calvin.erfmann/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-06-06 15:50:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,016 Commits 28 Branches 76 Tags
527d4cc7774eee79aa497ec2ed518e1b6451fa7a
Commit Graph

107 Commits

Author SHA1 Message Date
Owen Schwartz
aac25f0a53 Merge pull request #3214 from marcschaeferger/dev 
Prevent cross-org site binding in target create/update
 2026-06-04 10:11:53 -07:00
Owen
c1d933259a Fix some ui form issues 2026-05-31 11:57:01 -07:00
Owen
5cc88dc73f Pull the session from badger 2026-05-31 11:11:26 -07:00
Marc Schäfer
f617f93a94 test(middleware): add regression tests for cross-org site binding prevention 
Test the org-match logic in verifySiteAccess:
- Same org: allowed
- Cross-org: rejected with 403
- No prior org context (site-only routes): check skipped, normal flow

Test route stack ordering:
- verifySiteAccess runs after verifyResourceAccess/verifyTargetAccess
- verifySiteAccess runs before the target create/update handler

Test security scenarios for both WireGuard and newt site types.

Signed-off-by: Marc Schäfer <git@marcschaeferger.de>
 2026-05-29 22:57:39 +00:00
Marc Schäfer
51629247a5 fix(middleware): prevent cross-org site binding in target create/update 
Extend verifySiteAccess to check that when req.userOrgId is already set
by a prior middleware (e.g. verifyResourceAccess/verifyTargetAccess), the
site from req.body.siteId belongs to the same organization. This prevents
the cross-organization tunnel boundary bypass where an attacker with
resource access in one org binds that resource's target to a site in
another org.

Add verifySiteAccess to both target route stacks:
- PUT /resource/:resourceId/target (after verifyResourceAccess)
- POST /target/:targetId (after verifyTargetAccess)

The org-match check runs before req.userOrg is overwritten, so the
resource's organization context is preserved for comparison.

Signed-off-by: Marc Schäfer <git@marcschaeferger.de>
 2026-05-29 22:44:16 +00:00
Owen
b071fa2c9f Be able to pull users from the proxy 2026-05-29 15:34:34 -07:00
Owen
f8a757c55f Merge branch 'resource-policies' into dev 2026-05-28 15:30:16 -07:00
Marc Schäfer
18d380ce30 fix(security): normalize request parameters and update dependencies 
Signed-off-by: Marc Schäfer <git@marcschaeferger.de>
 2026-05-15 18:35:58 +00:00
Owen
5922bfb1a0 Fix API endpoint action issues 2026-05-04 16:01:40 -07:00
Owen
a80ae49a33 Support multiple roles 2026-05-04 14:54:20 -07:00
Owen
660197eef1 Merge branch 'feat/resource-policies' into resource-policies 2026-05-04 14:40:44 -07:00
Owen
f932cc7aca Fix status history and show on the health check 2026-04-16 20:55:21 -07:00
Owen
6484e8e302 Make work for demo 2026-03-30 16:57:36 -07:00
Owen
9dc9b6a2c3 Merge branch 'logging-provision' into dev 2026-03-29 13:59:14 -07:00
miloschwartz
e13a076939 ui improvements 2026-03-26 16:37:31 -07:00
miloschwartz
0fecbe704b Merge branch 'dev' into multi-role 2026-03-24 22:01:13 -07:00
miloschwartz
7db58f920c add site provisioning key crud 2026-03-24 16:19:00 -07:00
ChanningHe
94353aea44 feat(integration): add domain CRUD endpoints to integration API 2026-03-03 14:54:17 -08:00
Fred KISSIE
3143662f82 Merge branch 'dev' into feat/resource-policies 2026-03-02 15:53:00 +01:00
Fred KISSIE
c292578f80 Merge branch 'dev' into feat/resource-policies 2026-02-28 01:08:12 +01:00
Fred KISSIE
c5231d37f6 🚧 wip 2026-02-26 19:20:15 +01:00
ChanningHe
52f26396ac feat(integration): add domain CRUD endpoints to integration API 2026-02-26 08:44:55 +09:00
miloschwartz
20e547a0f6 first pass 2026-02-24 17:58:11 -08:00
Owen
5e37c4e85f Resolve potential issues with processing roleIds 2026-02-18 13:55:04 -08:00
Fred KISSIE
ee21e1faa7 🚧 list authentication items from policy APIs 2026-02-18 05:08:42 +01:00
Owen
9711a0fb8e Continue to clean things up 2026-02-11 10:06:56 -08:00
Owen
7d6ee72025 Finish adding limits checks to all put and post 2026-02-11 10:06:56 -08:00
Owen
193b7ff21e Adding limit checks 2026-02-11 10:06:55 -08:00
miloschwartz
0a537c6830 add org only idp to integration api 2026-01-11 10:47:19 -08:00
Owen
f9b03943c3 Format all files 2025-12-09 10:56:14 -05:00
miloschwartz
2418813902 add sqlite migration 2025-12-07 12:58:01 -05:00
miloschwartz
9010803046 fix verifySiteAccess middleware 2025-12-07 11:40:06 -05:00
miloschwartz
d7e06161a8 use niceId for client routes 2025-12-06 20:31:20 -05:00
miloschwartz
5afff3c662 add extra org policy checks to middlewares 2025-12-03 15:50:24 -05:00
miloschwartz
357f297a3e remove enable_clients flag from config 2025-12-03 15:02:39 -05:00
miloschwartz
ac68dbd545 add my-device and force login 2025-11-25 10:51:53 -05:00
miloschwartz
e51fca1f61 add clients to resource 2025-11-07 16:33:17 -08:00
miloschwartz
76d54b2d0f add add/remove user/roles to siteResources/resources to integration api 2025-11-06 21:27:01 -08:00
miloschwartz
2274a3525b update olm and client routes 2025-11-06 20:12:54 -08:00
miloschwartz
85892c30b2 add site resource modes and alias 2025-11-05 15:24:07 -08:00
miloschwartz
e51b6b545e add users and roles to site resources 2025-11-05 12:24:50 -08:00
miloschwartz
e888b76747 complete web device auth flow 2025-11-03 11:10:17 -08:00
Owen
a38cb961c7 Create missing stubs 2025-10-27 13:45:24 -07:00
Owen
b59a6b82ef Merge branch 'dev' into user-compliance 2025-10-27 10:37:53 -07:00
Owen
a0f05cc77b Resolve export of logActionAudit 2025-10-27 10:09:06 -07:00
miloschwartz
39d6b93d42 enforce max session length 2025-10-24 16:14:21 -07:00
miloschwartz
629f17294a 2fa policy check working 2025-10-24 14:31:50 -07:00
miloschwartz
ddcf77a62d add basic org policy check in middleware 2025-10-23 18:15:00 -07:00
Owen
1f50bc3752 Add logActionAudit and query endpoint 2025-10-19 21:53:00 -07:00
miloschwartz
37ceabdf5d add enterprise license system 2025-10-13 10:41:10 -07:00