Commit Graph

170 Commits

Author SHA1 Message Date
Dan Brown
78bf044a7a
Added audit log interface
- Displays the currently tracked activities in the system.

Related to #2173 and #1167
2020-09-19 12:06:45 +01:00
Dan Brown
5f1ee5fb0e
Removed role 'name' field from database
The 'name' field was really redundant and caused confusion in the
codebase, since the 'Display' name is often used and we have a
'system_name' for the admin and public role.

This fixes #2032, Where external auth group matching has confusing
behaviour as matching was done against the display_name, if no
external_auth field is set, but only roles with a match 'name' field
would be considered.

This also fixes and error where the role users migration, on role
delete, would not actually fire due to mis-matching http body keys.
Looks like this has been an issue from the start. Added some testing to
cover. Fixes #2211.

Also converted phpdoc to typehints in many areas of the reviewed code
during the above.
2020-08-04 14:55:01 +01:00
Dan Brown
a9f02550f0
Removed joint_permissions auto_increment id
Removed auto_incrementing id and set a primary key of the [role_id,
entity_type, entity_id, action] instead since this table could recieve a
lot of activity, especially when permission regeneration was automated,
leading to very high auto_increment counts which could max out the
integer limit.

Also updated some RolesTest comment endpoints to align with
recent route changes.

Should fix #2091
2020-08-04 13:02:31 +01:00
Dan Brown
3d11cba223
Added testing coverage to API token auth 2019-12-30 19:42:46 +00:00
Dan Brown
692fc46c7d
Removed token 'client' text, avoid confusion w/ oAuth
- Instead have a token_id and a secret.
   - Displayed a 'Token ID' and 'Token Secret'.
2019-12-29 20:07:28 +00:00
Dan Brown
832fbd65af
Added testing coverage to user API token interfaces 2019-12-29 19:46:46 +00:00
Dan Brown
dccb279c84
Built out interfaces & endpoints for API token managment 2019-12-29 17:03:52 +00:00
Dan Brown
d336ba6874
Started work on API token controls
- Added access-api permission.
- Started user profile UI work.
- Created database table and model for tokens.
- Fixed incorrect templates down migration :(
2019-12-29 13:02:26 +00:00
Dan Brown
58a79fcb19
Removed old str_random functions from seeders 2019-09-14 14:17:55 +01:00
Dan Brown
cbf9d701af
Updated to laravel 6 2019-09-14 14:12:39 +01:00
Dan Brown
213e9d2941
Upgraded to Laravel 5.6 2019-09-06 22:14:39 +01:00
Dan Brown
44330bdd24
Start user invite system 2019-08-17 15:52:33 +01:00
Dan Brown
71167426bb
Started implementation of page template 2019-07-07 13:45:46 +01:00
Dan Brown
919660678b
Re-structured the app code to be feature based rather than code type based 2018-09-25 12:30:50 +01:00
Dan Brown
818c02ed44
Added null role check to migrate path
Also added check for existing bookshelf role_permissions
in the event the user got that for.
Also related to #1027
2018-09-24 16:30:08 +01:00
Dan Brown
9abdab3991
Updated migration to convert MyISAM tables to InnoDB
New bookshelves_books tables requires foreign constraints which error on MyISAM.
For #1027
2018-09-24 15:58:40 +01:00
Dan Brown
b62afcad1f Removed search indexing from migration path to prevent Bookshelf issue 2018-09-23 13:25:12 +01:00
Dan Brown
eebfd8904e
Removed old fulltext indexes from migrations
Prevents forcing of MyISAM for some databases
Removed old code to add indexes and added checks for existing indexes before removal.
Should still allow upgrades, rollbacks to old bookstack versions may be funky but
should not be high use-case.
2018-09-23 00:30:48 +01:00
Dan Brown
0b6f83837b
Removed joint_permission generation in older migration 2018-09-20 16:03:01 +01:00
Dan Brown
81eb642f75
Added bookshelves homepage options
- Updated homepage selection UI to be more scalable
- Cleaned homepage selection logic in code
- Added seed test data for bookshelves
- Added bookshelves to permission system
2018-09-20 15:27:30 +01:00
Dan Brown
47b08888ba
Added bookshelf view, update, delete
- Enabled proper ordering of Books in a shelf.
- Improved related item destroy for all entities.
2018-09-16 19:34:09 +01:00
Dan Brown
b89411c108
Copied book content, Added create routes
Added view control
Added pivot table for books relation
Added control to assign books
2018-08-27 14:18:09 +01:00
Dan Brown
c3986cedfc
Added shelve icon, improved migration, added role permission
Icon is placeholder for now
Migration will now copy permissions from Books to apply to shelves.
Role view updated with visibility on shelve permission
2018-08-04 12:45:45 +01:00
Dan Brown
b5a2d3c1c4
Merge remote-tracking branch 'origin' into bookshelves 2018-08-04 11:35:01 +01:00
Dan Brown
f421d83627
Added ability to set custom ldap group -> role mapping
Added input in role form to allow matching against custom names.
Changed default mapping to use role display name instead of the hidden
DB name.
2018-07-15 19:34:42 +01:00
Dan Brown
4948b443b6
Started work on bookshelves 2018-06-24 13:38:19 +01:00
Dan Brown
a50153d221
Slimmed down testing DB sized and improved permission caching 2018-04-14 22:17:47 +01:00
Dan Brown
261e57fc4e
Converted books view setting to user setting
Also cleaned up/moved new CSS and removed redundant new book methods.
2017-12-06 16:34:26 +00:00
Dan Brown
bc1302a8d8
Merge branch 'BookStackApp-master' of git://github.com/OsmosysSoftware/BookStack into OsmosysSoftware-BookStackApp-master 2017-12-06 15:52:54 +00:00
Dan Brown
873b1099f8
Updated to laravel 5.5
Closes #590
2017-11-19 15:56:19 +00:00
Dan Brown
9dfbea8bf9
Restored seeder and fixed scroll on firefox 2017-09-10 13:29:48 +01:00
Dan Brown
fd449582bd
Removed comments from seeder since they are not used by tests 2017-09-09 18:48:47 +01:00
Dan Brown
621142a46e
Removed outdated translations and updated tests 2017-09-09 18:41:59 +01:00
Bharadwaja G
5034f21394 Added migration file. 2017-09-05 19:53:29 +05:30
Dan Brown
fea5630ea4
Made some changes to the comment system
Changed to be rendered server side along with page content.
Changed deletion to fully delete comments from the database.
Added 'local_id' to comments for referencing.
Updated reply system to be non-nested (Incomplete)
Made database comment format entity-agnostic to be more future proof.
Updated designs of comment sections.
2017-09-03 16:37:51 +01:00
Bharadwaja G
7f902e41c7 Resolved conflicts 2017-08-24 12:21:43 +05:30
Dan Brown
d6e87420c3
Merged comment migrations and incremented dev version 2017-08-01 20:05:49 +01:00
Dan Brown
e9831a7507
Merge branch 'master' of git://github.com/Abijeet/BookStack into Abijeet-master 2017-08-01 19:24:33 +01:00
Dan Brown
2704962277
Updated utfmb4 upgrade command 2017-07-22 16:19:17 +01:00
Dan Brown
6bcd89acf7
Moved utf8mb4 migration to command instead of migration
To prevent errors upon migration.
Command generates out the SQL syntax to make the change instead
so the upgrade can be done manually.

