c4ec50d437
ZIP Exports: Got zip format validation functionally complete
2024-10-30 15:26:23 +00:00
b50b7b667d
ZIP Exports: Started import validation
2024-10-30 13:13:41 +00:00
a56a28fbb7
ZIP Exports: Built out initial import view
...
Added syles for non-custom, non-image file inputs.
Started planning out back-end handling.
2024-10-29 14:21:32 +00:00
4051d5b803
ZIP Exports: Added new import permission
...
Also updated new route/view to new non-book-specific flow.
Also fixed down migration of old export permissions migration.
2024-10-29 12:11:51 +00:00
72d9ffd8b4
Added support for concatenating multiple LDAP attributes in displayName
2024-10-28 22:14:30 +01:00
f606711463
respective book and chapter structure added.
2024-10-27 22:50:20 +05:30
d1f69feb4a
ZIP Exports: Tested each type and model of export
2024-10-27 14:33:43 +00:00
484342f26a
ZIP Exports: Added entity cross refs, Started export tests
2024-10-23 15:59:58 +01:00
42ada66fdd
ZIP Exports: Added core logic for books/chapters
2024-10-23 11:30:32 +01:00
f732ef05d5
ZIP Exports: Reorganised files, added page md parsing
2024-10-23 10:48:26 +01:00
4fb4fe0931
ZIP Exports: Added working image handling/inclusion
2024-10-21 13:59:15 +01:00
06ffd8ee72
Zip Exports: Added attachment/image link resolving & JSON null handling
2024-10-21 12:13:41 +01:00
90a8070518
Eager loading for titles
2024-10-21 03:01:33 +05:30
3e656efb00
Added include func for search api
2024-10-21 02:42:49 +05:30
7c39dd5cba
ZIP Export: Started building link/ref handling
2024-10-20 19:56:56 +01:00
21ccfa97dd
ZIP Export: Expanded page & added base attachment handling
2024-10-19 15:41:07 +01:00
42b9700673
ZIP Exports: Finished up format doc, move files, started builder
...
Moved all existing export related app files into their new own dir.
2024-10-15 16:14:11 +01:00
6f1c54d018
Users: Changed name validation to min:1 instead of 2
...
Would cause scenarios where users could be created with 1 char, but then
fail to update due to validation differences.
Added test to cover.
For #5263
2024-10-15 11:07:41 +01:00
4dc75bad05
Settings: Added test to cover setting category by view
2024-10-11 13:33:07 +01:00
a3d0f7478f
Move settings category layouts into their own view folder
2024-10-11 10:42:48 +11:00
b9b5003239
Refactor SettingController to validate categies by existing view files
2024-10-11 10:40:38 +11:00
8b9bcc1768
Search: Fixed last commented filter when using table prefixes
2024-10-05 15:20:04 +01:00
51287d545b
Searching: Fixed some form search issues
...
- Form was not retaining certain filters
- Form request handling of entity type set wrong filter name
Added test to cover.
2024-10-05 14:49:30 +01:00
966ff91386
Search: Prevented negated terms filling in UI inputs
...
Added test to cover.
2024-10-03 19:40:11 +01:00
cd84d08157
Search: Added exact/filter/tag term negation support
2024-10-03 19:27:03 +01:00
93c677a6a9
Searching: Added negation support to UI and term handling
...
Updated/added tests to cover.
Support for actual search queries still remains.
2024-10-03 15:59:50 +01:00
177cfd72bf
Search: Added structure for search term inputs
...
Sets things up to allow more complex terms ready to handle negation.
2024-10-02 17:31:45 +01:00
e65655594f
Merge branch 'feature/opensearch' into development
2024-09-30 17:21:51 +01:00
f583354748
Maintenance: Removed stray dd from last commit
2024-09-29 16:50:48 +01:00
d12e8ec923
Users: Improved user response for failed invite sending
...
Added specific handling to show relevant error message when user
creation fails due to invite sending errors, while also returning user
to the form with previous input.
Includes test to cover.
For #5195
2024-09-29 16:41:18 +01:00
89f84c9a95
Pages: Updated editor field to always be set
...
- Migration for setting on existing pages
- Added test to cover simple new page scenario
For #5117
2024-09-29 14:36:41 +01:00
6103a22feb
Exports: Made pdf command timeout configurable
...
Added test to cover.
