Commit Graph

1542 Commits

Author SHA1 Message Date
James Geiger e458411f91 Create Open Graph meta tags for book/page/chapter/shelf 2020-12-21 23:20:13 -06:00
Dan Brown 4e82d93350
Updated wording of image cleanup option
As per #2352
2020-12-18 22:59:47 +00:00
Dan Brown cf04a0d818
Merge branch 'v0.30.x' 2020-12-18 14:16:13 +00:00
Dan Brown 2acef3c2ec
Fixed issue where restricted page content in plaintext export
The content of pages made non-viewable to a user via permissions, within a visible parent, could be seen via the plaintext export option. Before v0.30.6 this would have applied only to scenarios where all pages within the chapter were made non-visible. In v0.30.6 this would make all pages within the chapter visible.

As per #2414
2020-12-18 13:56:00 +00:00
Dan Brown 9884cca00c
Merge branch 'v0.30.x' 2020-12-17 21:47:59 +00:00
Dan Brown 3f3fad7113
Fixed book-tree-gen page visibility issue
When book trees were generated, pages in chapters where ALL pages within
were not supposed to be visibile, would be visible due to the code
falling back on the raw relation which would not account for
permissions.

This has now been changed so that a custom 'visible_pages' attribute is set and used by any book tree structures, to ensure it does not fall back to the raw relation.

Added an extra test to cover.

For #2414
2020-12-17 17:31:18 +00:00
Dan Brown 00308ad4ab
Cleaned up some user/image areas of the app
Further cleanup of docblocks and standardisation of repos.
2020-12-08 23:46:38 +00:00
Dan Brown 6c09334ba0
Fixed issue where page export contain system would miss images 2020-12-06 22:23:21 +00:00
Dan Brown 65b2c90522
Merge branch 'v0.30.x' 2020-12-06 21:32:01 +00:00
Dan Brown 884664bfe9
Ensured base64 images are read from image upload folder
Also removed unused storage systems and updated testing.
2020-12-06 15:34:18 +00:00
Dan Brown 8911e3f441
Removed http fetching from image base64 generation 2020-12-06 14:24:22 +00:00
Dan Brown 7d38c96a23
Removed generic "UploadService" which was doing very little 2020-12-06 12:58:40 +00:00
Dan Brown 0b01a77c16
Swapped out HTML diff implementation for own, removes tidy depdendancy 2020-11-29 19:08:13 +00:00
Dan Brown bf8716bb22
Fixed bad collection/array mixing causing error on seed 2020-11-28 16:42:12 +00:00
Dan Brown 8aedba14a3
Added page export API controller 2020-11-28 15:39:40 +00:00
Dan Brown 53bcfe528d
Added pages API doc examples
Made some tweaks to related content and other examples while there.
2020-11-28 15:21:54 +00:00
Dan Brown 1c8102bb89
Started pages API 2020-11-22 14:56:19 +00:00
Dan Brown ebeca256f0
Updated old exportService name in controllers 2020-11-22 01:26:14 +00:00
Dan Brown a042e22481
Focused base Entity class cleanup
Removed some common functions from other entities.
Aligned implementation of getUrl()
Cleaned phpdocs and added typehinting.
Also extracted sibling search logic out of controller.
2020-11-22 01:20:38 +00:00
Dan Brown ef1b98019a
Fixed some mis-refactoring and split search service
Search service broken into index and runner tools.
2020-11-22 00:17:45 +00:00
Dan Brown c7a2d568bf
Moved models to folder, renamed managers to tools
Tools seems to fit better since the classes were a bit of a mixed bunch
and did not always manage.
Also simplified the structure of the SlugGenerator class.
Also focused EntityContext on shelves and simplified to use session
helper.
2020-11-21 23:20:54 +00:00
Dan Brown 66917520cb
Service provider and other cleanup
- Removed old 'exposeTranslations' system to instead use new component
 option system.
- Extracted validation rules into their own service provider.
- Cleaned up some formatting/comments in the repos.
2020-11-21 17:52:49 +00:00
Dan Brown 5e01c30882
Aligned constructors across controller classes
Since they no longer needed to run the parent contructor
since the parent constructor was no longer needed.
2020-11-21 17:08:37 +00:00
Dan Brown f76a2a69f7
Cleaned up api docs implementation, added missing titles 2020-11-21 17:03:24 +00:00
Dan Brown c0680d5717
Added latest activity into users list view 2020-11-20 20:10:18 +00:00
Dan Brown bd6a1a66d1
Implemented remainder of activity types
Also fixed audit log to work for non-entity items.
2020-11-20 19:33:11 +00:00
Dan Brown da37700ac2
Implemented user, api_tokem & role activity logging
Also refactored some role content, primarily updating the permission
controller to be RoleController since it only dealt with roles.
2020-11-20 18:53:01 +00:00
Dan Brown 3f7180fa99
Started widening of activity logging
In progress, Need to implement much of the logging in controllers.
Also cleaned up base controller along the way.
2020-11-18 23:40:39 +00:00
Boddy4 20f9a50cee LDAP: Added TLS support 2020-11-18 01:05:29 +01:00
Dan Brown 712ccd23c4
Updated activities table format
Renamed some columns to be more generic and applicable.
Removed now redundant book_id column.
Allowed nullable entity morph columns for non-entity activity.

Ran tests and made required changes.
2020-11-08 00:03:19 +00:00
Dan Brown ee7e1122d3
Removed use of book_id in activity 2020-11-07 23:15:13 +00:00
Dan Brown c157dc3490
Organised activity types and moved most to repos
Repos are generally better since otherwise we end up duplicating
things between front-end and API.

Types moved to by CONST values within a class for better visibilty
of usage and listing of types.
2020-11-07 22:37:27 +00:00
Dan Brown 4824ef2760
Merge pull request #2283 from BookStackApp/recycle_bin
Recycle Bin Implementation
2020-11-07 15:10:17 +00:00
Dan Brown b4da081552
Checked over recycle bin parent/child flows 2020-11-07 15:05:13 +00:00
Dan Brown df10b508d8
Enhanced how activities are shown on items in recycle bin 2020-11-07 14:28:50 +00:00
Dan Brown ec3aeb3315
Added recycle bin auto-clear lifetime functionality 2020-11-07 13:58:23 +00:00
Dan Brown 483cb41665
Started testing work for recycle bin implementation 2020-11-06 12:54:39 +00:00
Anthony Ronda 34dc4a1b6d Automatic Restored Revision Changelog Summary Text 2020-11-03 20:46:47 -05:00
Dan Brown 3e70c661a1
Cleaned up duplicate code in recycle-bin restore 2020-11-02 22:54:00 +00:00
Dan Brown 9e033709a7
Added per-item recycle-bin delete and restore 2020-11-02 22:47:48 +00:00
Dan Brown 82e671a06d
Re-aligned init files with Laravel default
Removed the custom init elements that we added in 2017 to
custom load the helpers file and instead load via composer.

Also removed laravel-microscope package due to not running due to
helpers file.
2020-10-31 23:05:48 +00:00
Dan Brown 474770af51
Merge branch 'fixes' of git://github.com/imanghafoori1/BookStack into imanghafoori1-fixes 2020-10-31 22:11:27 +00:00
Dan Brown 6d8b0605a0
Merge branch 'xss_and_redir_patch' of git://github.com/PercussiveElbow/BookStack into xss_and_redirect 2020-10-31 15:19:33 +00:00
Dan Brown 349162ea13
Prevented possible XSS via link attachments
This filters out potentially malicious javascript: or data: uri's coming
through to be attached to attachments.
Added tests to cover.

Thanks to Yassine ABOUKIR (@yassineaboukir on twitter) for reporting this
vulnerability.
2020-10-31 15:01:52 +00:00
PercussiveElbow bbd1384acb XSS and redirect fixes with test cases 2020-10-27 01:34:51 +00:00
Ole Aldric 36daa09441 Update Localization.php in Middleware with "no" tag for estimate. 2020-10-19 12:43:41 +02:00
Ole Aldric 4c5566755f updated config to also include Norwegian 2020-10-19 12:35:05 +02:00
imanghafoori 704b808e9e fixes from laravel-microscope 2020-10-16 18:40:10 +03:30
Jason Houle a192b600fc Missed a variable when updating LdapService. 2020-10-12 12:47:36 -04:00
Jason Houle b714652e10 Import thumbnail photos when LDAP users are created. 2020-10-12 12:33:55 -04:00
Dan Brown ff7cbd14fc
Added recycle bin empty notification response with count 2020-10-03 18:53:09 +01:00
Dan Brown 04197e393a
Started work on the recycle bin interface 2020-10-03 18:44:12 +01:00
Dan Brown 465d405926
Updated page content related links on content id changes
For #2278
2020-09-28 22:26:50 +01:00
Dan Brown 691027a522
Started implementation of recycle bin functionality 2020-09-27 23:24:33 +01:00
Dan Brown 68489e5b44
Updated PR code to use isA and updated that function definition
Related to #2227
2020-09-26 17:00:17 +01:00
Dan Brown fe0e307313
Merge branch 'renderpages' of git://github.com/mr-vinn/BookStack into mr-vinn-renderpages 2020-09-26 16:55:05 +01:00
Dan Brown 53ec794e53
Fixed issue where SAML login not notifiy on existing user
Added testing to cover

Fixes #2263
2020-09-26 16:43:06 +01:00
Dan Brown 1f202f6dbc
Updated locale lists for Bulgarian 2020-09-19 15:36:17 +01:00
Dan Brown 31eec34b5d
Moved decode and updated page plaintext decode test 2020-09-19 15:13:18 +01:00
Dan Brown 44f3508171
Merge branch 'preview-entities' of git://github.com/mr-vinn/BookStack into mr-vinn-preview-entities 2020-09-19 14:58:56 +01:00
Dan Brown 78bf044a7a
Added audit log interface
- Displays the currently tracked activities in the system.

Related to #2173 and #1167
2020-09-19 12:06:45 +01:00
Dan Brown e5f0b4dd85
Split out Maintenance to separate controller 2020-09-19 09:24:58 +01:00
Vinnie Okada 311a12b7ef Decode HTML entities
Decode HTML entities in page text before saving it to the database.
2020-09-18 06:54:30 -06:00
Dan Brown ad48cd3e48
Continued implementation of attachment drag+drop
Cannot get working in chrome reliably due to conflicting handling of
events and drag+drop API. Getting attachment drop working breaks other
parts of TinyMCE.
Implementing current work as should still work for MD editor and within
FireFox.

Related to #1460
2020-09-13 18:31:14 +01:00
Dan Brown e305ba14d9
Merge branch 'master' into attachment_drag_drop 2020-09-13 16:33:31 +01:00
Vinnie Okada 2c3f453c1f Implement the renderPages parameter
Render page content when getTree() is called with a true $renderPages
argument.
2020-09-07 09:05:51 -06:00
Dan Brown e5377d5f46
Updated saml2 slo config so url is used if no repsonse url
Updated config to change empty string to null since the empty string was
hitting an isset check which caused an empty string to be used instead
of the slo url as a backup option.

Closes #2002
2020-09-05 19:26:47 +01:00
Dan Brown ff1ee2d71f
Updated flow to ensure /register/confirm route is used where needed
Was accidentally skipped during previous updates. Will now be used on
saml, ldap & standard registration where required.
Uses session to know if the email was just sent and, if so, show the
confirmation route.
2020-09-05 17:26:48 +01:00
Jasper Weyne 69a47319d5 Default OpenID display name set to standard value 2020-08-05 13:14:46 +02:00
Jasper Weyne 35c48b9416 Method descriptions 2020-08-05 00:18:43 +02:00
Jasper Weyne f2d320825a Simplify refresh method 2020-08-04 22:09:53 +02:00
Jasper Weyne 6feaf25c90 Increase robustness of the refresh method 2020-08-04 21:29:11 +02:00
Dan Brown 87a5340a05
Prevented email confirmation exception throw on registration
Was preventing any other registration actions from taking place such as
LDAP/SAML group sync. Email confirmation should be actioned by
middleware on post-registration redirect.

Added testing to cover.
Tested for LDAP, SAML and normal registration with email confirmation
required to ensure flows work as expected.

Fixes #2082
2020-08-04 17:54:50 +01:00
Dan Brown 5f1ee5fb0e
Removed role 'name' field from database
The 'name' field was really redundant and caused confusion in the
codebase, since the 'Display' name is often used and we have a
'system_name' for the admin and public role.

This fixes #2032, Where external auth group matching has confusing
behaviour as matching was done against the display_name, if no
external_auth field is set, but only roles with a match 'name' field
would be considered.

This also fixes and error where the role users migration, on role
delete, would not actually fire due to mis-matching http body keys.
Looks like this has been an issue from the start. Added some testing to
cover. Fixes #2211.

Also converted phpdoc to typehints in many areas of the reviewed code
during the above.
2020-08-04 14:55:01 +01:00
Dan Brown a9f02550f0
Removed joint_permissions auto_increment id
Removed auto_incrementing id and set a primary key of the [role_id,
entity_type, entity_id, action] instead since this table could recieve a
lot of activity, especially when permission regeneration was automated,
leading to very high auto_increment counts which could max out the
integer limit.

Also updated some RolesTest comment endpoints to align with
recent route changes.

Should fix #2091
2020-08-04 13:02:31 +01:00
Dan Brown 7590ecd37c
Updated some comment elements and standardised more JS
- Updated comment routes to be simpler.
- Updated comments JS to align better with updated component system.
- Documented available global JS functions/services.
- Removed redundant controller method.
- Added window.$events helpers for validation messages and
success/error.
- Updated JS events system to not be class based for simplicity.
- Added window.trans_plural method to handle pluralisation/replacements
where you already have the translation string itself.

Fixes #1836
2020-07-28 18:19:18 +01:00
Dan Brown 2c0fdf83c1
Updated public-login redirect to check url
Direct links to the login pages for public instances could lead to a
redirect back to an external page upon login.
This adds a check to ensure the URL is a URL expected from the current
bookstack instance, or at least under the same domain.

Fixes #2073
2020-07-28 16:29:06 +01:00
Dan Brown 2ed0317129
Updated functionality for logging failed access
- Added testing to cover.
- Linked logging into Laravel's monolog logging system and made log
channel configurable.
- Updated env var names to be specific to login access.
- Added extra locations as to where failed logins would be captured.

