Dan Brown
932e1d7c61
Got entity relation query permission application working
...
May be issues at points of use though, Added todo for this in code.
Also added extra indexes to collapsed table for better query
performance.
2023-01-13 17:10:20 +00:00
Dan Brown
451e4ac452
Fixed collapsed perm. gen for book sub-items.
...
Also converted the existing "JointPermission" usage to the new
collapsed permission system.
2022-12-23 14:05:43 +00:00
Dan Brown
39acbeac68
Started new permission-caching/querying model
2022-12-22 15:09:17 +00:00
Dan Brown
0411185fbb
Added, and built perm. gen for, joint_user_permissions table
2022-12-11 14:51:53 +00:00
Dan Brown
1c53ffc4d1
Updated entity_permissions table for user perms.
...
As start of user permissions work
2022-12-07 14:57:23 +00:00
Dan Brown
06a7f1b54a
Added migration to drop entity restricted field
2022-10-08 15:30:03 +01:00
Dan Brown
1d3dbd6f6e
Migrated entity_permissions table to new flat format
...
Simplifies structure and limits content count, while allowing direct
mapping of new UI intent, where we may have entries with no permissions.
Not yet updated app logic to suit.
Tested via migrating and rolling-back, then comparing export data,
across a set of custom permission entries.
2022-10-07 15:07:09 +01:00
Dan Brown
d0dc5e5c5d
Added a little protection to migration query
...
Just to be sure the query is filtered as expected to only affect
shelf-based images.
2022-09-08 12:26:14 +01:00
Dan Brown
f28ed0ef0b
Fixed shelf covers being stored as 'cover_book'
...
Are now stored as 'cover_bookshelf' as expected.
Added a migrate to alter existing shelf cover image types.
2022-09-02 12:54:54 +01:00
Dan Brown
5d29d0cc7b
Added reference storage system, and command to re-index
...
Also re-named/orgranized some files for this, to make them "References"
specific instead of a subset of "Util".
2022-08-17 14:40:14 +01:00
Dan Brown
837fd74bf6
Refactored search-based code to its own folder
...
Also applied StyleCI changes
2022-08-16 11:28:05 +01:00
Dan Brown
8f90996cef
Dropped use of non-view joint permissions
2022-07-16 21:50:42 +01:00
Dan Brown
b0a4d3d059
Renamed and cleaned up existing permission service classes use
2022-07-12 20:15:41 +01:00
Dan Brown
2d4f708c79
Extracted permission building out of permission service
2022-07-12 19:38:11 +01:00
Dan Brown
c8b123bfac
Updated composer deps, applied styleci changes
2022-06-08 18:00:30 +01:00
Dan Brown
d795af04df
Added ability to escape role "External Auth ID" commas
...
- Using a backslash in this field before a comma.
- Could potentially (Although unlikely) be a breaking change.
For #3405
2022-05-04 21:03:13 +01:00
Dan Brown
f1a8ad4980
Applied latest StyleCI changes
2022-04-25 18:42:31 +01:00
Dan Brown
d5b7fff102
Merge branch 'recycle_bin_api_endpoints' into development
2022-04-25 18:32:55 +01:00
Dan Brown
0930e8519c
Updated polymorphic database relation types to simpler version
...
- Means we can use these simpler types in API response, As desired in #3377 .
Closes #3395
2022-04-25 18:31:37 +01:00
Dan Brown
2b0ae23da0
Updated composer deps, applied latest StyleCI changes
2022-04-24 18:22:40 +01:00
Dan Brown
0c5723d76e
Switched to database-based tracking for page editor
...
- Works better to avoid bad assumptions when showing the editor based
upon content type.
- Also updated some previous tests to cleaner format.
2022-04-23 23:20:46 +01:00
Dan Brown
e8e38f1f7b
Added an 'editor-change' role permission
2022-04-17 14:33:06 +01:00
Dan Brown
00eedafbfd
Added timeout and debugging statuses to webhooks
...
- Added a user-configurable timeout option to webhooks.
- Added webhook fields for last-call/error datetime, in addition to last
error string, which are shown on webhook edit view.
Related to #3122
2022-01-03 19:42:48 +00:00
Dan Brown
67b6c07548
Updated failing tests, Applied StyleCI changes
2021-12-18 16:41:42 +00:00
Dan Brown
04f37e21e2
Applied latest StyleCI changes
2021-12-18 11:43:05 +00:00
Dan Brown
a3ead5062a
Merge branch 'webhooks'
2021-12-18 11:40:08 +00:00
Dan Brown
d00ac3101d
Allowed database queue usage where desired
2021-12-13 18:34:18 +00:00
Dan Brown
dbd4281ae8
Added active toggle to webhooks
...
