Commit Graph

570 Commits

Author SHA1 Message Date
Jeremy Wharton
897de167a6 satellite/console,web/satellite: remove user input from welcome and invite emails
Emails should not contain user input that could be used by malicious
agents to deliver a message. Usernames have been removed from
account activation emails, and project names have been removed from
project invitation emails.

References storj-private#133

Change-Id: Ic05921149b409145df109c0966ea5dfd86d86eb1
2023-02-01 16:29:57 +00:00
Vitalii
5377b9c314 satellite/{web, console}: removed old project level passphrase flow
Removed old behavior and bucket creation flow.

Issue:
https://github.com/storj/storj/issues/5521

Change-Id: I1a443911215cd1f611069fd9e6202598066b80b2
2023-01-31 23:02:44 +00:00
Wilfred Asomani
3a714cefcf satellite: remove rewards package
Affected packages admin,attribution,console,metainfo,satellitedb,web,payments
This change removes the satellite/rewards package and its related usages.
It removes references to APIKeyInfo/PartnerID, Project/PartnerID
 and User/PartnerID.

Issue: https://github.com/storj/storj/issues/5432

Change-Id: Ieaa352ee848db45e94f85556febdbcf1444d8c3e
2023-01-31 11:46:50 +00:00
Lizzy Thomson
1bff41e6b3 cmd/tools: add migration tool to update salt column when null
Add migration tool (and test) to update salt column in projects table
with the SHA-256 hash of the project ID when null

Issue https://github.com/storj/storj-private/issues/66

Change-Id: Ib8d484ac8d6ee25859064d803e2ac8fb46b45921
2023-01-27 22:04:07 +00:00
Moby von Briesen
7c152f7ea0 satellite/console: Filter new characters out of user input
HTML and JS escape user input for create and update user.

Change-Id: I91d972f454341a5a7f333d006a87c6f854595490
2023-01-25 22:52:37 +00:00
Yaroslav Vorobiov
b86ce0d527 satellite/payments/storjscan: return 404 when there is no wallet
When there is no wallet in the database for a particular customer
return 404 http response status code instread of internal server error.
Change web/satellite payments API to return empty wallet on 404 response
code instead of throwing an error.

Change-Id: Ib44914f9ed002382258968fb81846f2b97dee0fe
2023-01-23 18:07:33 +00:00
Vitalii
65a090d111 satellite/console: enable project level passphrase by default
Enable project level passphrase by default.

Issue:
https://github.com/storj/storj/issues/5456

Change-Id: I8c08f2d81a3ce1b5e0134172b7440309b850c5c2
2023-01-18 15:32:29 +02:00
Jeremy Wharton
6142b1cd12 web/satellite: show overridden usage prices in the satellite UI
This change allows users who register with a partner that has
different project usage prices to see the correct prices in the
satellite UI.

Resolves storj/storj-private#90

Change-Id: I06bde50db474b25396671a27e282ef5637efe85b
2023-01-17 15:01:57 +00:00
Jeremy Wharton
5d656e66bf satellite/payments/stripecoinpayments: implement invoice price override
This change allows for overriding project usage prices for a specific
partner so that users who sign up with that partner do not need their
invoices to be manually adjusted.

Relates to storj/storj-private#90

Change-Id: Ia54a9cc7c2f8064922bbb15861f974e5dea82d5a
2023-01-17 14:32:10 +00:00
Malcolm Bouzi
583ea51fb1 satellite/console: Prevent duplicate project names for the same user.
issue: https://github.com/storj/storj/issues/5247

Change-Id: Ie51f24dca5b9e5064cb06ae238055177bec5975a
2023-01-12 17:18:09 +00:00
Cameron
5da2544e62 satellite/console: support public id as generated api parameter
On generated console api endpoints allow either the project ID or the
public ID to be used as the ID parameter.

github issue: https://github.com/storj/storj/issues/5412

Change-Id: Ic9901ed273931a50ae12f20142a3c4938dfcc8c0
2023-01-11 22:03:35 +00:00
Moby von Briesen
3d1007ae18 private/apigen: Change order of operations in api generation
Move the IsAuthenticated check until after initial parameter
parsing/validation. IsAuthenticated will be more expensive than
parsing/validation, so we should fail before auth if possible.

Change-Id: I96a020892eabcb750e8ec9ecc1d8b7d9bf8bf573
2023-01-11 16:54:53 +00:00
Wilfred Asomani
0773b4efbc satellite/console: support id and publicId
Update get usage-limits, daily-usage and salt endpoints to support
both project-ID and project-PublicID.