Related to #1881 and #728
2020-07-28 12:59:43 +01:00
Dan Brown 2f6ff07347
Merge branch 'auth' of git://github.com/benrubson/BookStack into benrubson-auth 2020-07-28 10:46:40 +01:00
Dan Brown 18f406d97b
Started attachment drag/drop
Currently fighting between sortable and tinymce mechanisms which prevent
this working due to the different events stopping the drop event while
needing the dragover for cursor placement.
2020-07-28 10:45:28 +01:00
Dan Brown 8213ea9a71
Fixed issue where URL params in image names would cause loading failure
Updated file name handling to route through str:slug to be cleaned up
a little.
Added testing to cover.

Fixes #2161
2020-07-25 11:18:40 +01:00
Dan Brown 02dc3154e3
Converted image-manager to be component/HTML based
Instead of vue based.
2020-07-25 00:20:58 +01:00
Dan Brown b6aa232205
Fixed issue where more images than expected could be deleted
When deleting images, images within the same directory, that have
a suffix of the delete image name, would also be deleted.

Added test to cover.
2020-07-24 23:41:59 +01:00
Jasper Weyne 46388a591b AccessToken empty array parameter on null 2020-07-09 18:29:44 +02:00
Jasper Weyne 75b4a05200 Add OpenIdService to OpenIdSessionGuard constructor call 2020-07-09 18:00:16 +02:00
Jasper Weyne 13d0260cc9 Configurable OpenID Connect services 2020-07-09 16:27:45 +02:00
Jasper Weyne 97cde9c56a Generalize refresh failure handling 2020-07-08 17:02:52 +02:00
Jasper Weyne 5df7db5105 Ignore ID token expiry if unavailable 2020-07-07 02:51:33 +02:00
Jasper Weyne 10c890947f Token expiration and refreshing using the refresh_token flow 2020-07-07 02:26:00 +02:00
Jasper Weyne 25144a13c7 Deduplicated getOrRegisterUser method 2020-07-06 18:14:43 +02:00
Dan Brown 3bfd26bf86
Converted the page editor from vue to component 2020-07-05 21:18:17 +01:00
Dan Brown d41452f39c
Finished breakdown of attachment vue into components 2020-07-04 16:53:02 +01:00
Jasper Weyne 07a6d7655f First basic OpenID Connect implementation 2020-07-01 23:27:50 +02:00
Dan Brown 14b6cd1091
Started migration of attachment manager from vue
- Created new dropzone component.
- Added standard component event system using custom DOM events.
- Added tabs component.
- Added ajax-delete-row component.
2020-06-30 22:12:45 +01:00
Dan Brown 573c4e26d5
Finished moving tag-manager from a vue to a component
Now tags load with the page, not via AJAX.
2020-06-29 22:11:03 +01:00
Dan Brown 8bc3e0f31a
Merge branch 'master' of git://github.com/drzippie/BookStack into drzippie-master 2020-06-27 17:11:11 +01:00
Dan Brown 7a2e39212e
Fixed empty search scenario 2020-06-27 13:37:18 +01:00
Dan Brown 715dee2d0e
Converted search filters to not be vue based 2020-06-27 13:29:00 +01:00
Antonio Cortés (DrZippie) ca202c1819 Added Illuminate\Support\Str::slug to generate slug from text to improve the creation of slugs with non-English characters 2020-06-25 18:08:13 +02:00
benrubson 9d7ce59b18 Move logFailedAccess into Activity 2020-05-23 15:37:38 +02:00
Dan Brown 3502abdd49
Fixed revision issues caused by page fillable changes 2020-05-23 12:28:14 +01:00
Dan Brown 19bfc8ad37
Prevented entity "Not Found" events from being logged
- Added testing to cover, which was more hassle than thought
  since Laravel did not have built in log test helpers, so:
- Added Log testing helper.

Related to #2110
2020-05-23 11:28:59 +01:00
benrubson 8f1f73defa Properly use env/config functions 2020-05-23 12:06:37 +02:00
Dan Brown 00c0815808
Fixed issue where updated page content would not be indexed
- Also updated html field of pages to not be fillable.
   (Since HTML should always go through app id parsing)

Related to #2042
2020-05-23 00:46:13 +01:00
Dan Brown 8a6cf0cdec
Added chapters to the API 2020-05-23 00:28:41 +01:00
Dan Brown 24bad5034a
Updated API auth to allow public user if given permission 2020-05-22 22:34:18 +01:00
Nikhil Jha e287d965f5 move zip export into exportservice 2020-05-13 20:07:19 -07:00
Nikhil Jha ea82c2f61b support exporting books as zip files 2020-05-13 19:57:59 -07:00
Nikhil Jha a7d9646b19 support exporting WYSIWYG pages as Markdown 2020-05-13 18:34:22 -07:00
Nikhil Jha a34a07c610 basic markdown export 2020-05-12 21:12:26 -07:00
Dan Brown 9666c8c0f7
Updated shelf-list view to enforce view permissions for child books
- Aligned shelf-homepage behaviour to match
- Updated testing to cover.

For #2111
2020-05-12 22:21:45 +01:00
benrubson 58df3ad956 Log failed accesses option 2020-05-03 16:20:02 +02:00
Dan Brown d3ec38bee3
Removed unused function in registration service 2020-05-02 01:07:30 +01:00
Dan Brown 413cac23ae
Added command to regenerate comment content 2020-05-01 23:41:47 +01:00
Dan Brown 3c26e7b727
Updated comment md rendering to be server-side 2020-05-01 23:24:11 +01:00
Dan Brown 00c77e494b
Updated ci with php7.4, update locale array 2020-04-28 12:28:19 +01:00
Dan Brown 8ce38d2158
Fixed not shown existing-email warning on new ldap user
- Reduced the amount of different exceptions from LDAP attempt so they
can be handled more consistently.
- Added test to cover.
- Also cleaned up LDAP tests to reduce boilterplate mocks.

Fixes #2048
2020-04-26 12:13:00 +01:00
Dan Brown 2ec4ad1181
Tweaked ListingResponseBuilder to help avoid future issues
- Updated so none of the method mutate the query throughout the function
so that the query can be handled in a sane way, Since we were already
encountering issues due to internal method call order.
2020-04-25 22:15:59 +01:00
Dan Brown a17b82bdde
Fixed api query total not taking filters into account 2020-04-25 21:37:52 +01:00
Dan Brown 07831df2d3
Updated user-create endpoint so saml and ldap is consistent. 2020-04-25 18:28:07 +01:00
Dan Brown 519283e643
Authenticated admins on all guards upon login
For #2031
2020-04-25 18:19:22 +01:00
Dan Brown 79a949836b
Fixed incorrect API listing total when offset set
Fixes #2043
2020-04-25 16:38:11 +01:00
Dan Brown 573c848d51
Added dark/light mode toggle to profile dropdown menu
- Also fixed some remaining areas which needed dark mode support.
2020-04-11 20:37:51 +01:00
Dan Brown d4b0e4acad
Removed throttling from web-end requests
Generally seems to cause issues when secure images are in use.
Was added during laravel upgrade but laravel does not use this directly
for its web middleware anyway.
2020-04-11 20:02:07 +01:00
Dan Brown 627720c5af
Fixed incorrect []Activity -> array conversion 2020-04-10 22:49:52 +01:00
Dan Brown d4df18098f
Cleaned up the activity service
- Added test to ensure activity on entity delete works as expected.
2020-04-10 20:55:33 +01:00
Dan Brown 7b8fe5fbc6
Added book-export endpoints to the API 2020-04-10 16:05:17 +01:00
Dan Brown 29705a25ce
Reviewed and added testing for BookShelf API implementation
- Tweaked how books are passed on update to prevent unassignment if
parameter is not provided.
- Added books to validation so they show in docs.
- Added request/response examples.
- Added tests to cover.
- Added child book info to shelf info.

Review of #1908
2020-04-10 15:19:18 +01:00
Dan Brown da1cea06ca
Merge branch 'master' of git://github.com/osmansorkar/BookStack into osmansorkar-master 2020-04-10 13:49:28 +01:00
Dan Brown ba1be9d710
Updated password reset process not to indicate if email exists
- Intended to prevent enumeration to check if a user exists.
- Updated messages on both the reqest-reset and set-password elements.
- Also updated notification auto-hide to be dynamic based upon the
amount of words within the notification.
- Added tests to cover.

For #2016
2020-04-10 13:38:08 +01:00
Dan Brown 053cbbd5b6
Updated view-change endpoints to be clearer, separated books and shelf
- Separated books-list and shelf-show view types to be saved separately.

During review of #1755
2020-04-10 12:49:16 +01:00
Dan Brown b8c16b15a9
Merge branch 'feature_change_view_in_shelves_show' of git://github.com/philjak/BookStack into philjak-feature_change_view_in_shelves_show 2020-04-10 12:21:56 +01:00
Dan Brown 47e645909e
Reviewed #1688, Show parent shelves on books page
- Moved list to the left of the page to align with other navigational
items.
- Hid list of no shelves, to help hide shelf references if not in use.
- Tweaked test to ensure it wasn't finding shelf name in breadcrumb
rather than list being tested.
2020-04-09 17:29:22 +01:00
Dan Brown 898cedf536
Merge branch 'feature/#1598' of git://github.com/cw1998/BookStack into cw1998-feature/#1598 2020-04-09 17:18:37 +01:00
Dan Brown e83d2eedbb
Added "update-url" command to find/replace url in the database
- Also aligned format of command descriptions.

Targeted most common columns.
Have not done revisions for the sake of keeping that
content true to how it was originally stored but could
cause unexpected behaviour.

For #1225
2020-04-09 16:59:26 +01:00
Dan Brown 5f61620cc2
Added support for changing the draw.io instance URL
- Allowed DRAWIO env option to be passed as URL to point to instance.
- Updated tests to check URL gets passed to pages correctly.
- Update default URL to be the default theme.

For #826
2020-04-05 17:27:16 +01:00
Dan Brown ea9e9565ef
Removed bmp and tiff support from uploaded images.
Fixes #1990
2020-04-05 16:15:05 +01:00
Dan Brown 3500182c5f
Updated drawing uploads to use user id in image name
- Instead of user name.
- Due to issues with advanced charts like emoji zero-width-joiners.
- Could also have security concerns on untrusted instances with certain
webserver config due to double extension possibilities.

Closes #1993
2020-04-04 00:48:32 +01:00
Jan Mareš 034478409e Add support Windows Authentication via SAML 2020-04-03 14:05:07 +02:00
Dan Brown 64942268b8
Added Slovenian to available language options
Related to #1946
2020-03-14 22:24:27 +00:00
Dan Brown 7f6cbead33
Performed review of "public intended" functionality provided in #1817
- Updated logic to take url from referrer rather than pass as a query parameter.
- Added tests to cover functionality.
- Updated 404 page with login action button if not signed in.
- Updated 404 page with text to indicate permissions may be affecting visibility.

Related to #1817 and #1706
2020-03-14 18:29:31 +00:00
Dan Brown a95588dc2e
Merge branch 'feature/public-login-redirect' of git://github.com/Xiphoseer/BookStack into Xiphoseer-feature/public-login-redirect 2020-03-14 17:46:30 +00:00
Dan Brown 200772da72
Merge branch 'validation_fixes' of git://github.com/TBK/BookStack into TBK-validation_fixes 2020-03-14 12:42:59 +00:00
Dan Brown 59aefe5371
Updated social auth to take name from email if empty
- Added tests to cover.

Fixes #1853
2020-03-10 19:09:22 +00:00
Dan Brown 30db8af460
Merge branch 'master' of git://github.com/ch0wm3in/BookStack into ch0wm3in-master 2020-03-06 20:10:57 +00:00
Dan Brown b94b945fb0
Merge branch 'master' of git://github.com/Binternet/BookStack into Binternet-master 2020-03-04 22:22:08 +00:00
Dan Brown 34616ac195
Updated lanauge lists to match latest translations 2020-03-04 22:14:25 +00:00
TBK 57f587a78b
Allow book, shelf, settings & profile form input validation to skip image 2020-03-04 00:17:53 +01:00
TBK d3737d5a87
Remove redundant getImageValidationRules method 2020-03-04 00:17:49 +01:00
TBK 5cd56f63ff
Change check to verify that request is present and contains a file 2020-03-04 00:17:45 +01:00
osmansorkar 1859c7917f added api functionality to handle book Shelves 2020-02-23 11:41:49 +06:00
Dan Brown 01b95d91ba
Fixed side-effect in binary LDAP handling
- Was not stripping prefix when sending value to LDAP server in search.
- Updated test to cover.
2020-02-15 22:35:15 +00:00
Dan Brown 29cc35a304
Added dump_user_details option to LDAP and added binary attribute decode option
Related to #1872
2020-02-15 20:31:23 +00:00
Dan Brown 6caedc7a37
Fixed issues preventing breadcrumb navigation menus from opening
- Added tests to cover endpoint

Fixes #1884
2020-02-15 19:09:33 +00:00
Dan Brown 5978d9a0d3
Updated cover image methods so image parameter is not optional but still nullable 2020-02-15 18:38:36 +00:00
Dan Brown 98ab3c1ffb
Merge branch 'new_bookshelf_cover_fix' of git://github.com/TBK/BookStack into TBK-new_bookshelf_cover_fix 2020-02-15 18:34:45 +00:00
Dan Brown ccd50fe918
Aligned export styles a little better and fixed potential DOMPDF css error
- Removed different PDF template used on pages.
- Updated export view files to have the intended format passed.
- Shared the export CSS amoung the export templates.

Should hopefully address #1886
2020-02-15 15:34:06 +00:00
Dan Brown 14363edb73
Fixed LDAP error thrown by not found user details
- Added testing to cover.

