rcourtman
cceca653dc
Compact dashboard demo hot path
2026-04-10 18:30:39 +01:00
rcourtman
8d97bc3995
Tighten dashboard summary hot paths
2026-04-10 17:32:30 +01:00
rcourtman
38c8237a4f
Add monitored-system admission previews for platform connections
2026-04-08 22:20:42 +01:00
rcourtman
7062f556dc
Resolve BYOK models from live provider catalogs
2026-04-03 11:33:03 +01:00
rcourtman
9b19cb4446
Implement VMware vCenter connections slice
2026-03-30 17:56:37 +01:00
rcourtman
4524edc51e
fix(truenas): retest saved connections canonically
2026-03-30 10:49:19 +01:00
rcourtman
893d003c0a
Merge origin/pulse/v6-release and fix reconciled API regressions
2026-03-28 21:14:54 +00:00
rcourtman
5f436f11af
Canonicalize relay mobile capability boundary
2026-03-28 19:32:42 +00:00
Richard Courtman
ab370201d4
fix(api): bind router teardown to owned auth stores
2026-03-26 21:43:30 +00:00
rcourtman
8916bc0669
fix(release): align api and hostagent rc contracts
2026-03-26 17:12:27 +00:00
rcourtman
2afb96ee13
fix(release): align api and hostagent rc contracts
2026-03-26 17:08:48 +00:00
rcourtman
445c2d49ef
Remove redundant inventory definition route
2026-03-25 23:40:22 +00:00
rcourtman
899466d13a
Ungate reporting catalog metadata
2026-03-25 23:24:12 +00:00
rcourtman
7728b352c0
Canonicalize reporting settings catalog
2026-03-25 22:27:35 +00:00
rcourtman
86a3f2161c
fix(onboarding): allow relay mobile pairing scope
2026-03-25 13:40:29 +00:00
rcourtman
8ba8f0b475
fix(relay): introduce dedicated mobile runtime scope
2026-03-24 23:59:52 +00:00
rcourtman
3b6e48d5ce
fix(relay): mint server-owned mobile access tokens
2026-03-24 23:37:14 +00:00
rcourtman
778a2577b6
feat: Pulse v6 release
2026-03-18 16:06:30 +00:00
rcourtman
a6f6f66078
Improve auto-register auth errors and setup token grace window ( #1319 )
...
Build and Test / Secret Scan (push) Waiting to run
Build and Test / Frontend & Backend (push) Waiting to run
Core E2E Tests / Playwright Core E2E (push) Waiting to run
The /api/auto-register endpoint returned a generic "Invalid or expired
setup code" for all auth failures, making cluster registration issues
impossible to diagnose. Now returns specific errors for expired tokens,
wrong scope, invalid API tokens, etc.
Also extend the setup token grace window to /api/auto-register so
multiple cluster nodes can register with the same token within the
1-minute grace period after first use.
2026-03-07 13:39:26 +00:00
rcourtman
499ab812e3
Fix post-release regressions and lock v5 to single-tenant runtime
2026-03-05 23:46:35 +00:00
rcourtman
d43dfbc490
feat(ui): add host removal action to hosts table
...
Add an actions menu to the hosts overview with a "Remove host from
Pulse" button. Includes permission checks (requires settings:write
scope), confirmation handling, and a security regression test for
the delete endpoint scope enforcement.
2026-03-01 23:28:33 +00:00
rcourtman
0f961054c6
fix: allow agent tokens to auto-register Proxmox nodes
...
The security hardening in beae4c86Fixes #1191
2026-02-04 22:55:25 +00:00
rcourtman
7e55c4dc52
Expand proxy non-admin coverage for permissioned routes
2026-02-04 18:12:30 +00:00
rcourtman
422271d103
Require proxy admin for permissioned endpoints
2026-02-04 18:11:12 +00:00
rcourtman
4741307c4c
Require proxy admin for quick security setup
2026-02-04 18:08:40 +00:00
rcourtman
25285e64bc
Require proxy admin for AI test endpoints
2026-02-04 16:30:22 +00:00
rcourtman
5a494b10a5
Cover proxy auth for AI settings updates
2026-02-04 16:27:48 +00:00
rcourtman
34f35f0322
Protect discovery notes secrets for proxy users
2026-02-04 16:25:16 +00:00
rcourtman
12038e4e9a
Guard discovery settings against proxy non-admin
2026-02-04 16:23:08 +00:00
rcourtman
a2f01f14af
Require proxy admin for token regeneration
2026-02-04 16:19:57 +00:00
rcourtman
0867490ae0
Block proxy non-admin password changes
2026-02-04 16:17:00 +00:00
rcourtman
27d8cc92dc
Cover proxy auth on config export/import
2026-02-04 16:13:15 +00:00
rcourtman
ce9ee2481a
Enforce proxy user RBAC via RequirePermission
2026-02-04 16:11:41 +00:00
rcourtman
f7bc69fac2
Add AI reapprove scope and license tests
2026-02-04 16:04:46 +00:00
rcourtman
c724bb04cf
Extend proxy admin denial coverage
2026-02-04 16:00:43 +00:00
rcourtman
5f2990deec
Require proxy admin for SSH config endpoints
2026-02-04 15:57:59 +00:00
rcourtman
145e5c46bb
Require admin for host config patch and delete
2026-02-04 15:56:07 +00:00
rcourtman
5ede1f6a97
Harden apply-restart auth for proxy/OIDC
2026-02-04 15:48:06 +00:00
rcourtman
0f2122ea85
Cover proxy admin gating for config management
2026-02-04 15:45:31 +00:00
rcourtman
093235b0a9
Extend proxy admin gating to agent manage endpoints
2026-02-04 15:44:24 +00:00
rcourtman
df799c66d5
Expand proxy admin gating for host and profiles
2026-02-04 15:42:54 +00:00
rcourtman
e9860eb4c6
Block proxy non-admin for security restart and OIDC
2026-02-04 15:41:50 +00:00
rcourtman
248f4c69a5
Ensure proxy non-admins blocked for AI admin endpoints
2026-02-04 15:40:14 +00:00
rcourtman
773ba13ada
Require ai:execute for approvals approve/deny
2026-02-04 15:39:04 +00:00
rcourtman
23cc5af69f
Require proxy admin for test-notification
2026-02-04 15:34:30 +00:00
rcourtman
e3179e49ac
Cover RBAC mutation license gating
2026-02-04 15:22:38 +00:00
rcourtman
4e3811e69e
Cover RBAC mutations in permission denial tests
2026-02-04 15:21:02 +00:00
rcourtman
af1a14f3a7
Cover checksum token auth
2026-02-04 13:28:54 +00:00
rcourtman
bbfc5a9fc4
Fix OIDC login bypass test to expect 302
...
redirectOIDCError uses http.StatusFound (302) but the test expected
307. The test was stale after the error redirect was introduced.
2026-02-04 13:27:10 +00:00
rcourtman
0d564bfd8f
Clarify download checksum auth
2026-02-04 13:23:55 +00:00
