08b39500b3
Fixed gallery images not visible until draft publish
...
For #4028
2023-02-16 17:57:34 +00:00
da1a66abd3
Extracted test file handling to its own class
...
Closes #3995
2023-02-08 14:39:13 +00:00
48df8725d8
Added better drawing load failure handling
...
Failure of loading drawings will now close the drawing view and show an
error message, hinting at file or permission issues, instead of leaving
the user facing a continuosly loading interface.
Adds test to cover.
This also updates errors from our HTTP service to be wrapped in a custom
error type for better identification and so the error is an actual
javascript error. Should be object compatible.
Related to #3955 .
2023-01-26 12:18:33 +00:00
c724bfe4d3
Copied over work from user_permissions branch
...
Only that relevant to the additional testing work.
2023-01-21 11:08:34 +00:00
d2260b234c
Fixed app logo visibility with secure_restricted images
...
Includes test to cover.
For #3827
2022-11-10 14:15:59 +00:00
0f68be608d
Removed most usages of restricted entitiy property
2022-10-10 16:58:26 +01:00
b56f7355aa
Migrated much test entity usage via find/replace
2022-09-29 17:31:38 +01:00
068a8a068c
Extracted entity testcase methods to own class
...
Also added some new fetch helper methods for future use.
2022-09-29 16:49:25 +01:00
8a749c6acf
Added and ran PHPCS
2022-09-18 01:25:20 +01:00
fbef0d06f2
Added permission visiblity control to image-delete button
...
Includes test to cover.
For #3697
2022-09-05 15:52:12 +01:00
c76b5e2ec4
Fixed local_secure_restricted preventing attachment uploads
...
Due to option name change and therefore lack of handling.
Added test case to cover.
2022-09-02 14:40:17 +01:00
092b6d6378
Added test and handling for local_secure_restricted in exports
2022-09-02 14:21:43 +01:00
f88330202b
Added test to cover secure restricted functionality
2022-09-02 14:03:23 +01:00
0bb5654f80
Updated composer deps, applied StyleCI changes
2022-07-27 11:07:41 +01:00
d4a119b2aa
Fixed disabling of avatar urls, Removed id from gravatar image name
...
Included test to cover avatar url disabling.
Related to #1835
2022-07-26 12:10:19 +01:00
72c8b138e1
Updated tests to use ssddanbrown/asserthtml package
...
Closes #3519
2022-07-23 15:10:18 +01:00
829f808800
Merge pull request #3365 from BookStackApp/data_streaming
...
Add data streaming where beneficial to reduce memory usage
2022-04-24 13:59:47 +01:00
0003ce61cd
Fixed failing test after drawio default url change
2022-04-20 23:42:47 +01:00
59d1fb2d10
Fixed tests from streaming changes
...
- Added testing check to buffer stop/clear on streaming output due to
interference during tests.
- Made content-disposition header a little safer in download responses.
- Also aligned how we check for testing environment.
2022-04-03 16:22:31 +01:00
895f656897
Split out settings view and made functional
...
- Split settings out to new views using a core shared layout.
- Extracted added language text to translation files.
- Updated settings routes to be dynamic to category.
- Added redirect for old primary settings route.
- Updated existing tests to cover settings route changes.
- Added tests to cover settings view.
- Improved contrast of settings links for dark mode.
2022-03-28 11:09:55 +01:00
31f1dca8a8
Added detection and thumbnail bypass for apng images
...
Adds apng sniffing when generating thumbnails with retained ratios to
serve the original image files, as we do for GIF images, to prevent
the image being resized to a static version.
Is more tricky than GIF since apng file mimes and extensions
are the same as png, we have to detect part of the file header
to sniff the type. Means we have to sniff at a later stage
than GIF since we have to load the image file data.
Made some changes to the image thubmnail caching while doing
this work to fit in with this handling.
Added test to cover.
For #3136 .
2022-01-04 13:10:35 +00:00
67b6c07548
Updated failing tests, Applied StyleCI changes
2021-12-18 16:41:42 +00:00
c9c4dbcb5b
Merge branch 'laravel_upgrade'
2021-11-04 22:42:35 +00:00
a17be959d8
Applied latest styleci changes
2021-11-01 13:26:02 +00:00
bfbccbede1
Updated attachments to not be saved with a complete extension
...
Intended to limit impact in the event the storage path is potentially
exposed.
2021-11-01 11:32:00 +00:00
43830a372f
Updated showImage file serving to not be traversable
...
For #3030
2021-10-31 23:53:17 +00:00
ae155d6745
Added safe mime sniffing to prevent serving HTML
...
(Amoung other content types)
For #3027
2021-10-31 17:58:56 +00:00
f139cded78
Laravel 8 shift squash & merge ( #3029 )
...
