Release/1.4 #1260
Merged
Release/1.4 #1260
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ion (#1075) * migrations for multi-address peers * wip deal with most of the db issues resulting from network device address type change TODO: * fix address assignment * ... * Simplify WireguardNetworkDevice::wireguard_ip sql * wip deal with typing issues after multiaddress mods TODO: multiaddress on all network and device related structs * CommaSeparated helper trait * linting * Multi-address handling when creating new network device * Cleanup * update sqlx fixtures * fix tests, todos * Update protos * wip separate firewall rules for ipv4 and ipv6 * sqlx fixtures * Fix UserDevice::from_device sql query, remove WireguardNetwork::get_ip_version method * update protos * create_rules helper function * cleanup * make tests compile * fix downmigration * create_rules method takes ip version as arg, fix tests * Only add ipv4/6 rules if network has ipv4/6 addresses * test_generate_firewall_rules_ipv6 * Firewall ipv6 and ipv4+ipv6 tests * test_generate_firewall_rules_ipv4_and_ipv6 * fix test_network_devices test * Imports for wg configs with multiple addresses * fix mapped devices * Update validator for "map imported device" form * Find IPs for a new network device in all networks * wip * frontend displayes multiple ip recommendations * wip further frontend mods related to multi-address functionality * fix form validation * Vec of IPs in UserDeviceNetworkInfo, rename wireguard_ip -> wireguard_ips * More renames and ip arrays * wireguard_ips array in stats types * WireguardDeviceStatsRow as Vec<String> * update defguard-ui * fix new device email template * wip deduplicate ip check utility functions * IP assignment validation * fix overview types * multiple addresses fixes * Fix NetworkDeviceInfo::from_device function for multiple addresses. * Fix network device address reassignment * Fix down migration * Rename wireguard_ip -> wireguard_ips * Fix tests * IP assignment tests * Fix network device update handler * Improve log * Reuse can_assign_ips method in assign_next_network_ip * Take device's own IP into account during readdressing * sqlx fixtures * Fix readdressing when adding new network address * Fix ips in mapped devices during network import * Remove unused method * Cleanup * Rename helper trait CommaSeparated -> AsCsv * Logs, style and linter changes * Partition device ips * fix tests * update protos * formatting * lint fix * review fixes * formatting * reorder migrations * update dependencies * fix deprecation warnings * update allowed licenses --------- Co-authored-by: Filip Ślęzak <[email protected]> Co-authored-by: Maciej Wójcik <[email protected]>
* setup overview-index * index up * overview index working wip update * update stats view * complete overview index page * refactor overview state to account for new routing * fix tests, add docstrings * more docstrings * styles update * fix clippy warning --------- Co-authored-by: Maciej Wójcik <[email protected]>
backport ACL hotfix from 1.3.1
* switch to virtual workspace * update flake inputs * update dockerfile --------- Co-authored-by: Maciej Wójcik <[email protected]>
* Setup CI e2e debugging * Use html reporter for gh actions * Force "Edit user" button click * Fix version for defguard_core crate * Fix multiaddr ip equality in e2e tests * Redirect to wizard from overview-index page if no networks * Fix wizard redirects * Cleanup * Linter fixes * Fix redirect after network deletion * Run e2e tests @ CI * Add isStale hook dependency * Restore original CI configuration * Comment out react-query-devtools
* put web UI in a separate crate * update flake inputs * fix formatting * update dependencies --------- Co-authored-by: Maciej Wójcik <[email protected]>
Co-authored-by: Maciej Wójcik <[email protected]>
* activity mock UI * add basic skeleton of the event model * add basic handlder skeleton with pagination * a bit of cleanup * update query data * sketch out general event service setup * inifnite scroll audit log with next page detection * implement a basic loop for the event logger * implement base event logging flow * add helper method for sending events * remove unnecessary DB pool from mail handler * refactor logger message and add helper to log events * add router module documentation * split router logic into smaller functions * milify list count display * reorder migrations * add filtering by modules * implement sorting * add username to audit log event * add sorting by IP * linter fixes * remove details column * add EventType enum * update query data * change default sort order * add search support * add search support * store username in audit log table * update dependencies * filter events for non-admin users * Update defguard-ui * upgrade web packages * fix missing package * fix username query filter * remove FK constraint to avoid deletions * add user id to audit log events * add device-related