Issue: https://github.com/storj/storj/issues/5411

Change-Id: Iff0114a295d1a479b141bfffbfb31599844d1fc0
2023-01-06 15:42:45 +00:00
Wilfred Asomani
05c83a5539 satellite/{console,web}: support delete by ID and publicID
Update the delete API key by name and projectID to support project-ID
and project-publicID.

Issue: https://github.com/storj/storj/issues/5410

Change-Id: I3bd11b9c3ae1ad6ce662dfc18b42779d2e4edf9b
2023-01-06 13:40:10 +00:00
Lizzy Thomson
591615b90b satellite/satellitedb: remove references to last_verification_reminder
Removing all references to column last_verification_reminder which is to be removed, due to new column verification_reminders

Issue: https://github.com/storj/storj/issues/4560

Change-Id: I7c9a426e946c7aed58e62c1eef80629daf6b1272
2023-01-05 08:58:05 -07:00
Cameron
5138bb1e4f satellite/console: add public ID field to graphql Project
Add public ID field to graphql Project so it can be used on the front
end. Additionally public_id needed to be added to the ListByOwnerID sql
query which is called by graphql OwnedProjectsQuery.

github issue: https://github.com/storj/storj/issues/5408

Change-Id: I2ec04363c20493dc0f9c70b6d1610f724f18ec2f
2023-01-04 15:00:20 -05:00
Wilfred Asomani
ea00213b45 console/userinfo: implement get userinfo
This change implements the get userinfo endpoint stubbed in #5358

Issue: https://github.com/storj/storj/issues/5363

Change-Id: I8d8deb0be1375395bbf3f52e7718990bc77f00b5
2022-12-23 21:03:54 +00:00
Vitalii
af238e2ef9 web/satellite: removed old create access grant flow
Removed old flow and feature flag.

Issue:
https://github.com/storj/storj/issues/5407

Change-Id: I9dec18eb7d8c7912ead87188789466db5f59a5ca
2022-12-23 15:14:02 +00:00
Lizzy Thomson
db489125b8 satellite/console: add triggerAttemptPaymentIfFrozen
add triggerAttemptPaymentIfFrozen to check if the account is frozen
and if frozen, will trigger an attempt to pay outstanding invoices

Issue: https://github.com/storj/storj/issues/5398

Change-Id: I0da6a982e2da4204dee219d98ce2d503cbbb6f8e
2022-12-22 18:23:37 +00:00
Wilfred Asomani
54559be966 console/userinfo: return appropriate errors
This modifies the userinfo endpoint to return appropriate errors;
PermissionDenied for untrusted peers and Unimplemented because
the endpoint isn't implemented

Change-Id: I5109bb204b5e1ce2e21fe16b003991b6c900a8ce
2022-12-20 10:50:18 +00:00
Vitalii
2ebdc5ff2f web/satellite: unauthorized error (401) interception for http requests
Implemented interception for http requests.
We redirect user to login page on every 401 response.

Issue:
https://github.com/storj/storj/issues/5339

Change-Id: Icba4fc0031cb2b4e682a1be078cdcf95b7fa6bfe
2022-12-20 07:14:17 +00:00
Wilfred Asomani
e598c2b3b1 console/userinfo: stub userinfo endpoint
This change stubs userinfo endpoint from storj/common/pb/userinfo.proto.
It also adds config for allowed peers, and a method for verifying peers.

Issue: https://github.com/storj/storj/issues/5358

Change-Id: I057a0e873a9e9b3b9ad0bba69305f0d708bd9b9e
2022-12-20 06:10:08 +00:00
Lizzy Thomson
678bb12d4b satellite/admin: create an endpoint for isAccountFrozen
Endpoint checks if an account is frozen or unfrozen.

relates to https://github.com/storj/storj/issues/5398

Change-Id: I8ff44063870327e05cf729eaaaed1da6c5fa9217
2022-12-16 22:53:44 +00:00
Jeremy Wharton
471f9e4e10 satellite/{console,satellitedb}: add account freeze service
This change adds an account freeze service with methods for checking
if a user is frozen, freezing a user, and unfreezing a user.
Furthermore, methods for altering the usage limits of a user or project
have been implemented for use by the account freeze service.

