Commit Graph

1027 Commits

Author SHA1 Message Date
Dan Brown bc472ca2d7
Improved relation loading during search
Relations now loaded during back-end query phase instead of being lazy
loaded one-by-one within views.

Reduced queries in testing from ~60 to ~20.

Need to check other areas list-item.php's "showPath" option is used to
ensure relations are properly loaded for those listings.
2021-11-08 15:24:49 +00:00
Dan Brown 899349c4b4
Added testing coverage for tag index
Also:
- Extracted out index table row to its own view.
- Added empty state.
- Ensured query params are set on pagination links.
2021-11-06 21:54:02 +00:00
Dan Brown f8f9e74992
Added links to tag page
- Added from books/shelves listings and within the tag-edit view for all
  entities.
2021-11-06 20:21:11 +00:00
Dan Brown 929c8312bd
Started build of tag view
- Created listing
- Allows drilldown to tag name
- Shows totals

Not yet covered via testing
2021-11-06 16:30:20 +00:00
Dan Brown 7e28c76e6f
Adjusted API docs table 2021-10-20 10:46:06 +01:00
Dan Brown 263384cf99
Merge branch 'oidc' 2021-10-16 15:51:13 +01:00
Dan Brown 9b8bb49a33
Added custom whoops-based debug view
Provides a simple bookstack focused view that does not rely on JavaScript.
Contains links to BookStack specific resources in addition to commonly
desired debug details.
2021-10-14 15:33:08 +01:00
Dan Brown 41438adbd1
Continued review of #2169
- Removed uneeded custom refresh or logout actions for OIDC.
- Restructured how the services and guards are setup for external auth
  systems. SAML2 and OIDC now directly share a lot more logic.
- Renamed any OpenId references to OIDC or OpenIdConnect
- Removed non-required CSRF excemption for OIDC

Not tested, Come to roadblock due to lack of PHP8 support in upstream
dependancies. Certificate was deemed to be non-valid on every test
attempt due to changes in PHP8.
2021-10-06 23:05:26 +01:00
Dan Brown 193d7fb3fe
Merge branch 'openid' of https://github.com/jasperweyne/BookStack into jasperweyne-openid 2021-10-06 13:18:21 +01:00
Dan Brown 887a79f130
Reviewed adding IP recording to activity & audit log
Review of #2936

- Added testing to cover
- Added APP_PROXIES to .env.example.complete with details.
- Renamed migration to better align the name and to set the migration
  date to fit with production deploy order.
- Removed index from IP column in migration since an index does not yet
  provide any value.
- Updated table header text label.
- Prevented IP recording when in demo mode.
2021-09-26 17:18:12 +01:00
Zero b834f58e87 Add user IP into audit table 2021-09-20 11:29:14 +08:00
Dan Brown 253f386f00
Finished off script CSP rules
- Added caching for custom html head parsing to add nonce.
- Also moved api docs page into web routes to prevent issues.
2021-09-04 13:57:04 +01:00
Dan Brown fd44e4ba74
Started application of CSP headers 2021-09-03 23:32:42 +01:00
Dan Brown 7028025380
Made the TOTP URL visible during setup
Useful for some non-scanner type apps.
Closes #2908
2021-09-01 20:58:19 +01:00
Dan Brown eda9e89c55
Added role permissions for exporting content 2021-08-28 21:48:17 +01:00
Dan Brown 82c6597a60
Added notice for lack of shelf permission cascade
Closes #2876
2021-08-28 15:44:44 +01:00
Dan Brown a61c9c5e98
Reorgranised blade view files to form a convention
- Primarily moved and re-organised view files.
- Included readme within views to document the convention.
- Fixed some issues with page field select list in previous commit.
- Tweaked some route names while going through.
- Split some views out further.

Closes #2805
2021-08-22 13:17:32 +01:00
Dan Brown cac31b2074
Merge pull request #2827 from BookStackApp/mfa
MFA System
2021-08-21 15:47:55 +01:00
Dan Brown 622ea03c65
Added attribution for new libs added
- Also hard-set TOTP algorithm with comment from testing others.
2021-08-08 14:52:29 +01:00
Dan Brown f1f59cf086
Extracted text to translation files
Also aligned mfa method delete route to align with others.
2021-08-08 14:24:44 +01:00
Dan Brown c429cf7818
Merge branch 'v21.05.x' 2021-08-04 21:32:29 +01:00
Dan Brown 7d19057e68
Fixed issue where user id still used on profile pages
Updated to use slugs and added testing to cover.
2021-08-04 21:08:51 +01:00
Dan Brown 0de0507137
Added vb.net code language option
Related to #2869
2021-08-04 20:56:34 +01:00
Dan Brown 7a8954ee65
Fixed audit log user dropdown usability issue
User search input blur would trigger the submission of the search
filters which would cause strange thing where you'd click on a search
filtered user which would blur the input hence submit, but the user
would think they've clicked the user and the page would reload but the
input had not updated at that point.

Related to #2863
2021-08-04 20:48:23 +01:00
Dan Brown 9b271e559f
Worked on MFA setup required flow
- Restructured some of the route naming to be a little more consistent.
- Moved the routes about to be more logically in one place.
- Created a new middleware to handle the auth of people that should be
  allowed access to mfa setup routes, since these could be used by
  existing logged in users or by people needing to setup MFA on access.
- Added testing to cover MFA setup required flow.
- Added TTL and method tracking to session last-login tracking system.
2021-08-02 22:02:25 +01:00
Dan Brown 4597069083
Added Backup code verification logic
Also added testing to cover as part of this in addition to adding the
core backup code handling required.

