mirror of
https://github.com/fosrl/pangolin.git
synced 2026-05-30 12:42:22 +00:00
Compare commits
13 Commits
crowdin_de
...
dependabot
| Author | SHA1 | Date | |
|---|---|---|---|
|
0e0654705f | ||
|
1215aa8122 | ||
|
|
d318a756a8 | ||
|
|
b3c1e49c0c | ||
|
|
dc12b00502 | ||
|
|
1e27acbf88 | ||
|
|
4012cc658d | ||
|
|
84d7a87609 | ||
|
|
9a92be532a | ||
|
|
18ac542e30 | ||
|
|
c74b423bae | ||
|
73e9e830c3 | ||
|
4786fc3a31 |
839
package-lock.json
generated
839
package-lock.json
generated
File diff suppressed because it is too large
Load Diff
34
package.json
34
package.json
@@ -33,10 +33,10 @@
|
||||
},
|
||||
"dependencies": {
|
||||
"@asteasolutions/zod-to-openapi": "8.5.0",
|
||||
"@aws-sdk/client-s3": "3.1047.0",
|
||||
"@aws-sdk/client-s3": "3.1056.0",
|
||||
"@faker-js/faker": "10.4.0",
|
||||
"@headlessui/react": "2.2.10",
|
||||
"@hookform/resolvers": "5.2.2",
|
||||
"@hookform/resolvers": "5.4.0",
|
||||
"@monaco-editor/react": "4.7.0",
|
||||
"@node-rs/argon2": "2.0.2",
|
||||
"@oslojs/crypto": "1.0.1",
|
||||
@@ -83,37 +83,37 @@
|
||||
"express": "5.2.1",
|
||||
"express-rate-limit": "8.5.2",
|
||||
"glob": "13.0.6",
|
||||
"helmet": "8.1.0",
|
||||
"helmet": "8.2.0",
|
||||
"http-errors": "2.0.1",
|
||||
"input-otp": "1.4.2",
|
||||
"ioredis": "5.10.1",
|
||||
"ioredis": "5.11.0",
|
||||
"jmespath": "0.16.0",
|
||||
"js-yaml": "4.1.1",
|
||||
"jsonwebtoken": "9.0.3",
|
||||
"lucide-react": "0.577.0",
|
||||
"lucide-react": "1.17.0",
|
||||
"maxmind": "5.0.6",
|
||||
"moment": "2.30.1",
|
||||
"next": "16.2.6",
|
||||
"next-intl": "4.12.0",
|
||||
"next-intl": "4.13.0",
|
||||
"next-themes": "0.4.6",
|
||||
"nextjs-toploader": "3.9.17",
|
||||
"node-cache": "5.1.2",
|
||||
"nodemailer": "8.0.9",
|
||||
"oslo": "1.2.1",
|
||||
"pg": "8.20.0",
|
||||
"posthog-node": "5.34.1",
|
||||
"pg": "8.21.0",
|
||||
"posthog-node": "5.35.6",
|
||||
"qrcode.react": "4.2.0",
|
||||
"react": "19.2.6",
|
||||
"react-day-picker": "9.14.0",
|
||||
"react-day-picker": "10.0.1",
|
||||
"react-dom": "19.2.6",
|
||||
"react-easy-sort": "1.8.0",
|
||||
"react-hook-form": "7.75.0",
|
||||
"react-hook-form": "7.76.1",
|
||||
"react-icons": "5.6.0",
|
||||
"recharts": "3.8.1",
|
||||
"reodotdev": "1.1.0",
|
||||
"semver": "7.8.1",
|
||||
"sshpk": "1.18.0",
|
||||
"stripe": "20.4.1",
|
||||
"stripe": "22.2.0",
|
||||
"swagger-ui-express": "5.0.1",
|
||||
"tailwind-merge": "3.6.0",
|
||||
"topojson-client": "3.1.0",
|
||||
@@ -124,7 +124,7 @@
|
||||
"visionscarto-world-atlas": "1.0.0",
|
||||
"winston": "3.19.0",
|
||||
"winston-daily-rotate-file": "5.0.0",
|
||||
"ws": "8.20.1",
|
||||
"ws": "8.21.0",
|
||||
"yaml": "2.9.0",
|
||||
"yargs": "18.0.0",
|
||||
"zod": "4.4.3",
|
||||
@@ -135,7 +135,7 @@
|
||||
"@esbuild-plugins/tsconfig-paths": "0.1.2",
|
||||
"@react-email/ui": "^6.5.0",
|
||||
"@tailwindcss/postcss": "4.3.0",
|
||||
"@tanstack/react-query-devtools": "5.100.10",
|
||||
"@tanstack/react-query-devtools": "5.100.14",
|
||||
"@types/better-sqlite3": "7.6.13",
