vrr/Pulse
2
0
Fork 0
mirror of https://github.com/rcourtman/Pulse.git synced 2026-05-02 13:30:13 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6
2972 commits 5 branches 429 tags 262 MiB
Commit graph

88 commits

Author SHA1 Message Date
rcourtman
7e55c4dc52 Expand proxy non-admin coverage for permissioned routes 2026-02-04 18:12:30 +00:00
rcourtman
422271d103 Require proxy admin for permissioned endpoints 2026-02-04 18:11:12 +00:00
rcourtman
4741307c4c Require proxy admin for quick security setup 2026-02-04 18:08:40 +00:00
rcourtman
25285e64bc Require proxy admin for AI test endpoints 2026-02-04 16:30:22 +00:00
rcourtman
5a494b10a5 Cover proxy auth for AI settings updates 2026-02-04 16:27:48 +00:00
rcourtman
34f35f0322 Protect discovery notes secrets for proxy users 2026-02-04 16:25:16 +00:00
rcourtman
12038e4e9a Guard discovery settings against proxy non-admin 2026-02-04 16:23:08 +00:00
rcourtman
a2f01f14af Require proxy admin for token regeneration 2026-02-04 16:19:57 +00:00
rcourtman
0867490ae0 Block proxy non-admin password changes 2026-02-04 16:17:00 +00:00
rcourtman
27d8cc92dc Cover proxy auth on config export/import 2026-02-04 16:13:15 +00:00
rcourtman
ce9ee2481a Enforce proxy user RBAC via RequirePermission 2026-02-04 16:11:41 +00:00
rcourtman
f7bc69fac2 Add AI reapprove scope and license tests 2026-02-04 16:04:46 +00:00
rcourtman
c724bb04cf Extend proxy admin denial coverage 2026-02-04 16:00:43 +00:00
rcourtman
5f2990deec Require proxy admin for SSH config endpoints 2026-02-04 15:57:59 +00:00
rcourtman
145e5c46bb Require admin for host config patch and delete 2026-02-04 15:56:07 +00:00
rcourtman
5ede1f6a97 Harden apply-restart auth for proxy/OIDC 2026-02-04 15:48:06 +00:00
rcourtman
0f2122ea85 Cover proxy admin gating for config management 2026-02-04 15:45:31 +00:00
rcourtman
093235b0a9 Extend proxy admin gating to agent manage endpoints 2026-02-04 15:44:24 +00:00
rcourtman
df799c66d5 Expand proxy admin gating for host and profiles 2026-02-04 15:42:54 +00:00
rcourtman
e9860eb4c6 Block proxy non-admin for security restart and OIDC 2026-02-04 15:41:50 +00:00
rcourtman
248f4c69a5 Ensure proxy non-admins blocked for AI admin endpoints 2026-02-04 15:40:14 +00:00
rcourtman
773ba13ada Require ai:execute for approvals approve/deny 2026-02-04 15:39:04 +00:00
rcourtman
23cc5af69f Require proxy admin for test-notification 2026-02-04 15:34:30 +00:00
rcourtman
e3179e49ac Cover RBAC mutation license gating 2026-02-04 15:22:38 +00:00
rcourtman
4e3811e69e Cover RBAC mutations in permission denial tests 2026-02-04 15:21:02 +00:00
rcourtman
af1a14f3a7 Cover checksum token auth 2026-02-04 13:28:54 +00:00
rcourtman
bbfc5a9fc4 Fix OIDC login bypass test to expect 302 
redirectOIDCError uses http.StatusFound (302) but the test expected
307. The test was stale after the error redirect was introduced.
 2026-02-04 13:27:10 +00:00
rcourtman
0d564bfd8f Clarify download checksum auth 2026-02-04 13:23:55 +00:00
rcourtman
41c10e60d7 Add auth bypass inventory coverage 2026-02-04 13:16:29 +00:00
rcourtman
8951b6f7f9 Require monitoring scope for socket.io 2026-02-04 12:41:12 +00:00
rcourtman
216ccf0be5 Require auth for socket.io js 2026-02-04 12:39:19 +00:00
rcourtman
63a846cf3b Allow bearer tokens for websocket auth 2026-02-04 12:37:46 +00:00
rcourtman
18ed23504d Harden encoded path traversal coverage 2026-02-04 12:36:44 +00:00
rcourtman
36f1504355 Cover bearer token auth for stats 2026-02-04 12:34:47 +00:00
rcourtman
e23a2a793b Cover socket.io query token auth 2026-02-04 12:32:30 +00:00
rcourtman
7fc9a98c47 Cover websocket query token auth 2026-02-04 12:25:25 +00:00
rcourtman
df08e45993 Require passphrase for config export/import 2026-02-04 12:19:53 +00:00
rcourtman
fb06ae00c1 Harden config export/import validation 2026-02-04 12:18:40 +00:00
rcourtman
0c1ff9da7f Reject invalid pulse_url in setup script 2026-02-04 12:16:20 +00:00
rcourtman
4298d87485 Allow setup token via query param for SSH endpoints 2026-02-04 12:15:22 +00:00
rcourtman
3f51dbb7de Assert security status auth token handling 2026-02-04 12:13:48 +00:00
rcourtman
77f23b35f7 Validate setup script input sanitization 2026-02-04 12:12:13 +00:00
rcourtman
f8c4a28600 Guard SSH key generation in containers 2026-02-04 12:10:10 +00:00
rcourtman
8313d66e64 Ensure public endpoints stay public in API mode 2026-02-04 12:06:50 +00:00
rcourtman
1fddbec07f Ensure public download endpoints bypass auth 2026-02-04 12:05:32 +00:00
rcourtman
a49fa8514a Cover OIDC callback public access 2026-02-04 12:03:56 +00:00
rcourtman
11e28689b2 Cover public setup script access 2026-02-04 12:02:27 +00:00
rcourtman
b57fdd2085 Add path traversal regression tests 2026-02-04 12:00:54 +00:00
rcourtman
f707e0ad40 Add audit auth regression checks 2026-02-04 11:59:48 +00:00
rcourtman
9f1877116b Verify security status bootstrap token exposure 2026-02-04 11:58:02 +00:00