Also added the standardised translations for switching mfa mode and
adding testing for this switching.
2021-08-02 16:35:37 +01:00
Dan Brown a3f19ebe96
Added TOTP verification upon access 2021-08-02 15:04:43 +01:00
Dan Brown 1af5bbf3f7
Added login redirect system to confirm/mfa
Also continued a bit on the MFA verification system.
Moved some MFA routes to public space using updated login service to get
the current user that is either logged in or last attempted login (With
correct creds).
2021-07-18 16:52:31 +01:00
Dan Brown 78f9c01519
Started on some MFA access-time checks
Discovered some difficult edge cases:
- User image loading in header bar when using local_secure storage
- 404s showing user-specific visible content due to content listing on
  404 page since user is in semi-logged in state. Maybe need to go
  through and change up how logins are handled to centralise and
  provide us better control at login time to prevent any auth level.
2021-07-16 23:23:36 +01:00
Dan Brown f696aa5eea
Added the ability to remove an MFA method
Includes testing to cover
2021-07-14 21:27:21 +01:00
Dan Brown cfc0c593db
Added MFA indicator to user list
Also fixed issue with showing incorrect MFA method count on user edit
page changes done in last commit
2021-07-14 20:19:05 +01:00
Dan Brown bb43acef21
Added MFA setup link on user edit view 2021-07-14 20:06:41 +01:00
Dan Brown 09c2814dc7
Added role based MFA control
- Added new DB column for control and role updated create/update actions.
- Created new middleware as a start to actual enforcement logic.
- Added indicator to role list of whether MFA is enforced.
2021-07-03 13:34:48 +01:00
Dan Brown 529971c534
Added backup code setup flow
- Includes testing to cover flow.
- Moved TOTP logic to its own controller.
- Added some extra totp tests.
2021-07-02 20:53:33 +01:00
Dan Brown 916a82616f
Complete base flow for TOTP setup
- Includes DB storage and code validation.
- Extracted TOTP work to its own service file.
- Still needs testing to cover this side of things.
2021-06-30 22:10:02 +01:00
Dan Brown d25cd83d8e
Added TOTP generation view and started verification stage
Also updated MFA setup view to have settings-like listed interface to
make it possible to extend with extra options in the future.
2021-06-29 22:06:49 +01:00
Dan Brown efb6a6b457
Started barebones work of MFA system 2021-06-28 22:02:45 +01:00
Dan Brown 3a402f6adc
Review of #2682, Also added parent deletion link on restore
On restore, added a link to the parent deletion restore if any exists
on a cascading parent. Added a test to cover this case to ensure its shown.

Also tweaked default empty state message on recycle bin item list to align
with new column count.

Also done a little existing code cleanup including a getUrl helper on
the deletion items.

Related to #2682 & #2594
2021-06-26 12:12:11 +01:00
Dan Brown 8a9505bf8c
Merge branch 'master' of https://github.com/arjvand/BookStack into arjvand-master 2021-06-26 11:19:21 +01:00
Dan Brown 265f5db03f
Reviewed #2393, Removed image guessing and added testing
For review of meta tag additions as per PR #2393.
This commit removes any image guesswork and only uses images that have
been set by the author for the specific content.
This also adds tests to cover the expected OG tags.
2021-06-23 20:42:48 +01:00
Dan Brown 58fa7679bc
Merge branch 'create-content-meta-tags' of https://github.com/james-geiger/BookStack into james-geiger-create-content-meta-tags 2021-06-23 20:11:07 +01:00
Dan Brown 9af636bd48
Merge branch 'markdown-export' of https://github.com/nikhiljha/BookStack-1 into nikhiljha-markdown-export 2021-06-22 19:12:24 +01:00
Dan Brown 3dda622f0a
Added a "skip to content" link.
Closes #2810
2021-06-15 20:58:45 +01:00
Dan Brown 7d951b842c
Made social account detach a POST request
Closes #2808
2021-06-14 22:37:58 +01:00
Dan Brown 2c34a99248
Merge pull request #2791 from BookStackApp/attachments_open_in_browser
Attachment serving without forced download
2021-06-13 14:03:08 +01:00
Dan Brown 58117bcf2d
Extracted not found text into its own simple blade file
Related/intended for #2796
2021-06-13 13:53:59 +01:00
Dan Brown 7997300f96
Added front-end toggle and testing of inline attachments 2021-06-06 13:55:56 +01:00
Dan Brown bb00c331e4
Ordered entity permission roles by display name
Closes #2782
2021-06-04 22:36:30 +01:00
Dan Brown 807f92b693
Updated homepage action button colors for consistency
Were previously inconsistent with other homepage buttons for non-default
homepage options.
2021-06-04 22:28:38 +01:00
Dan Brown ef1bde8bb1
Fixed wrong styles for homepage favourites
When using a non-default homepage option.

Fixes #2783
2021-06-04 22:20:11 +01:00
Dan Brown c4f5ab12cf
Aligned export and revision shown date format
As raised in #2771
2021-05-30 00:02:32 +01:00
Dan Brown ed6ec341df
Added testing to cover next/previous navigation
For #2511
2021-05-29 12:49:10 +01:00
Dan Brown 0cfff6ab6f
Reviewed and refactored next/previous navigation button implementation
- Updated styling to include item name.
- Extracted used text to translations.
- Updated the design to better suit the surrounding blocks.
- Removed newly added model/repo methods.
- Moved core logic out of controller and instead into a "NextPreviousContentLocator"
helper with re-uses the output from the book-tree generation.
- Also added the system to chapters.

For #2511
2021-05-29 12:39:41 +01:00
Dan Brown 7ca66c5d5e
Merge branch 'prev-next-button' of https://github.com/shubhamosmosys/BookStack into shubhamosmosys-prev-next-button 2021-05-26 22:13:19 +01:00
Dan Brown 9cbea1eb08
Updated drawing upload error to shown/handle server limit errors
Closes #2740
2021-05-26 18:23:27 +01:00
Dan Brown 1a2d374f24
Revert "Added app logo to outgoing emails"
This reverts commit e32929029b.
2021-05-26 17:13:59 +01:00
Dan Brown e32929029b
Added app logo to outgoing emails
Required changing the header bar of the email to be solid color to match
the configuration of the main app header since otherwise colors may not
work together.

Closes #2577
2021-05-26 17:11:03 +01:00
Dan Brown d326417edc
Added name input autofocus on shelves, books and chapters
Closes #1956
2021-05-26 15:25:23 +01:00
Dan Brown a3a8fef6b2
Made users header interface more adaptable
Search input was stacking on create button on default desktop view
due when viewing in russian due to combined width exceeding container.
Made into normal flexbox instead.

