Dane Everitt
6d69f6ef47
Address security vulnerability when listing servers as a client
2020-07-26 11:40:48 -07:00
Dane Everitt
78514f9eb4
Disallow creating more than 5 account API keys; closes #2123
...
Additional fixes for https://github.com/pterodactyl/panel/security/advisories/GHSA-pjmh-7xfm-r4x9
2020-07-26 11:26:20 -07:00
Dane Everitt
468d426ebd
Limit to 5 API keys at a time.
...
Ref advisory #GHSA-pjmh-7xfm-r4x9
2020-03-15 17:05:53 -07:00
Dane Everitt
41cbdb8d59
Dont require an IP address for hostnames; closes #1728
2020-03-15 16:29:05 -07:00
Dane Everitt
05d859c985
Ensure password used when creating a database is valid; closes #1852
2020-03-15 16:25:29 -07:00
Dane Everitt
66ead2f682
Update subuser API output to work correctly
2019-12-28 11:39:44 -08:00
Dane Everitt
245f8e85e7
Merge branch '0.7-develop' into api-fixes
2019-12-28 11:12:45 -08:00
Stepan Fedotov
c377be2a7c
Include the egg name in egg model's response from the application API ( #1684 )
2019-12-28 11:12:01 -08:00
Oreo Oreoniv
741ae27f18
Fixed TooManyLoginAttempts not work correctly ( #1668 )
2019-12-28 11:10:39 -08:00
Stepan Fedotov
5f60a6c735
Fix the resource key for subusers
2019-12-28 13:53:33 +02:00
Arnaud Lier
88c5bb4f97
Added a return in DatabaseController when a error occurs ( #1742 )
...
* Added a return in DatabaseController when a error occurs
* add return on database update too
2019-11-11 09:01:38 -08:00
AreYouScared
03dba1a00a
Fixed has servers error message
...
Fixed "Nest has active servers error"
2019-10-04 01:14:47 -04:00
TrixterTheTux
ab09c7db28
Fix couple of issues with /api/application/servers
2019-08-31 11:29:44 +03:00
TrixterTheTux
20c594ae3b
Include the egg name in egg model's response from the application API
2019-08-24 15:47:11 +03:00
Dane Everitt
d430acf768
LOCK TABLES not LOCK
2019-08-03 14:57:01 -07:00
Dane Everitt
e200277655
Add LOCK permission
2019-08-03 14:52:35 -07:00
Dane Everitt
eb81e1ed20
Support special characters in database password, closes #1508
2019-08-03 14:42:32 -07:00
Dane Everitt
e7e41d8ee8
Fix bulk power when spanning multiple nodes, closes #1526
2019-08-03 14:04:31 -07:00
Dane Everitt
81409947cf
Default to OOM killer being disabled, add back configuration option per-server
2019-08-03 13:41:24 -07:00
Dane Everitt
2198269a65
Fix allocations requiring an alias when generated via API.
2019-08-03 13:03:54 -07:00
Dane Everitt
58796e7441
Fix Server model to use correct relationship when returning subusers, closes #1589
2019-08-03 12:56:32 -07:00
Dane Everitt
fe9d86b66b
Add support for filtering servers in client list-all endpoint
...
closes #1608
2019-08-03 12:44:15 -07:00
Dane Everitt
47c12929c4
Fix two-factor token creation for iOS devices, closes #1624
2019-08-03 12:37:02 -07:00
Dane Everitt
02ac308042
Fix database host modification not properly showing SQL errors
...
This is caused by an old bug relating to not rolling back transactions properly causing session data to not be flashed back to the user properly.
2019-08-03 12:33:28 -07:00
Dane Everitt
092e7e79ff
Change 2FA service to generate the secret on our own and use an external QR service to display the image
2019-06-21 21:55:09 -07:00
Dane Everitt
2db7928b76
Don't expose existence of account when an incorrect password is provided and the user has 2FA enabled
2019-06-21 21:39:24 -07:00
saibotk
7277b6449b
Replace 2FA QR Code generation ( #1548 )
...