Related to #1876
2020-02-15 14:44:36 +00:00
Dan Brown 49386b42da
Updated email test send to show error on failure
- Added test to cover
- Closes #1874
2020-02-15 14:13:15 +00:00
TBK 9533e0646e
Fix for missing cover on create new shelf 2020-02-14 20:33:07 +01:00
ch0wm3in c1fe81466f
Fixed 'interaction_required' response for azure
Azure Conditional Access policy 2FA returns 'interaction_required' 400 response https://github.com/SocialiteProviders/Providers/issues/208
2020-02-12 15:03:55 +01:00
benrubson 12a9a45747 Log failed accesses 2020-02-09 10:01:33 +01:00
Dan Brown 9d77cca734
Cleaned setting section redirect path 2020-02-02 17:57:21 +00:00
Dan Brown b4f2b73590
Updated settings-save action to return to the same section 2020-02-02 17:35:16 +00:00
Dan Brown 3991fbe726
Checked over and aligned registration option behavior across all auth options
- Added tests to cover
2020-02-02 17:31:00 +00:00
Dan Brown e6c6de0848
Simplified guard names and rolled out guard route checks
- Included tests to cover for LDAP and SAML
- Updated wording for external auth id option.
- Updated 'assertPermissionError' test case to be usable in BrowserKitTests
2020-02-02 13:10:21 +00:00
Dan Brown 5d08ec3cef
Fixed failing tests caused by auth changes 2020-02-02 12:00:41 +00:00
Dan Brown e743cd3f60
Added files missed in previous commit 2020-02-02 10:59:03 +00:00
Dan Brown 3470a6a140
Aligned SAML2 system with LDAP implementation in terms of guards and UI 2020-02-01 16:11:56 +00:00
Dan Brown 7728931f15
Set more appropriate login validation and broken up LDAP guide a bit 2020-02-01 14:30:23 +00:00
Dan Brown 575b85021d
Started alignment of auth services
- Removed LDAP specific logic from login controller, placed in Guard.
- Created safer base user provider for ldap login, to be used for SAML
soon.
- Moved LDAP auth work from user provider to guard.
2020-02-01 11:42:22 +00:00
Dan Brown 92690d1ae9
Moved socal auth routes to their own controller
Also cleaned some phpdocs and extracted register actions to their own
service.
2020-01-26 14:42:50 +00:00
Dan Brown 5ff89a1abb
Added danish to language arrays 2020-01-18 16:10:16 +00:00
Dan Brown be554b9c79
Added configurable API throttling, Handled API errors standardly 2020-01-18 15:03:28 +00:00
Dan Brown b9fb655b60
Added "Getting Started" API docs 2020-01-18 14:03:11 +00:00
Dan Brown 8016f1121e
Refined docs view, Added example requests 2020-01-18 09:48:30 +00:00
Dan Brown 45b5e631e2
Added a view for the API docs 2020-01-15 20:18:02 +00:00
Dan Brown bed2498667
Started work on generating API docs 2020-01-12 16:25:14 +00:00
Dan Brown 04a8614136
Filled out base Book API endpoints, added example responses 2020-01-12 14:45:54 +00:00
Dan Brown a8595d8aaf
Fixed test class names + add perm. check to api session auth 2020-01-01 17:01:36 +00:00
Dan Brown a7a97a53f1
Added API listing filtering & cleaned ApiAuthenticate returns
API listing endpoint filter can be found via &filter[name]=my+book query
parameters. There are a range of operators that can be used such as
&filter[id:gte]=4
2020-01-01 16:33:47 +00:00
Dan Brown 3cacda6762
Added expiry checking to API token auth
- Added test to cover to ensure its checked going forward
2019-12-30 19:51:41 +00:00
Dan Brown 3d11cba223
Added testing coverage to API token auth 2019-12-30 19:42:46 +00:00
Dan Brown 6f1b88a6a6
Change email confirmation from own middle to trait
Email confirmation middleware caused more mess than good, As caused
priority issues and it depended on auth actions. Instead its now a trai
used on auth middlewares.

Also used 'EncryptCookies' middleware on API instead of custom
decryption in custom middleware since we'd need to do replicate all the
same actions anyway. Shouldn't have too much effect since it only
actions over cookies that exist, of which none should be there for most
API requests.

Also split out some large guard functions to be a little more readable
and appease codeclimate.
2019-12-30 15:49:20 +00:00
Dan Brown 349b4629be
Extracted API auth into guard
Also implemented more elegant solution to allowing session auth for API
routes; A new 'StartSessionIfCookieExists' middleware, which wraps the
default 'StartSession' middleware will run for API routes which only
sets up the session if a session cookie is found on the request. Also
decrypts only the session cookie.

Also cleaned some TokenController codeclimate warnings.
2019-12-30 14:51:28 +00:00
Dan Brown 3de55ee645
Linked new API token system into middleware
Base logic in place but needs review and refactor to see if can better
fit into Laravel using 'Guard' system. Currently has issues due to
cookies in use from active session on API.
2019-12-30 02:16:07 +00:00
Lior Broshi 80a50f1ecb added rtl support for hebrew + added to localMap 2019-12-29 23:06:54 +02:00
Lior Broshi 23ad8024ec resolved conflict 2019-12-29 23:03:10 +02:00
Lior Broshi da03e34c67 added he locale to configuration 2019-12-29 23:01:45 +02:00
Dan Brown 2cfa37399c
Fixed some empty-expiry conditions of token ui flows 2019-12-29 20:18:37 +00:00
Dan Brown 692fc46c7d
Removed token 'client' text, avoid confusion w/ oAuth
- Instead have a token_id and a secret.
   - Displayed a 'Token ID' and 'Token Secret'.
2019-12-29 20:07:28 +00:00
Dan Brown 832fbd65af
Added testing coverage to user API token interfaces 2019-12-29 19:46:46 +00:00
Dan Brown dccb279c84
Built out interfaces & endpoints for API token managment 2019-12-29 17:03:52 +00:00
Dan Brown d336ba6874
Started work on API token controls
- Added access-api permission.
- Started user profile UI work.
- Created database table and model for tokens.
- Fixed incorrect templates down migration :(
2019-12-29 13:02:26 +00:00
Dan Brown 04137e7c98
Started core API route work 2019-12-28 14:58:07 +00:00
Dan Brown 6f9cad2106
Merge pull request #1793 from abublihi/master
Fix An Exception
2019-12-27 16:52:07 +00:00
Dan Brown e06f9f7fe3
Removed setting override system due to confusing behaviour
- Was only used to disable registration when LDAP was enabled.
- Caused saved option not to show on settings page causing confusion.
- Extended setting logic where used to take ldap into account instead of
global override.
- Added warning on setting page to show registration enable setting is
not used while ldap is active.

For #1541
2019-12-22 13:19:17 +00:00
Dan Brown 32e7f0a2e6
Made display thumbnail generation use original data if smaller
Thumbnail generation would sometimes create a file larger than the
original, if the original was already well optimized, therefore making
the thumbnail counter-productive. This change compares the sizes of the
original and the generated thumbnail, and uses the smaller of the two if
the thumbnail does not change the aspect ratio of the image.

Fixes #1751
2019-12-22 12:44:49 +00:00
Dan Brown f9fa6904b9
Made LDAP auth ID attribute configurable
- Allows the field that gets stored as the "External Authentication ID"
to be configurable. Defined as LDAP_ID_ATTRIBUTE=uid in .env.
- Added test to cover usage.
- Also now auto-lowercases when searching for attributes in LDAP
response since PHP always provides them as lower case.

Closes #592.
2019-12-16 12:40:21 +00:00
Dan Brown 017703ff1a
Updated page delete to return to chapter if within one
- Added test to cover

Closes #1715
2019-12-16 11:54:53 +00:00
Daniel Seiler afa501e75b Recall previous route when manually clicking login 2019-12-14 08:41:22 +01:00
Dan Brown 02af69ddf2
Added command to copy shelf permissions
Has options to run for all or to specify a slug for a specific shelf.

Closes #1091
2019-12-11 21:22:03 +00:00
Dan Brown 615a050856
Merge branch 'settings-color-selector' of git://github.com/james-geiger/BookStack into james-geiger-settings-color-selector 2019-12-07 20:36:39 +00:00
abublihi 23a716a3ac Fix "Declaration of Middleware\TrustProxies::handle should be compatible with Fideloper\Proxy\TrustProxies::handle" 2019-11-20 14:00:20 +03:00
Dan Brown c33ef4b9b2
Added tests to cover saml and added controller middleware 2019-11-17 19:15:37 +00:00
Dan Brown ebb3724892
Added onelogin attribution and tweaks after testing saml with onelogin 2019-11-17 17:00:42 +00:00
Dan Brown 6d899f3b17
Added icon for saml, added saml to register page, updated complete env 2019-11-17 16:07:06 +00:00
Dan Brown aef6eb81e4
Added SAML singleLogoutService capabilities 2019-11-17 15:40:36 +00:00
Dan Brown 488325f459
Added the ability to auto-load config from metadata url 2019-11-17 14:44:26 +00:00
Dan Brown 3a17ba2cb9
Started using OneLogin SAML lib directly
- Aligned and formatted config options.
- Provided way to override onelogin lib options if required.
- Added endpoints in core bookstack routes.
- Provided way to debug details provided by idp and formatted by
bookstack.
- Started on test work
- Handled case of email address already in use.
2019-11-17 13:26:43 +00:00
Dan Brown 9bba84684f
Appeased codeclimate by extracting out external_auth_id group matching 2019-11-16 15:24:09 +00:00
Dan Brown 8169c725d5
Started review of SAML implementation
- Updated PHPdoc of SAML service to use type hinting instead.
- Updated groups to only sync if enabled.
- Updated names of some config props.
- Removed a couple of unused config props.
- Added exception to handle no email on SAML response.
2019-11-16 14:42:51 +00:00
Dan Brown bb1f43cbd8
Merge branch 'feature/saml' of git://github.com/Xiphoseer/BookStack into Xiphoseer-feature/saml 2019-11-16 12:42:45 +00:00
jakob 6cd26e23a8 Allow toggling between grid and list view in shelf view (shelves.show) 2019-10-30 11:23:42 +01:00
Dan Brown 189a598d56
Merge branch 'master' of github.com:BookStackApp/BookStack 2019-10-29 22:34:12 +00:00
Dan Brown d64c358c4f
Updated sort logic to handle chapter to book scenario
- Extended tests out to cover
2019-10-29 22:33:09 +00:00
Dan Brown e108808a32
Merge branch 'feature_move_page_into_chapter' of git://github.com/philjak/BookStack into philjak-feature_move_page_into_chapter 2019-10-29 22:26:11 +00:00
jakob bea983ab85 Download and assign avatar when creating LDAP user in database. Fixes issue #1161 2019-10-29 22:18:02 +00:00
jakob 7368ff3e6a No need to save page 2019-10-28 16:53:48 +01:00
jakob 4daeb9daa6 Check if parent is a chapter. If so, move into Book and assing page to chapter. 2019-10-28 15:33:28 +01:00
Dan Brown e26474f233
Merge branch 'feature_bugfix_save_book_cover' of git://github.com/philjak/BookStack into philjak-feature_bugfix_save_book_cover 2019-10-27 17:03:02 +00:00
Dan Brown 4763b899b6 Made it possible to override translations via theme system 2019-10-26 18:07:14 +01:00
Dan Brown a2370f7c9d
Merge branch 'feature-send-test-email' of git://github.com/timoschwarzer/BookStack into timoschwarzer-feature-send-test-email 2019-10-23 19:53:51 +01:00
jakob bc38fd3ac4 entity needs to be saved after image upload and associate 2019-10-22 11:18:08 +02:00
Dan Brown f37131a5bf
Removed old Translation Service + Provider
Was no longer needed due to only being there to perform
language extension for de_informal but now this is done by crowdin
instead so it's redundant. Same goes for checking and formatting
scripts.

Also removed comment advising deletion form settings.php language list
since this is now auto-copied to languages anyway.

Related to #1261
2019-10-19 00:04:49 +01:00
Dan Brown f1d7699df5
Updated Korean to be correct country code 2019-10-18 14:27:41 +01:00
James Geiger e6fe299c4f added additional color settings into UI
Adds new options in the customization section of the settings to change the shelf, book, chapter, page, and draft colors.
2019-10-17 13:46:18 -05:00
Dan Brown df98deb59d
Added Turkish to locale system 2019-10-17 14:01:19 +01:00
Timo Schwarzer 61a9139bf0
Add feature to send test e-mails 2019-10-16 08:24:33 +02:00
Dan Brown 31f5786e01
Entity Repo & Controller Refactor (#1690)
* Started mass-refactoring of the current entity repos

* Rewrote book tree logic

- Now does two simple queries instead of one really complex one.
- Extracted logic into its own class.
- Remove model-level akward union field listing.
- Logic now more readable than being large separate query and
compilation functions.

* Extracted and split book sort logic

* Finished up Book controller/repo organisation

* Refactored bookshelves controllers and repo parts

* Fixed issues found via phpunit

* Refactored Chapter controller

* Updated Chapter export controller

* Started Page controller/repo refactor

* Refactored another chunk of PageController

* Completed initial pagecontroller refactor pass

* Fixed tests and continued reduction of old repos

* Removed old page remove and further reduced entity repo

* Removed old entity repo, split out page controller

* Ran phpcbf and split out some page content methods

* Tidied up some EntityProvider elements

* Fixed issued caused by viewservice change
2019-10-05 12:55:01 +01:00
Christopher Wilkinson 4ad4dfa55a
Show bookshelves that a book belongs to on a book view
Closes #1598
2019-09-27 00:45:22 +01:00
Dan Brown 7cd956b24b
Removed some unused parameters and fixed env test logic 2019-09-20 01:18:59 +01:00
Dan Brown 8b550991a4
Refactored some core entity actions
- Created BookChild class to share some page/chapter logic.
- Gave entities the power to generate their own permissions and slugs.
- Moved bits out of BaseController constructor since it was overly
sticky.
- Moved slug generation logic into its own class.
- Created a facade for permissions due to high use.
- Fixed failing test issues from last commits
2019-09-20 00:18:28 +01:00
Dan Brown f7a5a0705b
Moved shelf book append logic 2019-09-19 18:20:09 +01:00
Dan Brown 615b2de433
Simplified activity facade interface
Also cleaned up any other bits along the way.
2019-09-19 18:03:17 +01:00
Dan Brown 2a2cc858f0
Refactored notification showing and global view data 2019-09-19 15:12:10 +01:00
Dan Brown 60d0f96cd7
Extracted some methods into a BookRepo 2019-09-15 23:28:23 +01:00
Dan Brown d28abf24d4
Split out export actions into own controllers 2019-09-15 22:33:27 +01:00
Dan Brown 3281925375
Standardised how request is injected into controller methods
Puts it in-line with how Laravel recommend.
2019-09-15 18:53:30 +01:00
Dan Brown be08dc1588
Ran phpcbf and updated helpers typehinting 2019-09-15 18:29:51 +01:00
Dan Brown b1566099a3
Added laravel stats package and enabled debugbar models 2019-09-15 18:07:00 +01:00
Dan Brown cbf9d701af
Updated to laravel 6 2019-09-14 14:12:39 +01:00
Dan Brown 140298bd96
Updated to Laravel 5.8 2019-09-13 23:58:40 +01:00
Dan Brown 6917ea088f
Upgraded app to Laravel 5.7 2019-09-06 23:36:16 +01:00
Dan Brown 213e9d2941
Upgraded to Laravel 5.6 2019-09-06 22:14:39 +01:00
Dan Brown 7a4425473b
Fixed URL gen issue causing incorrect scheme to be used
For #1613
2019-09-01 12:07:51 +01:00
Dan Brown 7cc17934a8
Made MD editor display a sandboxed iframe
- Also added escaping of srcdoc elements in escape logic.