Closes #2147
2021-05-26 15:20:35 +01:00
Nickolas Gupton 7a6f21648a Fixes minor vulnerability when using target="_blank" on links (RSPEC-5148) 2021-05-24 16:17:08 -04:00
Dan Brown 3eaf03a7ac
Reviewed tag in seach work
- Refactored some tag code bits while reviewing.
- Updated tag design in search listing to be more subtle.
- Moved tags out of entity-list-item-basic template and instead moved
  them into entity-list-item, below the existing content.
- Tweaked existing tag colors a little.
- Changed tag icon to be more tag-like.
- Added tag-on-search test case.

Review of #2487, Related to #2462
2021-05-24 16:12:09 +01:00
Dan Brown 5420f3451c
Merge branch 'show-tags' of https://github.com/burnoutberni/BookStack into burnoutberni-show-tags 2021-05-24 15:12:45 +01:00
Dan Brown 1e0aa7ee2c
Added favourites page with link from header and home 2021-05-23 13:34:08 +01:00
Dan Brown d0ff79ea60
Revamped some complex queries, added favourites to home
- Removed old view system and started use of new query classes instead.
- Finished off RelationMultiModelQuery but found it was less efficient
than x-many queries due to the amount of tables being scanned.
Adding now for history but will delete as not used.
- Updated recently viewed to use same query system as popular items
  rather than running and joining x-entities queries.
- Added "Most Viewed Faviourites" listing to homepages.
2021-05-22 14:05:28 +01:00
Dan Brown 3ca149137e
Added faviourtes to other entity types 2021-05-16 10:26:28 +01:00
Dan Brown bf8e7f3393
Started addition of favourite system 2021-05-16 00:29:56 +01:00
Dan Brown 7be7d7d1e7
Updated not-found image path handling to have better ux
Added test to cover.
Started refactoring some of the app error handling in
the process of this.

Fixes #2696
2021-05-08 18:49:58 +01:00
Dan Brown f522f16526 Fixed SAML login button alignment 2021-05-08 11:49:18 +01:00
Dan Brown a083ceaf44 Fixed item export with deleted creator/updated
Added test to cover.
Fixes #2733
2021-05-05 22:52:08 +01:00
Dan Brown 95798a2eba Standardised export views with base layout, Reduced included export styles
Related to #2666
2021-05-04 23:15:05 +01:00
Dan Brown 43b6633183 Filtered scripts in custom HTML head for exports
Since it appeared to cause problems in some scenarios.
Related to #2490
2021-05-03 23:59:52 +01:00
Dan Brown 20528a2442 Fixed error thrown when owner existed but the creator did not
Added test to cover.
For #2687
2021-04-20 21:04:38 +01:00
Dan Brown 9df4dee1b2 Improved header element accessibility when at mobile sizes
Intended to fix issues raised in #2681.
Changes up the tri-layout tabs, and the main header menu toggle,
to be buttons while adding better text and keyboard controls.

Updated the component format of a few elements along the way.
2021-04-19 21:41:13 +01:00
Alireza Arjvand 2744b2a243 Added parent info to recycle bin 2021-04-17 13:09:56 +04:30
Dan Brown f0723b6ee7 Fixed social button icon/text misalignment 2021-04-06 22:00:07 +01:00
Dan Brown 5c9c1d1a4b Updated shelf sort to allow default sort, added testing
Done during review of #2515
2021-03-21 23:06:15 +00:00
Dan Brown ab4c5a55b8 Merge branch 'feature/sort-shelf-books' of git://github.com/guillaumehanotel/BookStack into guillaumehanotel-feature/sort-shelf-books 2021-03-21 21:52:39 +00:00
Dan Brown 06706a2d9c Added user filter to audit log
Included testing to cover.
Closes #2472
2021-03-21 15:04:32 +00:00
Dan Brown c8564b7792 Merge branch 'search-owned-by-me' of git://github.com/benediktvolke/BookStack into benediktvolke-search-owned-by-me 2021-03-15 18:21:09 +00:00
Dan Brown 19d79b6a0f Started rolling out user slugs to model and core controllers 2021-03-09 23:06:12 +00:00
Benedikt Volke b939785ece Add checkbox on search page 2021-02-14 11:40:38 +01:00
Dan Brown 0ca8d7fc03 Updated books list view description to be limited by css
Instead of length limited
Related to #1222
2021-02-12 23:10:30 +00:00
Dan Brown f36e6d9917 Updtd entity-selector for keyboard nav and new component system
For #2064
2021-02-12 22:10:37 +00:00
Dan Brown 6a4b020dd8 Removed user and revision links in export meta
Closes #2526
2021-02-12 20:58:01 +00:00
James Geiger a0bfdf0e5c Code cleanup, bug squashing 2021-02-09 01:27:27 -06:00
James Geiger 48587d2c38 Code cleanup, refactor
Updated to use Str::length for entity descriptions.
Moved function to get first image in page to PageContent class.
2021-02-09 00:16:24 -06:00
Dan Brown 5323cb5224 Removed some old front-end md rendering elements
Also ensured revisions were not created more often than expected.
Summary field null check was triggering revision save even when empty
since it was still in request.

Related to #1846
2021-02-06 23:11:20 +00:00
Dan Brown 4f96cd9164 Altered header to keep search box center
For #2310
2021-02-04 23:11:55 +00:00
Guillaume Hanotel a7848b916b Improve sorting Shelf Books 2021-01-31 04:28:25 +01:00
Dan Brown 44c41e9e4d Updated footer links to be a configurable list
Made so footer link ordering, names and urls can be set.
Cleaned up some of the setting-service and added support for array
setting types, which are cleaned on entry and stored as json with a new
type indicator column on the settings table for auto-decode.
Also added testing to cover this feature.

