Commit Graph

3391 Commits

Author SHA1 Message Date
Dan Brown 6578ac0b4a
Fixed visible revision delete menu 2020-09-13 19:12:15 +01:00
Dan Brown 09c6d6c722
Added button for inserting attachment link to a page
For #1460
2020-09-13 18:58:05 +01:00
Dan Brown ad48cd3e48
Continued implementation of attachment drag+drop
Cannot get working in chrome reliably due to conflicting handling of
events and drag+drop API. Getting attachment drop working breaks other
parts of TinyMCE.
Implementing current work as should still work for MD editor and within
FireFox.

Related to #1460
2020-09-13 18:31:14 +01:00
Dan Brown e305ba14d9
Merge branch 'master' into attachment_drag_drop 2020-09-13 16:33:31 +01:00
Vinnie Okada 2c3f453c1f Implement the renderPages parameter
Render page content when getTree() is called with a true $renderPages
argument.
2020-09-07 09:05:51 -06:00
Dan Brown b87e97f99e
Added punnycode since its reuquired by markdownit
Is a native, although depricated, nodejs module. Have installed manually
since esbuild could not resolve the nodejs module
2020-09-05 20:37:23 +01:00
Dan Brown e5377d5f46
Updated saml2 slo config so url is used if no repsonse url
Updated config to change empty string to null since the empty string was
hitting an isset check which caused an empty string to be used instead
of the slo url as a backup option.

Closes #2002
2020-09-05 19:26:47 +01:00
Dan Brown ff1ee2d71f
Updated flow to ensure /register/confirm route is used where needed
Was accidentally skipped during previous updates. Will now be used on
saml, ldap & standard registration where required.
Uses session to know if the email was just sent and, if so, show the
confirmation route.
2020-09-05 17:26:48 +01:00
Dan Brown c029741a17
Updated npm deps 2020-09-05 16:54:25 +01:00
Dan Brown ac83c349da
Migrated from webpack to esbuild 2020-09-05 16:50:20 +01:00
Jakub Bouček fefcaa21e7
Fix English translations
- Fix obvious bug
- Reunite capitalisation
2020-08-31 20:45:09 +02:00
Jakub Bouček 6a36db3cde
Czech translations: Fix broken labels 2020-08-31 20:45:09 +02:00
Jakub Bouček c9352bfd42
Czech translations: Add new translations to cs, improve existing 2020-08-31 20:45:09 +02:00
Jakub Bouček 9c457d9ffe
Fix Czech translations (email -> e-mail)
In Czech language "email" does not means "email" but "enamel paint", correct is "e-mail".
See in Wikipedia:
- https://cs.wikipedia.org/wiki/E-mail
- https://cs.wikipedia.org/wiki/Email_(barva)
2020-08-31 17:34:46 +02:00
alexmannuk 7837b8c4ee
Updated callout link formatting
Updated callout links to use font colouring based on type, with bold text to denote link, instead of using the theme link colour per issue #303.
2020-08-24 20:03:08 +01:00
Jasper Weyne 69a47319d5 Default OpenID display name set to standard value 2020-08-05 13:14:46 +02:00
Jasper Weyne 35c48b9416 Method descriptions 2020-08-05 00:18:43 +02:00
Jasper Weyne f2d320825a Simplify refresh method 2020-08-04 22:09:53 +02:00
Jasper Weyne 23402ae812 Initial unit tests for OpenID 2020-08-04 21:30:17 +02:00
Jasper Weyne 6feaf25c90 Increase robustness of the refresh method 2020-08-04 21:29:11 +02:00
Dan Brown 87a5340a05
Prevented email confirmation exception throw on registration
Was preventing any other registration actions from taking place such as
LDAP/SAML group sync. Email confirmation should be actioned by
middleware on post-registration redirect.

Added testing to cover.
Tested for LDAP, SAML and normal registration with email confirmation
required to ensure flows work as expected.

Fixes #2082
2020-08-04 17:54:50 +01:00
Dan Brown c076ca408c
Fixed non-visible horizontal rules in dark mode
Fixes #2209
2020-08-04 15:39:07 +01:00
Dan Brown 1ac11c1852
Added warning to role screen for important permissions
Warning related to permissions that could allow a person to promote
their own permissions to gain more privileges than expected.

For #2105.
2020-08-04 15:26:13 +01:00
Dan Brown 5f1ee5fb0e
Removed role 'name' field from database
The 'name' field was really redundant and caused confusion in the
codebase, since the 'Display' name is often used and we have a
'system_name' for the admin and public role.

This fixes #2032, Where external auth group matching has confusing
behaviour as matching was done against the display_name, if no
external_auth field is set, but only roles with a match 'name' field
would be considered.

This also fixes and error where the role users migration, on role
delete, would not actually fire due to mis-matching http body keys.
Looks like this has been an issue from the start. Added some testing to
cover. Fixes #2211.