Related to #1531
2019-08-26 12:16:50 +01:00
Dan Brown 9fbef8cd1b
Re-orged readme and added a11y info
- Also tweaked default theme color a tad to better fit in Level A
standard.
2019-08-25 16:19:56 +01:00
Dan Brown ae93a6ed07
Converted primary color use to css variable
- Removed all existing SCSS usage of primary color.
- Cut down custom styles injection to just be css vars.
- Reduced button styles so default button is primary.
- Updated button styles to lighten/brighten on hover & active states even
when a custom color is set.
- Removed unused scss color vars.
- Updated default BookStack blue to achieve better accessibility.
2019-08-25 12:40:04 +01:00
Dan Brown b27a5c7fb8
Made a mass of accessibility improvements
- Changed default focus styles
- Updated dropdowns with keyboard navigation
- Updated modals with esc exiting
- Added accessibility attirbutes where needed
- Made many more elements focusable
- Updated hover effects of many items to also apply when focused within

Related to #1320 and #1198
2019-08-24 18:29:02 +01:00
Dan Brown 666213a4d4
Removed html dir tag for now, Updated lang format 2019-08-18 18:57:35 +01:00
Dan Brown 3acea12f1c
Merge branch 'unicode' of git://github.com/kostasdizas/BookStack into kostasdizas-unicode 2019-08-18 18:51:20 +01:00
Dan Brown eab0ca9648
Covered new invite system with testing
Closes #316
2019-08-18 13:55:28 +01:00
Dan Brown 42d8548960
Finished new user invite flow 2019-08-18 13:11:30 +01:00
Dan Brown e5155a5dcb
Refactored confirm actions to their own controller 2019-08-18 10:47:59 +01:00
Dan Brown 44330bdd24
Start user invite system 2019-08-17 15:52:33 +01:00
Dan Brown 20c36d58a6
Merge pull request #1527 from BookStackApp/129-page-templates
Page Templates Implementation
2019-08-11 20:21:17 +01:00
Dan Brown de3e9ab094
Added ability to use templates
- Added replace, append and prepend actions for template content into
both the WYSIWYG editor and markdown editor.
- Added further testing to cover.
2019-08-11 20:04:43 +01:00
Daniel Seiler 8e723f10dc Add error messages, fix LDAP error 2019-08-07 15:31:10 +02:00
Daniel Seiler 03dbe32f99 Refactor for codestyle 2019-08-07 12:07:21 +02:00
Daniel Seiler bda0082461 Add login and automatic registration; Prepare Group sync 2019-08-06 23:42:46 +02:00
Dan Brown 421dd93ffd
Merge branch 'v0.26' 2019-08-06 21:50:56 +01:00
Dan Brown f417675b1d
Prevented normal users from changing own email
To address #1542

Updates to only allow email changes by users with the users-manage role
permission.
2019-08-06 21:29:42 +01:00
Dan Brown 2955f414dd
Added iframe JS and data url escaping
Related to #1531
2019-08-06 21:08:24 +01:00
Daniel Seiler 3c41b15be6 Initial work on SAML integration 2019-08-05 20:06:39 +02:00
Dan Brown 2ebbc6b658
Merge branch 'master' into 129-page-templates 2019-08-04 16:26:38 +01:00
Dan Brown 83ef086470
Added missing locale option 2019-08-04 16:10:04 +01:00
Dan Brown 71ebb9df8b
Removed unused config item
Left in by mistake during development
2019-08-04 14:41:08 +01:00
Dan Brown 4b0c4e621a
Replaced use of custom 'baseUrl' helper with 'url'
Also changed up how base URL setting was being done
by manipulating incoming request URLs instead of
altering then on generation.
2019-08-04 14:26:39 +01:00
Dan Brown 30da105812
Started refactor of URL system to better extend Laravel 2019-07-21 21:32:08 +01:00
Dan Brown 1e7df28238
Set export service to set correct svg image mimetype
For #1538
2019-07-17 22:37:19 +01:00
Dan Brown 8fcb0e6820
Merge branch 'v0.26' 2019-07-10 20:30:36 +01:00
Dan Brown c732970f6e
Hardened page content script escaping
Increased range of tests to cover.

Fixes #1531
2019-07-10 20:17:22 +01:00
Dan Brown 71167426bb
Started implementation of page template 2019-07-07 13:45:46 +01:00
Dan Brown 15c39c1976
Updated JS translations to be inserted from back-end
Removes old awkward JS translations endpoint.
New system still a little akward in code but not now in process.

Also extracted out page editors into their own files.

Closes #1258
2019-07-06 14:52:25 +01:00
Dan Brown 97fdfa6ebe
Moved config dir into app dir
Closes #1506
2019-07-06 13:44:50 +01:00
Dan Brown 762d1d7595
Allowed different storage types for images and attachments
- Added new env and config vars to allow this.
- Also added tests for awkward config logic including fallback for new
env vars.

Closes #1302
2019-06-23 16:01:15 +01:00
Dan Brown f08668706f
Updated page-nav to show more title content
Will now be truncated using CSS instead of being truncated on PHP side.
Closes #1206.
2019-06-16 12:08:07 +01:00
Dan Brown fbb2b7ac6a
Updated page nav header shift logic to be accurate
Added tests to cover.
Fixes #542
2019-06-16 11:32:38 +01:00
Kostas Dizas 86f56dd22b
Added locale and text direction to html templates 2019-06-11 23:01:08 +01:00
Dan Brown 282c45f088
Updated roadmap & dev version, removed dupe locale mappings 2019-06-11 22:45:41 +01:00
Dan Brown 3ad1b42a74
Updated page delete to handle inactive custom homepage correctly
Fixes #1447
2019-05-27 12:40:19 +01:00
Dan Brown 13c0386e84
Updated string functions to use mulitbyte versions where needed
Fixes #816
2019-05-25 16:15:19 +01:00
Dan Brown 8ae35f645a
Fixed faulty baseUrl rewrites
Fixes #1452
May help #1377
2019-05-19 16:25:05 +01:00
Dan Brown 0a0ceb382e
Doubled image upload display thumb size
Related to #1108
2019-05-19 14:52:17 +01:00
Dan Brown 896f88174a
Updated page navigation logic to ignore empty headers
Fixes #1429
2019-05-15 21:02:11 +01:00
Dan Brown d62d2384cb
Updated guest settings system to format value as per non-guest
Fixes #1431
2019-05-07 22:56:48 +01:00
Dan Brown 97ffbaa740
Fixed issue where books titles could be leaked via shelf home view
- Also added test to cover
Fixes #1425
2019-05-07 22:42:48 +01:00
Dan Brown ba09dad1fe
Fixed shelf activity display & updated book sort operation 2019-05-05 15:54:22 +01:00
Dan Brown 3f83c548f8
Ran phpcbf 2019-05-05 14:54:37 +01:00
Dan Brown ad542f0407
Prevented potential inline JS event usage
- Removes 'on*' attributes from elements.
- Also updated script logic to remove scripts instead of escaping.
- All JS injection removal now uses DomDocument + xpath parsing.
2019-05-05 13:53:37 +01:00
Dan Brown 8c190324ac
Updated existing image tests to reflect changes
- Also added some new tests
2019-05-04 18:11:19 +01:00
Dan Brown 79f6dc00a3
Change image-selector to not use manager
- Now changes the images directly for user, system & cover.
- Extra permission checks added to edit & delete actions.
2019-05-04 15:50:29 +01:00
Dan Brown cb832a2c10
Started diversion to not using image manager for cover/system/user 2019-04-27 14:55:23 +01:00
Dan Brown a87ae16010
Started extraction of image controller to separate controllers 2019-04-27 14:18:00 +01:00
Dan Brown aeb1fc4d49
Started rewriting back-end image managment 2019-04-21 15:52:29 +01:00
Dan Brown 4e49d06182
Merge branch 'fix/registraion-form-validation' of git://github.com/cw1998/BookStack into cw1998-fix/registraion-form-validation 2019-04-21 12:24:39 +01:00
Dan Brown 2bb06463d5
Added deeper content id de-duplication
Closes #1393
2019-04-21 12:22:41 +01:00
Dan Brown 6c66a8935a
Added test to check page HTML id de-duplication
Relates to #1393
2019-04-20 13:01:56 +01:00
Dan Brown c24764018a
Updated ldap server option parsing to work with protocol and port
- Aligns with PHP behaviour where ports is ignore for full LDAP URI.
- Added tests to check format being passed to LDAP is as expected.
- May be related to #1220
- Related to #1386 and #1278
2019-04-16 22:47:53 +01:00
Christopher Wilkinson c8cf6731e2 Add min length validation on name on register form & add sign up link 2019-04-16 12:18:51 +01:00
Dan Brown c380c10d54
Prevented bad duplicate IDs causing major exception
Related to #1393
2019-04-15 21:20:32 +01:00
Dan Brown 7f3f6e65b9
Aligned item creation wording and updated shelf-book-add logic 2019-04-15 20:45:04 +01:00
Christopher Wilkinson d3cd369247 Fix phpcs issues 2019-04-15 09:27:17 +01:00
Christopher Wilkinson faa3a8b842 Add button to add a book directly from a shelf view 2019-04-15 09:27:17 +01:00
Dan Brown ee58bea8b7
Updated user references to be app-default-supporting functions 2019-04-14 13:19:33 +01:00
Dan Brown 9406b4d4c9
Updated view toggle to store date
Also added test for user list order preferences
2019-04-14 13:01:51 +01:00
Dan Brown b12ae6d11b
Added bookshelves to breadcrumbs
- Updated breadcrumb dropdown switchers and back-end sibling code to handle new breadcrumbs.
- Added breadcrumb view composer and EntityContext system to mangage
tracking if in the context of a bookshelf.
2019-04-07 18:28:11 +01:00
Dan Brown 221a483b40
Standardised view referencing to dot-notation 2019-04-07 12:00:09 +01:00
Dan Brown 0a06e2bce3
Actioned some todo items, Cleaned old grid css 2019-04-07 09:57:48 +01:00
Dan Brown d9cde4123d
Fixed entity excerpt function signature misalignment 2019-04-06 18:47:27 +01:00
Dan Brown 7cda9b026e
Updated tests to suit layout changes, Updated 404 page
- Also replaced 'or' usage in templates with null coalescing operator
2019-04-06 18:36:17 +01:00
Dan Brown 745a0bb98d
Updated custom homepage views 2019-04-06 17:31:59 +01:00
Dan Brown aedff7dc6d
Added book selector to books sort
Now more efficient rather than listing all books in the system.
2019-04-06 16:59:04 +01:00
Dan Brown 17969c0bbf
Added shelves and search shortcuts to profile page 2019-04-06 16:21:20 +01:00
Dan Brown 37bf7f11e4
Implemented new design in entity selector
- Also showed entity path in search.
- Cleaned popular entity fetch logic.
- Cleaned entity selector JS code a little
2019-03-30 16:54:15 +00:00
Dan Brown 53a26a365c
Merge branch 'master' into 2019-design 2019-03-30 13:17:29 +00:00
Dan Brown 193e2ffebe
Prevent dbl exts. on img upload, Randomized attachment upload names 2019-03-24 19:08:21 +00:00
Dan Brown f5fe524e6c
Added extension whitelist for image uploads
- A continuation of the security issues addressed in v0.25.3
2019-03-21 19:43:15 +00:00
Dan Brown 37b91b6b0e
Hardened image file validation by removing custom validation
- Added test to check PHP files cannot be uploaded as an image.
2019-03-20 23:59:55 +00:00
Dan Brown 8b7bee7c67
Updated standard entity lists 2019-03-17 15:07:03 +00:00
Dan Brown 5f2d226f09
Merge branch 'master' into 2019-design 2019-03-10 21:40:02 +00:00
Dan Brown 44c537de1a
Performed some LDAP service/test cleanup 2019-03-10 10:54:19 +00:00
Dan Brown 6bccf0e64a
Merge branch 'feature-ldap-attributes' of git://github.com/dfanara/BookStack into dfanara-feature-ldap-attributes 2019-03-10 10:31:09 +00:00
Dan Brown 042a6f9760
Updated shelf menu item to show on custom permission
- Extended new 'userCanOnAny' helper to take a entity class for
filtering.