Related to #1973 and #854
2021-01-31 00:23:15 +00:00
Dan Brown a663364223 Merge branch 'footer-links' of git://github.com/james-geiger/BookStack into james-geiger-footer-links 2021-01-30 22:03:16 +00:00
Dan Brown 4d3194d784 Merge branch 'patch-1' of git://github.com/l1n/BookStack into l1n-patch-1 2021-01-30 17:15:23 +00:00
Dan Brown ccb2cb5b7c Merge branch 'feature_add_add-button_to_home_view' of git://github.com/philjak/BookStack into philjak-feature_add_add-button_to_home_view 2021-01-30 16:40:13 +00:00
Guillaume Hanotel 26ba056302 Sort Books within Shelves 2021-01-29 08:02:18 +01:00
Shubham Tiwari 99c42033b1 Add prev and next button to navigate through different pages 2021-01-27 10:15:28 +05:30
Dan Brown 7ba6962707
Removed lesser-used middleware and updated localization middleware
So that DB/User access is not explicitly enforced.
Same for GlobalViewData middleware although that was also just doubling
up on ways to access user/auth info.
Also cleaned up Localization Middleware doc blocks.
2021-01-17 13:41:43 +00:00
Bernhard Hayden aad2ee675c Show tags of all search results 2021-01-15 15:52:03 +01:00
Nova b8aabfffe8
Update form.blade.php 2021-01-13 12:45:18 -08:00
Nova ac8e124d01
Update form.blade.php 2021-01-13 12:23:20 -08:00
Nova 857f8c2a95
Disable autocomplete on the change password field 2021-01-13 12:21:57 -08:00
Dan Brown d0a7a8b890
Improved some query efficiencies on user list 2021-01-10 23:02:30 +00:00
Dan Brown 18f86fbf9b
Made recycle-bin settings navbar full width
For #2468
2021-01-10 13:36:46 +00:00
Dan Brown 7791599fb5
Fixed recycle bin dropdown being cut off in chrome
Fixes #2442
2021-01-04 18:24:34 +00:00
Dan Brown 75a795ab72
Made a couple of fixes during testing
- Updated audit table so long entity names did not squish everything
  else.
- Added filtering to view service popular list so that recycle binned
  items did not cause issues.
2021-01-03 19:02:50 +00:00
Dan Brown 588fd7d165
Fixed short editor in firefox and optimised some queries
Optimised permission fetching so that it won't initialise a bunch
of models for the role permissions and instead does a manual
query to get the data directly.
2021-01-02 01:22:41 +00:00
Dan Brown 5e686bb624
Added user ownership migrate to delete screen. 2021-01-01 18:31:01 +00:00
Dan Brown 8833b5bc3b
Added user-select input 2020-12-31 17:25:20 +00:00
Dan Brown 33e35c9a8a
Converted breadcrumb-listing to new component system 2020-12-31 15:27:25 +00:00
Dan Brown b493becadf
Started change for entities to have concept of owners 2020-12-30 18:25:35 +00:00
James Geiger e458411f91 Create Open Graph meta tags for book/page/chapter/shelf 2020-12-21 23:20:13 -06:00
Dan Brown 4e82d93350
Updated wording of image cleanup option
As per #2352
2020-12-18 22:59:47 +00:00
Dan Brown 4b4642c8ea
Aligned book and shelf grid item views
Updated the titles so they are limited via CSS rather than by a
estimated hardcoded limit.

For #1469
2020-12-18 21:26:22 +00:00
Dan Brown 9884cca00c
Merge branch 'v0.30.x' 2020-12-17 21:47:59 +00:00
Dan Brown 3f3fad7113
Fixed book-tree-gen page visibility issue
When book trees were generated, pages in chapters where ALL pages within
were not supposed to be visibile, would be visible due to the code
falling back on the raw relation which would not account for
permissions.

This has now been changed so that a custom 'visible_pages' attribute is set and used by any book tree structures, to ensure it does not fall back to the raw relation.

Added an extra test to cover.

For #2414
2020-12-17 17:31:18 +00:00
Dan Brown 00308ad4ab
Cleaned up some user/image areas of the app
Further cleanup of docblocks and standardisation of repos.
2020-12-08 23:46:38 +00:00
Dan Brown ef1b98019a
Fixed some mis-refactoring and split search service
Search service broken into index and runner tools.
2020-11-22 00:17:45 +00:00
Dan Brown 66917520cb
Service provider and other cleanup
- Removed old 'exposeTranslations' system to instead use new component
 option system.
- Extracted validation rules into their own service provider.
- Cleaned up some formatting/comments in the repos.
2020-11-21 17:52:49 +00:00
Dan Brown c0680d5717
Added latest activity into users list view 2020-11-20 20:10:18 +00:00
Dan Brown bd6a1a66d1
Implemented remainder of activity types
Also fixed audit log to work for non-entity items.
2020-11-20 19:33:11 +00:00
Dan Brown 712ccd23c4
Updated activities table format
Renamed some columns to be more generic and applicable.
Removed now redundant book_id column.
Allowed nullable entity morph columns for non-entity activity.

Ran tests and made required changes.
2020-11-08 00:03:19 +00:00
Dan Brown 4824ef2760
Merge pull request #2283 from BookStackApp/recycle_bin
Recycle Bin Implementation
2020-11-07 15:10:17 +00:00
Dan Brown df10b508d8
Enhanced how activities are shown on items in recycle bin 2020-11-07 14:28:50 +00:00
Dan Brown ec3aeb3315
Added recycle bin auto-clear lifetime functionality 2020-11-07 13:58:23 +00:00
Dan Brown 9e033709a7
Added per-item recycle-bin delete and restore 2020-11-02 22:47:48 +00:00
Dan Brown 04197e393a
Started work on the recycle bin interface 2020-10-03 18:44:12 +01:00
nutsflag 521a002001
Update code-editor.blade.php 2020-10-02 15:13:31 +02:00
Dan Brown 1097c61d6d
Fixed duplicate requests in attachment manager issue
Closes #2286
2020-09-28 21:55:24 +01:00
Dan Brown 8b0f5e7000
Updated draw.io references to diagrams.net
Related to #2044
2020-09-28 20:45:38 +01:00
Dan Brown 328d2514c4
Updated settings nav to be more flexible
Uses flexbox layout, flexed to content instead of rigid thirds like
before. Also extracted row into own file
2020-09-26 16:26:30 +01:00
Dan Brown 08fbd39fcb
Fixed markdown iframe loading and content alignment
Fixes #2280
2020-09-26 12:01:01 +01:00
Dan Brown 78bf044a7a
Added audit log interface
- Displays the currently tracked activities in the system.

