteaMirror commented 2025-11-13 12:11:11 -06:00

Owner

Copy Link

📋 Pull Request Information

Original PR: https://github.com/fosrl/pangolin/pull/194
Author: @miloschwartz
Created: 2/13/2025
Status: ✅ Merged
Merged: 2/13/2025
Merged by: @miloschwartz

Base: main ← Head: dev

---

📝 Commits (10+)

• 3fa7132 fix update resource without subdomain
• d070415 fix table page size selector
• 58a0844 allow logout to fail
• 3c7025a add strict rate limit to endpoints that send email
• befdc3a Add table
• b926396 Add applyRules to resources
• 2f49be6 Initial pass at rules
• 00a0d89 add allow_base_domain_resources to installer
• d8a089f remove annoying debug log
• dc2ec5b add description to whitelist email field

📊 Changes

63 files changed (+2010 additions, -254 deletions)

View changed files

📝 Makefile (+0 -3)
📝 README.md (+36 -24)
📝 config/config.example.yml (+1 -0)
➕ eslint.config.js (+9 -0)
📝 install/fs/config.yml (+1 -0)
➕ public/logo/word_mark.png (+0 -0)
📝 server/auth/actions.ts (+11 -7)
📝 server/auth/passwordSchema.ts (+2 -2)
📝 server/auth/sessions/app.ts (+1 -0)
📝 server/db/schema.ts (+15 -1)
📝 server/lib/consts.ts (+1 -1)
📝 server/lib/schemas.ts (+1 -0)
➕ server/lib/validators.ts (+44 -0)
📝 server/routers/auth/logout.ts (+6 -1)
📝 server/routers/auth/requestPasswordReset.ts (+3 -3)
📝 server/routers/badger/verifySession.ts (+208 -29)
📝 server/routers/external.ts (+70 -2)
📝 server/routers/resource/createResource.ts (+1 -1)
➕ server/routers/resource/createResourceRule.ts (+145 -0)
➕ server/routers/resource/deleteResourceRule.ts (+71 -0)

...and 43 more files

📄 Description

Community Contribution License Agreement

By creating this pull request, I grant the project maintainers an unlimited,
perpetual license to use, modify, and redistribute these contributions under any terms they
choose, including both the AGPLv3 and the Fossorial Commercial license terms. I
represent that I have the right to grant this license for all contributed content.

Description

Many small improvements and fixes but primarily access control rules

How to test?

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/fosrl/pangolin/pull/194 **Author:** [@miloschwartz](https://github.com/miloschwartz) **Created:** 2/13/2025 **Status:** ✅ Merged **Merged:** 2/13/2025 **Merged by:** [@miloschwartz](https://github.com/miloschwartz) **Base:** `main` ← **Head:** `dev` --- ### 📝 Commits (10+) - [`3fa7132`](https://github.com/fosrl/pangolin/commit/3fa713253412b1fc890f04599bb9882ec9dafb35) fix update resource without subdomain - [`d070415`](https://github.com/fosrl/pangolin/commit/d0704155158b084ff10efa3ba22303f763bd9a7c) fix table page size selector - [`58a0844`](https://github.com/fosrl/pangolin/commit/58a084426bd7faeef83f28ca38791a67839c3a47) allow logout to fail - [`3c7025a`](https://github.com/fosrl/pangolin/commit/3c7025a327374b8a6d6f1f5af365074fca9bb1cb) add strict rate limit to endpoints that send email - [`befdc3a`](https://github.com/fosrl/pangolin/commit/befdc3a002a91cbea65915a0f4a98cca54588546) Add table - [`b926396`](https://github.com/fosrl/pangolin/commit/b92639647ae545b507fb9f92588377a5cd27c3f9) Add applyRules to resources - [`2f49be6`](https://github.com/fosrl/pangolin/commit/2f49be69fe137d7ca270f1e0e1aec95f4070b810) Initial pass at rules - [`00a0d89`](https://github.com/fosrl/pangolin/commit/00a0d89d6c6bc0639b71de26ac38f3c0f1a045c3) add allow_base_domain_resources to installer - [`d8a089f`](https://github.com/fosrl/pangolin/commit/d8a089fbc2e807af90db89ef1de3344eee93a529) remove annoying debug log - [`dc2ec5b`](https://github.com/fosrl/pangolin/commit/dc2ec5b73bd50d60a46b016c6e15b33a841ebcbe) add description to whitelist email field ### 📊 Changes **63 files changed** (+2010 additions, -254 deletions) <details> <summary>View changed files</summary> 📝 `Makefile` (+0 -3) 📝 `README.md` (+36 -24) 📝 `config/config.example.yml` (+1 -0) ➕ `eslint.config.js` (+9 -0) 📝 `install/fs/config.yml` (+1 -0) ➕ `public/logo/word_mark.png` (+0 -0) 📝 `server/auth/actions.ts` (+11 -7) 📝 `server/auth/passwordSchema.ts` (+2 -2) 📝 `server/auth/sessions/app.ts` (+1 -0) 📝 `server/db/schema.ts` (+15 -1) 📝 `server/lib/consts.ts` (+1 -1) 📝 `server/lib/schemas.ts` (+1 -0) ➕ `server/lib/validators.ts` (+44 -0) 📝 `server/routers/auth/logout.ts` (+6 -1) 📝 `server/routers/auth/requestPasswordReset.ts` (+3 -3) 📝 `server/routers/badger/verifySession.ts` (+208 -29) 📝 `server/routers/external.ts` (+70 -2) 📝 `server/routers/resource/createResource.ts` (+1 -1) ➕ `server/routers/resource/createResourceRule.ts` (+145 -0) ➕ `server/routers/resource/deleteResourceRule.ts` (+71 -0) _...and 43 more files_ </details> ### 📄 Description ## Community Contribution License Agreement By creating this pull request, I grant the project maintainers an unlimited, perpetual license to use, modify, and redistribute these contributions under any terms they choose, including both the AGPLv3 and the Fossorial Commercial license terms. I represent that I have the right to grant this license for all contributed content. ## Description Many small improvements and fixes but primarily access control rules ## How to test? --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