|
||||
"@types/cookie-parser": "1.4.10",
|
||||
"@types/cors": "2.8.19",
|
||||
@@ -150,7 +150,7 @@
|
||||
"@types/nodemailer": "8.0.0",
|
||||
"@types/nprogress": "0.2.3",
|
||||
"@types/pg": "8.20.0",
|
||||
"@types/react": "19.2.14",
|
||||
"@types/react": "19.2.15",
|
||||
"@types/react-dom": "19.2.3",
|
||||
"@types/semver": "7.7.1",
|
||||
"@types/sshpk": "1.17.4",
|
||||
@@ -164,18 +164,18 @@
|
||||
"esbuild-node-externals": "1.22.0",
|
||||
"eslint": "10.4.0",
|
||||
"eslint-config-next": "16.2.6",
|
||||
"postcss": "8.5.14",
|
||||
"postcss": "8.5.15",
|
||||
"prettier": "3.8.3",
|
||||
"react-email": "6.5.0",
|
||||
"tailwindcss": "4.3.0",
|
||||
"tsc-alias": "1.8.17",
|
||||
"tsx": "4.22.0",
|
||||
"tsx": "4.22.3",
|
||||
"typescript": "6.0.3",
|
||||
"typescript-eslint": "8.60.0"
|
||||
},
|
||||
"overrides": {
|
||||
"esbuild": "0.28.0",
|
||||
"dompurify": "3.4.0",
|
||||
"postcss": "8.5.14"
|
||||
"postcss": "8.5.15"
|
||||
}
|
||||
}
|
||||
|
||||
@@ -3,6 +3,7 @@ import {
|
||||
clientSiteResources,
|
||||
domains,
|
||||
orgDomains,
|
||||
roleActions,
|
||||
roles,
|
||||
roleSiteResources,
|
||||
Site,
|
||||
@@ -19,6 +20,7 @@ import { sites } from "@server/db";
|
||||
import { eq, and, ne, inArray, or, isNotNull } from "drizzle-orm";
|
||||
import { Config } from "./types";
|
||||
import logger from "@server/logger";
|
||||
import { defaultRoleAllowedActions } from "@server/routers/role/createRole";
|
||||
import { getNextAvailableAliasAddress } from "../ip";
|
||||
import { createCertificate } from "#dynamic/routers/certificates/createCertificate";
|
||||
|
||||
@@ -332,8 +334,7 @@ export async function updateClientResources(
|
||||
}
|
||||
|
||||
if (resourceData.roles.length > 0) {
|
||||
// Re-add specified roles but we need to get the roleIds from the role name in the array
|
||||
const rolesToUpdate = await trx
|
||||
const existingRoles = await trx
|
||||
.select()
|
||||
.from(roles)
|
||||
.where(
|
||||
@@ -343,7 +344,28 @@ export async function updateClientResources(
|
||||
)
|
||||
);
|
||||
|
||||
const roleIds = rolesToUpdate.map((role) => role.roleId);
|
||||
const foundNames = new Set(existingRoles.map((r) => r.name));
|
||||
const missingNames = resourceData.roles.filter(
|
||||
(n) => !foundNames.has(n)
|
||||
);
|
||||
|
||||
for (const name of missingNames) {
|
||||
const [created] = await trx
|
||||
.insert(roles)
|
||||
.values({ name, orgId })
|
||||
.returning();
|
||||
await trx.insert(roleActions).values(
|
||||
defaultRoleAllowedActions.map((action) => ({
|
||||
roleId: created.roleId,
|
||||
actionId: action,
|
||||
orgId
|
||||
}))
|
||||
);
|
||||
existingRoles.push(created);
|
||||
logger.info(`Auto-created role "${name}" in org ${orgId} from blueprint`);
|
||||
}
|
||||
|
||||
const roleIds = existingRoles.map((role) => role.roleId);
|
||||
|
||||
await trx
|
||||
.insert(roleSiteResources)
|
||||
@@ -444,8 +466,7 @@ export async function updateClientResources(
|
||||
});
|
||||
|
||||
