Juliusz Chroboczek
68887f13d5
Rename tokens.Edit to Extend.
2024-04-14 13:21:55 +02:00
Juliusz Chroboczek
31f89163a2
Simplify server startup.
...
We now create the server and the listener in the calling thread,
and only create a new goroutine before calling server.Serve.
2024-04-14 02:12:46 +02:00
Juliusz Chroboczek
8fb1c1556e
Fix typo in usersHandler.
2024-04-14 01:10:02 +02:00
Juliusz Chroboczek
df46e6df21
Rename usersHandler.
2024-04-14 01:04:44 +02:00
Juliusz Chroboczek
bbd9ef1f5c
Create directories for subgroups.
2024-04-14 00:50:11 +02:00
Juliusz Chroboczek
da4a225e96
Clean up setting up of writable groups in tests.
...
The previous way depended on implementation details
of GetConfiguration.
2024-04-14 00:39:53 +02:00
Juliusz Chroboczek
3ee5290b71
Test group file permissions.
2024-04-14 00:26:03 +02:00
Juliusz Chroboczek
a3f894a31e
Fix JSON formatting of user descriptions.
2024-04-12 01:27:49 +02:00
Juliusz Chroboczek
695c379a6c
Distinguish empty key in password from absence of key.
2024-04-12 01:05:48 +02:00
Juliusz Chroboczek
4ad7c2f303
Improve TestUpgradeDescription.
2024-04-12 00:47:51 +02:00
Juliusz Chroboczek
abb90ce3b9
Update CHANGES.
2024-04-11 17:53:48 +02:00
Juliusz Chroboczek
7673a95b05
Implement FallbackUsers in API.
2024-04-11 17:53:48 +02:00
Juliusz Chroboczek
31a18bcf44
Implement keys handling in API.
2024-04-11 14:30:44 +02:00
Juliusz Chroboczek
10cab468a8
Add link for changing password.
2024-04-11 14:30:44 +02:00
Juliusz Chroboczek
077ff9a879
Add canChangePassword to group status.
2024-04-11 13:27:08 +02:00
Juliusz Chroboczek
39d11c2f48
Implement form for changing passwords.
2024-04-11 13:27:08 +02:00
Juliusz Chroboczek
7643424bab
API documentation.
2024-04-11 13:27:08 +02:00
Juliusz Chroboczek
cc38c53075
Implement administrative API.
2024-04-11 13:27:08 +02:00
Juliusz Chroboczek
5753c46910
Use methodNotAllowed in whip.
2024-04-10 14:45:04 +02:00
Juliusz Chroboczek
f646191e01
Implement methodNotAllowed.
2024-04-10 14:44:03 +02:00
Juliusz Chroboczek
fc6387bb38
Implement accessors for description files.
...
Allow reading and modifying description files, in a manner
that aligns with the needs of the API.
2024-04-10 14:09:52 +02:00
Juliusz Chroboczek
e14eec86d3
Implement parseContentType.
2024-04-09 22:49:03 +02:00
Juliusz Chroboczek
c4c7d0b60d
More tests for splitPath.
2024-04-09 22:49:03 +02:00
Juliusz Chroboczek
eee6650336
Add precondition.go.
2024-04-09 22:49:03 +02:00
Juliusz Chroboczek
1666abf2f3
Add allowSubgroups argument to readDescription.
2024-04-09 22:49:03 +02:00
Juliusz Chroboczek
b7094fc373
Beginnings of administrative API.
...
The "stats.json" file is moved under "galene-api", where the rest
of the API will live.
2024-04-09 22:49:03 +02:00
Juliusz Chroboczek
d887a216f0
Rework configuration file format.
...
The "users" entry is now a dictionary mapping user names to
passwords and permissions. In order to allow for wildcards,
there is a new type of password, the wildcard password, and
an extra array called "fallback-users".
The field "allow-anonymous" no longer exists, this is now
the default behaviour. The field "allow-subgroups" has been
renamed to "auto-subgroups".
We provide backwards compatibility for group definition files,
but not for the config.json file, where the old "admin" array
is simply ignored.
2024-04-09 22:49:03 +02:00
Juliusz Chroboczek
eb54f2a9bb
Updated changes for 0.8.1.
2024-03-09 13:14:12 +01:00
Juliusz Chroboczek
de0c42faaf
Implement "expires" and "not-before" for groups.
2024-03-03 16:45:54 +01:00
Juliusz Chroboczek
4fe31b4863
Update CHANGES.
2024-03-03 15:54:19 +01:00
Juliusz Chroboczek
b8f7c68338
Return correct error message for invalid tokens.
2024-03-03 15:42:46 +01:00
Juliusz Chroboczek
89f947df1f
Rework handling of authorisation errors.
...
We'd sometimes return "Internal server error" on authentication
failures. This should be gone now.
2024-03-03 13:43:50 +01:00
Juliusz Chroboczek
5fe578dcf5
Allow tokens with small expiration times.
...
There was a typo that prevented tokens with less than two days
validity.
2024-03-03 13:29:44 +01:00
Juliusz Chroboczek
0d7d54751a
Update CHANGES.
2024-02-24 12:57:22 +01:00
Juliusz Chroboczek
29e006037c
Allow proxyURL to contain a path.
...
We now support or reasonable values for proxyURL, such as "http:"
or "/galene".
2024-02-24 12:46:30 +01:00
Juliusz Chroboczek
6756e7f7cc
Add test for groupBase.
2024-02-24 12:27:19 +01:00
Juliusz Chroboczek
017c004094
Update dependencies.
2024-02-23 00:22:38 +01:00
Juliusz Chroboczek
923d78eaa3
Fix handling of WHIP URLs.
...
We broke WHIP when we introduced splitPath. Thanks to Tim Panton.
2024-02-22 23:31:03 +01:00
Juliusz Chroboczek
bfe83d1a27
Move description code into its own file.
2024-02-20 18:19:24 +01:00
Juliusz Chroboczek
3792800355
Make Update ignore directories starting with colon.
...
We were already ignoring files starting with colon.
2024-02-13 22:02:57 +01:00
Juliusz Chroboczek
0f53bf0373
More tweaks to webserver error handling.
2024-01-18 01:02:56 +01:00
Juliusz Chroboczek
3ad6f27b17
Move .status.json to .status.
...
Keep a redirect for backwards compatibility.
2024-01-18 00:39:32 +01:00
Juliusz Chroboczek
b92cf0480a
Implement splitPath.
...
Use it for parsing special paths instead of ad hoc code.
2024-01-17 22:28:21 +01:00
Juliusz Chroboczek
6455ae3a4c
Fix error handling in groupBase.
2024-01-17 22:22:47 +01:00
Juliusz Chroboczek
a612e4d869
Use httpError in groupHandler.
2024-01-11 23:10:15 +01:00
Juliusz Chroboczek
03038eaf45
Obfuscate WHIP ids.
...
If the WHIP session is not authenticated, then the only thing
preventing an attacker from DELETEing the session is the session
URL. Since client ids are known, obfuscate the id before using
it in the session URL.
2024-01-11 22:05:07 +01:00
Juliusz Chroboczek
9f3bee8e37
Add missing omitempty to group description.
2024-01-07 00:26:36 +01:00
Juliusz Chroboczek
ad6db4c71b
Upgrade dependencies.
2024-01-02 19:51:34 +01:00
Juliusz Chroboczek
5c491db9f5
Remove obsolete passage in documentation.
2024-01-02 18:45:04 +01:00
Juliusz Chroboczek
dc34350d8f
Complete parsing of WHIP candidates.
2023-12-20 01:42:11 +01:00