0f113ec41f
Merge pull request #3986 from BookStackApp/permission_testing
...
Permission Testing & Alignment
2023-01-24 21:37:28 +00:00
d1bd6d0e39
Fixed incorrect field in down migration
2023-01-24 19:21:23 +00:00
2d1f1abce4
Implemented alternate approach to current joint_permissions
...
Is a tweak upon the existing approach, mainly to store and query role
permission access in a way that allows muli-level states that may
override eachother. These states are represented in the new PermissionStatus
class.
This also simplifies how own permissions are stored and queried, to be
part of a single column.
2023-01-24 14:55:34 +00:00
78ebcb6f38
Addressed a range of deprecation warnings
...
Closes #3969
2023-01-21 20:50:04 +00:00
06a7f1b54a
Added migration to drop entity restricted field
2022-10-08 15:30:03 +01:00
1d3dbd6f6e
Migrated entity_permissions table to new flat format
...
Simplifies structure and limits content count, while allowing direct
mapping of new UI intent, where we may have entries with no permissions.
Not yet updated app logic to suit.
Tested via migrating and rolling-back, then comparing export data,
across a set of custom permission entries.
2022-10-07 15:07:09 +01:00
d0dc5e5c5d
Added a little protection to migration query
...
Just to be sure the query is filtered as expected to only affect
shelf-based images.
2022-09-08 12:26:14 +01:00
f28ed0ef0b
Fixed shelf covers being stored as 'cover_book'
...
Are now stored as 'cover_bookshelf' as expected.
Added a migrate to alter existing shelf cover image types.
2022-09-02 12:54:54 +01:00
5d29d0cc7b
Added reference storage system, and command to re-index
...
Also re-named/orgranized some files for this, to make them "References"
specific instead of a subset of "Util".
2022-08-17 14:40:14 +01:00
837fd74bf6
Refactored search-based code to its own folder
...
Also applied StyleCI changes
2022-08-16 11:28:05 +01:00
8f90996cef
Dropped use of non-view joint permissions
2022-07-16 21:50:42 +01:00
b0a4d3d059
Renamed and cleaned up existing permission service classes use
2022-07-12 20:15:41 +01:00
2d4f708c79
Extracted permission building out of permission service
2022-07-12 19:38:11 +01:00
c8b123bfac
Updated composer deps, applied styleci changes
2022-06-08 18:00:30 +01:00
d795af04df
Added ability to escape role "External Auth ID" commas
...
- Using a backslash in this field before a comma.
- Could potentially (Although unlikely) be a breaking change.
For #3405
2022-05-04 21:03:13 +01:00
f1a8ad4980
Applied latest StyleCI changes
2022-04-25 18:42:31 +01:00
d5b7fff102
Merge branch 'recycle_bin_api_endpoints' into development
2022-04-25 18:32:55 +01:00
0930e8519c
Updated polymorphic database relation types to simpler version
...
- Means we can use these simpler types in API response, As desired in #3377 .
Closes #3395
2022-04-25 18:31:37 +01:00
2b0ae23da0
Updated composer deps, applied latest StyleCI changes
2022-04-24 18:22:40 +01:00
0c5723d76e
Switched to database-based tracking for page editor
...
- Works better to avoid bad assumptions when showing the editor based
upon content type.
- Also updated some previous tests to cleaner format.
2022-04-23 23:20:46 +01:00
e8e38f1f7b
Added an 'editor-change' role permission
2022-04-17 14:33:06 +01:00
00eedafbfd
Added timeout and debugging statuses to webhooks
...
- Added a user-configurable timeout option to webhooks.
- Added webhook fields for last-call/error datetime, in addition to last
error string, which are shown on webhook edit view.
Related to #3122
2022-01-03 19:42:48 +00:00
67b6c07548
Updated failing tests, Applied StyleCI changes
2021-12-18 16:41:42 +00:00
04f37e21e2
Applied latest StyleCI changes
2021-12-18 11:43:05 +00:00
a3ead5062a
Merge branch 'webhooks'
2021-12-18 11:40:08 +00:00
d00ac3101d
Allowed database queue usage where desired
2021-12-13 18:34:18 +00:00
dbd4281ae8
Added active toggle to webhooks
...
To allow easy temporary de-activation without deletion or other
workarounds. Updated tests to cover.
2021-12-12 17:39:06 +00:00
9079700170
Refactored the activity service
...