For #5119
2024-09-27 16:33:58 +01:00
b35b62d59f
Merge branch 'lexical' into development
2024-09-27 12:04:01 +01:00
8b32e6c15a
Page Editors: Added switching/options for new lexical editor
2024-09-22 20:06:55 +01:00
476c2be5a6
Add XML for OpenSearch
2024-09-09 22:54:33 +02:00
9aa3442a17
API: Fixed lacking permission enforcement on book contents
2024-08-29 14:43:21 +01:00
c68d154f0f
LDAP: Updated tests for recursive group changes
2024-08-28 21:16:18 +01:00
1b4ed69f41
LDAP: Updated recursive group search to query by DN
...
Added test to cover, added pre-change.
Need to test post-changes and fix tests.
2024-08-28 15:39:05 +01:00
1f2506221a
API: Updated docs with consistent types, fixed users response example
...
For #5178 and #5183
2024-08-27 12:23:36 +01:00
897bb338f9
CSP: Updated handling of drawio URL to consider port
...
Previously if a custom port was used in the DRAWIO option it would not
be considered in the CSP handling, which would block loading.
Added test to cover.
For #5107
2024-07-14 16:06:18 +01:00
767699a066
OIDC: Fixed incorrect detection of group detail population
...
An empty (but valid formed) groups list provided via the OIDC ID token
would be considered as a lacking detail, and therefore trigger a lookup
to the userinfo endpoint in an attempt to get that information.
This fixes this to properly distinguish between not-provided and empty
state, to avoid userinfo where provided as valid but empty.
Includes test to cover.
For #5101
2024-07-14 14:21:16 +01:00
9b0ef85f77
Wraps file extension comparison components in strtolower()
...
This avoids the issue where replacing file.PNG with newfile.png fails due to "PNG" not being equal to "png"
2024-07-03 15:50:25 -04:00
11a7ccc37e
SAML: Set static type to pass static checks
...
Not totally clear if underlying code can actually return null, but
playing it safe to remain as-is for now for patch release.
2024-06-10 10:31:35 +01:00
a8ce199e0d
Pages: Fixed unused changelog on first page publish
...
Included test to cover.
For #5056
2024-06-09 17:18:23 +01:00
3406846c82
Images: Updated GIF handling to use native methods
...
Changes GIF image thumbnail handling to direcly load via gd instead of
going through interventions own handling (which supports frames) since
we don't need animation for our thumbnails, and since performance issues
could arise with GIFs that have large frame counts.
For #5029
2024-06-09 17:00:58 +01:00
bddc6ae66b
Roles: Added max validation for role external auth id field
...
For #5037
2024-06-08 20:33:34 +01:00
d133f904d3
Auth: Changed email confirmations to use login attempt user
...
Negates the need for a public confirmation resend form
since we can instead just send direct to the last session login attempter.
2024-05-20 17:23:15 +01:00
69af9e0dbd
Routes: Added throttling to a range of auth-related endpoints
...
Some already throttled in some means, but this adds a simple ip-based
non-request-specific layer to many endpoints.
Related to #4993
2024-05-20 14:00:58 +01:00
5651d2c43d
Config: Reverted change to cache directory
...
Change made during Laravel 10 updates to align (Laravel made this change
much earlier in 5.x series) but it caused issues due to folder not
pre-existing and due to potentiall permission issues.
(CLI could create this during update, with non-compatible permissions
for webserver).
For #4999
2024-05-18 20:40:26 +01:00
79f5be4170
Fixed notification preferences URL in email
2024-05-14 17:04:23 +08:00
67df127c26
API: Added to, and updated, testing to cover audit log additions
2024-05-05 15:44:58 +01:00
3946158e88
API: Added audit log list endpoint
...
Not yested covered with testing.
Changes database columns for more presentable names and for future use
to connect additional model types.
For #4316
2024-05-04 16:28:18 +01:00
dd251d9e62
Merge branch 'nesges/development' into development
2024-05-04 14:00:40 +01:00
5c28bcf865
Registration: Reviewed added simple honeypot, added testing
...
Also cleaned up old RegistrationController syntax.
Review of #4970
2024-05-04 13:59:41 +01:00
b0720777be
Merge pull request #4985 from BookStackApp/ldap_ca_cert_control
...
LDAP CA TLS Cert Option, PR Review and continuation
2024-05-02 23:16:16 +01:00
8087123f2e
LDAP: Review, testing and update of LDAP TLS CA cert control
...
Review of #4913
Added testing to cover option.
Updated option so it can be used for a CA directory, or a CA file.
Updated option name to be somewhat abstracted from original underling
PHP option.
Tested against Jumpcloud.
Testing took hours due to instability which was due to these settings
sticking and being unstable on change until php process restart.
