Allow components to register reserved paths, then perform reserved
path validation it upon request. Reserved paths may be registered as
read-only or no access. Any request to modify an file/folder that is
either reserved or a child of a reserved path is rejected.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
The secrets module will now look for "moonraker.secrets"
in the data folder. If the file does not exist the deprecated
"secrets_path" option will be used as a fallback.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Deprecate the "database_path" option. If the database
does not exist, however the "database_path" does, it
will be used as a fallback.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
The config and logs paths are no longer configurable,
they all exist as folders or symbolic links within the primary
data folder. The gcode path no longer relies on Klipper to
specify the location, instead Klipper's virtual_sdcard path
shold be configured to the location of the "gcodes" folder
in the data path.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Klipper now has the ability to report the current layer on
properly configured slicers. Prefer this value if available,
otherwise fall back to layer detection.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Users may specify a dedicated ambient sensor in the
[simplyprint] configuration. If the specified sensor is
invalid or no sensor is specified ambient detection
will fall back to an estimate using the extruder.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Its possible for the websocket client to disconnect before
read_message() returns None. Await all calls to write_message()
to handle websocket closed exceptions.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Query the detected url and make sure it redirects to the
expected url. This closes a security vulnerability
where a remote could be changed to an arbitrary repo's url.
The `moved_origin` option is no longer necessary, however it
is currently used as an additional check. In the future it will be
deprecated.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Close a security hole where an attacker could overwrite an existing repo
with any remote and run malicious code through an update.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
If the supplied python executable is a symbolic link attempt
to read the location at which it points. If this is a virtualenv
this should give us the correct pip location.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
This adds initial support for connecting Moonraker to the SimplyPrint
service. Currently the connection defaults to SimplyPrint's dev/test
endpoint, this will be changed prior to official release.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
The webcam module allows users to enter webcam configuration through
moonraker.conf while keeping compatibility with frontends that
store webcam data in the database.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
In the future, an `Access-Control-Request-Private-Network` header will be sent with
these requests, and servers must respond with `Access-Control-Allow-Private-Network`.
This will start with the next Chrome version (104), and Mozilla has marked the
standard as "worth prototyping", which often leads to final implementation.
Signed-off-by: Franklyn Tackitt <git@frank.af>
