525089a531
Do not leak information about existing domains or users
9 years ago
dcda715382
Force temporary files to /tmp, related to #54
9 years ago
2cb4a44b5a
Display fetchmail errors to the user, fixes #23
9 years ago
709869d4ba
Escape fetchmail parameters properly
9 years ago
55d5121816
Buld the proper http image
9 years ago
f07615c4a4
Do not expose the Web admin interface by default, fixes #40
9 years ago
ec5a75f603
Proxify to webmail only if enabled, related to #40
9 years ago
18253b1dd3
Merge pull request #61 from vhf/admin-creation
...
Allow admin creation after initial setup
9 years ago
c1770a1dc1
Merge pull request #62 from vhf/typofix
...
Fix a typo in the admin UI
9 years ago
3976a5b38e
Allow admin creation after initial setup
9 years ago
97d952d7f1
Fix a typo
9 years ago
3f6175c34a
Remove deprecated awl settings
9 years ago
382030a7aa
Revert to using 'latest' for testing
9 years ago
d60ef1991c
Add a rainloop Webmail image, fixes #58
9 years ago
f5b9f569ca
Add a link to the demo server documentation
9 years ago
cbc6bb5dd6
Merge pull request #55 from kaiyou/feat-refactor-permissions
...
Refactor the access control code
9 years ago
40b9883c8c
Filter outgoing email headers, fixes #52
9 years ago
92bbfde195
Add a PNG logo for rendering
9 years ago
56e6c7565e
Add a draft logo
9 years ago
e24da96e58
Add some documentation to access decorators
9 years ago
09bec055fd
Fix domain deletion permissions
9 years ago
c1f9b61dac
Add a simple permission audit script
9 years ago
f8dcef22ef
Fix the manager deletion behaviour
9 years ago
f541a951de
Remove obsolete utils module
9 years ago
713318f097
Clean imports and remove calls to the utils module
9 years ago
ee9a416696
Implement the decorator-based access control for all views
9 years ago
4e4f2b8037
First shot at improving access control, related to #42
...
A couple of things are important to note for this commit:
- it only implements the new access control for alias and admin management
- the access control code is located in access.py
The idea behind simpler access control is auditability. There have been a
couple of bugs related to functions not checking permissions properly. If
checking permissions is as simple as decorating a function, exporting the
permission scheme for an audit should be simple.
Also, this still does not address the information leakage related to 404 errors
when an object does not exist, independently of permissions the user has over
the domain.
9 years ago
3ea3bc1d8e
Enforce permission checks for admin management
9 years ago
ee6e9b2690
Add a reference to the Freenode IRC channel.
9 years ago
6dc9131b97
Fix the wildcard migration script, fixes #53
9 years ago
26f7f5a73b
Change the env file name in the README file
9 years ago
bac20081ee
Split the environment file into sections
9 years ago
d2d84acd5f
Comment all 'build' directives
9 years ago
e3197f9156
Have the admin interface listen on localhost
9 years ago
1b6c514dc5
Disable the frontend Web server by default
9 years ago
a8eafc508a
Default listen on localhost only
9 years ago
7ac44eabeb
Add a VERSION variable to avoid modifying the docker-compose file
9 years ago
14ec783ef7
Add a dynamic Webmail option with a 'none' container
9 years ago
cf84b82c57
Move the configuration file to .env to support global variables
9 years ago
581a0882af
Pull images from Docker Hub by default
9 years ago
8fc95a96d2
Disable debug and set an explicit default secret key
9 years ago
ef5d3a77c6
Pull images from Docker Hub by default
9 years ago
8601d5b8db
Fix #49 when deleting a global admin
9 years ago
1273571299
Add a changelog
9 years ago
0d3c75aa89
Fix a migration issue with wildcard aliases
9 years ago
bfe9ededbc
Fix spam filtering when the score is negative
9 years ago
2602ef2883
Add a feature item about freedom
9 years ago
e916998bb2
Apply the BetterCrypto nginx configuration, related to #45
9 years ago
3d1e5523d4
Use a non-starttls configuration for SMTPS port, related to #45
9 years ago
a6ab917aea
Do not enforce TLS on the default SMTP port, related to #45
9 years ago
Pierre Jaury