Also due to little documentation for these options.
X_TLS_CACERTDIR option needs cert files to be named via specific hashes
which can be achieved via c_rehash utility.
This also adds detail on STARTTLS failure, which took a long time to
discover due to little detail out there for deeper PHP LDAP debugging.
2024-05-02 23:11:31 +01:00
6b681961e5
LDAP: Updated default user filter placeholder format
...
To not conflict with env variables, and to align with placeholders used
for PDF gen command.
Added test to cover, including old format supported for
back-compatibility.
For #4967
2024-04-28 12:29:57 +01:00
f0dd33c1b4
PDF: Added tests for pdf command, fixed old tests for changes
2024-04-26 15:39:40 +01:00
1c7128c2cb
PDF: Added implmentation of command PDF option
...
Tested quickly manually but not yet covered by PHPUnit tests.
2024-04-24 16:09:53 +01:00
40200856af
PDF: Removed barryvdh snappy to use snappy direct
...
Also simplifies config format, and updates snappy implmentation to use
the new config file.
Not yet tested.
2024-04-24 15:13:44 +01:00
bb6670d395
PDF: Started new command option, merged options, simplified dompdf
...
- Updated DOMPDF to direcly use library instead of depending on barry
wrapper.
- Merged existing export options file into single exports file.
- Defined option for new command option.
Related to #4732
2024-04-22 16:40:42 +01:00
8b14a701a4
OIDC Userinfo: Fixed issues with validation logic from changes
...
Also updated test to suit validation changes
2024-04-19 16:43:51 +01:00
0958909cd9
OIDC Userinfo: Added additional tests to cover jwks usage
2024-04-19 15:05:00 +01:00
b18cee3dc4
OIDC Userinfo: Added JWT signed response support
...
Not yet tested, nor checked all response validations.
2024-04-19 14:12:27 +01:00
31272e60b6
add ambrosia-container to registration form as honeypot for bots: new form field "username" must not be filled
2024-04-19 09:35:09 +02:00
fa543bbd4d
OIDC Userinfo: Started writing tests to cover userinfo calling
2024-04-17 23:26:56 +01:00
7d7cd32ca7
OIDC Userinfo: Added userinfo data validation, seperated from id token
...
Wrapped userinfo response in its own class for additional handling and
validation.
Updated userdetails to take abstract claim data, to be populated by
either userinfo data or id token data.
2024-04-17 18:23:58 +01:00
a71c8c60b7
OIDC: Extracted user detail handling to own OidcUserDetails class
...
Allows a proper defined object instead of an array an extracts related
logic out of OidcService.
Updated userinfo to only be called if we're missing details.
2024-04-16 18:14:22 +01:00
9183e7f2fe
OIDC Userinfo: Labelled changes to be made during review
2024-04-16 15:52:55 +01:00
d640411adb
OIDC: Cleaned up provider settings, added extra validation
...
- Added endpoint validation to ensure HTTPS as per spec
- Added some missing types
- Removed redirectUri from OidcProviderSettings since it's not a
provider-based setting, but a setting for the oauth client, so
extracted that back to service.
2024-04-16 15:19:51 +01:00
dc6013fd7e
Merge branch 'development' into lukeshu/oidc-development
2024-04-16 14:57:36 +01:00
f05ec4cc26
Tags: Stopped recycle bin tags being counted on index
...
For #4892
Added test to cover.
2024-04-15 18:44:59 +01:00
ee40adf11a
Merge pull request #4921 from BookStackApp/v24-02
...
v23.02.3 changes
2024-04-05 15:21:05 +01:00
19f78dbe6c
WYSIWYG descriptions: Allowed anchor target attrs
...
Allowed since this is a control in the editor UI, but would previously
be stripped by editor config & server-side filtering.
For #4925
2024-04-03 16:46:53 +01:00
a33dbcb04a
References: Fixed references count/list recycle bin interaction
...
Count and reference list would get references then attempt to load
entities, which could fail to load if in the recycle bin.
This updates the queries to effectively ignore references for items we
can't see (in recycle bin).
Added test to cover.
For #4918
2024-04-01 17:08:53 +01:00
06ef95dc5f
Change to allow override of CA CERT for LDAPS
...
Using the env LDAP_TLS_CACERTFILE to set a file to use to override
the CA CERT used to verify LDAPS connections. This is to make this
process easier for docker use.
2024-03-26 16:30:04 +00:00
a2fd80954b
Licensing: Added links and tests for new licenses endpoint
...
