vrr/Pulse
2
0
Fork 0
mirror of https://github.com/rcourtman/Pulse.git synced 2026-04-30 12:30:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
2944 commits 5 branches 426 tags 382 MiB
Commit graph

81 commits

Author SHA1 Message Date
rcourtman
a2f01f14af Require proxy admin for token regeneration 2026-02-04 16:19:57 +00:00
rcourtman
0867490ae0 Block proxy non-admin password changes 2026-02-04 16:17:00 +00:00
rcourtman
27d8cc92dc Cover proxy auth on config export/import 2026-02-04 16:13:15 +00:00
rcourtman
ce9ee2481a Enforce proxy user RBAC via RequirePermission 2026-02-04 16:11:41 +00:00
rcourtman
f7bc69fac2 Add AI reapprove scope and license tests 2026-02-04 16:04:46 +00:00
rcourtman
c724bb04cf Extend proxy admin denial coverage 2026-02-04 16:00:43 +00:00
rcourtman
5f2990deec Require proxy admin for SSH config endpoints 2026-02-04 15:57:59 +00:00
rcourtman
145e5c46bb Require admin for host config patch and delete 2026-02-04 15:56:07 +00:00
rcourtman
5ede1f6a97 Harden apply-restart auth for proxy/OIDC 2026-02-04 15:48:06 +00:00
rcourtman
0f2122ea85 Cover proxy admin gating for config management 2026-02-04 15:45:31 +00:00
rcourtman
093235b0a9 Extend proxy admin gating to agent manage endpoints 2026-02-04 15:44:24 +00:00
rcourtman
df799c66d5 Expand proxy admin gating for host and profiles 2026-02-04 15:42:54 +00:00
rcourtman
e9860eb4c6 Block proxy non-admin for security restart and OIDC 2026-02-04 15:41:50 +00:00
rcourtman
248f4c69a5 Ensure proxy non-admins blocked for AI admin endpoints 2026-02-04 15:40:14 +00:00
rcourtman
773ba13ada Require ai:execute for approvals approve/deny 2026-02-04 15:39:04 +00:00
rcourtman
23cc5af69f Require proxy admin for test-notification 2026-02-04 15:34:30 +00:00
rcourtman
e3179e49ac Cover RBAC mutation license gating 2026-02-04 15:22:38 +00:00
rcourtman
4e3811e69e Cover RBAC mutations in permission denial tests 2026-02-04 15:21:02 +00:00
rcourtman
af1a14f3a7 Cover checksum token auth 2026-02-04 13:28:54 +00:00
rcourtman
bbfc5a9fc4 Fix OIDC login bypass test to expect 302 
redirectOIDCError uses http.StatusFound (302) but the test expected
307. The test was stale after the error redirect was introduced.
 2026-02-04 13:27:10 +00:00
rcourtman
0d564bfd8f Clarify download checksum auth 2026-02-04 13:23:55 +00:00
rcourtman
41c10e60d7 Add auth bypass inventory coverage 2026-02-04 13:16:29 +00:00
rcourtman
8951b6f7f9 Require monitoring scope for socket.io 2026-02-04 12:41:12 +00:00
rcourtman
216ccf0be5 Require auth for socket.io js 2026-02-04 12:39:19 +00:00
rcourtman
63a846cf3b Allow bearer tokens for websocket auth 2026-02-04 12:37:46 +00:00
rcourtman
18ed23504d Harden encoded path traversal coverage 2026-02-04 12:36:44 +00:00
rcourtman
36f1504355 Cover bearer token auth for stats 2026-02-04 12:34:47 +00:00
rcourtman
e23a2a793b Cover socket.io query token auth 2026-02-04 12:32:30 +00:00
rcourtman
7fc9a98c47 Cover websocket query token auth 2026-02-04 12:25:25 +00:00
rcourtman
df08e45993 Require passphrase for config export/import 2026-02-04 12:19:53 +00:00
rcourtman
fb06ae00c1 Harden config export/import validation 2026-02-04 12:18:40 +00:00
rcourtman
0c1ff9da7f Reject invalid pulse_url in setup script 2026-02-04 12:16:20 +00:00
rcourtman
4298d87485 Allow setup token via query param for SSH endpoints 2026-02-04 12:15:22 +00:00
rcourtman
3f51dbb7de Assert security status auth token handling 2026-02-04 12:13:48 +00:00
rcourtman
77f23b35f7 Validate setup script input sanitization 2026-02-04 12:12:13 +00:00
rcourtman
f8c4a28600 Guard SSH key generation in containers 2026-02-04 12:10:10 +00:00
rcourtman
8313d66e64 Ensure public endpoints stay public in API mode 2026-02-04 12:06:50 +00:00
rcourtman
1fddbec07f Ensure public download endpoints bypass auth 2026-02-04 12:05:32 +00:00
rcourtman
a49fa8514a Cover OIDC callback public access 2026-02-04 12:03:56 +00:00
rcourtman
11e28689b2 Cover public setup script access 2026-02-04 12:02:27 +00:00
rcourtman
b57fdd2085 Add path traversal regression tests 2026-02-04 12:00:54 +00:00
rcourtman
f707e0ad40 Add audit auth regression checks 2026-02-04 11:59:48 +00:00
rcourtman
9f1877116b Verify security status bootstrap token exposure 2026-02-04 11:58:02 +00:00
rcourtman
e0e4d24428 Cover setup token access for SSH endpoints 2026-02-04 11:56:16 +00:00
rcourtman
f9489db9e0 Add public endpoint regression coverage 2026-02-04 11:52:15 +00:00
rcourtman
d0e0a85861 Cover RBAC trailing slash routes 2026-02-04 11:40:23 +00:00
rcourtman
a73352a396 Add recovery endpoint regression test 2026-02-04 11:39:30 +00:00
rcourtman
aa61c8edc5 Add quick setup and token auth regression tests 2026-02-04 11:38:09 +00:00
rcourtman
0c4b19ddf4 Add SSH security regression coverage 2026-02-04 11:36:11 +00:00
rcourtman
06df067cd7 Cover apply-restart auth guards 2026-02-04 11:30:37 +00:00