GiteaMirror added the pull-request label 2025-11-13 12:11:11 -06:00

GiteaMirror closed this issue 2025-11-13 12:11:11 -06:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

dependabot/npm_and_yarn/prod-minor-updates-47a8475ba0

dependabot/npm_and_yarn/dev-patch-updates-c4a0f28f13

dependabot/go_modules/install/minor-updates-a98db8910e

crowdin_dev

dev

delete-domains

dependabot/npm_and_yarn/eslint-10.0.3

dependabot/npm_and_yarn/next-16.1.6

dependabot/npm_and_yarn/recharts-3.7.0

dependabot/go_modules/install/github.com/charmbracelet/huh-1.0.0

dependabot/github_actions/docker/login-action-4.0.0

dependabot/github_actions/actions/setup-node-6.3.0

jit

msg-opt

dependabot/docker/docker/library/node-25-slim

dependabot/github_actions/actions/upload-artifact-7.0.0

dependabot/github_actions/actions/setup-go-6.3.0

cache

multi-role

logs-database

ssh

cloud-multi-org

delete-account

new-pricing

msg-delivery

org-only-idp

cicd

clients-user

1.12.3

policies

patch

site-targets-auto-login

1.16.2-s.7

1.16.2-s.6

1.16.2-s.5

1.16.2-s.4

1.16.2-s.3

1.16.2-s.2

1.16.2-s.1

1.16.2

1.16.2-s.0

1.16.1-s.1

1.16.1

1.16.1-s.0

1.16.0

1.16.0-s.1

1.16.0-s.0

1.16.0-rc.0

1.15.4-s.10

1.15.4-s.9

1.15.4-s.8

1.15.4-s.7

1.15.4-s.6

1.15.4-s.5

1.15.4-s.4

1.15.4-s.3

1.15.4-s.2

1.15.4-s.1

1.15.4

1.15.4-s.0

1.15.3

1.15.3-s.1

1.15.3-s.0

1.15.2

1.15.1-s.1

1.15.1-s.0

1.15.1

1.15.0-s.5

1.15.0

1.15.0-s.4

1.15.0-s.3

1.15.0-s.2

1.15.0-s.1

1.15.0-s.0

1.15.0-rc.0

1.14.1-s.3

1.14.1-s.2

1.14.1-s.1

1.14.1-s.0

1.14.1

1.14.0-s.2

1.14.0

1.14.0-rc.0

1.13.1

1.13.1-s.0

1.13.0

1.13.0.s.0

1.13.0-rc.0

1.12.2-s.5

1.12.3

1.12.2-s.4

1.12.2-s.3

1.12.2-s.2

1.12.2-s.1

1.12.2

1.12.2-s.0

1.12.1

1.12.0

1.12.0-s.0

1.12.0-rc.0

1.11.1

1.11.1-s.0

1.11.0-s.5

1.11.0

1.11.0-s.4

1.11.0-s.3

1.11.0-s.2

1.11.0-s.1

1.11.0-s.0

1.10.3

1.10.2

1.10.1

1.10.0

1.9.4

1.9.3

1.9.2

1.9.1

1.9.0

1.8.0

1.7.3

1.7.2

1.7.1

1.7.0

1.6.2

1.6.1

1.6.0

1.5.1

1.5.0

1.4.0

1.3.2

1.3.1

1.3.0

1.2.0

1.1.0

1.0.1

1.0.0

1.0.0-beta.15

1.0.0-beta.14

1.0.0-beta.13

1.0.0-beta.12

1.0.0-beta.11

1.0.0-beta.10

1.0.0-beta.9

1.0.0-beta.8

1.0.0-beta.7

1.0.0-beta.6

1.0.0-beta.5

1.0.0-beta.4

1.0.0-beta.3

1.0.0-beta.2

1.0.0-beta.1

Labels

Clear labels

api

authentication

bug

config

dependencies

docker

documentation

enhancement

good first issue

help wanted

Improvement

Look Into

needs investigating

networking

new feature

non-critical bug

potential bug

pull-request

Mirrored from GitHub Pull Request

question

reverse proxy

Security

stale

ui

No Label pull-request

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/pangolin#800