Pierre Jaury
2cb4a44b5a
Display fetchmail errors to the user, fixes #23
8 years ago
Victor Felder
97d952d7f1
Fix a typo
8 years ago
Pierre Jaury
e24da96e58
Add some documentation to access decorators
8 years ago
Pierre Jaury
09bec055fd
Fix domain deletion permissions
8 years ago
Pierre Jaury
c1f9b61dac
Add a simple permission audit script
8 years ago
Pierre Jaury
f8dcef22ef
Fix the manager deletion behaviour
8 years ago
Pierre Jaury
f541a951de
Remove obsolete utils module
8 years ago
Pierre Jaury
713318f097
Clean imports and remove calls to the utils module
8 years ago
Pierre Jaury
ee9a416696
Implement the decorator-based access control for all views
8 years ago
Pierre Jaury
4e4f2b8037
First shot at improving access control, related to #42
...
A couple of things are important to note for this commit:
- it only implements the new access control for alias and admin management
- the access control code is located in access.py
The idea behind simpler access control is auditability. There have been a
couple of bugs related to functions not checking permissions properly. If
checking permissions is as simple as decorating a function, exporting the
permission scheme for an audit should be simple.
Also, this still does not address the information leakage related to 404 errors
when an object does not exist, independently of permissions the user has over
the domain.
8 years ago
Pierre Jaury
3ea3bc1d8e
Enforce permission checks for admin management
8 years ago
Pierre Jaury
e3197f9156
Have the admin interface listen on localhost
8 years ago
Pierre Jaury
8601d5b8db
Fix #49 when deleting a global admin
8 years ago
Pierre Jaury
0d3c75aa89
Fix a migration issue with wildcard aliases
8 years ago
Pierre Jaury
84769cab3e
Switch to form-based confirmations, fixes #20
8 years ago
Pierre Jaury
5a69ada041
Add an action confirmation form, related to #20
8 years ago
Pierre Jaury
58337d7dd6
Set a proper default for spam thresholds
8 years ago
Pierre Jaury
1ce0bf2ef7
Update the user settings view with a slider
8 years ago
XYunknown
6d4243ec66
Adding SQL Like format for aliases
8 years ago
Pierre Jaury
b3d7b657ab
Remove deprecated flask.ext imports
8 years ago
Pierre Jaury
9640d59aca
Fix #25 , serve static resources locally
8 years ago
Pierre Jaury
689c022a4a
Get back to a single forward destination
8 years ago
Pierre Jaury
678a5c8065
Fix #22 , use ellipsis for overflowing text
8 years ago
Pierre Jaury
c07211677c
Fix the default value for comma separated lists
8 years ago
Pierre Jaury
163494cb78
Use readonly attribute instead of disabled
8 years ago
Pierre Jaury
6af7a07e77
Avoid having an empty entry in destionation fields
8 years ago
Pierre Jaury
5581f1b0d9
Related to #19 , fix the alias creation page
8 years ago
Pierre Jaury
dcaf3e3473
Fix #30 , use cascade deletion on domains
8 years ago
Pierre Jaury
49a1281976
Display the alias list properly
8 years ago
Pierre Jaury
5f36e6f4f2
Related to #19 , implement domain specific field and database type
8 years ago
Pierre Jaury
aace1c2d78
Get back to serving CDN assets, related to #25
9 years ago
Pierre Jaury
1673631e69
Fix the columns in the fetch list
9 years ago
Pierre Jaury
f8a220e72a
Serve local assets only
9 years ago
Pierre Jaury
21bec865b3
Fix permission management when editing/deleting fetches
9 years ago
Pierre Jaury
58ec3597ab
Fix te DKIM DNS example
9 years ago
Pierre Jaury
6a3af51785
Add a confirmation modal when regenerating keys
9 years ago
Pierre Jaury
66a1b50cc9
Sign outgoing emails using DKIM
9 years ago
Pierre Jaury
24680957f7
Handle DKIM key generation and storage
9 years ago
Pierre Jaury
2fa8b879db
Display domain SPF and DMARC example entries, fixes #15
9 years ago
Pierre Jaury
5d7b3b981d
Initialize the migration system
9 years ago
Pierre Jaury
215ba74275
Remove non-minimized static assets
9 years ago
Pierre Jaury
4853e54f0b
Replace tagsinput with select2
9 years ago
Pierre Jaury
0668f9abc9
Fix the user create form
9 years ago
Pierre Jaury
5c1441486b
Fix permissions for non-admin users
9 years ago
Pierre Jaury
7f7ff4d722
Fix #9 , do not reuse the flask_login object for updates, query instead
9 years ago
Pierre Jaury
e22f4b29b6
Fix a bug when updating the forward address
9 years ago
Pierre Jaury
82ec86afd8
Do not always add objects to the session before committing
9 years ago
Pierre Jaury
9efc798246
Store the state of reply and forward settings being enabled
9 years ago
Pierre Jaury
493fcf3a58
Use populate_obj to update objects
9 years ago
Pierre Jaury
d3b13c2412
Use SQLAlchemy Session.get instead of filter_by
9 years ago