* Don't log names of internal symbols that can be used for attacks
* Add integrity check to dropzone.js library
* Better a11y of web form labels
* Safer handling of file download paths
* Don't invert boolean check
* Make backend auth check a flask abort
* Clean up indentation to remove unwanted tabs
* Run workflow either on PR events, or branch pushes, not both
- New utility method for the web app, which sorts image files into dicts where the subdir is the key
- In the web ui, display each subdir in a table nested in a details tag.
- Allow for picking destination subdir when uploading files
- Style the expandable details blocks in the images table
- Add a check for ~ paths to the is_safe_path() utility method
- Break out generate_iso() into its own class method in file_cmds
- Add form and handling of using local file to generate iso image
- Reorder index page sections to group actions that create new image files
- New "format as" option when creating new images; removing the image creation options from easyinstall
- Bring in HFSer as new submodule providing the driver binaries; removing the Lido driver binary from this repo
- Add SpeedTools driver option
- Point to github mirror of hfdisk, since the original git server is down
- While rearranging the easyinstall options, moved the CtrlBoard option up to the main section
- Add an easyinstall script to configure Samba, while consolidating file sharing with Netatalk
- Sanitize file paths with Path: for flat file structures, always extract Path().name, and for nested file structures either look for absolute paths, or someone trying to use ".." to traverse the dir strucutre.
- Reduce redundancy in network bridge detection method, and return somewhat more informative messages
- Make all endpoints return exactly one message
- Move some warning messages to logging
- Use tempfile for iso generation temp file handling
* Dockerize Pytest
* Fix auto-delete warning in delete file test
* Allow tests to be executed with a non-default home dir
* Use hostname for Docker container only if tests executed in Docker
* Update container entrypoint to pytest
* Re-format tests with black
* Define if the execution environment is a Docker container in env fixture
* Skip unsupported host bridge attachment test in Docker
- copy/move/delete file class methods now take Path objects as arguments
- The file download endpoint in the Web UI uses the safer download from dir method
- Simplified logging
- Merged nested if statements
- Removed naked handling of unknown error states
- Added fallback empty list for drive_properties, to avoid errors when json file is missing or broken
- Move drive_properties to env[]
- Constants for common error messages
- Dummy variable for list comprehension
* Read the drive properties file once and store it in the Flask app config. Spin out the drive properties formatting to a helper method.
* Add empty removable disk drives to the attach peripherals UI
* Refinement of UI labels and help text, moving some context to the wiki
Uses a single endpoint for downloading files
Adds a select field to pick target dir for both download and upload forms
Moves the Macproxy/Netatalk helptext into the helptext blocks, and the related status messages down into the page footer
new:
- new templates to render structured info contents in
- get_diskinfo() class method that calls disktype and returns the results
- /diskinfo endpoint in the Flask app that renders the results from get_diskinfo()
changed:
- /logs/show and /scsi/info endpoints in the Flask app render in templates
- Now using the "RaSCSI Reloaded Control Page" header to function as the link back to the homepage (instead of the github project) which is in line with how most webapps work
- Removed the center style for "Attached!" to allow the ? button to be placed on the same line
- Remove individual device info, and introduced show all device info in a template