Closes #1201
2019-03-09 21:15:45 +00:00
Dan Brown 5c9b528517
Abstracted userCanCreatePage helper to work for any permisison
- Added test to cover scenario where someone with create-own permission
would want to copy a viewable item into a container entity that they
own.
2019-03-09 16:50:22 +00:00
Dan Brown 6be2d3f28c
Merge branch 'Copy-For-View-Only' of git://github.com/mark-james/BookStack into mark-james-Copy-For-View-Only 2019-03-09 16:12:12 +00:00
Daniel Fanara 502ea608bf Issue #1306 - Unit Tests for LdapService Changes 2019-03-09 01:08:49 -05:00
Daniel Fanara 55b07c7076 Issue #1306 - Specify display name attribute from LDAP 2019-03-08 23:55:11 -05:00
Dan Brown 98a4359198
Updated user language select to use correct default
- Updated localisation system to take note of system defaul locale
before replacing the current locale
Fixes #1316
2019-03-07 21:09:23 +00:00
Dan Brown 035a0d8efb
Added experimental breadcrumb traversal 2019-02-24 15:57:35 +00:00
Dan Brown f1e571a57c
Made shelf listing more unique & efficient
- Now includes listing of all books within.
2019-02-16 17:13:01 +00:00
Dan Brown a112c11df8
Re-ordered and updated main settings page 2019-02-16 14:17:35 +00:00
Dan Brown 3286f29a61
Merge branch 'master' into 2019-design 2019-02-09 14:58:38 +00:00
Dan Brown 5325870271
Updated auth pages to new design, Removed public layout 2019-02-03 17:34:15 +00:00
Dan Brown 138f5d5c4f
Updated user and shelf views to new design 2019-02-03 13:45:45 +00:00
Dan Brown 20988962fe
Migrated a whole load more page/chapter/shelf views 2019-02-02 11:41:41 +00:00
Dan Brown 32603362a6
Updated a bunch of book views 2019-01-31 20:37:12 +00:00
abijeet 5ef0992d5b PHPCS related fixes. 2019-01-27 15:59:23 +05:30
Dan Brown 36424a24b5
Added ability for date format strings to be localized by back-end
Requires the locale to be installed on the system-side.
Closes #1214
2019-01-19 12:11:18 +00:00
Dan Brown 0efed43389
Converted more views to new layout and made breadcrumbs more flexible 2019-01-13 15:54:55 +00:00
Dan Brown 163a57cf70
Merge branch 'master' into 2019-design 2019-01-13 14:10:27 +00:00
Dan Brown 0e0a17cc30
Prevented page text content includes
Avoids possible permission issues where included content shown in search or preview
where the user would not normally have permission to view the included content.

Closes #1178
2019-01-05 17:18:40 +00:00
Dan Brown a2087fe3ff
Made delete permissions a requirement for move operations
Closes #1200
2019-01-05 14:39:40 +00:00
Mark James 19770d2792 Use joint_permissions to determine is a user has an available page or chapter to copy. 2019-01-02 16:55:28 +11:00
Mark James 99c6d70c51 Initial updates to allow for page copy when the user can read the page but can't update it. 2018-12-31 17:01:49 +11:00
Dan Brown 2317bf2350
Added check for last admin on role change
Will show error message if last admin and admin role is removed.
Closes #1124
Also cleaned up user controller a little.
2018-12-30 16:11:58 +00:00
Dan Brown 68017e2553
Added testing for avatar fetching systems & config
Abstracts imageservice http interaction.
Closes #1193
2018-12-23 15:34:38 +00:00
Dan Brown b56fc21aaf
Abstracted user avatar fetching away from gravatar
Still uses gravatar as a default.
Updated URL placeholders to follow LDAP format.
Potential breaking config change: `GRAVATAR=false` replaced by `AVATAR_URL=false`
Builds upon #1111
2018-12-22 19:29:19 +00:00
Dan Brown d673bf61c2
Merge branch 'custom-avatar-provider' of git://github.com/Vinrobot/BookStack into Vinrobot-custom-avatar-provider 2018-12-22 18:18:14 +00:00
Dan Brown 7c8edf5673
Merge pull request #1096 from christophert/add-ldaptlsinsecure
Add option to disable LDAPS Certificate Validation
2018-12-22 16:38:50 +00:00
Dan Brown 26ec1cc3dc
Added proper escaping to LDAP filter operations
To cover #1163
2018-12-20 20:04:09 +00:00
Dan Brown 7f6929d716
Re-enabled plaintext view for email notifications
Updated mail notifications to set the HTML and plaintext views since before
no plaintext version was being created.

Closes #1182
2018-12-16 20:44:57 +00:00
Dan Brown 323bff7d6d
Extended translations system for arrays & extension
Extended the base Laravel translation system to
allow a locale to be based upon another.

Also adds functionality to take base & fallback locales into account when fetching
an array of translations.

Related to work done in #1159
2018-12-12 20:46:27 +00:00
Dan Brown 4c574c22a8
Implemented functionality to make books sort function
Also changed public user settings to be stored in session rather than DB.
Cleaned existing list view type logic.
2018-12-07 18:33:53 +00:00
Dan Brown 4a872012c5
Merge branch 'master' into 2019-design 2018-11-11 11:44:35 +00:00
Vinrobot 5e6c039b08
Added config to change Gravatar URL 2018-11-10 16:11:11 +01:00
Dan Brown 178b5af83a
Added google select_account test
Also cleaned the function naming a little to be more descriptive of the
work they do.
2018-11-10 14:52:43 +00:00
Dan Brown 4be0c567cc
Merge pull request #1063 from justein230/master
Add select account parameter for google authorization
2018-11-10 14:32:28 +00:00
Dan Brown 038b2418f7
Fixed baseURL helper when no app url is set
Also cleaned variable naming to be more obvious
2018-11-09 21:29:30 +00:00
Justin Stein 2ca8038df2 Removed return from documentation for function redirectToSocialProvider 2018-11-04 11:07:04 -08:00
Justin Stein 89de328439 Merge branch 'master' of https://github.com/BookStackApp/BookStack 2018-11-04 11:04:30 -08:00
Justin Stein c37e73b626 Moved redirect functionality back to start register and log in functions 2018-11-04 10:48:55 -08:00
Justin Stein 0283ab11b5 Added function for redirect with parameters for Socialite 2018-11-04 10:40:06 -08:00
Dan Brown ffc1aa873e
Merge branch 'v0.24-dev' 2018-11-04 15:36:40 +00:00
Dan Brown 19b7093438
Fixed redirect issue when custom app url in use
Fixes #956 & #1048
Also added tests to cover this url logic.
Also removed debugbar during tests to maybe improve test speed.
2018-11-04 15:18:27 +00:00
Christopher Tran 8e7f703af7 fix how the option is set, change handle to NULL 2018-10-27 16:58:10 -04:00
Christopher Tran 6c14c09880 Add ability to disable LDAP certificate validation 2018-10-27 16:14:19 -04:00
Dan Brown 89be30ff0e
Started on a design update
- Added base of new grid system.
- Added new margin/padding/visiblity helpers.
- Made header collapse to overflow menu on mobile.
2018-10-16 18:49:56 +01:00
Justin Stein 216358c6e4 Added Google select account functionality to login 2018-10-13 15:14:06 -07:00
Justin Stein 57d99130ee Added environment variable for google select account option. 2018-10-13 14:50:58 -07:00
Justin Stein 79afec9737 Revert "Added else clause"
This reverts commit 77d7f764f1.
2018-10-13 14:31:29 -07:00
Dan Brown 85f330c79a
Extracted many page-specific repo methods into page-specific repo 2018-10-13 11:27:55 +01:00
justein230 77d7f764f1
Added else clause 2018-10-12 22:50:02 -07:00
Justin Stein a76599bd2a Add select account parameter for google authorization
Useful for choosing an account if a default account is outside the scope of a G Suite organization.
2018-10-12 11:52:13 -07:00
Dan Brown 495d18814a
Updated various classes to take EntityProvider instead of separate entities 2018-09-25 18:00:40 +01:00
Dan Brown 257a5a23ec
Fleshed out entity provided and optimized imports 2018-09-25 16:58:03 +01:00
Dan Brown 919660678b
Re-structured the app code to be feature based rather than code type based 2018-09-25 12:30:50 +01:00
Dan Brown 7b32aa163f
Added Bookshelves to search system.
Also cleaned up and made search indexing system a little more efficient.
Closes #1023
2018-09-23 12:34:30 +01:00
Dan Brown be4f3d62cd
Merge branch 'fix/ru-locale' of git://github.com/mullinsmikey/BookStack into mullinsmikey-fix/ru-locale 2018-09-22 22:29:03 +01:00
Dan Brown da58c41ab6
Prevented attachDefaultRole from trying to re-attach if already existing
Fixes #1003
Added test to cover
2018-09-22 22:09:34 +01:00
Dan Brown 3f58800ed1
Added ability to configure revision limit 2018-09-22 17:30:42 +01:00
Dan Brown 1cb6ae39c8
Added base RTL support
For #939

- Adds way to check if current language is RTL via config system.
- Made TinyMCE default direction be based on current language text
direction.
- Fixed bullet points to be RTL compatible.
- Set page content body to have direction based on content.
2018-09-22 13:18:26 +01:00
Dan Brown 5c2e3f4e56
Extracted download response logic into controller method
Fixes incorrect 'Content-Disposition' header value.
Fixes #581
2018-09-22 11:34:09 +01:00
Dan Brown c47b578599
Fixed formatting via phpcbf 2018-09-21 18:48:47 +01:00
Dan Brown e60d11ee04
Altered social auto-reg to be configurable per service
- Added {$service}_AUTO_REGISTER and {$service}_AUTO_CONFIRM_EMAIL env
options for each social auth system.
- Auto-register will allow registration from login, even if registration
is disabled.
- Auto-confirm-email indicates trust and will mark new registrants as
'email_confirmed' and skip 'confirmation email' flow.
- Also added covering tests.
2018-09-21 18:05:06 +01:00
Dan Brown 7ad8314bd7
Merge branch 'feature/autoregistration_social_login' of git://github.com/ibrahimennafaa/BookStack into ibrahimennafaa-feature/autoregistration_social_login 2018-09-21 16:14:52 +01:00
Dan Brown 131fcae4c7
Merge pull request #947 from BookStackApp/bookshelves
Bookshelves
2018-09-21 15:29:52 +01:00
Dan Brown b59e5942c8
Added testing coverage for Bookshelves
Created modified TestResponse so we can use DOM operations in new
Testcases as we move away from the BrowserKit tests.
2018-09-21 15:15:16 +01:00
Dan Brown 8ff969dd17
Updated so permission effect admins more
Asset permissions can now be configured for admins.
joint_permissions will now effect admins more often.
Made so shelves header link will hide if you have no bookshelves view
permission.
2018-09-20 19:48:08 +01:00
Dan Brown 6eead437d8
Added bookshelf permission control UI and copy-down ability 2018-09-20 19:16:11 +01:00
Dan Brown 81eb642f75
Added bookshelves homepage options
- Updated homepage selection UI to be more scalable
- Cleaned homepage selection logic in code
- Added seed test data for bookshelves
- Added bookshelves to permission system
2018-09-20 15:27:30 +01:00
Dan Brown 47b08888ba
Added bookshelf view, update, delete
- Enabled proper ordering of Books in a shelf.
- Improved related item destroy for all entities.
2018-09-16 19:34:09 +01:00
Abijeet 08b967607f Changes as per code review, and fixes failing test cases.
Signed-off-by: Abijeet <abijeetpatro@gmail.com>
2018-09-16 20:44:09 +05:30
Abijeet 0c8b6b7324 Final tweaks after code review and fixing failing test cases. 2018-09-16 01:12:36 +05:30
Abijeet 81d3bdc168 Removes the BadRequestException class added earlier.
Signed-off-by: Abijeet <abijeetpatro@gmail.com>
2018-09-15 21:08:00 +05:30
Abijeet 54ca4487fa Adds tests and few fixes.
Signed-off-by: Abijeet <abijeetpatro@gmail.com>
2018-09-15 21:05:51 +05:30
Abijeet 25da4d9a8b Added a success message on deletion of revision.
Signed-off-by: Abijeet <abijeetpatro@gmail.com>
2018-09-15 16:08:20 +05:30
Abijeet 714c7bbd3a Adds code to delete the revision.
Signed-off-by: Abijeet <abijeetpatro@gmail.com>
2018-09-15 15:15:42 +05:30
Michael Mullins e0b479efef UTF-8 slugs & UI fixes 2018-09-11 22:42:25 +04:00
Dan Brown b89411c108
Copied book content, Added create routes
Added view control
Added pivot table for books relation
Added control to assign books
2018-08-27 14:18:09 +01:00
Ibrahim Ennafaa d2f5313f92
add missing @param in method comment 2018-08-21 12:44:42 -04:00
Ibrahim Ennafaa 572e75b783
Update UserRepo.php 2018-08-20 21:19:25 -04:00
Dan Brown d2a9b312e9
Fixed LDAP group sync using wrong user filter
LDAP group sync was trying to find users based on the external_auth_id
which is not garunteed to match the username entered so somtimes
the search for a user would fail.

This passes the username to the group sync.
Picked up by @yoyokko in #959.
2018-08-19 15:24:42 +01:00
Ibrahim Ennafaa b224a2c8a0 attempt to fix unit test error for admin creation 2018-08-16 21:52:16 +00:00
Dan Brown fe6dfcedf9 implement social auto registration feature 2018-08-16 21:26:54 +00:00
Dan Brown 92c9837157
Fixed incorrect type error in LDAP group sync
Should fix #951
2018-08-12 13:28:40 +01:00
Dan Brown fcb93dc7c8
Added option to disable public lang autodetect
Also cleaned up localization middleware a little.
Closes #944
2018-08-12 13:10:55 +01:00
Dan Brown b5a2d3c1c4
Merge remote-tracking branch 'origin' into bookshelves 2018-08-04 11:35:01 +01:00
Dan Brown c83a51f7e2
Merge pull request #904 from lommes/903-socialite-discord
add everything needed to use discord as social login provider
2018-07-29 16:18:10 +01:00
Dan Brown f421d83627
Added ability to set custom ldap group -> role mapping
Added input in role form to allow matching against custom names.
Changed default mapping to use role display name instead of the hidden
DB name.
2018-07-15 19:34:42 +01:00
Dan Brown be2ca9d4bb
Refactored out the LDAP repo 2018-07-15 18:21:45 +01:00
Dan Brown 17bca662a7
Added tests to cover ldap group mapping
Also updated .env.example formatting.
Updated how LdapRepo uses Ldap so can be mocked by testing.
2018-07-15 17:57:25 +01:00
Dan Brown 1776204870
Merge branch 'master' of git://github.com/brennanmurphy/BookStack into brennanmurphy-master 2018-07-14 14:17:55 +01:00
Dan Brown 2bcc159fd6
Allowed creating pages in visible chapters in invisible books
Fixes permissions with test to cover in the event a page is created,
with permission, in a chapter but the user does not have permission to
see the parent book.

