56 Commits

Author	SHA1	Message	Date
Chad Roberts	489e557d5f	Update to golangci-lint and fix linting errors discovered by the updated version. (#602)	2025-02-18 12:18:36 -08:00
Peter Matseykanets	a6a6cf5696	[2.8] Fixes (#471) ... [v2.8.s3] Html escaping [2.8] Bump API-UI version --------- Co-authored-by: Kevin Joiner <10265309+KevinJoiner@users.noreply.github.com> Co-authored-by: pdellamore <pietro.dellamore@suse.com>	2024-02-05 10:46:41 -05:00
Guilherme Macedo	f26b9fcbeb	Bump API-UI version ... Signed-off-by: Guilherme Macedo <guilherme.macedo@suse.com>	2023-04-25 16:33:01 -03:00
Steffan Tucker	1e41884a06	Fix golangci-lint issues ... As part of updating dapper files, golangci-lint was set to be used. This caused a lot of lint issues to crop up, which this fixes.	2022-07-26 10:40:30 -06:00
Kevin Joiner	bbb7a54593	updated cookie token size	2022-06-09 11:34:57 -04:00
Darren Shepherd	da77031944	Set x-frame-options to sameorigin	2021-04-22 17:08:42 -07:00
Darren Shepherd	c7ba5c4dcd	JSON encode schemas URL passed to html template	2021-02-02 15:03:33 -07:00
Vincent Fiduccia	f894f8fc5d	CSRF Cookie fixes ... - Only set the cookie if it doesn't exist - Always mark it secure (it was previously getting re-sent as not) -.Check the value against the header even if there was no value (so that a request that is missing the cookie but should have had one fails).	2020-02-24 15:50:44 -07:00
kinarashah	1cd0504405	set secure for CSRF cookie	2019-05-01 13:29:53 -07:00
Dan Ramich	9ba19df9be	Add Frame-Options header ... Problem: Frame-Options header is not being set, this is a potential secutiry issue Solution: Set the header "X-Frame-Options:deny"	2019-02-15 16:45:10 -07:00
Craig Jellick	b694ecb0eb	Log panics as error ... The defaul http server logs panics to the server's log handler. That goes to debug level and thus panics are not seen when running rancher at a normal log level. This fixes the problem by catching the panic at the top level norman http handler and logging them as errors there.	2019-02-11 11:59:18 -07:00
orangedeng	6fec205069	Dynamically response the JS and CSS of API UI	2018-10-31 14:48:25 +08:00
loganhz	2af274f953	API-UI 1.1.5 ... https://github.com/rancher/rancher/issues/13732	2018-07-24 14:33:56 -07:00
Darren Shepherd	f33accee7c	Add InputFormatter that runs before the builder/validation	2018-07-19 10:23:17 -07:00
Dan Ramich	aecae32b4a	Fix pagination ... Problem: Pagination is not showing up Solution: Pagination was being created properly but then dropped in favor of an empty version. Save the pagination on the context so it can be accessed later and not reset.	2018-06-25 15:34:52 -07:00
Daishan Peng	59c4a298e8	add yaml support	2018-06-04 16:44:48 -07:00
Nathan Jenan	7fed8b17a8	Filter resources on default fields ... This change gives norman the ability to filter api requests based on the default value of fields. Before, it would filter on the actual data in the resource, and then apply default values to the resource before returning. Issue: https://github.com/rancher/rancher/issues/13418	2018-05-16 10:15:34 -07:00
Darren Shepherd	0e1438b372	Add Create to access	2018-04-19 21:57:01 -07:00
Darren Shepherd	4cf9f645cd	Refactor access control to return error not bool	2018-03-31 03:13:22 -07:00
Darren Shepherd	b5aef8d08d	Don't log conflicts as much	2018-03-22 15:55:44 -07:00
Craig Jellick	723fdccf80	Add function for parsing and validating an action	2018-03-15 09:10:03 -07:00
Darren Shepherd	2a6c821309	Add subContext data to validation	2018-02-26 16:14:39 -07:00
Darren Shepherd	45214c311d	Return 404 when no store is configured (not 200)	2018-02-14 10:59:23 -07:00
Darren Shepherd	722cedfe01	Major refactor of subcontexts	2018-02-09 13:45:22 -07:00
Craig Jellick	65807e9372	Distinguish between listing and getting ... We now have resources (subtypes of authConfig) that can be retrieved by ID but their collections are not viewable. This change is needed to suppport that.	2018-01-31 19:30:51 -07:00
Darren Shepherd	87d5ab06b9	Change RequestHandler signature	2018-01-30 23:56:30 +00:00
Darren Shepherd	1369734139	Fix panic when posting to /	2018-01-26 04:16:12 +00:00
Craig Jellick	990db51407	more collection action code	2018-01-20 01:12:19 -07:00
Darren Shepherd	d170661103	Add CollectionFormatter	2018-01-19 23:28:57 -07:00
Darren Shepherd	8982c1cc59	write writeOnly fields on create	2018-01-20 04:31:39 +00:00
Darren Shepherd	d4e7ad28b8	Don't check for object in collection actions	2018-01-17 23:37:53 +00:00
Darren Shepherd	942bde06d7	Validate subtypes in create/update	2018-01-17 23:37:53 +00:00
Darren Shepherd	245c089cd5	Put in stubs for dynamic access control on schemas	2018-01-17 01:06:57 +00:00
Darren Shepherd	e92239b78a	Ensure one can read the object with an action before running actionhandler	2018-01-16 19:54:43 +00:00
Darren Shepherd	76b1e1b679	Allow lookup of object without returning it	2018-01-16 19:54:43 +00:00
Darren Shepherd	de274b2eba	API-UI 1.1.4	2018-01-04 04:56:03 +00:00
Darren Shepherd	790bd1ec07	Write headers later in request	2017-12-30 02:22:38 +00:00
Darren Shepherd	b07bc3177e	Only create links to listable types	2017-12-29 22:23:14 +00:00
Darren Shepherd	f5e2adb427	Attempt to fix CSRF, still untested though	2017-12-29 22:23:14 +00:00
Darren Shepherd	2b7bc0968a	Delete unused code	2017-12-29 22:23:14 +00:00
Daishan Peng	026837668c	use patch for update, fix namespace actions	2017-12-29 22:08:51 +00:00
Darren Shepherd	92df95cf7f	api-ui 1.1.3	2017-12-28 16:49:51 +00:00
Darren Shepherd	eec4103473	Make queryopts be a pointer	2017-12-28 16:49:51 +00:00
Darren Shepherd	2550f12a9a	Add offspring controller	2017-12-19 21:44:02 -07:00
Darren Shepherd	bfcad0d1b1	Enable access control	2017-12-18 13:59:56 -07:00
Darren Shepherd	627e06e37f	Enable dynamic schemas	2017-12-16 01:30:46 -07:00
Darren Shepherd	480747082c	Return deleted object on delete if possible	2017-12-16 01:30:46 -07:00
Craig Jellick	df13831994	workaround unimplementd ref validator	2017-12-15 19:37:22 -07:00
Darren Shepherd	9dcef33943	Generate backreference links	2017-12-13 08:55:24 -07:00
Darren Shepherd	d0aef1eafd	Add store helpers	2017-12-12 08:48:17 -07:00