Dan Brown
0f68be608d
Removed most usages of restricted entitiy property
2022-10-10 16:58:26 +01:00
Dan Brown
aee0e16194
Started code update for new entity permission format
2022-10-08 13:52:59 +01:00
Dan Brown
1df9ec9647
Added proper entity permission removal on role deletion
...
Added test to cover.
2022-10-07 13:12:33 +01:00
Dan Brown
900e853b15
Quick run through of applying new test entity helper class
2022-09-29 22:11:16 +01:00
Dan Brown
b56f7355aa
Migrated much test entity usage via find/replace
2022-09-29 17:31:38 +01:00
Dan Brown
068a8a068c
Extracted entity testcase methods to own class
...
Also added some new fetch helper methods for future use.
2022-09-29 16:49:25 +01:00
Dan Brown
0e94fd44a8
Added contents to book-show endpoint
...
Created a generic list formatting helper class for this, to align with
logic used on the search results endpoint and for easier future re-use
in a standardised way.
Also updated some class property types.
Added test to cover new books-contents results.
Related to #3734
2022-09-29 15:08:18 +01:00
Dan Brown
60171b3522
Updated book copy to copy shelf relations
...
Where permission to edit the shelf is allowed.
For #3699
2022-09-28 14:14:51 +01:00
Dan Brown
1ac1cf0c78
Applied permissions to revision action visibility
...
Related to #3723
2022-09-28 11:10:06 +01:00
Dan Brown
bf56254077
Merge branch 'auth_review' into development
2022-09-27 19:34:48 +01:00
Dan Brown
f21669c0c9
Cleaned testing service provider usage
...
Moved testing content out of AppServiceProvider, to a testing-specific
service provider. Updated docs and added composer commands to support
parallel testing.
Also reverted unintentional change to wysiwyg/config.js.
2022-09-27 01:27:51 +01:00
Dan Brown
e18033ec1a
Added initial support for parallel testing
2022-09-26 21:25:32 +01:00
Dan Brown
5c5ea64228
Added login throttling test, updated reset-pw test method names
2022-09-22 17:29:38 +01:00
Dan Brown
90b4257889
Split out registration and pw-reset tests methods
2022-09-22 17:15:15 +01:00
Dan Brown
8a749c6acf
Added and ran PHPCS
2022-09-18 01:25:20 +01:00
Dan Brown
623ccd4cfa
Removed old thai files, added romanian as lang option
...
Also applied styleci changes
2022-09-06 17:41:32 +01:00
Dan Brown
d8672944a5
Added image view access notice to role form
...
Added to clarify the role permission in scenarios where users may have
not read the docs site to understand image access control.
Related to #3688
2022-09-06 17:20:35 +01:00
Dan Brown
6955b2fd5a
Widened svg content attribute xss filtering
...
Takes care of additional cases that can occur.
Closes #3705
2022-09-06 17:01:56 +01:00
Dan Brown
24f82749ff
Updated OIDC group attr option name
...
To match the existing option name for display names.
Closes #3704
2022-09-06 16:33:17 +01:00
Dan Brown
7101ce3050
Added "page_include_parse" theme event
...
For custom control of include tag parsing.
2022-09-05 16:40:42 +01:00
Dan Brown
fbef0d06f2
Added permission visiblity control to image-delete button
...
Includes test to cover.
For #3697
2022-09-05 15:52:12 +01:00
Dan Brown
ee1e936660
Applied styleci changes, updated composer deps
2022-09-05 13:18:37 +01:00
Dan Brown
2fe261e207
Updated page revisions link visibility
...
To match the actual visibilities of the revisions listing page and
options.
Related to #2946
2022-09-03 12:32:21 +01:00
Dan Brown
7f8b3eff5a
Fixed failing tests due to shelf text changes, applied styleci changes
2022-09-02 14:47:44 +01:00
Dan Brown
c76b5e2ec4
Fixed local_secure_restricted preventing attachment uploads
...
Due to option name change and therefore lack of handling.
Added test case to cover.
2022-09-02 14:40:17 +01:00
Dan Brown
092b6d6378
Added test and handling for local_secure_restricted in exports
2022-09-02 14:21:43 +01:00
Dan Brown
f88330202b
Added test to cover secure restricted functionality
2022-09-02 14:03:23 +01:00
Dan Brown
f28ed0ef0b
Fixed shelf covers being stored as 'cover_book'
...