if (resourceData.roles.length > 0) {
|
||||
// get roleIds from role names
|
||||
const rolesToUpdate = await trx
|
||||
const existingRoles = await trx
|
||||
.select()
|
||||
.from(roles)
|
||||
.where(
|
||||
@@ -455,7 +476,28 @@ export async function updateClientResources(
|
||||
)
|
||||
);
|
||||
|
||||
const roleIds = rolesToUpdate.map((role) => role.roleId);
|
||||
const foundNames = new Set(existingRoles.map((r) => r.name));
|
||||
const missingNames = resourceData.roles.filter(
|
||||
(n) => !foundNames.has(n)
|
||||
);
|
||||
|
||||
for (const name of missingNames) {
|
||||
const [created] = await trx
|
||||
.insert(roles)
|
||||
.values({ name, orgId })
|
||||
.returning();
|
||||
await trx.insert(roleActions).values(
|
||||
defaultRoleAllowedActions.map((action) => ({
|
||||
roleId: created.roleId,
|
||||
actionId: action,
|
||||
orgId
|
||||
}))
|
||||
);
|
||||
existingRoles.push(created);
|
||||
logger.info(`Auto-created role "${name}" in org ${orgId} from blueprint`);
|
||||
}
|
||||
|
||||
const roleIds = existingRoles.map((role) => role.roleId);
|
||||
|
||||
await trx
|
||||
.insert(roleSiteResources)
|
||||
|
||||
@@ -8,6 +8,7 @@ import {
|
||||
resourcePincode,
|
||||
resourceRules,
|
||||
resourceWhitelist,
|
||||
roleActions,
|
||||
roleResources,
|
||||
roles,
|
||||
Target,
|
||||
@@ -36,6 +37,7 @@ import { isValidRegionId } from "@server/db/regions";
|
||||
import { isLicensedOrSubscribed } from "#dynamic/lib/isLicencedOrSubscribed";
|
||||
import { fireHealthCheckUnknownAlert } from "@server/lib/alerts";
|
||||
import { tierMatrix } from "../billing/tierMatrix";
|
||||
import { defaultRoleAllowedActions } from "@server/routers/role/createRole";
|
||||
|
||||
export type ProxyResourcesResults = {
|
||||
proxyResource: Resource;
|
||||
@@ -925,14 +927,26 @@ async function syncRoleResources(
|
||||
.where(eq(roleResources.resourceId, resourceId));
|
||||
|
||||
for (const roleName of ssoRoles) {
|
||||
const [role] = await trx
|
||||
let [role] = await trx
|
||||
.select()
|
||||
.from(roles)
|
||||
.where(and(eq(roles.name, roleName), eq(roles.orgId, orgId)))
|
||||
.limit(1);
|
||||
|
||||
if (!role) {
|
||||
throw new Error(`Role not found: ${roleName} in org ${orgId}`);
|
||||
const [created] = await trx
|
||||
.insert(roles)
|
||||
.values({ name: roleName, orgId })
|
||||
.returning();
|
||||
await trx.insert(roleActions).values(
|
||||
defaultRoleAllowedActions.map((action) => ({
|
||||
roleId: created.roleId,
|
||||
actionId: action,
|
||||
orgId
|
||||
}))
|
||||
);
|
||||
role = created;
|
||||
logger.info(`Auto-created role "${roleName}" in org ${orgId} from blueprint`);
|
||||
}
|
||||
|
||||
if (role.isAdmin) {
|
||||
|
||||
@@ -93,6 +93,20 @@ export const queryAccessAuditLogsCombined = queryAccessAuditLogsQuery.merge(
|
||||
);
|
||||
type Q = z.infer<typeof queryAccessAuditLogsCombined>;
|
||||
|
||||
function sortNamedFilterOptions<T extends { id: number; name: string | null }>(
|
||||
items: T[]
|
||||
): T[] {
|