Also converted phpdoc to typehints in many areas of the reviewed code
during the above.
2020-08-04 14:55:01 +01:00
Dan Brown a9f02550f0
Removed joint_permissions auto_increment id
Removed auto_incrementing id and set a primary key of the [role_id,
entity_type, entity_id, action] instead since this table could recieve a
lot of activity, especially when permission regeneration was automated,
leading to very high auto_increment counts which could max out the
integer limit.

Also updated some RolesTest comment endpoints to align with
recent route changes.

Should fix #2091
2020-08-04 13:02:31 +01:00
Dan Brown 7590ecd37c
Updated some comment elements and standardised more JS
- Updated comment routes to be simpler.
- Updated comments JS to align better with updated component system.
- Documented available global JS functions/services.
- Removed redundant controller method.
- Added window.$events helpers for validation messages and
success/error.
- Updated JS events system to not be class based for simplicity.
- Added window.trans_plural method to handle pluralisation/replacements
where you already have the translation string itself.

Fixes #1836
2020-07-28 18:19:18 +01:00
Dan Brown 2c0fdf83c1
Updated public-login redirect to check url
Direct links to the login pages for public instances could lead to a
redirect back to an external page upon login.
This adds a check to ensure the URL is a URL expected from the current
bookstack instance, or at least under the same domain.

Fixes #2073
2020-07-28 16:29:06 +01:00
Dan Brown 2ed0317129
Updated functionality for logging failed access
- Added testing to cover.
- Linked logging into Laravel's monolog logging system and made log
channel configurable.
- Updated env var names to be specific to login access.
- Added extra locations as to where failed logins would be captured.

Related to #1881 and #728
2020-07-28 12:59:43 +01:00
Dan Brown 2f6ff07347
Merge branch 'auth' of git://github.com/benrubson/BookStack into benrubson-auth 2020-07-28 10:46:40 +01:00
Dan Brown 18f406d97b
Started attachment drag/drop
Currently fighting between sortable and tinymce mechanisms which prevent
this working due to the different events stopping the drop event while
needing the dragover for cursor placement.
2020-07-28 10:45:28 +01:00
Dan Brown 76fcbd3752
Removed default anchor CSS filtering in dark mode
Due to causing content images to be rendered in unexpected ways.

- Also removed CSS filters from other image usage.
- Tweaked header CSS filtering to not be so aggressive.
- Forced WYSIWYG editor to be on its own layer since that would allow
massive larger performance increases in Safari, especially when using
dark mode.

Closes #2045.
Closes #2154.
2020-07-26 16:36:15 +01:00
Dan Brown 6e4132121c
Updated pagination colors for visibility
Fixes #1839
2020-07-26 15:07:47 +01:00
Dan Brown f5fefbdb06
Removed a few remaining vue references 2020-07-26 14:49:05 +01:00
Dan Brown a46b248cf4
Fixed some image manager behaviour
fixed:
- Double click not working after tab usage.
- Synced edit form with select button.
2020-07-25 11:47:12 +01:00
Dan Brown 8213ea9a71
Fixed issue where URL params in image names would cause loading failure
Updated file name handling to route through str:slug to be cleaned up
a little.
Added testing to cover.

Fixes #2161
2020-07-25 11:18:40 +01:00
Dan Brown 03211ebea6
Removed unused tinymce imagetools plugin 2020-07-25 01:09:35 +01:00
Dan Brown 2bacc3c967
Removed vuejs from the project 2020-07-25 00:25:30 +01:00
Dan Brown 02dc3154e3
Converted image-manager to be component/HTML based
Instead of vue based.
2020-07-25 00:20:58 +01:00
Dan Brown b6aa232205
Fixed issue where more images than expected could be deleted
When deleting images, images within the same directory, that have
a suffix of the delete image name, would also be deleted.

Added test to cover.
2020-07-24 23:41:59 +01:00
Jasper Weyne 46388a591b AccessToken empty array parameter on null 2020-07-09 18:29:44 +02:00
Jasper Weyne 75b4a05200 Add OpenIdService to OpenIdSessionGuard constructor call 2020-07-09 18:00:16 +02:00
Jasper Weyne 13d0260cc9 Configurable OpenID Connect services 2020-07-09 16:27:45 +02:00
Jasper Weyne 97cde9c56a Generalize refresh failure handling 2020-07-08 17:02:52 +02:00
Jasper Weyne 5df7db5105 Ignore ID token expiry if unavailable 2020-07-07 02:51:33 +02:00
Jasper Weyne 10c890947f Token expiration and refreshing using the refresh_token flow 2020-07-07 02:26:00 +02:00
Jasper Weyne 25144a13c7 Deduplicated getOrRegisterUser method 2020-07-06 18:14:43 +02:00
Dan Brown b383f5776d
Tweaked dropdown shadows a tad 2020-07-05 21:23:57 +01:00
Dan Brown 3bfd26bf86
Converted the page editor from vue to component 2020-07-05 21:18:17 +01:00
Dan Brown 9d6f574494
Updated attachment tests to align with front-end changes 2020-07-04 17:04:26 +01:00
Dan Brown d41452f39c
Finished breakdown of attachment vue into components 2020-07-04 16:53:02 +01:00