colin
/
bookstack
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,519 Commits 1 Branch 0 Tags 48 MiB
Commit Graph

46 Commits

Author SHA1 Message Date
Dan Brown 60ffe6a993 Updated packages and added better upload failure logging 
To fix #2689
Updates all packages but mainly focused on aws-sdk
 2021-04-19 20:16:49 +01:00
Dan Brown 215c69acb2 Merge image name cleaning functions 
Updated testing for changes and to check existing of new expected file
name.
Related to #2611
 2021-03-14 23:20:21 +00:00
Dan Brown c1f67372a7 Merge branch 'master' of git://github.com/webfoersterei/BookStack into webfoersterei-master 2021-03-14 22:55:30 +00:00
Dan Brown 1e5951a75f Done a refactor pass on PermissionService 
Could do with splitting out into seperate query/build classess really.
Closes #2633.
 2021-03-14 19:52:07 +00:00
Dan Brown 98a1e57ba9 Ran phpcbf and updated phpcs.xml 2021-03-07 22:24:05 +00:00
Timo Förster 745d15d200
Allow uploads of files containing dots in filename. Closes BookStackApp/BookStack#2217 2021-03-04 22:27:20 +01:00
Dan Brown e5a96b0cb0
Added test case for avatar failed fetch 
Fixed non-imported log issue while there.
For #2449
 2021-01-10 13:29:13 +00:00
Dan Brown b493becadf
Started change for entities to have concept of owners 2020-12-30 18:25:35 +00:00
Dan Brown 4e82d93350
Updated wording of image cleanup option 
As per #2352
 2020-12-18 22:59:47 +00:00
Dan Brown cf04a0d818
Merge branch 'v0.30.x' 2020-12-18 14:16:13 +00:00
Dan Brown 2acef3c2ec
Fixed issue where restricted page content in plaintext export 
The content of pages made non-viewable to a user via permissions, within a visible parent, could be seen via the plaintext export option. Before v0.30.6 this would have applied only to scenarios where all pages within the chapter were made non-visible. In v0.30.6 this would make all pages within the chapter visible.

As per #2414
 2020-12-18 13:56:00 +00:00
Dan Brown 00308ad4ab
Cleaned up some user/image areas of the app 
Further cleanup of docblocks and standardisation of repos.
 2020-12-08 23:46:38 +00:00
Dan Brown 65b2c90522
Merge branch 'v0.30.x' 2020-12-06 21:32:01 +00:00
Dan Brown 884664bfe9
Ensured base64 images are read from image upload folder 
Also removed unused storage systems and updated testing.
 2020-12-06 15:34:18 +00:00
Dan Brown 8911e3f441
Removed http fetching from image base64 generation 2020-12-06 14:24:22 +00:00
Dan Brown 7d38c96a23
Removed generic "UploadService" which was doing very little 2020-12-06 12:58:40 +00:00
Dan Brown ef1b98019a
Fixed some mis-refactoring and split search service 
Search service broken into index and runner tools.
 2020-11-22 00:17:45 +00:00
Dan Brown 349162ea13
Prevented possible XSS via link attachments 
This filters out potentially malicious javascript: or data: uri's coming
through to be attached to attachments.
Added tests to cover.

Thanks to Yassine ABOUKIR (@yassineaboukir on twitter) for reporting this
vulnerability.
 2020-10-31 15:01:52 +00:00
Dan Brown ad48cd3e48
Continued implementation of attachment drag+drop 
Cannot get working in chrome reliably due to conflicting handling of
events and drag+drop API. Getting attachment drop working breaks other
parts of TinyMCE.
Implementing current work as should still work for MD editor and within
FireFox.

Related to #1460
 2020-09-13 18:31:14 +01:00
Dan Brown 18f406d97b
Started attachment drag/drop 
Currently fighting between sortable and tinymce mechanisms which prevent
this working due to the different events stopping the drop event while
needing the dragover for cursor placement.
 2020-07-28 10:45:28 +01:00
Dan Brown 8213ea9a71
Fixed issue where URL params in image names would cause loading failure 
Updated file name handling to route through str:slug to be cleaned up
a little.
Added testing to cover.

Fixes #2161
 2020-07-25 11:18:40 +01:00
Dan Brown 02dc3154e3
Converted image-manager to be component/HTML based 
Instead of vue based.
 2020-07-25 00:20:58 +01:00
Dan Brown b6aa232205
Fixed issue where more images than expected could be deleted 
When deleting images, images within the same directory, that have
a suffix of the delete image name, would also be deleted.