||||
return [...items].sort((a, b) => {
|
||||
const nameA = a.name ?? "";
|
||||
const nameB = b.name ?? "";
|
||||
|
||||
if (nameA < nameB) return -1;
|
||||
if (nameA > nameB) return 1;
|
||||
|
||||
return a.id - b.id;
|
||||
});
|
||||
}
|
||||
|
||||
function getWhere(data: Q) {
|
||||
return and(
|
||||
gt(accessAuditLog.timestamp, data.timeStart),
|
||||
@@ -308,7 +322,7 @@ async function queryUniqueFilterAttributes(
|
||||
actors: uniqueActors
|
||||
.map((row) => row.actor)
|
||||
.filter((actor): actor is string => actor !== null),
|
||||
resources: resourcesWithNames,
|
||||
resources: sortNamedFilterOptions(resourcesWithNames),
|
||||
locations: uniqueLocations
|
||||
.map((row) => row.locations)
|
||||
.filter((location): location is string => location !== null)
|
||||
|
||||
@@ -107,6 +107,20 @@ export const queryConnectionAuditLogsCombined =
|
||||
queryConnectionAuditLogsQuery.merge(queryConnectionAuditLogsParams);
|
||||
type Q = z.infer<typeof queryConnectionAuditLogsCombined>;
|
||||
|
||||
function sortNamedFilterOptions<T extends { id: number; name: string | null }>(
|
||||
items: T[]
|
||||
): T[] {
|
||||
return [...items].sort((a, b) => {
|
||||
const nameA = a.name ?? "";
|
||||
const nameB = b.name ?? "";
|
||||
|
||||
if (nameA < nameB) return -1;
|
||||
if (nameA > nameB) return 1;
|
||||
|
||||
return a.id - b.id;
|
||||
});
|
||||
}
|
||||
|
||||
function getWhere(data: Q) {
|
||||
return and(
|
||||
gt(connectionAuditLog.startedAt, data.timeStart),
|
||||
@@ -425,7 +439,7 @@ async function queryUniqueFilterAttributes(
|
||||
.map((row) => row.destAddr)
|
||||
.filter((addr): addr is string => addr !== null),
|
||||
clients: clientsWithNames,
|
||||
resources: resourcesWithNames,
|
||||
resources: sortNamedFilterOptions(resourcesWithNames),
|
||||
users: usersWithEmails
|
||||
};
|
||||
}
|
||||
|
||||
@@ -86,6 +86,20 @@ export const queryRequestAuditLogsCombined = queryAccessAuditLogsQuery.merge(
|
||||
);
|
||||
type Q = z.infer<typeof queryRequestAuditLogsCombined>;
|
||||
|
||||
function sortNamedFilterOptions<T extends { id: number; name: string | null }>(
|
||||
items: T[]
|
||||
): T[] {
|
||||
return [...items].sort((a, b) => {
|
||||
const nameA = a.name ?? "";
|
||||
const nameB = b.name ?? "";
|
||||
|
||||
if (nameA < nameB) return -1;
|
||||
if (nameA > nameB) return 1;
|
||||
|
||||
return a.id - b.id;
|
||||
});
|
||||
}
|
||||
|
||||
function getWhere(data: Q) {
|
||||
return and(
|
||||
gt(requestAuditLog.timestamp, data.timeStart),
|
||||
@@ -353,7 +367,7 @@ async function queryUniqueFilterAttributes(
|
||||
actors: uniqueActors
|
||||
.map((row) => row.actor)
|
||||
.filter((actor): actor is string => actor !== null),
|
||||
resources: resourcesWithNames,
|
||||
resources: sortNamedFilterOptions(resourcesWithNames),
|
||||
locations: uniqueLocations
|
||||
.map((row) => row.locations)
|
||||
.filter((location): location is string => location !== null),
|
||||
|
||||
Reference in New Issue
Block a user