Related to #2173 and #1167
2020-09-19 12:06:45 +01:00
Dan Brown 6578ac0b4a
Fixed visible revision delete menu 2020-09-13 19:12:15 +01:00
Dan Brown 09c6d6c722
Added button for inserting attachment link to a page
For #1460
2020-09-13 18:58:05 +01:00
Dan Brown ad48cd3e48
Continued implementation of attachment drag+drop
Cannot get working in chrome reliably due to conflicting handling of
events and drag+drop API. Getting attachment drop working breaks other
parts of TinyMCE.
Implementing current work as should still work for MD editor and within
FireFox.

Related to #1460
2020-09-13 18:31:14 +01:00
Dan Brown e305ba14d9
Merge branch 'master' into attachment_drag_drop 2020-09-13 16:33:31 +01:00
Dan Brown 1ac11c1852
Added warning to role screen for important permissions
Warning related to permissions that could allow a person to promote
their own permissions to gain more privileges than expected.

For #2105.
2020-08-04 15:26:13 +01:00
Dan Brown 5f1ee5fb0e
Removed role 'name' field from database
The 'name' field was really redundant and caused confusion in the
codebase, since the 'Display' name is often used and we have a
'system_name' for the admin and public role.

This fixes #2032, Where external auth group matching has confusing
behaviour as matching was done against the display_name, if no
external_auth field is set, but only roles with a match 'name' field
would be considered.

This also fixes and error where the role users migration, on role
delete, would not actually fire due to mis-matching http body keys.
Looks like this has been an issue from the start. Added some testing to
cover. Fixes #2211.

Also converted phpdoc to typehints in many areas of the reviewed code
during the above.
2020-08-04 14:55:01 +01:00
Dan Brown 7590ecd37c
Updated some comment elements and standardised more JS
- Updated comment routes to be simpler.
- Updated comments JS to align better with updated component system.
- Documented available global JS functions/services.
- Removed redundant controller method.
- Added window.$events helpers for validation messages and
success/error.
- Updated JS events system to not be class based for simplicity.
- Added window.trans_plural method to handle pluralisation/replacements
where you already have the translation string itself.

Fixes #1836
2020-07-28 18:19:18 +01:00
Dan Brown 18f406d97b
Started attachment drag/drop
Currently fighting between sortable and tinymce mechanisms which prevent
this working due to the different events stopping the drop event while
needing the dragover for cursor placement.
2020-07-28 10:45:28 +01:00
Dan Brown f5fefbdb06
Removed a few remaining vue references 2020-07-26 14:49:05 +01:00
Dan Brown 02dc3154e3
Converted image-manager to be component/HTML based
Instead of vue based.
2020-07-25 00:20:58 +01:00
Dan Brown 3bfd26bf86
Converted the page editor from vue to component 2020-07-05 21:18:17 +01:00
Dan Brown d41452f39c
Finished breakdown of attachment vue into components 2020-07-04 16:53:02 +01:00
Jasper Weyne 07a6d7655f First basic OpenID Connect implementation 2020-07-01 23:27:50 +02:00
Dan Brown 14b6cd1091
Started migration of attachment manager from vue
- Created new dropzone component.
- Added standard component event system using custom DOM events.
- Added tabs component.
- Added ajax-delete-row component.
2020-06-30 22:12:45 +01:00
Dan Brown 181ae6d055
Fixed tag-manager loading on entity-creation 2020-06-29 23:40:34 +01:00
Dan Brown 573c4e26d5
Finished moving tag-manager from a vue to a component
Now tags load with the page, not via AJAX.
2020-06-29 22:11:03 +01:00
Dan Brown 4e107b9160
Started migrating tag manager JS to HTML-first component 2020-06-28 23:15:05 +01:00
Dan Brown 10305a4446
Converted entity-dash from vue to a component 2020-06-28 21:15:00 +01:00
Dan Brown a5fa745749
Moved overlay component, migrated code-editor & added features
- Moved Code-editor from vue to component.
- Updated popup code so it background click only hides if the click
originated on the same background. Clicks within the popup will no
longer cause it to hide.
- Added session-level history tracking to code editor.
2020-06-28 00:06:47 +01:00
Dan Brown 715dee2d0e
Converted search filters to not be vue based 2020-06-27 13:29:00 +01:00
Dan Brown 76d02cd472
Started attempt at formalising component system used in BookStack
Added a document to try to define things.
Updated the loading so components are registed dynamically.
Added some standardised ways to reference other elems & define options
2020-06-24 20:38:08 +01:00
Dan Brown bf4a3b73f8
Updated listing endpoints to be clickable in api docs 2020-05-23 00:53:13 +01:00
Nikhil Jha a34a07c610 basic markdown export 2020-05-12 21:12:26 -07:00
Dan Brown 9666c8c0f7
Updated shelf-list view to enforce view permissions for child books
- Aligned shelf-homepage behaviour to match
- Updated testing to cover.

For #2111
2020-05-12 22:21:45 +01:00
Dan Brown 4ef362143b
Added auto-focus behaviour to page editor
- Will focus on title if the value of the field matches the default text
for the current user's language.
- Otherwise will focus on the editor body.
- Added and tested on both editors.