Due to the Google API for generating the 2FA QR code will be shut down on 14.04.2019, this adds the package "pragmarx/google2fa-qrcode" and updates "pragmarx/google2fa" to version 5.x.
Due to now using BaconQR, Pterodactyl now needs the php-imagick extension to render the images.
2019-04-27 14:18:12 -04:00
Arnaud Lier
4460b6835a
Match original database password length when doing a password reset ( #1509 )
2019-03-23 14:04:57 -07:00
Isaac A
38cd8f2962
Allow nodes to be created on privileged ports
2019-03-16 21:18:46 -04:00
Dane Everitt
3411df784a
Use the HttpExceptionInterface rather than a render function here
2019-03-03 13:57:18 -08:00
Dane Everitt
f15449f17b
Fix servers not being marked as install failed
2019-03-03 13:44:28 -08:00
Dane Everitt
cf31d4276c
Fix a bug causing DataIntegrityExceptions to not be caught correctly and cause a second exception... whoops.
2019-03-03 13:42:32 -08:00
Dane Everitt
114afb8646
Fix error transaction handling when creating a server.
...
There is a bug in the design of the application that affects users who encounter an exception under certain code pathways who are using the database to maintain their sessions.
What is happening is that a transaction is started, and I made the mistake of just assuming it would auto-rollback once the exception was caught by the handler. This is technically true, since once the request terminates the transaction is discarded by the SQL server. However, this also means that the session data set on that request would not be persisted as it runs in a middleware termination function, after the transaction is started.
Theoretically this would also affect any other terminable middleware as well, but the session is the only one I can think of right now
Co-Authored-By: Oreo Oreoniv <zkoz210@users.noreply.github.com>
Co-Authored-By: Stepan Fedotov <trixterthetux@users.noreply.github.com>
2019-03-02 18:28:28 -08:00
Dane Everitt
d9593b23ab
Paginate server results when viewing a node, closes #1404
2019-03-02 15:58:56 -08:00
Dane Everitt
50eb2a10ad
Fixes redis password saving, closes #1428
2019-03-02 15:38:46 -08:00
Dane Everitt
8253246955
Prevent an exception when creating databases with the same name on multiple hosts.
...
closes #1456
2019-03-02 15:31:25 -08:00
Dane Everitt
91c9cbba6f
[ #1500 ] Correctly require disk_overallocate
2019-03-02 14:48:05 -08:00
Dane Everitt
50c5ab92aa
[ #1500 ] Add support for limits array or base level values
2019-03-02 14:44:59 -08:00
Dane Everitt
a4d7985e51
[ #1500 ] Fix allocation limit being required even though it isn't used.
2019-03-02 14:27:01 -08:00
Michael (Parker) Parker
62e68ec66f
Fix for Locations PATCH endpoint ( #1499 )
2019-03-02 13:27:36 -08:00
Lance Pioch
db937af616
Apply fixes from StyleCI
...
[ci skip] [skip ci]
2019-01-26 23:26:15 +00:00
Oreo Oreoniv
c1fb38fb5e
Cleanup
2018-12-09 14:40:03 +03:00
Oreo Oreoniv
a4a758e202
Fixed StyleCI
2018-12-09 14:29:43 +03:00
Oreo Oreoniv
fb51659a04
Fixed checking of the language change
2018-12-09 14:27:30 +03:00
Oreo Oreoniv
04326a0786
Fixed PHPUnit test (Coverage) #1393
2018-12-03 21:09:25 +03:00
Dane Everitt
7c73f21b30
Fix Node daemon secret not being reset, closes #1390
2018-12-02 13:40:12 -08:00
Dane Everitt
d6e9770937
Merge branch 'develop' into patch-1
2018-12-02 13:01:31 -08:00
Oreo Oreoniv
adcf0c9fee
Fixed Failed event
...
Thank you very much Laravel for not pointing out the changes to be made when upgrading from 5.6 to 5.7
2018-11-28 23:24:43 +03:00
zKoz210
2d7e889bcc
Fixed StyleCI
2018-11-26 03:28:14 +03:00
zKoz210
0b4b1a3443
Initial update
2018-11-26 03:25:18 +03:00