Fixes #912
2018-07-14 14:12:29 +01:00
Brennan Murphy 37aa8b05f8 Update files to PSR-2 standards 2018-07-02 17:27:43 +00:00
Brennan Murphy d640cc1eee LDAP groups sync to Bookstack roles.
Closes #75
2018-07-02 17:09:39 +00:00
Timo B 93795b6eda add everything needed to use discord as social login provider 2018-06-28 09:01:36 +02:00
Dan Brown 4948b443b6
Started work on bookshelves 2018-06-24 13:38:19 +01:00
Dan Brown 6b84a76af1
Merge branch 'drawing_updates' 2018-05-27 19:42:25 +01:00
Dan Brown 2bd6ba9895
Added maintenance view with image-cleanup 2018-05-27 19:40:07 +01:00
Dan Brown 1df0bcaf85
Made image cleanup safer
Also fixed drawing update in markdown editor.
Added shortcut for MD editor to view drawing manager.
2018-05-27 14:33:50 +01:00
Dan Brown c31e6a03ce
Added command to clean-up old images, Unfinished 2018-05-20 18:16:01 +01:00
Dan Brown 8c4c8cd95b
Updated secure-images option to not effect image name
Instead only the image path is altered.
Also fixed image manger mode not changing on button press.
2018-05-20 16:47:53 +01:00
Dan Brown 0c9c1e4c6b
Reverted work on revisions
Improved linkage of drawings and image manager.
Updated image updates to create new versions.
2018-05-20 16:41:14 +01:00
Dan Brown 6e7adcc095
Embedded SVG icons in css/js files
Allows removal of hacky /icon endpoint solution.
Fixes PDF exports with WKHTML and allows the icon to show in HTML
exports.

Fixes #796
2018-05-20 11:55:23 +01:00
Dan Brown a1ecdcacba
Fixed attachment error handling, Allowed all link types
Related to #812
2018-05-20 11:06:10 +01:00
Dan Brown 63f96c1c6f
Reorganised home and robots views
Extracted home view sidebar into own view.
Moved home and robot views into 'common' folder so that we only have
layouts in the top-level views folder.
2018-05-20 10:11:56 +01:00
Dan Brown 8df9dab80a
Merge branch 'master' into feature/615 2018-05-20 09:51:45 +01:00
Dan Brown 6cdb943916
Started work on revisions in image manager 2018-05-19 18:44:40 +01:00
Dan Brown d3d8ddbe52
Improved 404 handling and fixed editor error
404 handling now not a hack-around and uses Laravel 'fallback' routes
instead. Prevents errors with the session when you have mulitple errors
on a page where a post/put/delete is made.
2018-05-19 17:01:33 +01:00
Dan Brown 13ad0031d6
Drawings now generate revisions, not replace
Updated drawing update test to accomodate.
Image deletion system now takes revisions into account.
2018-05-13 17:41:35 +01:00
Dan Brown d5b922aa50
Started work on drawing revisions
Improved sidebar and selection styling of image manager.
Allowed image manager imageType to be changed on open.
Created models for image revisions.
2018-05-13 12:07:38 +01:00
Abijeet 86b2ddbd28 Implemented displaying of the books list on home page. 2018-05-10 09:05:18 +05:30
Dan Brown 71b6f09128
Applied phpcs findings 2018-04-22 12:25:32 +01:00
Dan Brown 67e0c3d2a5
Improved export base64 encoding of images
Now will use set storage mechanism to find image files.
Fixes #786

Added test to cover
2018-04-22 12:23:43 +01:00
Dan Brown a50153d221
Slimmed down testing DB sized and improved permission caching 2018-04-14 22:17:47 +01:00
Dan Brown cdb1c7ef88
Added destination permission checking to entity move 2018-04-14 18:47:13 +01:00
Dan Brown 0f7b0ad45a
Added ability to copy a page
In 'More' menu alongside move.
Allows you to move if you have permission to create within the new
target parent.
Closes #673
2018-04-14 18:00:16 +01:00
Dan Brown 0ade9b5b9b
Refactored moment.js out of app
Reduces bundle size by 25%
2018-04-01 14:10:44 +01:00
Dan Brown 1a72208d27
Added configurable robots.txt file.
Deleted old static file.
Default output depends on app-public setting.
Otherwise can be overidden in `.env` file via `ALLOW_ROBOTS`
Otherwise view file can be customized.

Fixes #779
2018-03-31 12:41:40 +01:00
Dan Brown 58a6b2df7d
Merge branch 'master' of github.com:BookStackApp/BookStack 2018-03-30 14:10:36 +01:00
Dan Brown 582158f70e
Added tags to chapters and books
Closes #121
2018-03-30 14:09:51 +01:00
Abijeet 2fc513984d PSR2 fixes after running `./vendor/bin/phpcbf`
Signed-off-by: Abijeet <abijeetpatro@gmail.com>
2018-03-28 01:07:01 +05:30
Dan Brown 23f90ed6b4
Ensured uploaded system images remain public
Also added tests to cover local_secure image storage.

Fixes #725
2018-03-25 12:41:52 +01:00
Dan Brown 1e015af3c9
Fixed incorrect search logic in last commit
Incorrect cross-entity pagination could lead to hidden entities.
2018-03-24 19:05:56 +00:00
Dan Brown f101c1a622
Made search more efficient and tweaked weighting
Added per-entity weighting changes.
Now Books score higher than chapters which score higher than pages.

Reduced queries required on search by only searching once but at a
higher count to see if there's another page.
2018-03-24 18:46:31 +00:00
Dan Brown 3df7d828eb
Fixed failing tests
Fixed syntax error in french translations.
Removed 'required' on image validation which was breaking tests
2018-03-24 15:25:13 +00:00
Dan Brown 5ad9c5d319
Merge branch 'bug/gif-image-740' of git://github.com/Abijeet/BookStack
Also removed console.logs in dropzone.js
2018-03-24 14:54:50 +00:00
Abijeet bf8dddd99c Not resizing gif images.
See - https://github.com/Intervention/image/issues/176

Fixes #223

Signed-off-by: Abijeet <abijeetpatro@gmail.com>
2018-03-19 01:44:33 +05:30
Abijeet Patro 0335f58478
Merge branch 'master' into bug/image-upload 2018-03-18 23:44:33 +05:30
Dan Brown d2eec4fbce
Markdown editor image paste sets cursor correctly
Now sets cursor to alt text rather than end of placeholder image.
Fixed #751
2018-03-18 11:33:30 +00:00
Dan Brown 1ad6fe1cbd
Added togglable script escaping to page content
Configurable via 'ALLOW_CONTENT_SCRIPTS' env variable.
Fixes #575
2018-03-17 15:52:42 +00:00
Abijeet f42d355fd7 Fixes issue with the validation message not being translated.
Signed-off-by: Abijeet <abijeetpatro@gmail.com>
2018-03-13 09:10:23 +05:30
Dan Brown 81fa021083
Finished migrated from icon-font to SVG 2018-02-17 19:49:00 +00:00
Dan Brown 5ab39bfd5a
Started migration to SVG icons 2018-02-17 13:30:52 +00:00
Dan Brown dc1a16be4c
Made it possible to override icons via custom theme 2018-02-17 12:36:24 +00:00
Dan Brown 548dcd4db1
Fixed error when accessing non-authed attachment
Also updated attachment tests to use standard test-case.
Fixes #681
2018-02-11 12:37:02 +00:00
Dan Brown 110f32a16d
Merge branch 'master' of git://github.com/moutonnoireu/BookStack into moutonnoireu-master
Also updated composer deps
2018-02-11 11:44:09 +00:00
Dan Brown bed7ba78d3
Updated grid view to use CSS grid and flexbox
Provides a cleaner height-matched design.
Closes #701
2018-02-11 11:36:51 +00:00
Dan Brown 9becc8055b
Merge branch 'support_for_gitlub_auth' of git://github.com/pixwell-dev/BookStack into pixwell-dev-support_for_gitlub_auth 2018-02-04 17:51:30 +00:00
Dan Brown a45922616f
Made default books view configurable in .env
Under 'APP_VIEWS_BOOKS' key.
Closes #675
2018-02-04 11:36:58 +00:00
Jozef Balún 44d8f39037 add support for gitlab authentification 2018-01-31 16:02:07 +01:00
BlackSheep 5e2bf7c3e4 Add twitch socialite auth provider 2018-01-29 09:28:56 +01:00
Dan Brown 59e809be16
Added command to add a new admin user
Closes #609
2018-01-28 18:09:26 +00:00
Dan Brown ec050a5eef
Fixed validation issue on register post
Added test to cover and also cleaned up RegisterController comments.

Fixes #670
2018-01-28 17:15:30 +00:00
Dan Brown 62342433f4
Set /app PHP code to PSR-2 standard
Also adde draw.io to attribution list.

Closes #649
2018-01-28 16:58:52 +00:00
Dan Brown ead4b14d94
Updated user profile image delete to delete all uploads
Also moved test and made more comprehensive
2018-01-28 14:08:14 +00:00
Sampath Kumar 35e00ddb95 #630: Deleting user's profile pics on deleting of user account (#646)
* Issue-630: Fixed issue with deleting user profile pics when deleting a user.

* Issue #630: Deleting user's profile pics on deleting of user account

* Issue-630: Added test case for deleting user
2018-01-28 13:50:24 +00:00
Dan Brown 88d09a2a3b
Added drawing endpoint tests
Also refactored ImageTests away from BrowserKit
Also added image upload type validation.
2018-01-28 13:18:28 +00:00
Dan Brown 56264551e7
Added drawing icon and made drawio disablable 2018-01-20 15:00:54 +00:00
Dan Brown 0c383eee5b
Merge branch 'master' into draw.io to fetch auth image changes 2018-01-20 14:06:44 +00:00
Dan Brown f4bfbf91db
Merge pull request #665 from BookStackApp/authed_images
Adds ability to secure images behind auth
2018-01-20 14:05:03 +00:00
Dan Brown 34782fbc91
Merge branch 'master' into draw.io 2018-01-20 14:01:56 +00:00
Dan Brown 1bfd77e7a1
Added drawing update ability 2018-01-20 14:01:35 +00:00
Dan Brown 281da59bae
Refactored book sort using collections 2018-01-13 16:44:47 +00:00
Dan Brown 0afa417b0a
Added ability to secure images behind auth
Still in testing.
Adds STORAGE_TYPE=local_secure option for setting images to be behind
auth. Stores images alongside attachments in /storage/uploads/images.
2018-01-13 11:11:23 +00:00
Abijeet a77756a2da Refactored the code to first check for the permissions before sorting the book.
Signed-off-by: Abijeet <abijeetpatro@gmail.com>
2018-01-06 01:04:48 +05:30
Abijeet e13e71cbe0 Changed the sort view to only show books to which we have an update permission.
Signed-off-by: Abijeet <abijeetpatro@gmail.com>
2017-12-31 16:44:46 +05:30
Abijeet 4a24d1c31b Checks the target and the source book before performing the sort.
Signed-off-by: Abijeet <abijeetpatro@gmail.com>
2017-12-31 16:25:21 +05:30
Dan Brown 96b8c403a8
Fixed failing book view test
Also ensured setting system localcache is cleared correctly
2017-12-30 16:09:27 +00:00
Dan Brown 359b1b40a2
Fixed broken table/ol/ul page includes
Fixes #640
2017-12-30 15:50:33 +00:00
Dan Brown 920964a561
Enabled system-storage of drawings made via draw.io 2017-12-30 15:26:39 +00:00
Dan Brown 141bf22725
Updated book view change to PATCH + other amends
Moved toggle to right of header bar and added unique text and icon for
each view type.

Removed old profile setting to keep things clean.
2017-12-29 16:49:03 +00:00
Dan Brown 1aa4d0dc59
Merge branch 'feature-613' of git://github.com/Abijeet/BookStack into Abijeet-feature-613 2017-12-29 16:25:15 +00:00
Dan Brown 0c1b1cd435
Standardised admin role check 2017-12-29 16:14:20 +00:00
Dan Brown 3eb2246291
Merge branch 'feature-579' of git://github.com/Abijeet/BookStack into Abijeet-feature-579 2017-12-29 16:03:34 +00:00
Dan Brown afe781bc39
Enabled session in 404 responses
Fixes #634
2017-12-28 13:19:02 +00:00
Abijeet d5a2529775 Adds test cases and fixes an issue with the permission checking.
Signed-off-by: Abijeet <abijeetpatro@gmail.com>
2017-12-26 15:46:20 +05:30
Abijeet 0d4db603a4 Adds button to allow users to toggle the book view via the books list page.
Closes #613

Signed-off-by: Abijeet <abijeetpatro@gmail.com>
2017-12-26 12:38:16 +05:30
Abijeet 7da8804753 Adds code to allow deletion of users via cmd line.
Fixes #579

Command:

php artisan bookstack:delete-users

Signed-off-by: Abijeet <abijeetpatro@gmail.com>
2017-12-26 02:22:41 +05:30
Dan Brown 03eb63ec77
Made it possible to pre-fill login via url
Allows email to be passed to email field.
Also allows password only if in demo mode (Due to security concerns).
2017-12-10 13:56:25 +00:00
Dan Brown 90bf13c1ab
Updated okta config keys, made SVG fully vector
Also added some additional error handling to login.
2017-12-09 13:32:45 +00:00
Dan Brown d17eb0f54c
Merge branch 'master' of git://github.com/lommes/BookStack into lommes-master 2017-12-09 12:48:08 +00:00
Dan Brown d7edc389a6
Enabled custom HTML head content to work within editors
Closes #562
2017-12-08 11:52:43 +00:00
Dan Brown 56d5af1336
Made it possible to configure proxies via env
In reference to #146
2017-12-07 19:46:47 +00:00
Dan Brown b65abd25e0
Made small var name and formatting tweaks 2017-12-07 19:19:25 +00:00
Dan Brown a5e49f642b
Merge branch 'disable-comments' of git://github.com/Abijeet/BookStack into Abijeet-disable-comments 2017-12-07 19:15:26 +00:00
Dan Brown 6ee35f55cc
Refactored image picker to js component
Also adjusted default cover image size
2017-12-06 17:32:29 +00:00
Dan Brown 261e57fc4e
Converted books view setting to user setting
Also cleaned up/moved new CSS and removed redundant new book methods.
2017-12-06 16:34:26 +00:00
Dan Brown bc1302a8d8
Merge branch 'BookStackApp-master' of git://github.com/OsmosysSoftware/BookStack into OsmosysSoftware-BookStackApp-master 2017-12-06 15:52:54 +00:00
Dan Brown 6ebe8bf619
Fixed conflicting PDF facade namespace and corrected php version
Updated composer to have the correct config to install dependancies that
work for 7.0
2017-12-04 17:59:53 +00:00
Timo Bartholomes 009af9736e Add socialite authentication for okta 2017-11-26 16:41:29 +01:00
Dan Brown 873b1099f8
Updated to laravel 5.5
Closes #590
2017-11-19 15:56:19 +00:00
Abijeet 6bb7b5465f Added code in the settings to disable comments. Based on that hiding the comments section on the page display. 2017-11-16 00:05:24 +05:30
Dan Brown d89440d198
Fixed required email confirmation with domain restriction
Added test to cover scenario.

