Integrates webmail and emailDelivery apps, mail-server and install/upgrade
paths, cyberpanel_ols 2.7.0-style binaries, and v2.4.5 UI patterns while
preserving v2.5.5-dev behavior (SnappyMail/PUBLIC_ROOT, childPath in
launchChild, hardened downloads and SSH activity modal).
- Bug: filtering on '::1' in line incorrectly excluded addresses like
2a02:c206:2238:7806::1, so fixDNS() never created AAAA records.
- Fix: use ipaddress.ip_address() and is_loopback/is_link_local so
only actual loopback (::1) and link-local (fe80::) are excluded.
- GetServerIPv6() now returns correct global IPv6 for DNS AAAA records.
- plogical/acl.py: use config.get() for DNS permissions so old ACLs without
deleteZone key do not cause KeyError
- baseTemplate: add deleteZone/addDeleteRecords CSS classes to DNS menu links
for correct permission-based hiding
- system-status.js: fix swapped selectors (deleteZone hides .deleteZone,
addDeleteRecords hides .addDeleteRecords instead of .deleteDatabase)
- Fix delete for domain and Root File Manager: use sudo helper when
lscpd/executioner fails (TOKEN/sendCommand issues)
- Add safe-delete-path and safe-move-path helpers for base64 path handling
- Add ACLManager.isPathInsideHome and isFilePathSafeForShell for path validation
- Fix upload authorization for Root File Manager (domainName empty)
- Harden outputExecutioner result checks to prevent 500 on None
- Update Bootstrap CDN for CSP compatibility
- Improve error display and a11y focus management in modals
- Resolves#1670: files with special characters can be uploaded/deleted
Only files that match current live server; excludes settings.py (deployment-specific), pluginHolder/pluginInstaller (repo ahead), install/cyberpanel scripts (diff), and deleted static files (still on server).
- Fixed bug where regular users (UserACL) cannot create websites
- Changed UserACL createWebsite permission from 0 to 1
- Also enabled modifyWebsite and deleteWebsite for consistency
- Resolves issue where non-admin/reseller users were blocked from creating websites
Related changes:
- UserACL: createWebsite: 0 -> 1
- UserACL: modifyWebsite: 0 -> 1
- UserACL: deleteWebsite: 0 -> 1
- suspendWebsite remains 0 (admin-only feature)
This allows regular users to create, modify, and delete their own websites
while maintaining proper ownership checks and security controls.
- Fixed CloudFlare proxy toggle button to display as oblong with round dot
- Enable CloudFlare proxy by default for all domains/subdomains except mail domains
- Automatically add AAAA (IPv6) DNS records when creating domains/subdomains
- Added GetServerIPv6() function to retrieve server IPv6 address
- Updated DNS template styling and Angular.js binding for toggle buttons
- Fix checkOwnership() to return explicit 0 instead of None when checking child domain ownership
This resolves permission failures for non-admin ACL users trying to manage child domains
- Improve fetchChildDomainsMain() with more robust child domain filtering
Changed from .filter(alais=0) to .all() with explicit check to prevent silent failures
- Add error logging with traceback to fetchChildDomainsMain() for better debugging
These changes allow non-admin users with proper ACL permissions to view and manage
child domains for websites they own.
- Changed PHP symlink from version 8.0 to 8.3 in various scripts to ensure compatibility with the latest PHP version.
- Updated documentation links in the FAQ to point to the new community support page.
- Added checks and fixes for MariaDB installation issues specific to AlmaLinux 9.
- Enhanced the installation script to support additional PHP versions and improve overall installation reliability.
