|
|
<%inherit file="/base/base.mako"/>
|
|
|
|
|
|
<%def name="title()">
|
|
|
${_('Security Admin')}
|
|
|
%if c.rhodecode_name:
|
|
|
· ${h.branding(c.rhodecode_name)}
|
|
|
%endif
|
|
|
</%def>
|
|
|
|
|
|
<%def name="breadcrumbs_links()"></%def>
|
|
|
|
|
|
<%def name="menu_bar_nav()">
|
|
|
${self.menu_items(active='admin')}
|
|
|
</%def>
|
|
|
|
|
|
<%def name="menu_bar_subnav()">
|
|
|
${self.admin_menu(active='security')}
|
|
|
</%def>
|
|
|
|
|
|
<%def name="main()">
|
|
|
|
|
|
<div class="box">
|
|
|
|
|
|
<div class="panel panel-default">
|
|
|
<div class="panel-heading">
|
|
|
<h3 class="panel-title">${_('Security Audit')}</h3>
|
|
|
</div>
|
|
|
<div class="panel-body">
|
|
|
<h4>${_('This feature is available in RhodeCode EE edition only. Contact {sales_email} to obtain a trial license.').format(sales_email='<a href="mailto:sales@rhodecode.com">sales@rhodecode.com</a>')|n}</h4>
|
|
|
<p>
|
|
|
${_('You can scan your repositories for exposed secrets, passwords, etc')}
|
|
|
</p>
|
|
|
</div>
|
|
|
</div>
|
|
|
|
|
|
<div class="panel panel-default">
|
|
|
<div class="panel-heading">
|
|
|
<h3 class="panel-title">${_('Allowed client versions')}</h3>
|
|
|
</div>
|
|
|
<div class="panel-body">
|
|
|
%if c.rhodecode_edition_id != 'EE':
|
|
|
<h4>${_('This feature is available in RhodeCode EE edition only. Contact {sales_email} to obtain a trial license.').format(sales_email='<a href="mailto:sales@rhodecode.com">sales@rhodecode.com</a>')|n}</h4>
|
|
|
<p>
|
|
|
${_('Some outdated client versions may have security vulnerabilities. This section have rules for whitelisting versions of clients for Git, Mercurial and SVN.')}
|
|
|
</p>
|
|
|
%else:
|
|
|
<div class="inner form" id="container">
|
|
|
</div>
|
|
|
%endif
|
|
|
</div>
|
|
|
|
|
|
</div>
|
|
|
|
|
|
<script>
|
|
|
$(document).ready(function() {
|
|
|
$.ajax({
|
|
|
url: pyroutes.url('admin_security_modify_allowed_vcs_client_versions'),
|
|
|
type: 'GET',
|
|
|
success: function(response) {
|
|
|
$('#container').html(response);
|
|
|
},
|
|
|
});
|
|
|
$(document).on('submit', '#allowed_clients_form', function(event) {
|
|
|
event.preventDefault();
|
|
|
var formData = $(this).serialize();
|
|
|
|
|
|
$.ajax({
|
|
|
url: pyroutes.url('admin_security_modify_allowed_vcs_client_versions'),
|
|
|
type: 'POST',
|
|
|
data: formData,
|
|
|
success: function(response) {
|
|
|
$('#container').html(response);
|
|
|
},
|
|
|
});
|
|
|
});
|
|
|
});
|
|
|
</script>
|
|
|
|
|
|
</%def>
|
|
|
|