PasarGuard/panel v5.0.0-rc.1

on GitHub

[log]

v4.0.2...v5.0.0-rc.1 Add Admins RBAC System & Admin Ownership System

compare changes

🚀 Enhancements

• XHTTPTransportConfig: Add field validator to normalize numeric fields (74bb1c34)
• admin-rbac: Implement role-based admin permissions, limits, and owner setup flow (#507)
• owner-upgrade: Implement admin to owner upgrade functionality and fix delete owner request to accept query instad of body (579c1ee7)
• owner-upgrade: Add owner existence check before upgrading admin to owner (85b1cf91)
• user: Add user retrieval by usernames and IDs, enforce admin quota during bulk creation (a9123ae4)
• setup: Add OwnerDeleteRequest model and update delete_owner endpoint to use request body (6cce71f0)
• admin-role: Add HWID policy to admin roles (#521)
• models: Implement CreatedAtUTCMixin for automatic timestamping in Admin, User, and related models (872ab4c5)
• admin-roles: Add HWID policy inheritance and update role terminology (8a4cbb22)
• user-modal: Replace DecimalInput with native Input for HWID limit field (01c4d9c4)
• admin: Add role eager loading and admin details helper for usage warnings (baf28748)
• setup: Add admin-to-owner promotion functionality (a55c3443)
• core-editor: Improve xray outbound editing with observation filtering and state preservation (b41dfb48)
• core-editor: Upgrade core-kit and xray-config-kit with observation filtering (a942bf66)
• core-editor: Expand VLESS Vision flow support to include xHTTP with TLS (4a4a8262)
• core-editor: Add intelligent random inbound port generation (b80937bc)
• core-editor: Add VLESS reverse proxy support with validation (d26d6794)
• admin: Enhance admin modification security and add password change notifications (e5ae7dee)
• core-editor: Enhance shadowsocks password generation validation (6c351664)
• dashboard: Enforce RBAC across resource actions and templates (740ddcc9)
• nodes: Show update indicators in list view (2aee4275)
• admin-roles: Add duplicate role action (7c6c7a52)
• core-editor: Add Hysteria Salamander obfuscation support (09b4fc94)
• xray: Add Unix socket detection for inbound listeners (c3143772)
• group: Convert inbound_ids and inbound_tags to hybrid properties with expressions (db132e37)
• user: Send notifications for created users in bulk user creation (df3c77db)
• xray: Restrict shadowsocks encryption methods in core editor (4ab1d0e4)

🩹 Fixes

• record_usages: Streamline upsert parameter construction and enhance user filtering logic (10c010af)
• Block unlimited users for admins with max limits (a0be261f)
• admin: Prevent admins from modifying their own accounts and enforce role-based restrictions (2221939b)
• Remove users params (5538735b)
• subscription: Mihomo xHTTP options (#509)
• models: Enforce string type for numeric range fields in xHTTP and xMux settings (9179f527)
• subscription: Simplify HWID limit check logic (afd61c9a)
• node: Handle default core config and refresh cache before sync (b84c347e)
• dashboard: Align HWID switches inline with setting cards (d4c52ef6)
• Node user email format (4abd3d26)
• Prevent telegram_id=0 check in modify (5fa60087)
• node: Avoid reconnecting nodes on transient xray stats failures (fa1709cb)
• core-editor: Drop key on empty field (536a10f5)
• dashboard: Normalize empty HWID limit fields (21b74e88)
• users: Copy numeric user ID from actions menu (c6d2191c)
• admin: Use permissions instead of role IDs for admin edits (ba4cd1e6)
• dashboard: Hide separators for single-action menus (abd9a2eb)
• admin-roles: Sort admin roles by created date (e4ca5806)
• migration: Use explicit false values for operator permissions (c4877a34)
• dashboard: Show unlimited template limits clearly (d53f974e)
• dashboard: Refine modal loading skeletons (3fd02a91)
• admin-roles: Prevent delete dialog clicks reopening role modal (64ded6a7)
• bulk: Batch bulk group inserts to avoid asyncpg 32767 param limit (3e10bd1c)
• hosts: Assign unique priority to duplicated hosts and improve permission handling (3aa6a54d)
• xray: Improve port validation for Unix socket listeners (6cb0d038)
• telegram: Add admin context to group operations in user handlers (1ceeed12)

💅 Refactors

• record_usages: Improve code readability by restructuring parameter handling and formatting (e88037fd)
• setup: Remove OwnerDeleteRequest model and update delete_owner endpoint to use query parameters (9837acba)
• system: Update admin retrieval logic for clarity (87337dfe)
• models: Replace id_column function with IdMixin for primary key management (d105bfcc)
• models: Remove IdMixin from ClientTemplate and define primary key directly (dc28aa64)
• system: Extract admin details conversion to helper function (e020488e)
• admin: Extract admin details conversion to helper function (43a3d0c7)
• node: Replace username with user_id in user stats and IP list endpoints (5656e5e4)
• dashboard: Replace username with user_id in user IP and stats endpoints (4d0d8ac3)
• users: Optimize filter state updates and fix URL encoding (7ac572c3)
• admin: Remove discord_id field from admin model (b0cab45a)

🏡 Chore

• deps-dev: Bump watchfiles from 1.1.1 to 1.2.0 (#497)
• deps-dev: Bump pymysql from 1.1.3 to 1.2.0 (#512)
• deps-dev: Bump ruff from 0.15.13 to 0.15.14 (#514)
• deps-dev: Bump pytest-asyncio from 1.3.0 to 1.4.0 (#534)
• .env.example: Remove duplicate ENABLE_RECORDING_NODES_STATS configuration (0f4f0215)
• deps-dev: Bump ruff from 0.15.14 to 0.15.15 (#541)
• Replace TUI with deprecation notice in Docker image (8670bad4)

🎨 Styles

• user-modal: Simplify className conditional logic in ExpiryDateField (85081441)
• dashboard: Replace space-y utility with gap-y and flex-col (809a07c3)
• users: Improve responsive layout and scrolling in subscription clients modal (fc9336a4)

❤️ Contributors

• Mohammad immohammad20000@protonmail.com
• X0sina bulletsina77@gmail.com
• M03ED (@M03ED)
• Yaroslav (@Rerowros)