Closes #573
2017-11-11 18:09:48 +00:00
Dan Brown 711ba258f1
Prevented mulitple hypens incorrectly in slug
Added test to check slug format.
Fixes #589
2017-11-11 16:27:29 +00:00
Dan Brown f094837709
Added test to cover multi-byte slugs
Also removed check for 'mb_' functions since mbstring is a dependancy
2017-11-11 16:15:08 +00:00
Vladimir 6b2581de63
Russian slug and Multibyte String 2017-11-03 14:00:07 +02:00
Dan Brown db51cee2d8
Prevented custom homepage being deleted
Fixes #546
2017-10-15 19:14:46 +01:00
Dan Brown a988438946
Expanded list of indexing split chars
Expands on #531
2017-10-15 19:14:31 +01:00
Dan Brown 9758872baf
Updated image fetching in exporting
Added domain check to see if possibly local even when whole url found.
Changed image fetch from file_get_contents to curl for external
resources.

Hopeful solution to #392
2017-10-06 20:49:25 +01:00
Dan Brown 2b3d6e4e4a
Updated search-regen command description 2017-10-01 17:51:59 +01:00
Dan Brown 9ba29770e1
Added azureAD social auth option
Closes #509
2017-10-01 13:19:17 +01:00
Dan Brown 481aa5b5b0
Added 'last_commented' sort option to search
Closes #440
2017-10-01 11:24:33 +01:00
Dan Brown c943eb4d0d
Removed empty string null middleware as was causing issues 2017-09-30 14:44:52 +01:00
Dan Brown aca6de49b0
Added missing middleware to trim input 2017-09-30 14:31:27 +01:00
Dan Brown 5fd04fa470
Updated search indexer to split words better
Will now split up words based on more chars than just spaces.
Not takes into account newlines, tabs, periods & commas.

Fixed #531
2017-09-30 14:14:23 +01:00
Dan Brown 74a5e3113e
Fixed page includes erroring on save
Closes #514
2017-09-20 21:03:40 +01:00
Dan Brown 39e7ac1c15
Updated social login to redirect to intended page.
Closes #508.
2017-09-14 20:20:47 +01:00
Dan Brown 0275d2ad58
Added loading icons, Added comment activity 2017-09-09 17:06:30 +01:00
Dan Brown 41f56e659d
Added comment reply and delete confirmation.
Also fixed local_id bug
Added component helpers
Added global scroll & Highlight helpers
2017-09-09 15:56:24 +01:00
Bharadwaja G c1a1bc0135 Books grid view 2017-09-04 20:27:52 +05:30
Dan Brown fea5630ea4
Made some changes to the comment system
Changed to be rendered server side along with page content.
Changed deletion to fully delete comments from the database.
Added 'local_id' to comments for referencing.
Updated reply system to be non-nested (Incomplete)
Made database comment format entity-agnostic to be more future proof.
Updated designs of comment sections.
2017-09-03 16:37:51 +01:00
Dan Brown c81b63b56f
Fixed broken page content includes 2017-09-02 16:06:03 +01:00
Bharadwaja G 6200948eec Merge branch 'master' of git://github.com/BookStackApp/BookStack into BookStackApp-master
Conflicts:
	app/Http/Controllers/BookController.php
	resources/lang/en/common.php
	resources/views/books/create.blade.php
	resources/views/books/form.blade.php
	resources/views/books/index.blade.php
	resources/views/users/edit.blade.php
	tests/Entity/EntityTest.php
2017-08-29 12:19:00 +05:30
Dan Brown 0a402e3c63
Made custom home ignore permissions and added tests
Closes #126 and #372
2017-08-28 13:55:39 +01:00
Dan Brown 55759bd22a
Added ability to set a page to view on the homepage.
Relates to #372 and #126
2017-08-28 13:38:32 +01:00
Dan Brown 4cb4c9e568
Updated remaining views to 2017 design update.
Also fixed issue with duplicate confirmation email.
2017-08-26 17:17:04 +01:00
Dan Brown 36f524a354
Updated page view styles to align with 2017 update 2017-08-26 15:41:33 +01:00
Dan Brown 8fcbe44d3e
Updated styles for auth and books views.
Also added sourcemaps to gulp sass build
2017-08-26 13:24:55 +01:00
Bharadwaja G 7f902e41c7 Resolved conflicts 2017-08-24 12:21:43 +05:30
Dan Brown 3da8c01c1f
Rolled out new design further 2017-08-20 13:57:25 +01:00
Dan Brown a04b31866d
Cleaned social callback 2017-08-17 19:44:35 +01:00
Dan Brown e9831a7507
Merge branch 'master' of git://github.com/Abijeet/BookStack into Abijeet-master 2017-08-01 19:24:33 +01:00
Dan Brown 33642c20ec
Fixed faulty text rendering calls and LDAP tests 2017-07-22 17:10:52 +01:00
Dan Brown 2704962277
Updated utfmb4 upgrade command 2017-07-22 16:19:17 +01:00
Dan Brown 6bcd89acf7
Moved utf8mb4 migration to command instead of migration
To prevent errors upon migration.
Command generates out the SQL syntax to make the change instead
so the upgrade can be done manually.

In reference to #425
2017-07-22 15:54:17 +01:00
Dan Brown b12e2ceada
Added included content into page's text view
Allows rendered content to be shown in listings and used in searches.
Also prevented angular tags in content being parsed in listings.

Fixes #442
2017-07-22 14:21:56 +01:00
Nilesh Deepak b4044e6c3a Resolves heading issues in grid view 2017-07-15 16:22:29 +05:30
Nilesh Deepak 85fbe820c4 Adding getHeadingExcerpt to get heading. 2017-07-15 16:11:10 +05:30
Abijeet f37509062e Merge pull request #8 from OsmosysSoftware/feature-181
Issue 181
2017-07-12 18:41:35 +05:30
Nilesh Deepak 24ee78ccd8 Update. 2017-07-12 18:04:06 +05:30
Abijeet 844976c85b Revert "Revert "Bookstack grid view."" 2017-07-12 11:40:50 +05:30
Abijeet f0d914abbf Merge pull request #5 from BookStackApp/master
Getting latest changes
2017-07-12 11:33:58 +05:30
Dan Brown 2ea7e10923
Set ldap to not follow referrals by default
Added LDAP_FOLLOW_REFERRALS .env option to override.
Fixes #317
2017-07-10 19:43:49 +01:00
Abijeet 3fd61a3600 Revert "Bookstack grid view." 2017-07-07 17:28:34 +05:30
Nilesh Deepak d84315fff8 Indentation correction. 2017-07-07 17:06:08 +05:30
Nilesh Deepak 144a6e469d Updated cover image upload and delete function. 2017-07-07 16:29:38 +05:30
Nilesh Deepak 16a09e8ff6 Deletion of image file on book deletion. 2017-07-06 10:03:40 +05:30
Nilesh Deepak 6ad24a6bee Changed public getImageURL function to private. 2017-07-05 18:32:38 +05:30
Nilesh Deepak d99fd1fd65 Applied required changes 2017-07-05 12:26:02 +05:30
Nilesh Deepak 947c58f227 Applied required changes in BookStack. 2017-07-05 12:09:01 +05:30
Nilesh Deepak bce5fdd5cd Merge branch 'master' into issue-181 2017-07-04 15:16:46 +05:30
Dan Brown 005f0eb4fc
Updated default encoding and added conversion migration.
Also updated how DB port is defined so that the DB_PORT
env var can be used or it can be take from the host name.

Fixes #405
2017-07-02 17:30:12 +01:00
Nilesh Deepak af72f0d490 Bookstack grid view. 2017-06-29 18:54:04 +05:30
Nilesh Deepak 8924618d12 test 2017-06-28 18:56:17 +05:30
Nilesh Deepak 6557fbb666 commit 2017-06-28 18:51:32 +05:30
Abijeet fd50efb503 #47 - Putting the comments right under the page. 2017-06-11 11:41:33 +05:30
Abijeet 652a67ad65 Removes some unncessary code. 2017-06-06 23:20:40 +05:30
Abijeet 5bd9da6054 #47 - Adds various translations in English, and a few code improvements. 2017-06-06 01:46:59 +05:30
Abijeet 7c6fe8c4e2 #47 - Changes the location of the reply and edit comment box. 2017-06-05 00:20:37 +05:30
Abijeet 06d75e1804 #47 - Updates the total comments when a comment is added. 2017-06-04 20:12:01 +05:30
Dan Brown f99c8ff99a
Fixed role permission removal bug 2017-06-04 15:37:10 +01:00
Abijeet 9558f84b97 #47 - Adds functionality to delete a comment. Also reduces the number of watchers. 2017-06-04 18:52:44 +05:30
Abijeet 2fd421b115 #47 - Adds comment level permissions to the front-end. 2017-06-04 11:17:14 +05:30
Abijeet 860d4d4be5 #47 - Changes the way we are handling fetching of data for the comment section. 2017-05-30 09:02:47 +05:30
Abijeet 1a1e71cd60 #47 Adds two attributes updated and created to display time to user. 2017-05-25 08:03:27 +05:30
Abijeet 34802ff8a6 #47 Inserts null for updated_at when the user is creating a comment. 2017-05-25 08:02:49 +05:30
Abijeet 03e5d61798 #47 Implements the reply and edit functionality for comments. 2017-05-16 00:40:14 +05:30
Abijeet Patro 4f231d1bf0 Merge pull request #11 from BookStackApp/master
Fixed chapter check for non-mysqlnd instances
2017-05-15 22:25:33 +05:30
Dan Brown 75981c2412
Fixed chapter check for non-mysqlnd instances
Fixes #383
2017-05-07 19:34:56 +01:00
Abijeet 8b82753218 #47 - Gets rid of simplemde 2017-05-03 02:42:04 +05:30
Abijeet Patro 3368fe42d8 Merge pull request #10 from BookStackApp/master
Latest changes
2017-05-03 01:41:08 +05:30
Dan Brown f8ae4c335e
Made single entity updates more efficent 2017-04-30 19:44:59 +01:00
Dan Brown 5570e858e5
Made more efficiency improvements to permission system 2017-04-30 11:38:58 +01:00
Dan Brown 1859a4d356
Refactored permission system components
Split joint permission creation into chunks

Fixes #374
2017-04-29 22:01:43 +01:00
Dan Brown ad4642c2c4
Enabled translation when not logged in
Reads from the Accept-Language HTTP header.
Also fixed some encoding for ES translations.

Fixes #375
2017-04-29 16:47:41 +01:00
Abijeet c3ea0d333e #47 - Adds functionality to display child comments. Also has some code towards the reply functionality. 2017-04-27 02:35:29 +05:30
Dan Brown 44347ee353
Fixed search system id clash 2017-04-23 20:27:49 +01:00
Dan Brown fdd816b17d Merge pull request #362 from DaneEveritt/patch-1
Queue confirmation emails.
2017-04-23 17:15:06 +01:00
Dan Brown a323b0d49c
Allowed child entity permissions to override parent permissions
Updated elements of a page display and sidebar render to allow
child permissions to work even when parent entitites have permission
set. This allows a page with a 'view' permission to be viewable even
when the parent book or chapter is not viewable.

Fixes #366
2017-04-22 13:39:34 +01:00
Dan Brown 4c985aac7e
Added page revision counting
Adds stored revision counts to pages and the revisions themselves.
Closes #321
2017-04-20 20:58:54 +01:00
Abijeet 8e2437498f Merge branch 'master' of https://github.com/Abijeet/BookStack 2017-04-19 01:23:27 +05:30
Abijeet b3d4c199ae Merge branch 'master' of https://github.com/Abijeet/BookStack
Conflicts:
	.gitignore
2017-04-19 01:21:45 +05:30
Dan Brown 5fee7c4db1 Merge pull request #340 from BookStackApp/search_system
Implementation of new search system
2017-04-16 11:01:00 +01:00
Dan Brown 8ed9f75d57
Fixed model extending mis-use 2017-04-16 10:54:23 +01:00
Dan Brown a15b179676
Updated testcases for new search system.
Finishes implementation of new search system.
Closes #271
Closes #344
Fixes #285
Fixes #269
Closes #64
2017-04-16 10:47:44 +01:00
Dan Brown 73844b9eeb
Enabled type search filter in book search 2017-04-15 19:31:11 +01:00
Dan Brown dcde599709
Added chapter search
Migrated book search to vue-based system.
Updated old tag seached.
Made chapter page layout widths same as book page.
Closes #344
2017-04-15 19:16:07 +01:00
Dan Brown 0e0945ef84
Finished off UI for search system 2017-04-15 15:04:30 +01:00
Dane Everitt dfaf20dd83 Actually include the Queueable namespace... 2017-04-13 20:09:38 -04:00
Dane Everitt 786262db3b Queue confirmation emails.
Implements Laravel's queue abilities into the email notification job. Should not affect existing installations that are not using queues as the environment file defaults to `sync`.
2017-04-13 20:03:03 -04:00
Dan Brown 46f3d78c8a
Fixed entity type filter bug in new search system 2017-04-09 21:12:13 +01:00
Dan Brown 1338ae2fc3
Started search interface, Added in vue and moved fonts 2017-04-09 20:59:57 +01:00
Dan Brown 37813a223a
Improved DB prefix support and removed old search method 2017-04-09 14:44:56 +01:00
Dan Brown 01cb22af37
Added tag searches and advanced filters to new search 2017-03-27 18:05:34 +01:00
Dan Brown 331305333d
Added search term parsing and exact term matches 2017-03-27 11:57:33 +01:00
Dan Brown 0651eae7ec
Improve efficiency of single entity search indexing 2017-03-26 19:34:53 +01:00
Dan Brown 1552417598
Developed basic search queries.
Updated search & permission regen commands with ability to specify
database.
2017-03-26 19:24:57 +01:00
Dan Brown cc0ce7c630
Fixed bug preventing page revision restore
Added regression tests to cover.
Fixes #341
2017-03-23 22:19:14 +00:00
Dan Brown 070d4aeb6c
Started implementation of new search system 2017-03-19 12:48:44 +00:00
Dan Brown 36173eb47d
Removed extension from translation script link
Also fixed bug causing EN translation backup to not be passed
to javascript translation system.