For #2036
2020-04-27 15:54:39 +01:00
Dan Brown 8fb1f7c361
Fixed floated content extending past page body
As shown in #2055
2020-04-25 19:59:23 +01:00
Dan Brown 88dfb40c63
Some further dark-mode fixes, added toggle to homepage
- Homepage toggle especially useful for not-logged-in users since they
do not have a dropdown.
2020-04-12 19:06:34 +01:00
Dan Brown 50669e3f4a
Added tests and translations for dark-mode components 2020-04-11 20:44:23 +01:00
Dan Brown 573c848d51
Added dark/light mode toggle to profile dropdown menu
- Also fixed some remaining areas which needed dark mode support.
2020-04-11 20:37:51 +01:00
Dan Brown b0b28e7b5e
Rolled dark mode out to the editors
- Updated editor, and other area, styles to look okay in dark mode.
- Used tinyMCE theme generator to create dark mode theme.
- Updated tinymce to latest 4x version.
2020-04-11 15:48:08 +01:00
Dan Brown 1ba5a1274c
Started work on supporting a dark-mode
- Most elements done, but still need to do editors, tables and final
pass.
- Toggled only by quick js check at the moment, checking via css media
query. Need to make into user-preference toggle.

For #1234
2020-04-10 22:38:29 +01:00
Dan Brown 7b8fe5fbc6
Added book-export endpoints to the API 2020-04-10 16:05:17 +01:00
Dan Brown 053cbbd5b6
Updated view-change endpoints to be clearer, separated books and shelf
- Separated books-list and shelf-show view types to be saved separately.

During review of #1755
2020-04-10 12:49:16 +01:00
Dan Brown b8c16b15a9
Merge branch 'feature_change_view_in_shelves_show' of git://github.com/philjak/BookStack into philjak-feature_change_view_in_shelves_show 2020-04-10 12:21:56 +01:00
Dan Brown 47e645909e
Reviewed #1688, Show parent shelves on books page
- Moved list to the left of the page to align with other navigational
items.
- Hid list of no shelves, to help hide shelf references if not in use.
- Tweaked test to ensure it wasn't finding shelf name in breadcrumb
rather than list being tested.
2020-04-09 17:29:22 +01:00
Dan Brown 898cedf536
Merge branch 'feature/#1598' of git://github.com/cw1998/BookStack into cw1998-feature/#1598 2020-04-09 17:18:37 +01:00
Dan Brown 642db1387e
Updated wysiwyg code-block insert flow to be mouseless
- Can now save a code block with Ctrl+Enter.
- Codemirror will be in focus on popup show.
- TinyMCE will get back focus on code save.

For #1972
2020-04-05 21:55:31 +01:00
Dan Brown 5f61620cc2
Added support for changing the draw.io instance URL
- Allowed DRAWIO env option to be passed as URL to point to instance.
- Updated tests to check URL gets passed to pages correctly.
- Update default URL to be the default theme.

For #826
2020-04-05 17:27:16 +01:00
Dan Brown f94fd44ff6
Updated styles to use logical properties/values
- Intended to improve RTL support in the interface.
- Also adds hebrew to language dropdown since that was missing.

Related to #1794
2020-04-05 13:07:19 +01:00
James Geiger fe438bdb45 Add footer element, styles, and associated settings 2020-03-18 22:28:06 -05:00
Dan Brown 7f6cbead33
Performed review of "public intended" functionality provided in #1817
- Updated logic to take url from referrer rather than pass as a query parameter.
- Added tests to cover functionality.
- Updated 404 page with login action button if not signed in.
- Updated 404 page with text to indicate permissions may be affecting visibility.

Related to #1817 and #1706
2020-03-14 18:29:31 +00:00
Dan Brown a95588dc2e
Merge branch 'feature/public-login-redirect' of git://github.com/Xiphoseer/BookStack into Xiphoseer-feature/public-login-redirect 2020-03-14 17:46:30 +00:00
Dan Brown a5f972043b
Updated primary color action text to be consistent
- With other similar picker components on the page.

As reported in #1930
2020-03-11 21:51:43 +00:00
Statium b58110000d
Code refactoring
Removed extra spaces displayed in the header of the login and registration link.
2020-03-11 21:27:22 +00:00
Statium f87c3b2660 Update setting-entity-color-picker.blade.php
Reducing indentation to one look in the application settings.
2020-03-11 21:23:04 +00:00
Dan Brown 56be10f1cd
Merge branch 'perl_syntax_highlight' of git://github.com/Iyeyasu/BookStack into Iyeyasu-perl_syntax_highlight 2020-03-06 19:54:15 +00:00
Dan Brown 4b2654598c
Merge branch 'master' of git://github.com/JHenneberg/BookStack into JHenneberg-master 2020-03-06 19:49:16 +00:00
Dan Brown ccd50fe918
Aligned export styles a little better and fixed potential DOMPDF css error
- Removed different PDF template used on pages.
- Updated export view files to have the intended format passed.
- Shared the export CSS amoung the export templates.