To allow easy temporary de-activation without deletion or other
workarounds. Updated tests to cover.
2021-12-12 17:39:06 +00:00
Dan Brown
9079700170
Refactored the activity service
...
- Renamed to "ActivityLogger" to be more focused in usage.
- Extracted out query elements to seperate "ActivityQueries" class.
- Removed old 'addForEntity' activity method to limit activity record
points.
2021-12-11 17:29:33 +00:00
Dan Brown
f2cb3b94f9
Added missing migration down table drop
2021-12-10 14:58:14 +00:00
Dan Brown
6381041252
Added testing for webhook management interface
2021-12-10 14:54:58 +00:00
Zero
2fd7b1f0d5
Update index name to 'activities_ip_index'
2021-12-10 14:50:04 +08:00
Zero
a93254430c
Add index for user IP address
2021-12-10 14:50:04 +08:00
Dan Brown
8716b1922b
Completed webhook management interface
...
Got webhook CRUD actions in place within the interface.
Quick manual test pass done, Needs automated tests.
2021-12-08 17:35:58 +00:00
Dan Brown
a3a3055695
Started webhook implementation
2021-12-07 14:55:11 +00:00
Dan Brown
9e0164f4f4
Further search system refactorings
...
- Moved search term querying to its own method.
- Updated Large content seeder to be more performant
2021-11-08 11:29:25 +00:00
Dan Brown
e1b8fe45b0
Refactored search runner a little to be neater
2021-11-08 11:04:27 +00:00
Dan Brown
6f75aa9cdc
Reverted shift change to old migration
2021-11-04 22:38:55 +00:00
Dan Brown
f139cded78
Laravel 8 shift squash & merge ( #3029 )
...
* Temporarily moved back config path
* Apply Laravel coding style
* Shift exception handler
* Shift HTTP kernel and middleware
* Shift service providers
* Convert options array to fluent methods
* Shift to class based routes
* Shift console routes
* Ignore temporary framework files
* Shift to class based factories
* Namespace seeders
* Shift PSR-4 autoloading
* Shift config files
* Default config files
* Shift Laravel dependencies
* Shift return type of base TestCase methods
* Shift cleanup
* Applied stylci style changes
* Reverted config files location
* Applied manual changes to Laravel 8 shift
Co-authored-by: Shift <shift@laravelshift.com>
2021-10-30 21:29:59 +01:00
Dan Brown
f77236aa38
Laravel 7.x Shift ( #3011 )
...
* Apply Laravel coding style
* Shift bindings
* Shift core files
* Shift to Throwable
* Add laravel/ui dependency
* Shift Eloquent methods
* Shift config files
* Shift Laravel dependencies
* Shift cleanup
* Shift test config and references
* Applied styleci changes
* Applied fixes post shift to laravel 7
Co-authored-by: Shift <shift@laravelshift.com>
2021-10-26 22:04:18 +01:00
Dan Brown
887a79f130
Reviewed adding IP recording to activity & audit log
...
Review of #2936
- Added testing to cover
- Added APP_PROXIES to .env.example.complete with details.
- Renamed migration to better align the name and to set the migration
date to fit with production deploy order.
- Removed index from IP column in migration since an index does not yet
provide any value.
- Updated table header text label.
- Prevented IP recording when in demo mode.
2021-09-26 17:18:12 +01:00
Dan Brown
8972f7b212
Merge branch 'log-ip-address' of https://github.com/johnroyer/BookStack into johnroyer-log-ip-address
2021-09-26 16:17:28 +01:00
Dan Brown
c100560bd9
Applied style ci changes again
2021-09-26 15:49:25 +01:00
Dan Brown
5c7eb0df57
Caught old string helper function usage
...
Found by Laravel Shift Workbench
2021-09-26 15:41:11 +01:00
Zero
5cf0c99e32
Add IP column
2021-09-20 11:29:14 +08:00
Dan Brown
0e7166f7f6
Cleaned up DB usage in migration
2021-08-28 21:55:04 +01:00
Dan Brown
7d9de23a25
Applied styleci patches
2021-08-28 21:51:15 +01:00
Dan Brown
eda9e89c55
Added role permissions for exporting content
2021-08-28 21:48:17 +01:00
Dan Brown
09c2814dc7
Added role based MFA control
...
- Added new DB column for control and role updated create/update actions.
- Created new middleware as a start to actual enforcement logic.
- Added indicator to role list of whether MFA is enforced.
2021-07-03 13:34:48 +01:00
Dan Brown
916a82616f
Complete base flow for TOTP setup
...
- Includes DB storage and code validation.
- Extracted TOTP work to its own service file.
- Still needs testing to cover this side of things.
2021-06-30 22:10:02 +01:00