This change fixes the behavior of legal freeze; it now does not allow
lists and deletes for users in that freeze. It also fixes an issue
where users who have been legal/violation frozen will have their limits
upgraded, partially exiting freeze status when they pay with STORJ
tokens.
Issue: storj/storj-private/#517
storj/storj-private/#515
Change-Id: I6fa2b6353159984883c60a2888617da1ee51ce0a
We couldn't delete API keys by name whose name contained slashes because
Gorilla Mux router interpreted the as path separator and didn't resolve
to the right endpoint.
To fix the issue the name is sent as a query parameter rather than as a
path parameter.
Change-Id: Ica67d6b9f047d7c33a5350457afc822cb8d4c7a1
The project ID must never be sent out from the server because old
projects used that ID as salt for creating access grants.
We must always expose the public ID and the server must retrieve the ID
when the public ID is sent in to the server and needs it for performing
some DB queries.
Change-Id: I4a9d94049ef84f578b62907827d6c09dfd1db4db
Added new admin functionality to disable account bot restriction by activating it.
This must be used for accounts with status PendingBotVerification.
Note: PendingBotVerification status is automatically applied for accounts with high captcha score right after activation.
Issue:
https://github.com/storj/storj-private/issues/503
Change-Id: I4c9ee834075a7abaf221ac054a455a8d27debf40
Create an API generator middleware for being able to hook the new
satellite admin authorization in the endpoints.
The commit fixes a bug found in the API generator that caused that
fields of types of the same package of the generated code where wrongly
added. Concretely:
- The package matching was missing in the function middlewareFields,
hence it was generating code that referenced types with the package
name.
- middlewareFields function was not adding the pointer symbol (*) when
the type was from the same package where the generated code is
written.
There is also an accidental enhancement in the API generator because I
thought that the bug commented above corresponded to it, rather than
removing it, I though that was worthwhile to keep it because it was
already implemented. This enhancement allows to use fields in the
middleware with packages whose last path part contains `-` or `.`, using
a package rename in the import statement.
Change-Id: Ie98b303226a8e8845e494f25054867f95a283aa0
Add a new method to the Authorizer to use it with the API midleware that
we are going to implement for injecting it into the handler generated by
the API generator.
This new method will reduce the lines of code to generate and avoiding
errors that are more difficult to test in generated code.
The commit deletes the Middleware method because we won't used due to
the API generator doesn't support "standard" middlewares and allows
their customization via code generated and injected inside the handler
base logic generated by the API generator.
Change-Id: Ie427eb2eea94797913e2c357cf097ecf1e2e63ef
This change modifies the register endpoint handler to not require name
for signups from the v2 app and adds a new endpoint for completing
account information (e.g. name). This is to support the new signup and
account setup flow of the v2 app.
Issue: #6470
Change-Id: I256e1c804fcdbc8ce05aa82d6bc4b0263f55daa5
This change adds a search field to the new admin UI through which user
email addresses may be submitted. If the email belongs to a verified
user, the client will be redirected to the Account Details page which
is populated with the user's information.
Resolves#6469Resolves#6475
Change-Id: Icbf3cb3f8374f2764e73a523f111c5ecf3d06569
Added new optional '--aggregate' flag for billing.generate-invoices and billing.prepare-invoice-records commands to toggle invoice items aggregation.
Added new explicit command billing.create-aggregated-project-invoice-items which should be used after preparing aggregated invoice records (in cases when invoice generation happens step-by-step).
Change-Id: I04fc0110be5263edb959306d5314a4a1a8eec3ba
This change adds an endpoint to the back office API that returns user
info based on email address.
References #6503
Change-Id: Ib48d30b0b6c6862887b3f8114f50538b3deca57b
Add a README document with some general API guidelines that we wrote in
a Slack canvas to discuss them.
Change-Id: Iec933edeb7622b78a98155512b25267d12879837
If the API description or version is empty, don't print out in the docs
a placeholder for them.
In commit bcde51138d a space between the
placeholder and description was removed because it was printing a
trailing space if the description was empty, but that introduced another
bug, which is not adding the space when the description is empty.
This commit fixes the bug, no printing the placeholder if the
description is empty, otherwise print it with the corresponding blank
space in between the placeholder and the description.
Change-Id: I19c92c3dd7dfb38b8b2a43821bafc726ffad59d7
The API generator doesn't have a way to customize each Go handler
endpoint unless that the Go generator is modified.
This commit adds a way to customize each endpoint injecting instances of
types that implement an interface (Middleware) that return the code to inject.
To show how it works, the commit get rid of the 2 fields that we used to
customize the authentication request with the logic that the
satellite/console/consoleweb/consoleapi needs and replace the hardcoded
customization using this new way to customize handlers.
This new way should allow to hook the satellite/admin/back-office
authorization into the handlers using a Middleware implementation.