Should hopefully address #1886
2020-02-15 15:34:06 +00:00
JHenneberg 0df0227ad4 Added support for Fortran language
sorted import alphabetically
2020-02-07 13:45:19 +01:00
Dan Brown dea8343bc8
Made docs sidebar sticky, changed theme to default
- MDN theme appeared fairly bad for markdown use, and the geometric
background was a bit much. Swapped out to default theme.
- Rough-added stickiness to docs sidebar, will need more work once it
starts to expand possible screen height.
2020-02-02 21:59:51 +00:00
Dan Brown 5ce3b861a9
Improved styling of the 500 error page 2020-02-02 21:04:43 +00:00
Dan Brown b4f2b73590
Updated settings-save action to return to the same section 2020-02-02 17:35:16 +00:00
Dan Brown 3991fbe726
Checked over and aligned registration option behavior across all auth options
- Added tests to cover
2020-02-02 17:31:00 +00:00
Dan Brown 5d08ec3cef
Fixed failing tests caused by auth changes 2020-02-02 12:00:41 +00:00
Dan Brown e743cd3f60
Added files missed in previous commit 2020-02-02 10:59:03 +00:00
Dan Brown 3470a6a140
Aligned SAML2 system with LDAP implementation in terms of guards and UI 2020-02-01 16:11:56 +00:00
Dan Brown 82a8db3739
Merge pull request #1845 from SoarinFerret/add-close-icon-to-notifications
Add close icon to notifications
2020-01-19 16:07:08 +00:00
D4rt b059744fb5 Add Perl syntax higlighting to code editor 2020-01-19 07:41:18 +02:00
Dan Brown b9fb655b60
Added "Getting Started" API docs 2020-01-18 14:03:11 +00:00
Dan Brown 8016f1121e
Refined docs view, Added example requests 2020-01-18 09:48:30 +00:00
Dan Brown 45b5e631e2
Added a view for the API docs 2020-01-15 20:18:02 +00:00
SoarinFerret 4297d64e29 Add close icon to notifications 2020-01-14 13:50:29 -06:00
Dan Brown 692fc46c7d
Removed token 'client' text, avoid confusion w/ oAuth
- Instead have a token_id and a secret.
   - Displayed a 'Token ID' and 'Token Secret'.
2019-12-29 20:07:28 +00:00
Dan Brown 832fbd65af
Added testing coverage to user API token interfaces 2019-12-29 19:46:46 +00:00
Dan Brown dccb279c84
Built out interfaces & endpoints for API token managment 2019-12-29 17:03:52 +00:00
Dan Brown d336ba6874
Started work on API token controls
- Added access-api permission.
- Started user profile UI work.
- Created database table and model for tokens.
- Fixed incorrect templates down migration :(
2019-12-29 13:02:26 +00:00
Dan Brown cf743370a8
Updated code block lang order and added extra pascal option
- Fixed modal window sizing/positioning to be properly center and
responsive.

Related to #1730
2019-12-27 17:14:34 +00:00
Dan Brown 891dbfe085
Merge branch 'master' of git://github.com/albergoniSivaf/BookStack into albergoniSivaf-master 2019-12-27 17:03:10 +00:00
ezzra a82d9fdba5
fix translate for "actions" 2019-12-27 15:47:03 +00:00
Dan Brown 865e8d4ec5
Improved markdown mobile editor experience
- Updated styles of codemirror area to be a bit more forefull in taking
up space.
- Added a fullscreen toggle as a backup option.

For #1675
2019-12-22 14:22:38 +00:00
Dan Brown e06f9f7fe3
Removed setting override system due to confusing behaviour
- Was only used to disable registration when LDAP was enabled.
- Caused saved option not to show on settings page causing confusion.
- Extended setting logic where used to take ldap into account instead of
global override.
- Added warning on setting page to show registration enable setting is
not used while ldap is active.

For #1541
2019-12-22 13:19:17 +00:00
Daniel Seiler afa501e75b Recall previous route when manually clicking login 2019-12-14 08:41:22 +01:00
Dan Brown cee4dccc55
Compacted entity color options in settings view
- Also extracted the view code into it's own blade template
- Made smaller color input styles
2019-12-07 21:23:15 +00:00
Dan Brown 615a050856
Merge branch 'settings-color-selector' of git://github.com/james-geiger/BookStack into james-geiger-settings-color-selector 2019-12-07 20:36:39 +00:00
Dan Brown 6d899f3b17
Added icon for saml, added saml to register page, updated complete env 2019-11-17 16:07:06 +00:00
Dan Brown 3a17ba2cb9
Started using OneLogin SAML lib directly
- Aligned and formatted config options.
- Provided way to override onelogin lib options if required.
- Added endpoints in core bookstack routes.
- Provided way to debug details provided by idp and formatted by
bookstack.
- Started on test work
- Handled case of email address already in use.
2019-11-17 13:26:43 +00:00
Dan Brown bb1f43cbd8
Merge branch 'feature/saml' of git://github.com/Xiphoseer/BookStack into Xiphoseer-feature/saml 2019-11-16 12:42:45 +00:00
jakob 6acd958927 Add the "Create Shelf" resp. "Create Book" to the home view 2019-10-30 11:42:37 +01:00
jakob 6cd26e23a8 Allow toggling between grid and list view in shelf view (shelves.show) 2019-10-30 11:23:42 +01:00
Dan Brown 4b9618cd21
Update book form so cancel URL is explicitly passed in
- Added to prevent future possibility of 'shelf' var being introduced in
scope and therefore causing a side-effect of redirect logic.
2019-10-27 16:55:05 +00:00
Dan Brown 28184c6bfc
Merge branch 'fix/#1662' of git://github.com/cw1998/BookStack into cw1998-fix/#1662 2019-10-27 16:44:41 +00:00
Dan Brown a2370f7c9d
Merge branch 'feature-send-test-email' of git://github.com/timoschwarzer/BookStack into timoschwarzer-feature-send-test-email 2019-10-23 19:53:51 +01:00
Albergoni Andrea 48c44958f5 Added support for Pascal language 2019-10-18 16:34:38 +02:00
Dan Brown b09ea76b8d
Renamed properties input option as INI
- Also made INI be recognised as the codemirror "Properties" format.
2019-10-17 21:16:55 +01:00
Dan Brown 8b4bfa4d78
Merge branch 'master' of git://github.com/c0shea/BookStack into c0shea-master 2019-10-17 21:09:05 +01:00
James Geiger e6fe299c4f added additional color settings into UI
Adds new options in the customization section of the settings to change the shelf, book, chapter, page, and draft colors.
2019-10-17 13:46:18 -05:00
Dan Brown d7557befe2
Copied release page link to normal settings page
- Also updated link to not leak referrer info
2019-10-17 15:06:55 +01:00
Dan Brown 5c7262673a
Merge branch 'patch-1' of git://github.com/DeftNerd/BookStack into DeftNerd-patch-1 2019-10-17 14:58:20 +01:00
Dan Brown 3959841dbc
Added back in some tabindex that shouldn't have been removed 2019-10-17 14:21:13 +01:00
Dan Brown e48d7d59cc
Removed tabindexes where found to be not required 2019-10-17 14:19:35 +01:00
Dan Brown 5a887e31da
Merge branch 'master' of git://github.com/almandin/BookStack into almandin-master 2019-10-17 14:09:07 +01:00
Dan Brown b24279cc12
Merge branch 'patching-v0.27' 2019-10-16 16:37:29 +01:00
Timo Schwarzer 61a9139bf0
Add feature to send test e-mails 2019-10-16 08:24:33 +02:00
Dan Brown b6c0baf44d
Updated comment delete action to be a button
Fixes issue that causes code error when an anchor tag.