Closes #328
2017-03-05 14:10:55 +00:00
Dan Brown a90f564980
Made LDAP email attribute configurable via .env
Closes #306
2017-02-26 14:51:49 +00:00
Dan Brown 253132afdf
Added chapter export options
Closes #177
2017-02-26 14:25:02 +00:00
Dan Brown eded8abded
Added book export and created export tests to cover
In reference to #177
2017-02-26 13:26:51 +00:00
Dan Brown 0abed1afe5
Added clear activity/revision commands. Cleaned commands.
Added testing to cover each command.
Removed example laravel inspire command.
Standardised command names to be behind 'bookstack' naming.
In reference to #320.
2017-02-26 09:16:24 +00:00
Dan Brown 22077d4181
Updated DOMPDF to latest version 2017-02-25 14:59:56 +00:00
Dan Brown 387047f262
Fixed inaccessible revisions, added regression tests
Fixes #309
2017-02-25 12:29:01 +00:00
Dan Brown a6128a1df1
Merge bugfixes from branch 'v0.14' 2017-02-05 21:24:15 +00:00
Dan Brown 6638ee47d3
Fixed entities wrongly visible on 404
Also ensured header state as expected on 404.
In reference to BookStackApp/website#9
2017-02-05 21:19:29 +00:00
Dan Brown 65899a3e91
Prevented settings being overfetched from db/cache 2017-02-05 18:57:57 +00:00
Dan Brown 86625a7642
Neatened up social login/register buttons 2017-02-05 15:28:53 +00:00
Abijeet 410e967eb1 Merge branch 'master' of https://github.com/Abijeet/BookStack 2017-02-05 16:46:32 +05:30
Dan Brown 076693efc9
Added facebook, slack & twitter sign in options.
Also added icon svg blade helper.
Closes #125. Starts #213.
Requires documentation.
2017-02-04 11:01:49 +00:00
Dan Brown 2431ce9f86
Merge branch 'v0.14' 2017-02-01 22:28:38 +00:00
Dan Brown 9eecaea31a
Attempt to fix bookchildren and user getThumb
Hopefully Fixes #292 and #294 and #287
2017-02-01 22:16:32 +00:00
Abijeet 148350009c #47 Adds comment permission to each role. 2017-01-29 14:25:20 +05:30
Abijeet 70991fc1e5 Merge branch 'master' of https://github.com/Abijeet/BookStack 2017-01-29 09:35:46 +05:30
Dan Brown 6669998c10
Upgraded to Laravel 5.4 2017-01-25 19:35:40 +00:00
Dan Brown 492e2f173e
Fixed error causing permissions to be deleted on book sort
Closes #282
2017-01-23 22:27:11 +00:00
Dan Brown 380f0f2042
Prevented a missing avatar from crashing the application 2017-01-22 12:19:50 +00:00
Dan Brown 33d4844f17
Fixed role 'manage own permissions' permission 2017-01-22 12:16:02 +00:00
Dan Brown 989de47f22
Fixed hidden book children for admins on upgrade 2017-01-22 12:02:30 +00:00
Dan Brown 2d4034f3b7
Added transclusion tests and fixed other tests 2017-01-21 16:16:27 +00:00
Dan Brown a4f6bc63f0
Updated page include logic to use blade-style tags
It will also snippets of a page if and id is provided in a tag
2017-01-21 13:53:00 +00:00
Dan Brown e4e3b25c22
Started page transclusion system 2017-01-16 21:24:48 +00:00
Dan Brown dabf149411
Added user setting system and added user-lang option
Supports #115
2017-01-15 16:27:24 +00:00
Dan Brown ee5ded6e1e
Updated permission bookChildrenQuery to use QueryBuilder 2017-01-15 15:00:29 +00:00
Dan Brown 598b07b53d
Updated LDAP to allow protocol to be specified
As per details by fredericmohr in #236
2017-01-14 17:55:09 +00:00
Dan Brown e211f31370
Merge branch 'patch-2' of git://github.com/fredericmohr/BookStack into fredericmohr-patch-2 2017-01-14 17:30:49 +00:00
Dan Brown 969ad8911c
Updated page nav to hide when empty 2017-01-14 15:34:52 +00:00
Abijeet 397db04428 Added comments controller, model, repo, and the database schema. Modified existing Page model to associate with comments. 2017-01-13 21:45:48 +05:30
Dan Brown 581c382f65
Fixed image delete permission issue
Also fixed missing translations and wrote tests to cover issue.
Fixes #258
2017-01-08 19:19:30 +00:00
Dan Brown 212cd710aa
Fixed default empty app settings effecting blank app color
Fixes #265
2017-01-08 18:42:46 +00:00
Dan Brown f2917fc462
Added tests to cover social login actions
Closes #244
2017-01-02 14:56:58 +00:00
Dan Brown 7c8c4c2a05
Normalised page nav header inset when only small headers are used 2017-01-02 12:13:03 +00:00
Dan Brown 8453191dfb
Finished refactor of entity repos
Removed entity-specific repos and standardised
the majority of repo calls to be applicable to
all entity types
2017-01-02 11:07:27 +00:00
Dan Brown 65796cfc7b
Rewrote book children query 2017-01-01 21:21:11 +00:00
Dan Brown bab27462ab
Fixed issue where default user was over-fetched 2017-01-01 17:33:06 +00:00
Dan Brown 241278226f
Refactored search and slug repo components 2017-01-01 16:57:47 +00:00
Dan Brown 7f9de2c8ab
Started refactor to merge entity repos 2017-01-01 16:05:44 +00:00
Dan Brown 3f0ef57d31
Added wkhtmltopdf support and done some style tweaks
Closes #248
2017-01-01 12:20:30 +00:00
Dan Brown 0eb90cb3b6
Fixed carbon locale setting 2016-12-31 14:38:04 +00:00
Dan Brown 9fe158b78a Merge pull request #255 from olexus/master
Add Carbon localization support
2016-12-31 14:36:01 +00:00
Dan Brown a24f3d7d47 Merge branch 'master' into translations 2016-12-31 14:32:52 +00:00
Dan Brown c9700e38e2
Created solution for JS translations
Also tidied up existing components and JS
2016-12-31 14:27:40 +00:00
Dan Brown 05316c90ba
converted image picker to blade-based component
Also updated some other JS translations
2016-12-24 15:21:19 +00:00
olexus f30f4579e9 Add Carbon localization support 2016-12-19 11:05:06 +03:00
Dan Brown 573357a08c
Extracted text from logic files 2016-12-04 16:51:39 +00:00
Dan Brown c403d05755
Fixed social login routes
Fixes #239
2016-11-27 19:11:15 +00:00
Frederic Mohr 340d3f833b Update Ldap.php
This is a very crude workaround, a better solution is explained in the comments I added.
2016-11-15 11:10:12 +01:00
Dan Brown 694a9459c1
Moved text from auth views into lang files 2016-11-13 16:34:28 +00:00
Dan Brown 0fb1fc87c8
Enabled utf8 slugs
Prevents slug change when using only non-ascii chars
Allows use of more localised urls.

Closes #233
2016-11-12 17:16:52 +00:00
Dan Brown d3c7aada89
Fixed attachments on draft pages 2016-11-12 14:21:54 +00:00
Dan Brown e639600ba5
Renamed files to attachments 2016-11-12 14:12:26 +00:00
Dan Brown 600055bc73
Fixed tag searches and added tag search regression test
Fixes #222
2016-11-12 13:21:16 +00:00
Dan Brown 672b15d36c
Fixed attachment base-url usage and non-existant images
Images now self-delete if the original file does not exist.
Prevents simply getting non-fixable errors.

Also cleaned some JS.
2016-11-12 12:41:34 +00:00
Dan Brown ac80723058
Merge fixes from branch 'v0.12' 2016-11-12 11:40:54 +00:00
Dan Brown ab468bac3c
Updated build and versioning system
Added versioning file instead of using git tags
(Step towards removing git as a dependancy in the future)

Updated gulpfile to fit with verisioning system and cleaned
up node dependancies.

Fixes #108
2016-10-30 17:44:00 +00:00
Dan Brown b251671e3f
Amended search to not break on non-alpha-num chars
And also fixed exact term matches that contain non-alpha-num chars
Fixes #212
2016-10-30 12:08:22 +00:00
Dan Brown 8b43b91057
Improved password reset flow with notifications.
Also added links to sign-in/register.
Fixed links in emails sent out.

Fixes #210 and #218.
2016-10-30 11:36:57 +00:00
Dan Brown 30458405ce
Page Attachments - Improved UI, Now initially complete
Closes #62
2016-10-23 17:55:48 +01:00
Dan Brown 91220239e5
Added in attachment tests 2016-10-23 15:25:04 +01:00
Dan Brown 7ee695d74a
File upload deletion complete & added extension handling
Also fixed issue with file editing on JS side
2016-10-23 13:36:45 +01:00
Dan Brown 867fc8be64
Added basic attachment editing functionality 2016-10-11 20:39:11 +01:00
Dan Brown 89509b487a
Added attachment creation from link/name 2016-10-10 21:13:18 +01:00
Dan Brown ac0b29fb6d
Added view, deletion and permissions for files 2016-10-10 20:30:27 +01:00
Dan Brown 673c74ddfc
Started work on attachments
Created base models and started user-facing controls.
2016-10-09 18:58:22 +01:00
Dan Brown 3b7d223b0c
Updated and added tests for new default user system
Closes #138
2016-09-29 17:07:58 +01:00
Dan Brown b662670efc
Prevented guest users creating draft pages. 2016-09-29 15:56:57 +01:00
Dan Brown 771626b6ec
Started work on making the public role/user configurable
Create a new 'public' guest user and made the public
role visible on role setting screens.
2016-09-29 12:43:46 +01:00
Dan Brown f15cc5bdfa
Separated revision preview and diff & fixed chosen diff html
Closes #8
2016-09-29 10:10:46 +01:00
Dan Brown fff5bbcee4
Merge branch 'diff' of git://github.com/younes0/BookStack into younes0-diff 2016-09-29 09:32:40 +01:00
Dan Brown 42d8e9e5bd
Improved numeric term search capabilities
Prevented a quoted term also being added to fuzzy searches
and also added check to see if the term is numeric to check if
an exact match is required.

Closes #200
2016-09-29 09:13:15 +01:00
Dan Brown 1d681e53e4
Added page navigation and tweaked header styles
Changed header selection in editor to be more descriptive and
to provide a wider range of styles.

Closes #68
2016-09-18 14:49:36 +01:00
Dan Brown e0235fda8b
Made registration gravatar/email requests fail gracefully
* Extracted any email confirmation text into langs.
* Added new notification on confirmation email send fail.

Closes #187
2016-09-17 21:33:55 +01:00
Dan Brown 9dc9724e15 Laravel 5.3 upgrade (#189)
* Started move to laravel 5.3

* Started updating login & registration flows for laravel 5.3 update

* Updated app emails to notification system

* Fixed registations bugs and removed email confirmation model

* Fixed large portion of laravel post-upgrade issues

* Fixed and tested LDAP process
2016-09-17 18:22:04 +01:00
Dan Brown bbd8fff021
Fixed bad image base-urls and forced tinyMCE to use absolute
Also ensured image file existance is checked during base64 conversion
during exports.
Closes #171.
2016-09-03 19:24:58 +01:00
Dan Brown ec17bd8608
Improved Exception handling, Removed npm requirement for testing 2016-09-03 12:08:58 +01:00
Dan Brown 3f81eba13b Updated travis testing to work with new helper configuration (#175)
* Updated travis to call phpunit globally rather then booting application first
2016-08-27 11:27:23 +01:00
Dan Brown 7973412c29
Improved sort efficiency by a factor of 10
Fixes #145
2016-08-26 20:20:58 +01:00
Dan Brown f83de5f834
Fixed single word quoted search terms
Fixes #170
2016-08-25 17:17:26 +01:00
Dan Brown 96c074bb56
Merge fixes from branch 'v0.11' 2016-08-21 15:02:37 +01:00
Dan Brown f8a299caee
Fixed login 'intended' redirect for custom urls.
Also changed social account detach wording.
2016-08-21 14:49:40 +01:00
Chris 437dce7756 Applied baseUrl to login redirect 2016-08-21 13:48:56 +01:00
Chris 632ecc668f Applied baseUrl to login redirect 2016-08-15 15:07:45 +01:00
Dan Brown 92d393537c Merge branch 'v0.11' 2016-08-14 13:09:44 +01:00
Dan Brown 43d9d2eba7 Updated all application urls to allow path prefix.
Allows BookStack to be installed at a non-root location on a domain.
Closes #40.
2016-08-14 12:29:35 +01:00
Dan Brown baa260a03d Started work on subdirectory support 2016-08-13 17:56:25 +01:00
Dan Brown 2d958e88bf Fixed entities created with blank slugs.
Fixes #156.
2016-08-13 13:53:04 +01:00
Dan Brown 42976ca48c Fixed revision-based redirect on new pages 2016-07-26 18:16:40 +01:00
Dan Brown 7215392784 Changed when revisions are saved and update changelog input
Revisions are now saved when te page content is originally saved whereas before they were saved on the next update to the page.
2016-07-10 12:12:52 +01:00
Younès EL BIACHE c279c6e2af replace GPL diff lib with MIT lib
replace gpl lib with mit lib
2016-07-10 12:01:05 +02:00
Dan Brown 8a9a8dfae5 Merge branch 'summary' of git://github.com/younes0/BookStack into younes0-summary 2016-07-10 10:42:47 +01:00
Dan Brown c44314def3 Added check for s3 bucket name to choose shortest url 2016-07-10 10:28:05 +01:00
Dan Brown 8b899a9cf0 Merge branch 'patch-1' of git://github.com/younes0/BookStack into younes0-patch-1 2016-07-10 10:15:38 +01:00
Younes El Biache 32a06f119b set uploaded files public visibliity (relevant for S3 storage) 2016-07-09 15:26:53 +02:00
Younes El Biache ec30864ce5 shorter amazon S3 url 2016-07-09 14:33:37 +02:00
Younès EL BIACHE 6bc72e157a edit summary 2016-07-07 20:53:43 +02:00