Are now stored as 'cover_bookshelf' as expected.
Added a migrate to alter existing shelf cover image types.
2022-09-02 12:54:54 +01:00
Dan Brown
34c63e1c30
Added test & update to prevent page creation w/ empty slug
...
Caused by changes to page repo in reference work,
This adds back in the slug generate although at a more central place.
Adds a test case to cover the problematic scenario.
2022-09-01 12:53:34 +01:00
Dan Brown
9153be963d
Added book child reference handling on book url change
...
Closes #3683
2022-08-30 22:00:32 +01:00
Dan Brown
1cc7c649dc
Applied StyleCi changes, updated php deps
2022-08-29 17:46:41 +01:00
Dan Brown
e537d0c4e8
Merge pull request #3656 from BookStackApp/x_linking
...
Link reference tracking & updating
2022-08-29 17:45:05 +01:00
Dan Brown
6edf2c155d
Added maintenance action to regenerate references
2022-08-29 17:30:26 +01:00
Dan Brown
401c156687
Merge pull request #3616 from BookStackApp/oidc_group_sync
...
Added OIDC group sync functionality
2022-08-25 11:17:18 +01:00
Dan Brown
b86ee6d252
Rolled out reference link updating logic usage
...
Added test to cover updating of content on reference url change
2022-08-21 18:05:19 +01:00
Dan Brown
f634b4ea57
Added entity meta link to reference page
...
Not totally happy with implementation as is requires extra service to be
injected to core controllers, but does the job.
Included test to cover.
Updated some controller properties to be typed while there.
2022-08-20 12:07:38 +01:00
Dan Brown
d198332d3c
Rolled out reference pages to all entities, added testing
...
Including testing to check permissions applied to listed references.
2022-08-19 22:40:44 +01:00
Dan Brown
bbe504c559
Added reference handling on page actions
...
Page update/create/restore/clone/delete.
Added a couple of tests to cover a couple of those.
2022-08-17 17:37:27 +01:00
Dan Brown
3290ab3ac9
Added regenerate-references command test
...
Also updated model resolvers to only fetch model ID, to prevent bringing
back way more data from database than desired.
2022-08-17 16:59:23 +01:00
Dan Brown
5d29d0cc7b
Added reference storage system, and command to re-index
...
Also re-named/orgranized some files for this, to make them "References"
specific instead of a subset of "Util".
2022-08-17 14:40:14 +01:00
Dan Brown
344b3a3615
Added system to extract model references from HTML content
...
For the start of a managed cross-linking system.
2022-08-16 13:23:53 +01:00
Dan Brown
837fd74bf6
Refactored search-based code to its own folder
...
Also applied StyleCI changes
2022-08-16 11:28:05 +01:00
Dan Brown
5f7cd735ea
Added content filtering of tags with javascript or data in values attr
...
Case would be blocked by CSP but adding for cases where CSP may not be
active when content taken externally.
For #3636
2022-08-11 10:28:32 +01:00
Dan Brown
16eedc8264
Fixed failed permission checks due to non-loaded fields
...
Added additional exceptions to prevent such cases in the future, so
that they are caught in dev ideally.
Added test case specifically for reported favourite scenario.
2022-08-10 08:06:48 +01:00
Dan Brown
97ec560282
Added test to cover export body start/end partial usage
2022-08-09 13:49:42 +01:00
Dan Brown
45dc28ba2a
Applied latest styleci changes
2022-08-09 13:26:45 +01:00
Dan Brown
6e0a7344fa
Added revision activity types to system and audit log
...
Closes #3628
2022-08-09 13:25:18 +01:00
Dan Brown
89ec9a5081
Sprinkled in some user language validation
...
For #3615
2022-08-04 17:24:04 +01:00
Dan Brown
b987bea37a
Added OIDC group sync functionality
...
Is generally aligned with out SAML2 group sync functionality, but for
OIDC based upon feedback in #3004 .
Neeeded the tangental addition of being able to define custom scopes on
the initial auth request as some systems use this to provide additional
id token claims such as groups.
Includes tests to cover.
Tested live using Okta.
2022-08-02 16:56:56 +01:00
Dan Brown
0bb5654f80
Updated composer deps, applied StyleCI changes
2022-07-27 11:07:41 +01:00