Change-Id: I77fecfac5c152f134bec90165acfe4f1dea957e7
2022-12-16 22:24:58 +00:00
Jeremy Wharton
d069045058 satellite/{console,satellitedb}: implement account freeze event DB
This change implements DB methods for interacting with the
account_freeze_event table and introduces structures related to
account freeze events.

Change-Id: Ib125b31dfb754b2428212c39b780e14cfc7f97bf
2022-12-15 14:16:24 +00:00
Vitalii
5d727becb4 satellite/{analytics, web}: segment ui error tracking implemented
Implemented UI error tracking.
We use satellite analytics service to track the fact that UI error occurred and send minimal info to Segment (not Hubspot).
We send only the fact that UI error occurred and the place where this error occurred.
Extended notificator plugin error function to include the place where error occurred.
I made the place argument nullable to be always explicitly provided (build fails if place is not provided).
If place is not null then error event is triggered in the background.

Issue:
https://github.com/storj/storj-private/issues/107

Change-Id: I7d129fb29629979f5be6ff5dea37ad19b1a2397e
2022-12-13 18:11:53 +00:00
Lizzy Thomson
0afd3938c7 sat/console update the updateProject to set user specified limits
update the updateProject function to set user specified bandwidth and storage limits

fixes https://github.com/storj/storj/issues/5185

Change-Id: Ib4132487f6b7ea0afa7c57acfc358857b3e852d1
2022-12-13 16:44:41 +00:00
Jeremy Wharton
ba7d2c2dbe satellite/payments/stripecoinpayments: add config for price overrides
This change adds configuration flags for defining partner-specific
project usage price overrides.

Resolves https://github.com/storj/storj-private/issues/61

Change-Id: Ia535ac22576382211d045f9ff2c9b983a07e86f3
2022-12-09 15:33:27 +00:00
Lizzy Thomson
9fedc21fea satellite/console account session management for enabling/disabling MFA
Adds DeleteAllSessionsByUserIDExcept which removes all sessions except the specified session from the database and applies this function to enableMFA and disableMFA

addresses https://github.com/storj/storj-private/issues/15

Change-Id: I5d8c620dadbbda4a1b430ccf8a6121e167dd0761
2022-12-08 18:32:35 +00:00
Cameron
907c911f57 satellite/console/emailreminders: set Enable config default to true
Enable email verification reminders by default

Change-Id: I2f8143e2805ccfd2ffccfbc019591859326499c5
2022-12-08 11:02:43 +00:00
Cameron
a3ff3eb193 satellite/nodeevents: validate emails before notifying
Simple email validation before attempting to send notifications. If the
email is not valid, skip sending notifications and go to update
email_sent so we don't try it again. Also, move ValidateEmail function
into new package so it can be used in nodeevents without import cycle.

Change-Id: I63ce0fc84f7b1d964f7cc6da61206f54baaf1a21
2022-12-06 09:59:45 -05:00
Jeremy Wharton
54a64e1e50 satellite/console: remove error type for incorrect password
This change removes the error type that is returned when a token
request contains an incorrect password. Instead, the generic error
type for invalid login credentials is used.

Change-Id: Ia7dbc38f4a08aeaeeac7ff5b5a801233e349b8b3
2022-11-30 17:04:35 +00:00
Yaroslav Vorobiov
bb1e86c790 satellite: remove unused coinpayments code and chores
issue: https://github.com/storj/storj/issues/4824

Change-Id: I2e3e63151d1def96270279719f6eceda0acba66c
2022-11-30 16:24:48 +00:00
prerna-parashar
3fe6aee786
satellite/analytics: Added analytics to track project members addition/deletion (#5340)
satellite/analytics: Added analytics to track project members addition/deletion
2022-11-29 14:56:03 -08:00
Wilfred Asomani
2442ba415f satellite/{web,console}: token links expiry changes
This change reduces the token links expiry time from 24h to 30m and improves the UI to promt users of the expiration.

see: https://github.com/storj/storj-private/issues/17

Change-Id: Iac00f5740fa84069937fdf9bd30a739b6db2a9e0
2022-11-29 21:44:42 +00:00
Jeremy Wharton
7a2be3e6f6 private/web,satellite/console/.../consoleapi: serve rate limiting errors as JSON
This change causes rate limiting errors to be returned to the client
as JSON objects rather than plain text to prevent the satellite UI from
encountering issues when trying to parse them.