logging * expect UTC timestamp in API request query param * refactor group filters modal to accept string vlaues * fix params parsing for axum compatible arrays * add time filtering to activity view * display timestamp in activity list as local time * fix timestamp formatting in activity list * add search to activity list * add more logger event types * add placeholder logic * Translate event type and module in activtivy list * extract router and logger into separate crates * setup event channels for grpc servers * pass event tx to bidi services * Continued work on activity stream (#1186) * DRY ApiEvent struct * Handle device add/modified/removed events * User event variants, impl FromRequestParts for ApiRequestContext * Use context from request parts for all User events * Refactor handle_api_event method * MFA enabled/disabled events * Totp, email, mfa security key events TODO: send events on security key ops * Don't rename owner field * NetworkDevice Added/Modified/Removed events TODO: handle removed * Add network device frontend types and translations * NetworkDevice event handling * Cargo fmt * Use context extractor in add_user handler * Metadata handling is going to change, skip filtering over it for now * Handle network device edge-cases * Cache SessionInfo in extractors for downstream use * Move audit log metadata to separate module * Remove unused import * Linter fixes * Allow dead code * Mark unused variables * Add event router and logger to cargo-deny license exceptions * Fix integration tests - rx dropped before tests end * Fix logout handler --------- Co-authored-by: Filip Ślęzak <[email protected]> Co-authored-by: Maciej Wójcik <[email protected]> Co-authored-by: Filip Ślęzak <[email protected]> Co-authored-by: Jacek Chmielewski <[email protected]>
* activity mock UI * add basic skeleton of the event model * add basic handlder skeleton with pagination * a bit of cleanup * update query data * sketch out general event service setup * inifnite scroll audit log with next page detection * implement a basic loop for the event logger * implement base event logging flow * add helper method for sending events * remove unnecessary DB pool from mail handler * refactor logger message and add helper to log events * add router module documentation * split router logic into smaller functions * milify list count display * reorder migrations * add filtering by modules * implement sorting * add username to audit log event * add sorting by IP * linter fixes * remove details column * add EventType enum * update query data * change default sort order * add search support * add search support * store username in audit log table * update dependencies * filter events for non-admin users * Update defguard-ui * upgrade web packages * fix missing package * fix username query filter * remove FK constraint to avoid deletions * add user id to audit log events * add device-related logging * expect UTC timestamp in API request query param * refactor group filters modal to accept string vlaues * fix params parsing for axum compatible arrays * add time filtering to activity view * display timestamp in activity list as local time * fix timestamp formatting in activity list * add search to activity list * add more logger event types * add placeholder logic * Translate event type and module in activtivy list * extract router and logger into separate crates * setup event channels for grpc servers * pass event tx to bidi services * audit stream manager backend * vector http audit streaming ui * fix merge * update .editorconfig * review changes * review changes * review changes * review changes * fix enterprise detection on setting tab * stream manager react to license changes * add tls support for vector http audit stream * add logstash destination for audit logs streaming * cleanup logstash audit stream destination * unify http audit stream task * review changes * Recreate Cargo.lock * Post-merge fixes * Recreate pnpm-lock and translation types * Add audit stream ts types and translations * Remove unused function * Add vector, logstash docker-compose services * User events * fix ui bugs * fix overview routing * Refactor audit stream manager * upgrade web --------- Co-authored-by: Maciej Wójcik <[email protected]> Co-authored-by: Jacek Chmielewski <[email protected]>