* Temporarily moved back config path
* Apply Laravel coding style
* Shift exception handler
* Shift HTTP kernel and middleware
* Shift service providers
* Convert options array to fluent methods
* Shift to class based routes
* Shift console routes
* Ignore temporary framework files
* Shift to class based factories
* Namespace seeders
* Shift PSR-4 autoloading
* Shift config files
* Default config files
* Shift Laravel dependencies
* Shift return type of base TestCase methods
* Shift cleanup
* Applied stylci style changes
* Reverted config files location
* Applied manual changes to Laravel 8 shift
Co-authored-by: Shift <shift@laravelshift.com>
2021-10-30 21:29:59 +01:00
f77236aa38
Laravel 7.x Shift ( #3011 )
...
* Apply Laravel coding style
* Shift bindings
* Shift core files
* Shift to Throwable
* Add laravel/ui dependency
* Shift Eloquent methods
* Shift config files
* Shift Laravel dependencies
* Shift cleanup
* Shift test config and references
* Applied styleci changes
* Applied fixes post shift to laravel 7
Co-authored-by: Shift <shift@laravelshift.com>
2021-10-26 22:04:18 +01:00
2409d1850f
Added TestCase for attachments API methods
2021-10-20 00:58:56 +01:00
934a833818
Apply fixes from StyleCI
2021-06-26 15:23:15 +00:00
7997300f96
Added front-end toggle and testing of inline attachments
2021-06-06 13:55:56 +01:00
2c3523f6a1
Updated image permission setting logic
...
To ensure thhat the visibility is still set on local storage options
since the previous recent changes could cause problems where in
scenarios where the server user could not read images uploaded by the
php process user.
Closes #2758
2021-05-24 12:09:28 +01:00
829fecd338
Updated app to PHP7.3 min supported version, For php8 support
...
- Updated remaining dependancies
- Upped min versions used
- Updated GH actions to drop 7.2 and include 8.0
- Updated phpunit & tests to 9.x
2021-03-20 15:35:39 +00:00
215c69acb2
Merge image name cleaning functions
...
Updated testing for changes and to check existing of new expected file
name.
Related to #2611
2021-03-14 23:20:21 +00:00
745d15d200
Allow uploads of files containing dots in filename. Closes BookStackApp/BookStack#2217
2021-03-04 22:27:20 +01:00
f25e585008
Moved sketchy file samples to base64 equivilents
...
Hides them from AV systems.
Done some test helper cleaning while at it.
Related to #1571
2021-02-06 00:16:27 +00:00
e5a96b0cb0
Added test case for avatar failed fetch
...
Fixed non-imported log issue while there.
For #2449
2021-01-10 13:29:13 +00:00
ef1b98019a
Fixed some mis-refactoring and split search service
...
Search service broken into index and runner tools.
2020-11-22 00:17:45 +00:00
c7a2d568bf
Moved models to folder, renamed managers to tools
...
Tools seems to fit better since the classes were a bit of a mixed bunch
and did not always manage.
Also simplified the structure of the SlugGenerator class.
Also focused EntityContext on shelves and simplified to use session
helper.
2020-11-21 23:20:54 +00:00
4824ef2760
Merge pull request #2283 from BookStackApp/recycle_bin
...
Recycle Bin Implementation
2020-11-07 15:10:17 +00:00
483cb41665
Started testing work for recycle bin implementation
2020-11-06 12:54:39 +00:00
349162ea13
Prevented possible XSS via link attachments
...
This filters out potentially malicious javascript: or data: uri's coming
through to be attached to attachments.
Added tests to cover.
Thanks to Yassine ABOUKIR (@yassineaboukir on twitter) for reporting this
vulnerability.
2020-10-31 15:01:52 +00:00
8b0f5e7000
Updated draw.io references to diagrams.net
...
Related to #2044
2020-09-28 20:45:38 +01:00
8213ea9a71
Fixed issue where URL params in image names would cause loading failure
...
Updated file name handling to route through str:slug to be cleaned up
a little.
Added testing to cover.
Fixes #2161
2020-07-25 11:18:40 +01:00
02dc3154e3
Converted image-manager to be component/HTML based
...
Instead of vue based.
2020-07-25 00:20:58 +01:00
b6aa232205
Fixed issue where more images than expected could be deleted
...
When deleting images, images within the same directory, that have
a suffix of the delete image name, would also be deleted.
Added test to cover.
2020-07-24 23:41:59 +01:00
9d6f574494
Updated attachment tests to align with front-end changes
2020-07-04 17:04:26 +01:00
5f61620cc2
Added support for changing the draw.io instance URL
...
- Allowed DRAWIO env option to be passed as URL to point to instance.
- Updated tests to check URL gets passed to pages correctly.
- Update default URL to be the default theme.
For #826
2020-04-05 17:27:16 +01:00
f84bf8e883
Updated test files to be PSR-4 compliant
...
Closes #1924
2020-04-04 01:16:05 +01:00
Dan Brown
Dan Brown
Timo Förster