Change-Id: I894aa0026b30fa2f4a5604a6c34c22e0ed582e2b
This change gives the proper type to TS class fields generated from
nillable Go struct fields. Previously, Go struct fields having a nil
representation ([]Type, *Type, etc.) were translated into TypeScript as
"Type | undefined". This isn't correct because these fields, when nil,
are given the value "null" when marshalled into JSON. This change fixes
this issue by giving these fields the type "Type | null".
Change-Id: I5a1a83eb3810a3cba10895bb2f0f75ca5fd7d1b5
This change adds two new admin endpoints to freeze users for legal
review and to remove them from that state
Issue: storj/storj-private#492
Change-Id: I6c8e3ffcb80375e81e78bc6ecc785c1047328cf7
This change adds an endpoint to the back office API that returns
placement IDs and their locations.
References #6503
Change-Id: I20ee1c82dcb647d6d264317beceeb5e70f7a8e87
Implement the authorization that will hook into each endpoint handler
through a wrapping handler for defining the permissions that each
endpoint requires.
Change-Id: I9c8f12b58f48e849e7ea35f372dddce5c9cfc5b5
For convenience of not having to modify the API generator to contemplate
the path prefix that we are adding to the back office server, we define
the path prefix in a constant than the admin server and the definition
of the API uses to adapt the router and the generated code.
Change-Id: Ic557b0e6e88e930e03647835759bb34e06e8bb48
This change prevents Go code produced by the API generator from
importing its own package. Previously, we tried to prevent self imports
by skipping import paths whose last segment matched the generated Go
code's package name. However, aliased imports circumvented this.
We now require API definitions to define the Go package path so that we
can compare this with the import path directly.
Change-Id: I7ae7ec5e1a342d2f76cd28ff72d4cd7285c2820a
This change wraps account freeze code in DB transactions to prevent
freeze inconsistencies resulting from errors that happen in the process
of freezing accounts.
Change-Id: Ib67fb30dc33248413d3057ceeac5c2f410f551d5
PathPrefix is the full path of the subrouter passed to the back office
server when it hooks into another server, in this case, the satellite
admin server.
PathPrefix allows to serve the static assets from the root of the
sub-router when the prefix is stripped before accessing them.
There was a bug where the PathPrefix weren't used and a hard-coded path
was used.
Test passed because the back-office server is hooked into the satellite
admin server with a subrouter with path `/back-office/` which matched
the hard-code value, however, it wouldn't work if that path changed or
it is hooked into another server with a different subrouter path,
despite it was set to PathPrefix.
This commit fixes that bug.
Change-Id: Id4a0d86329eb563b008b3fc6f8eb7b51cbfd2e6f
Allow all the operations when accessing through Oauth, but requires the
authorization token for the ones that we consider that they are
sensitive.
Before these changes, a group of operations weren't available through
Oauth, and people who has access to the authorization token had to
forward the port of the server to their local in order to do them
without Oauth.
These changes shouldn't reduce the security because people who has
access to the authorization token is the same than they can forward the
port and part of those have Oauth access too.
Allowing to perform all the operations through Oauth will improve the
productivity of production owners because they will be able to do all
the administration requests without having to port forward the server.
Change-Id: I6d678abac9f48b9ba5a3c0679ca6b6650df323bb
Create a separate server for implementing the new satellite
administration web app.
This server is in a new package that will implement all the
functionality for the new satellite administration back-end and when it
be completed with all the functionality that the current one offer, it
will replace it.
For now, the new server only exposes the static assets as they were
exposed by the current server.
A main sub-package is added with an example endpoint to scaffold where
we'll define the API through the API generator and to locate the several
generated files.
Change-Id: I172c43b2c180553876ef7ce137cc778b94723451
This change adds an endpoint to the admin API and UI to get a list of
users pending deletion and have no unpaid invoice.
Issue: #6410
Change-Id: I906dbf9eee9e7469e45f0c622a891867bf0cc201
This change migrates Vue components of the new satellite admin web app
from the options API to the composition API.
Change-Id: Ie8c9bcd468f1c0fe0abc9ef0a3724563db096ba9
This change lints files for the new satellite admin web app. An
ESLint config has been added for it that is identical to the one used
for linting satellite web app files.
Change-Id: I66f72fb880d5cbc80b6c080294e4a830b3d28143
This change speeds up the build of the new satellite admin web app
using the same method that 8b0d25c used to speed up the build of the
new satellite web app.
New build time: 23.394s
Old build time: 1m40.930s
Change-Id: Ic6fcfdfc73b78bc26bddc421c608076b23532967
This change adds two new admin endpoints to freeze users for ToS
violation and to remove them from that state,
Issue: https://github.com/storj/storj-private/issues/386
Change-Id: I49c922377c9cdb315ce2777fcd35dcad432b0539
This change extends the account freeze functionality account for
violation freezes as well.
Also, debug level logs in the freeze chore have been changed to info.
It adds an analytics event for when an invoice is found that belongs to
a user frozen for violation.
And finally adds whether a user is frozen for violation to the
/account/freezestatus response.