Resolves storj/customer-issues#88

Change-Id: I11abd19068927a22f1c28d18fc99e7dad8461834
2022-11-23 17:56:07 +00:00
Jeremy Wharton
e339f1a785 satellite/console: enable session timeout by default
This change causes the session inactivity timer to be enabled unless
expressly specified otherwise.

Change-Id: I85b4014394afac2feb21f383cac414cddb09ca8f
2022-11-17 17:41:15 +00:00
Moby von Briesen
776f1128b3 web/satellite: project level passphrase vuex logic
Added new feature flag.
Reworked vuex logic to work properly with project level passphrase.
Implemented new simple set project level passphrase modal.

Issue:
https://github.com/storj/storj/issues/5280

Change-Id: I6a15e90ee9fa7aa8a09c67022466787090120f9c
2022-11-17 16:53:25 +00:00
Jeremy Wharton
3c8facfe58 satellite/console,web/satellite: always notify when adding project members
Upon adding members to a project using the Add Team Member modal,
users are now notified that only email addresses belonging to an
account will receive a project invitation. This notification appears
regardless of whether every submitted email corresponds to an account.
Previously, users received an error message if any email address not
attached to an account was submitted.

Change-Id: Ia014c8311c1347e001b1c6c33de73ea61f20b0cb
2022-11-09 17:48:50 +00:00
Michal Niewrzal
f465fa927e satellite/console: drop redundant bucket interface
Change-Id: I1e132199f7c2f25eceb49a052ef4016d62db9705
2022-11-09 09:50:54 +01:00
Moby von Briesen
cc858f4e91 satellite/console: Turn new billing screens on by default
Set default value for console.new-billing-screen to true.

Change-Id: I0f7f9663af4b4dc384d2bda946b4853593151cfa
2022-11-04 19:41:54 +00:00
Lizzy Thomson
23917e51f2 satellite: invalid coupon code returns 400 status code
fixes: https://github.com/storj/storj/issues/4782

Change-Id: Idcc00202ed91a10c280f706e14d4901bf2f61541
2022-10-31 13:43:09 -06:00
Egon Elbre
aeb645d32b all: replace deprecated ioutil
Change-Id: I60b0bbf5b68b066e2d44b8b99438594d600a3c2d
2022-10-31 15:50:41 +00:00
Wilfred Asomani
2dc2669e22 console/abTesting: add support for AB testing
This change adds support for AB testing using flagship.io

Change-Id: I3e12f5d6cd7248d69adc2c684e4bcff2aadda1df
2022-10-27 10:57:12 +00:00
Vitalii
149b59069f satellite/{web, console}: removed old object flow
Removed old flow along with a feature flag

Issue:
https://github.com/storj/storj/issues/5166

Change-Id: I85cfabbf94e910c9d5efb01ef850f6b888a13f71
2022-10-20 16:27:50 +03:00
Yaroslav Vorobiov
e014e88cc7 satellite/payments: remove Deposit from Tokens interface
Change-Id: Ie04c35410baf8bf2c74cca0b7df1236a80f00e1b
2022-10-17 13:32:06 +02:00
Cameron
98fed4bc30 {satellite/console,web/satellite}: get project salt from satellite
Add getSalt to projects api. Add action, GET_SALT, on Store
Projects module to make the api request and return the salt
string everywhere in the web app that generates an access grant.
The Wasm code which is used to create the access grant has been
changed to decode the salt as a base64 encoded string. The names
of the function calls in the changed Wasm code have also been
changed to ensure that access grant creation fails if JS access
grant worker code and Wasm code are not the same version.

https://github.com/storj/storj-private/issues/64

Change-Id: Ia2bc4cbadad84b066ca1882b042a3f0bb13c783a
2022-10-12 19:06:27 +00:00
Yaroslav Vorobiov
5cfd64579e private/blockchain: fix Hex to add 0x prefix
Change-Id: I47da9cea160fe9bbdf452956836e3d4b5b44646f
2022-10-11 19:15:24 +00:00
Egon Elbre
ff22fc7ddd all: fix deprecated ioutil commands
Change-Id: I59db35116ec7215a1b8e2ae7dbd319fa099adfac
2022-10-11 15:27:29 +00:00
Wilfred Asomani
903ea38c86 web/satellite: increment login failed_login_count in sql
This change increments users' failed_login_count in the database layer to avoid potential data race.
It also updates the login_lockout_expiration as well in one operation.

see: https://github.com/storj/storj/issues/4986

Change-Id: I74624f1bee31667b269cb205d74d16e79daabcb6
2022-10-07 16:46:29 +00:00