- Renamed to "ActivityLogger" to be more focused in usage.
- Extracted out query elements to seperate "ActivityQueries" class.
- Removed old 'addForEntity' activity method to limit activity record
points.
2021-12-11 17:29:33 +00:00
f2cb3b94f9
Added missing migration down table drop
2021-12-10 14:58:14 +00:00
6381041252
Added testing for webhook management interface
2021-12-10 14:54:58 +00:00
2fd7b1f0d5
Update index name to 'activities_ip_index'
2021-12-10 14:50:04 +08:00
a93254430c
Add index for user IP address
2021-12-10 14:50:04 +08:00
8716b1922b
Completed webhook management interface
...
Got webhook CRUD actions in place within the interface.
Quick manual test pass done, Needs automated tests.
2021-12-08 17:35:58 +00:00
a3a3055695
Started webhook implementation
2021-12-07 14:55:11 +00:00
9e0164f4f4
Further search system refactorings
...
- Moved search term querying to its own method.
- Updated Large content seeder to be more performant
2021-11-08 11:29:25 +00:00
e1b8fe45b0
Refactored search runner a little to be neater
2021-11-08 11:04:27 +00:00
6f75aa9cdc
Reverted shift change to old migration
2021-11-04 22:38:55 +00:00
f139cded78
Laravel 8 shift squash & merge ( #3029 )
...
* Temporarily moved back config path
* Apply Laravel coding style
* Shift exception handler
* Shift HTTP kernel and middleware
* Shift service providers
* Convert options array to fluent methods
* Shift to class based routes
* Shift console routes
* Ignore temporary framework files
* Shift to class based factories
* Namespace seeders
* Shift PSR-4 autoloading
* Shift config files
* Default config files
* Shift Laravel dependencies
* Shift return type of base TestCase methods
* Shift cleanup
* Applied stylci style changes
* Reverted config files location
* Applied manual changes to Laravel 8 shift
Co-authored-by: Shift <shift@laravelshift.com>
2021-10-30 21:29:59 +01:00
f77236aa38
Laravel 7.x Shift ( #3011 )
...
* Apply Laravel coding style
* Shift bindings
* Shift core files
* Shift to Throwable
* Add laravel/ui dependency
* Shift Eloquent methods
* Shift config files
* Shift Laravel dependencies
* Shift cleanup
* Shift test config and references
* Applied styleci changes
* Applied fixes post shift to laravel 7
Co-authored-by: Shift <shift@laravelshift.com>
2021-10-26 22:04:18 +01:00
887a79f130
Reviewed adding IP recording to activity & audit log
...
Review of #2936
- Added testing to cover
- Added APP_PROXIES to .env.example.complete with details.
- Renamed migration to better align the name and to set the migration
date to fit with production deploy order.
- Removed index from IP column in migration since an index does not yet
provide any value.
- Updated table header text label.
- Prevented IP recording when in demo mode.
2021-09-26 17:18:12 +01:00
8972f7b212
Merge branch 'log-ip-address' of https://github.com/johnroyer/BookStack into johnroyer-log-ip-address
2021-09-26 16:17:28 +01:00
c100560bd9
Applied style ci changes again
2021-09-26 15:49:25 +01:00
5c7eb0df57
Caught old string helper function usage
...
Found by Laravel Shift Workbench
2021-09-26 15:41:11 +01:00
5cf0c99e32
Add IP column
2021-09-20 11:29:14 +08:00
0e7166f7f6
Cleaned up DB usage in migration
2021-08-28 21:55:04 +01:00
7d9de23a25
Applied styleci patches
2021-08-28 21:51:15 +01:00
eda9e89c55
Added role permissions for exporting content
2021-08-28 21:48:17 +01:00
09c2814dc7
Added role based MFA control
...
- Added new DB column for control and role updated create/update actions.
- Created new middleware as a start to actual enforcement logic.
- Added indicator to role list of whether MFA is enforced.
2021-07-03 13:34:48 +01:00
916a82616f
Complete base flow for TOTP setup
...
- Includes DB storage and code validation.
- Extracted TOTP work to its own service file.
- Still needs testing to cover this side of things.
2021-06-30 22:10:02 +01:00
934a833818
Apply fixes from StyleCI
2021-06-26 15:23:15 +00:00
Dan Brown
Dan Brown
Zero
Dan Brown