Added test to cover.
 2020-07-24 23:41:59 +01:00
Dan Brown 14b6cd1091
Started migration of attachment manager from vue 
- Created new dropzone component.
- Added standard component event system using custom DOM events.
- Added tabs component.
- Added ajax-delete-row component.
 2020-06-30 22:12:45 +01:00
Dan Brown 3500182c5f
Updated drawing uploads to use user id in image name 
- Instead of user name.
- Due to issues with advanced charts like emoji zero-width-joiners.
- Could also have security concerns on untrusted instances with certain
webserver config due to double extension possibilities.

Closes #1993
 2020-04-04 00:48:32 +01:00
TBK d3737d5a87
Remove redundant getImageValidationRules method 2020-03-04 00:17:49 +01:00
Dan Brown 04a8614136
Filled out base Book API endpoints, added example responses 2020-01-12 14:45:54 +00:00
Dan Brown 32e7f0a2e6
Made display thumbnail generation use original data if smaller 
Thumbnail generation would sometimes create a file larger than the
original, if the original was already well optimized, therefore making
the thumbnail counter-productive. This change compares the sizes of the
original and the generated thumbnail, and uses the smaller of the two if
the thumbnail does not change the aspect ratio of the image.

Fixes #1751
 2019-12-22 12:44:49 +00:00
Dan Brown 140298bd96
Updated to Laravel 5.8 2019-09-13 23:58:40 +01:00
Dan Brown 4b0c4e621a
Replaced use of custom 'baseUrl' helper with 'url' 
Also changed up how base URL setting was being done
by manipulating incoming request URLs instead of
altering then on generation.
 2019-08-04 14:26:39 +01:00
Dan Brown 1e7df28238
Set export service to set correct svg image mimetype 
For #1538
 2019-07-17 22:37:19 +01:00
Dan Brown 762d1d7595
Allowed different storage types for images and attachments 
- Added new env and config vars to allow this.
- Also added tests for awkward config logic including fallback for new
env vars.

Closes #1302
 2019-06-23 16:01:15 +01:00
Dan Brown 0a0ceb382e
Doubled image upload display thumb size 
Related to #1108
 2019-05-19 14:52:17 +01:00
Dan Brown 3f83c548f8
Ran phpcbf 2019-05-05 14:54:37 +01:00
Dan Brown 8c190324ac
Updated existing image tests to reflect changes 
- Also added some new tests
 2019-05-04 18:11:19 +01:00
Dan Brown 79f6dc00a3
Change image-selector to not use manager 
- Now changes the images directly for user, system & cover.
- Extra permission checks added to edit & delete actions.
 2019-05-04 15:50:29 +01:00
Dan Brown a87ae16010
Started extraction of image controller to separate controllers 2019-04-27 14:18:00 +01:00
Dan Brown aeb1fc4d49
Started rewriting back-end image managment 2019-04-21 15:52:29 +01:00
Dan Brown 193e2ffebe
Prevent dbl exts. on img upload, Randomized attachment upload names 2019-03-24 19:08:21 +00:00
abijeet 5ef0992d5b PHPCS related fixes. 2019-01-27 15:59:23 +05:30
Dan Brown 68017e2553
Added testing for avatar fetching systems & config 
Abstracts imageservice http interaction.
Closes #1193
 2018-12-23 15:34:38 +00:00
Dan Brown b56fc21aaf
Abstracted user avatar fetching away from gravatar 
Still uses gravatar as a default.
Updated URL placeholders to follow LDAP format.
Potential breaking config change: `GRAVATAR=false` replaced by `AVATAR_URL=false`
Builds upon #1111
 2018-12-22 19:29:19 +00:00
Vinrobot 5e6c039b08
Added config to change Gravatar URL 2018-11-10 16:11:11 +01:00
Dan Brown 495d18814a
Updated various classes to take EntityProvider instead of separate entities 2018-09-25 18:00:40 +01:00
Dan Brown 257a5a23ec
Fleshed out entity provided and optimized imports 2018-09-25 16:58:03 +01:00
Dan Brown 919660678b
Re-structured the app code to be feature based rather than code type based 2018-09-25 12:30:50 +01:00