* Add web authorization permission based on groups
* Access and parts of website are limited by permissions
* Add group management in /manage page
* Higher level permissions grant lower level permissions similar to Sponge
* Add command /plan setgroup, which uses plan.setgroup.other permission
* Add command /plan groups, which uses plan.setgroup.other permission
* Add more navigation based on permissions
* API modifications
* User#hasPermission now returns true if user has parent permission in the tree
* ResolverService#registerPermissions and ResolverService#registerPermission methods for adding new permissions
* Update locale with new lines
* Various unrelated fixes to CSS and code
Affects issues:
- Close#1623
* Implement first response parts of http caching
* Implement cached response for static resources
* Implement HTTP caching for json responses
* Fix last seen value for online players
* Implement http caching for pages (.html)
* Use placeholder cache even with async requests.
Affects issues:
- Close#2813
- Fixed SQL-injection vulnerability in an endpoint
- Fixed XSS on Whitelist deny 403 page
- Fixed XSS on Internal Error 500 page if untrusted data ends up in exception message
* Fixed disk medium threshold not showing color
* Added 'serverName' and 'serverUUID' to optimizedPerformance endpoint
* Added /v1/network/listServers endpoint
* Added /v1/network/performanceOverview?servers endpoint
* Hide negative values from performance graphs
* Allow json cache bypass by not providing timestamp parameter in URIQuery
* Ignore negative values in low tps spike count
* Added (Unavailable with Export) to exported network html performance tab title
Affects issues:
- Close#1693
- Split Session into ActiveSession and FinishedSession, replaced their usage
- Replaced UUID with ServerUUID when the data type
Affects issues:
- Close#1746
The server parameter was passed to an exception that is currently turned into
json, but in the future the way this exception is handled could have changed.
The server parameter was passed to an exception that is currently turned into
json, but in the future the way this exception is handled could have changed.
Due to the way Optional#orElse works, the part inside orElse was run
even when the UUID could be parsed from the given String, leading to
unnecessary work as well as errors in the player UUID query
(That uses names and doesn't look at uuids like the server query)
Fixed by splitting the two execution branches
Affects issues:
- Fixed#1200 (Manually tested)