Aaltronav/dougal-software
1
0
Fork 0
mirror of https://gitlab.com/wgp/dougal/software.git synced 2025-12-06 13:07:08 +00:00
Code Issues Packages Projects Releases Activity
1,300 Commits 63 Branches 12 Tags
0b3711b759b27cca156906cc17e612426504f260
Commit Graph

161 Commits

Author SHA1 Message Date
D. Berge
0b3711b759 Fix typo 2025-07-25 20:08:08 +02:00
D. Berge
48e1369088 Fix host based authentication 2025-07-25 14:03:43 +02:00
D. Berge
3ea82cb660 Fix reading of credentials for issuing JWT 2025-07-24 23:03:05 +02:00
D. Berge
84c1385f88 Refactor class User (clean up) 2025-07-24 23:02:30 +02:00
D. Berge
386fd59900 Update API to handle permissions checks on most endpoints 2025-07-24 19:24:40 +02:00
D. Berge
e47020a21e Add /user endpoints to API 2025-07-24 19:23:43 +02:00
D. Berge
b8f58ac67c Add FIXME 2025-07-24 19:20:58 +02:00
D. Berge
b3e27ed1b9 Refactor auth.authentify. 
We now get the user's details directly from the JWT token.
 2025-07-24 19:15:36 +02:00
D. Berge
f5441d186f Refactor auth.access middleware. 
It users @dougal/user and @dougal/organisations classes.
 2025-07-24 19:14:19 +02:00
D. Berge
01d1691def Fix login endpoint (checkValidCredentials is now async) 2025-07-24 19:09:39 +02:00
D. Berge
2657c42dcc Fix export statement 2025-07-13 11:13:31 +02:00
D. Berge
d6fb7404b1 Adapt version.get middleware to new permissions approach 2025-07-13 00:07:52 +02:00
D. Berge
8188766a81 Refactor access to info table. 
To adapt to new permissions system.
 2025-07-13 00:07:05 +02:00
D. Berge
b7ae657137 Add auth.operations middleware. 
Adds an array of allowed operations on given context to the request
under `req.user.operations`.
 2025-07-13 00:02:48 +02:00
D. Berge
7c6d3fe5ee Check permissions against vessel if not on a project endpoint 2025-07-12 16:49:10 +02:00
D. Berge
55855d66e9 Remove dead code 2025-07-12 12:14:12 +02:00
D. Berge
b035d3481c Ensure users have at least read access to most endpoints 2025-07-11 22:49:28 +02:00
D. Berge
ca4a14ffd9 Use new orgs based method for authorisation 2025-07-11 22:48:44 +02:00
D. Berge
6b6f545b9f Filter list of projects to only those readable by user 2025-07-11 22:47:32 +02:00
D. Berge
addbe2d572 Refactor user authentication code to use database 2025-07-11 22:46:47 +02:00
D. Berge
712b20c596 Add API endpoint to retrieve line name properties. 
This will be needed by the configuration GUI.
 2025-07-09 16:38:41 +02:00
D. Berge
e398f2d3cd Stop attempt at sending a spurious 404. 
This was resulting in a bunch of "headers already sent" messages.
 2024-05-09 14:18:56 +02:00
D. Berge
af0df23cc4 Add diagnostics API endpoint. 
Only available with write access and above.

Reports used and available filesystem sizes and database space
usage.
 2024-05-08 16:27:32 +02:00
D. Berge
efe64f0a8c Implement PUT method for project configuration endpoint. 
In short:

POST creates a new project
PUT overwrites a project configuration with a new one
PATCH merges the request body with the existing configuration
 2024-05-01 10:40:04 +02:00
D. Berge
d2f94dbb88 Refactor JWT token verification 2024-05-01 10:05:48 +02:00
D. Berge
1056122fff Fix missing parenthesis 2024-04-28 18:37:30 +02:00
D. Berge
9bd0aca18f Add debugging statements to ETag middleware 2023-11-04 10:45:50 +01:00
D. Berge
60932300c1 Ensure that project is defined. 
Which would not be in the case of the `project` event unless we
look at the `new` and `old` properties.
 2023-11-04 10:45:50 +01:00
D. Berge
12307b7ae6 Refactor ETag watcher to use path-to-regexp. 
Simplifies the code and makes it easier to look at.
 2023-11-04 10:45:50 +01:00
D. Berge
7076b51a25 Add auth.access.role(roles) higher order middleware 2023-11-03 21:22:02 +01:00
D. Berge
fe5ca06060 Return a JSON response for all 404s. 
When an endpoint did not exist, the default expressjs response
was being returned, which is text/html.
 2023-11-03 18:52:31 +01:00
D. Berge
71467dddf9 Report also request body size, if applicable 2023-11-03 18:51:43 +01:00
D. Berge
246f01efbe Report requested URLs and user data in debug mode 2023-11-02 23:52:15 +01:00
D. Berge
68bf853594 Add comments 2023-11-02 23:51:53 +01:00
D. Berge
4a18cb8a81 Remove useless code 2023-11-02 23:51:05 +01:00
D. Berge
c615727acf Don't require authentication for the /version endpoint. 
It will still hide the `db` and `os` values from non-admins though.
 2023-11-02 23:48:46 +01:00
D. Berge
2e21526fca Simplify versions handling 2023-11-02 23:47:13 +01:00
D. Berge
620d5ccf47 Add /version API endpoint 2023-11-02 19:48:30 +01:00
D. Berge
656f776262 Do not cache any responses containing cookies 2023-11-02 13:24:40 +01:00
D. Berge
89cb237f8d Use setContentDisposition() 2023-10-29 20:38:58 +01:00
D. Berge
2365789d48 Merge branch '281-modify-planner-endpoint-s' into 'devel' 
Resolve "Modify planner endpoint(s)"

Closes #281

See merge request wgp/dougal/software!49
 2023-10-25 14:26:23 +00:00
D. Berge
b5aafe42ad Add YAML support to events GET endpoint 2023-10-23 19:24:03 +02:00
D. Berge
025f3f774d Add YAML and CSV support to project configuration GET endpoint 2023-10-23 19:22:50 +02:00
D. Berge
1bb06938b1 Add CSV export handler to main event log endpoint. 
Closes #245.
 2023-10-23 17:28:30 +02:00
D. Berge
851369a0b4 Invalidate planner endpoint cache when setting remarks 2023-10-23 14:58:41 +02:00
D. Berge
2d1e1e9532 Modify return payload of planner endpoint. 
Previous:

[
  { sequence: …},
  { sequence: …},
  …
]

Current:

{
  remarks: "…",
  sequences: [
    { sequence: …},
    { sequence: …},
    …
  ]
}
 2023-10-23 14:53:32 +02:00
D. Berge
09ff96ceee Add events change API endpoint 2023-10-17 11:15:36 +02:00
D. Berge
f231acf109 Add events change middleware 2023-10-17 11:15:06 +02:00
D. Berge
0829ea3ea1 Save a copy of the headers not the original. 
Otherwise ExpressJS will complain about trying to modify
headers that have already been sent.
 2023-09-24 12:17:16 +02:00
D. Berge
ceccc42050 Don't cache response ETags for QC endpoints 2023-09-18 12:06:38 +02:00