* activity mock UI * add basic skeleton of the event model * add basic handlder skeleton with pagination * a bit of cleanup * update query data * sketch out general event service setup * inifnite scroll audit log with next page detection * implement a basic loop for the event logger * implement base event logging flow * add helper method for sending events * remove unnecessary DB pool from mail handler * refactor logger message and add helper to log events * add router module documentation * split router logic into smaller functions * milify list count display * reorder migrations * add filtering by modules * implement sorting * add username to audit log event * add sorting by IP * linter fixes * remove details column * add EventType enum * update query data * change default sort order * add search support * add search support * store username in audit log table * update dependencies * filter events for non-admin users * Update defguard-ui * upgrade web packages * fix missing package * fix username query filter * remove FK constraint to avoid deletions * add user id to audit log events * add device-related logging * expect UTC timestamp in API request query param * refactor group filters modal to accept string vlaues * fix params parsing for axum compatible arrays * add time filtering to activity view * display timestamp in activity list as local time * fix timestamp formatting in activity list * add search to activity list * add more logger event types * add placeholder logic * Translate event type and module in activtivy list * extract router and logger into separate crates * setup event channels for grpc servers * pass event tx to bidi services * store map of connected clients in memory * emit client connected event * log audit event on VPN client connection * revert unintended merge changes * handle client disconnect * handle emitting client disconnect events * include ID in device name * remove commented out code * update dependencies --------- Co-authored-by: Filip Ślęzak <[email protected]> Co-authored-by: Maciej Wójcik <[email protected]> Co-authored-by: Filip Ślęzak <[email protected]>
Move changes from main to dev (pre 1.4)
* handle VPN client events in logger * fix typo * update frontend event types * add translations --------- Co-authored-by: Maciej Wójcik <[email protected]>
* add mfa login events * remove unnecessary event * remove duplicate event * rename helper method * log failed logins * update frontend event types * add event for using a recovery code * emit mfa login events * emit MFA login failed events * rename field kind -> event --------- Co-authored-by: Maciej Wójcik <[email protected]>
… release/1.4-alpha
* rename DB tables * rename all relevant files * rename relevant structs * update error * update api handler functions * update list endpoint * update api endpoints * rename remaining backend stuff * update query data * update remaining crates * finish renaming frontend stuff --------- Co-authored-by: Maciej Wójcik <[email protected]>
* wip on mfa client connected * wip user connected to mfa location event * Log VPN MFA events * Full MFA client connection event handling * Rename EventType variant * Formatting * ClientMfaServer::emit_event method * Add MFA method to client connection event * Desktop client MFA failed event + handling * Translations for client MFA events * Implement internal events, emit mfa client disconnected event * Implement InternalEventContext * Log mfa client disconnected event * Add translations for "client disconnected from mfa" location event * Store router receivers in dedicated struct * Generate sqlx query data
Co-authored-by: Maciej Wójcik <[email protected]>
Co-authored-by: Maciej Wójcik <[email protected]>
* refactor how clients are disconnected * avoid marking inactive peers as connected --------- Co-authored-by: Maciej Wójcik <[email protected]>
* Add client IP to emmited client mfa login event * formatting * Define enrollment events, handle EnrollmentCompleted event * Emit all enrollment events * Formatting, clippy issues * Password reset start/complete events * Password reset requested event * Comment * Remove non-backend events, log password reset events * TS types and translations for enrollment events * Remove unnecessary linter allows * Remove config-polling events * Faile when unable to retrieve client IP address * Formatting, linting * Update proto module * Update protos
* update firewall on each network sync * send firewall update when device is created during enrollment --------- Co-authored-by: Maciej Wójcik <[email protected]>
Co-authored-by: Maciej Wójcik <[email protected]>
* add support for multiple ous * more tests, move tests to dedicated file * sqlx prepare * clippy fix
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
…in permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
…in permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
* extract largest possible subnet when merging address ranges * don't process networks separately * avoid extracting one-element subnets * update tests * handle multiple subnets in range * change where single IP ranges are handled * fixing tests * Simplify * Small fixes * handle subnets not aligned with range start * simplify conversion * fix tests for merging addrs * fix previous firewall tests --------- Co-authored-by: Maciej Wójcik <[email protected]> Co-authored-by: Adam Ciarciński <[email protected]>
j-chmielewski
force-pushed
the
release/1.4
branch
from
a7743e8 to
0999db2
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.