Issue: https://github.com/storj/storj-private/issues/386
Change-Id: Id8e40282dc8fd8f242da52791ab8ddbbef3da2bc
the existing test was missing a case where deleting the geofencing
should set the placement back to default.
this also changes EveryCountry to DefaultPlacement, as the former is
deprecated.
Change-Id: I29f4f1c3ae1d05e8f5ecaa03a70ac4f17574a475
deleteGeofenceForProject wasn't able to work correctly, because
Console().Projects().Update() declines to update default_placement when
the input value is 0.
This introduces a Console().Projects().UpdateDefaultPlacement() method,
congruent to the method of the same name on Console().Users().
deleteGeofenceForProject now uses this new method, so that specifying a
new placement of 0 will work correctly.
Change-Id: I4589b36707f7e4f1cfdc66543520b0d4205c1a84
this fixes cases where it's possible to update a user and the
DefaultPlacement field gets overwritten to the zero value.
it also adds UpdateDefaultPlacement which can be used to set
DefaultPlacement directly. This is needed for the geofencing
endpoints in satellite admin to set the DefaultPlacement back
to zero to delete geofencing for a user.
Change-Id: If2c798dabfa6773ed6023fb8257bf00ec7bc2e68
This change introduces a new freeze event, ViolationFreeze, for ToS
violations and also prepends other events with Billing to clarify what
they signify.
Issue: https://github.com/storj/storj-private/issues/386
Change-Id: Ieef2abbbb03d06377dc7a73ba5ef0742ada75e8e
The yarn.lock file came from the former repository where the back office
UI was developed.
It seems that our build process complains about some dirty state related
to this file. Because we don't use Yarn, we delete the file, hoping to
resolve the build issues.
Change-Id: I5febd8292657289d0fc67e08151c6c8b5ac8b5dc
The satellite admin API endpoint responsible for returning project
limits now includes the burst limit in its responses.
Resolves#6276
Change-Id: Ibb3f1fdebf2f9ffd62de2d7e7a60d978c25bb22a
When the new back office UI sources where copied from former repository
I didn't realize that the .gitignore had the package-lock.json file.
This commit remove the package-lock.json file, so it can be tracked, in
order to have reproducible builds.
The lack of the file caused the build to fail due to `npm ci` requires
it.
Change-Id: Ibe493d0cd5762afe5caabe9b77a333fd6daa5373
Serve the front-end sources of the new back-office through the current
satellite admin server under the path `/back-office`.
The front-end is served in the same way than the current one, which is
through an indicated directory path with a configuration parameter or
embed in the binary when that configuration parameter is empty.
The commit also slightly changes the test that checks serving these
static assets for not targeting the empty file in the build folder.
build folders must remain because of the embed directive.
Change-Id: I3c5af6b75ec944722dbdc4c560d0e7d907a205b8
Add the front-end sources of the new back-office.
The front-end doesn't have any business logic, it only has the pages and
the components, so it's purely UI.
The front-end was developed in a separate repository until was
completed.
Change-Id: I382e50789d6b929a67b8a0b887563ef48cb1473d
add descriptions for the endpoint that removes a user from the waning
state.
Issue: https://github.com/storj/storj/issues/6118
Change-Id: I211cd3c41c7fefa295d0db1b9f43f53e33b984e6
API responses containing project information now contain the edge
service URL overrides configured for that project. The overrides are
based on the project's default placement.
References #6188
Change-Id: Ifc3dc74e75c0f5daf0419ac3be184415c65b202e
This change does two things:
* allow using either public ID or private ID to do project-related
requests in admin UI
* allow passing a UUID string not containing dashes (i.e. a pure hex
string) in order to do project-related requests in admin UI
Change-Id: I4807a5d7252a48f4a09e3966c406645d55c856e2
This change enables the admin UI to remove the warning status of users.
resolves: storj-private/issues/342
Change-Id: Ib960ffb33fdabc045884ce7fa2c55c3553db0fb0
Currently, any attempt to list the api keys associated with a project
from the admin UI results in a 404 NOT FOUND error.
This appears to be because there is no /api/projects/{project}/apiKeys
endpoint registered; it should have a lowercase k.
Change-Id: Ifbe4cd0f9ba12a6e37a0d9f64df91c264ced5558
the field was not being set, so it would always show false in the
response whether the user was paid tier or not.
Updates storj/gateway-mt#321
Change-Id: I00ae751ac9118fc05b3c22bc6d2cb9600d0faaaf
Implemented UI functionality to allow prod owner to update user's or project's user agent.
Issue:
https://github.com/storj/storj-private/issues/297
Change-Id: Ibe47e735f3c7a9fdf05b70735ebcecbac5c94ce8
Added backend (for now) implementation for updating user's and projects's user_agent using admin API.
Updating both user and project also updates bucket_metainfo and value_attribution tables.
Issue:
https://github.com/storj/storj-private/issues/297
Change-Id: I40244bbaa08b46834c1b1d0720e7d84d0c2a0330