Closes #1650
2019-10-07 20:21:04 +01:00
Dan Brown 31f5786e01
Entity Repo & Controller Refactor (#1690)
* Started mass-refactoring of the current entity repos

* Rewrote book tree logic

- Now does two simple queries instead of one really complex one.
- Extracted logic into its own class.
- Remove model-level akward union field listing.
- Logic now more readable than being large separate query and
compilation functions.

* Extracted and split book sort logic

* Finished up Book controller/repo organisation

* Refactored bookshelves controllers and repo parts

* Fixed issues found via phpunit

* Refactored Chapter controller

* Updated Chapter export controller

* Started Page controller/repo refactor

* Refactored another chunk of PageController

* Completed initial pagecontroller refactor pass

* Fixed tests and continued reduction of old repos

* Removed old page remove and further reduced entity repo

* Removed old entity repo, split out page controller

* Ran phpcbf and split out some page content methods

* Tidied up some EntityProvider elements

* Fixed issued caused by viewservice change
2019-10-05 12:55:01 +01:00
Christopher Wilkinson 4ad4dfa55a
Show bookshelves that a book belongs to on a book view
Closes #1598
2019-09-27 00:45:22 +01:00
Christopher Wilkinson 2f94f078e3
Fix Book form (create) returning to the full books list on cancel
Fixes #1662
Added a small block of logic to determine the correct URL to attribute to the cancel button on a given page create form.
If adding a book from a bookshelf, return to the bookshelf. If editing a book, return to the book. In all other cases, return to the full books list.
2019-09-26 22:51:24 +01:00
Dan Brown 615b2de433
Simplified activity facade interface
Also cleaned up any other bits along the way.
2019-09-19 18:03:17 +01:00
Connor O'Shea 4ad43b1a1f
Add support for properties 2019-09-15 20:22:26 -04:00
Dan Brown cbf9d701af
Updated to laravel 6 2019-09-14 14:12:39 +01:00
Dan Brown 213e9d2941
Upgraded to Laravel 5.6 2019-09-06 22:14:39 +01:00
Dan Brown f421a2e1d6
Updated pointer button styles so icon not hidden
Related to #1616
2019-09-01 11:06:19 +01:00
Dan Brown e9d42a2e8c
Fixed no md editor preview in FireFox 2019-09-01 10:51:52 +01:00
Dan Brown 5979f6667b
Tweaked entity color palette for accessibility
Also converted entity colors to CSS variables for easier
instance customization.

Related to #1320
2019-08-26 14:38:50 +01:00
Dan Brown 64abe10dc4
Improved accessibility for many editor page components
Related to #1320
2019-08-26 12:47:04 +01:00
Dan Brown 7cc17934a8
Made MD editor display a sandboxed iframe
- Also added escaping of srcdoc elements in escape logic.

Related to #1531
2019-08-26 12:16:50 +01:00
Dan Brown 2dfe6c2d56
Fixed failing test and added more accessibility improvements
- Updated linked images to have obvious focus styles
- Added proper role to notifications
- Made dropdown list focus styles a bit nicer.
- Updated book list chapter child slide down to be keyboard activatable.

Related to #1320
2019-08-25 17:21:25 +01:00
Dan Brown 9fbef8cd1b
Re-orged readme and added a11y info
- Also tweaked default theme color a tad to better fit in Level A
standard.
2019-08-25 16:19:56 +01:00
Dan Brown cf5d51e7b8
Made another mass of accessibility improvements
- Set proper semantic tags for main parts of content.
- Removed focus-trap from tag manager/autosuggest.
- Set better accessibility labelling on tag manager.
- Updated collapsible sections to be keyboard navigatable.
- Improved input focus styling to better fit theme.
- Updated custom styled file picker to be accessible via keyboard.

Related to #1320
2019-08-25 15:44:51 +01:00
Dan Brown ae93a6ed07
Converted primary color use to css variable
- Removed all existing SCSS usage of primary color.
- Cut down custom styles injection to just be css vars.
- Reduced button styles so default button is primary.
- Updated button styles to lighten/brighten on hover & active states even
when a custom color is set.
- Removed unused scss color vars.
- Updated default BookStack blue to achieve better accessibility.
2019-08-25 12:40:04 +01:00
Dan Brown b792108bc1
Updated print css for recent redesign
Fixes #1472
2019-08-25 11:30:26 +01:00
Dan Brown 4bf77f67dd
Set comment add box to show with correct permissions
- Also fixed const assignment issue in translations.js
2019-08-25 11:02:58 +01:00
Dan Brown b27a5c7fb8
Made a mass of accessibility improvements
- Changed default focus styles
- Updated dropdowns with keyboard navigation
- Updated modals with esc exiting
- Added accessibility attirbutes where needed
- Made many more elements focusable
- Updated hover effects of many items to also apply when focused within

Related to #1320 and #1198
2019-08-24 18:29:02 +01:00
Dan Brown 1b33a0c5b9
Added labels and tweaked muted colors for accessibility
Home now passing automated checks in accessibility insights for web.
2019-08-18 19:17:43 +01:00
Dan Brown 666213a4d4
Removed html dir tag for now, Updated lang format 2019-08-18 18:57:35 +01:00
Dan Brown 3acea12f1c
Merge branch 'unicode' of git://github.com/kostasdizas/BookStack into kostasdizas-unicode 2019-08-18 18:51:20 +01:00
Dan Brown 42d8548960
Finished new user invite flow 2019-08-18 13:11:30 +01:00
Virgile 3bcfe2a460 Adds autofocus on the email field of the standard login page. 2019-08-13 17:30:29 +02:00
Dan Brown 20c36d58a6
Merge pull request #1527 from BookStackApp/129-page-templates
Page Templates Implementation
2019-08-11 20:21:17 +01:00