For #4907
2024-03-23 22:04:18 +00:00
0c524c7c8f
Licensing: Added licenses app view
...
Extracted many methods to a new "MetaController" in the process.
2024-03-23 16:31:13 +00:00
28d6292278
Framework: Addressed deprecations
2024-03-17 16:52:19 +00:00
2345fd4677
Deps: Updated intervention library from 2 to 3
...
Major version change, required some changes to API
For #4903
2024-03-17 16:03:12 +00:00
d6b7717985
Framework: Fixed issues breaking tests
...
For #4903
2024-03-16 15:26:34 +00:00
794671ef32
Framework: Upgrade from Laravel 9 to 10
...
Following Laravel guidance and GitHub diff.
Not yet in tested state with app-specific changes made.
2024-03-16 15:12:14 +00:00
77f125208e
Page nav: Fixed nbsp being represented as nothing
...
Now represented in page nav using a normal space to avoid complete
removal of space.
Added test to cover.
For #4836
2024-03-09 15:52:09 +00:00
b7d4bd5bce
Breadcrumbs: Set book/shelf lists to use name ordering
...
Previously in database order (id) which is not predictable
nor parsable for users.
For #4876
2024-03-09 15:24:44 +00:00
8e01345f14
Entity popular queriy: Loaded parents for selector breadcrumbs
2024-02-28 13:20:24 +00:00
f5f96f84e7
404: Fixed entity list issue with entity with non-visible parent
...
Adds our mixed entity list loader to popular queries for more efficient
loading.
2024-02-28 13:08:06 +00:00
2009d4d6a8
Translations: Updated translator attribution, added serbian to locales
2024-02-28 12:29:09 +00:00
a75d5b8bc1
Sessions: Prevent image urls being part of session URL history
...
To prevent them being considered for redirects.
Includes test to cover.
For #4863
2024-02-22 11:23:59 +00:00
055bbf17de
Theme System: Added AUTH_PRE_REGISTER logical event
...
Included tests to cover.
Manually tested on standard and social (GitHub) auth.
For #4833
2024-02-21 15:30:29 +00:00
ff8daad22b
Merge pull request #4827 from BookStackApp/query_revamp
...
Update of entity loading to be more efficient and avoid global addSelects
2024-02-11 15:56:32 +00:00
1ea2ac864a
Queries: Update API to align data with previous versions
...
Ensures fields returned match API docs and previous versions of
BookStack where we were accidentally returning more fields than
expected.
Updates tests to cover many of these.
Also updated clockwork to ignore image requests for less noisy
debugging.
Also updated chapter page query to not be loading all page data, via new
query in PageQueries.
2024-02-11 15:42:37 +00:00
ed9c013f6e
Queries: Addressed failing test cases from recent changes
2024-02-08 17:18:03 +00:00
ed21a6d798
Queries: Updated old use-specific entity query classes
...
- Updated name to align, and differentate from new 'XQueries' clases.
- Removed old sketchy base class with app resolving workarounds, to a
proper injection-based approach.
- Also fixed wrong translation text used in PageQueries.
2024-02-08 16:39:59 +00:00
b77ab6f3af
Queries: Moved out or removed some class-level items
...
Also ran auto-removal of unused imports across app folder.
2024-02-07 22:41:45 +00:00
546cfb0dcc
Queries: Extracted static page,chapter,shelf queries to classes
2024-02-07 21:58:27 +00:00
483410749b
Queries: Updated all app book static query uses
2024-02-07 16:37:36 +00:00
c95f4ca40f
Queries: Migrated revision repo queries to new class
2024-02-07 15:09:16 +00:00
222c665018
Queries: Extracted PageRepo queries to own class
...
Started new class for PageRevisions too as part of these changes
2024-02-05 17:35:49 +00:00
8e78b4c43e
Queries: Extracted chapter repo queries to class
...
Updated query classes to align to interface for common aligned
operations.
Extracted repeated string-identifier-based finding from page/chapter
repos to shared higher-level entity queries.
2024-02-05 15:59:20 +00:00
9fa68fd8ab
Update PWA manifest orientation to any
...
Changed the orientation settings in PwaManifestBuilder.php from 'portrait' to 'any'. This allows the PWA to adjust to any screen orientation, enhancing user flexibility.
2024-02-05 04:28:22 +03:00
Dan Brown
Matthieu Leboeuf
Rashad
Lachlan Tripolone
Maximilian Walter
DanielGordonIT
Angelo Geant Gaviola
Dan Brown
nesges
Matt Moore
Mikhail Shashin