In reference to #425
2017-07-22 15:54:17 +01:00
Abijeet
844976c85b Revert "Revert "Bookstack grid view."" 2017-07-12 11:40:50 +05:30
Dan Brown
f101e4f010
Fixed quoting db/table names in encoding migration.
Also fixed incorrect if statement in db config.
2017-07-02 17:34:32 +01:00
Dan Brown
005f0eb4fc
Updated default encoding and added conversion migration.
Also updated how DB port is defined so that the DB_PORT
env var can be used or it can be take from the host name.

Fixes #405
2017-07-02 17:30:12 +01:00
Abijeet
7d02f77e67 #47 - Added more test cases to test the APIs and permission for comments. 2017-06-13 02:31:17 +05:30
Abijeet
9dbd7fa618 #47 - Adding comments to the dummy content seeder. 2017-06-11 11:40:37 +05:30
Abijeet
9558f84b97 #47 - Adds functionality to delete a comment. Also reduces the number of watchers. 2017-06-04 18:52:44 +05:30
Abijeet Patro
3368fe42d8 Merge pull request #10 from BookStackApp/master
Latest changes
2017-05-03 01:41:08 +05:30
Dan Brown
1859a4d356
Refactored permission system components
Split joint permission creation into chunks

Fixes #374
2017-04-29 22:01:43 +01:00
Dan Brown
82e2c523e6
Fixed chapter breadcrumbs and testing issues 2017-04-22 14:08:12 +01:00
Dan Brown
4c985aac7e
Added page revision counting
Adds stored revision counts to pages and the revisions themselves.
Closes #321
2017-04-20 20:58:54 +01:00
Abijeet
8e2437498f Merge branch 'master' of https://github.com/Abijeet/BookStack 2017-04-19 01:23:27 +05:30
Abijeet
b3d4c199ae Merge branch 'master' of https://github.com/Abijeet/BookStack
Conflicts:
	.gitignore
2017-04-19 01:21:45 +05:30
Dan Brown
37813a223a
Improved DB prefix support and removed old search method 2017-04-09 14:44:56 +01:00
Dan Brown
1552417598
Developed basic search queries.
Updated search & permission regen commands with ability to specify
database.
2017-03-26 19:24:57 +01:00
Dan Brown
070d4aeb6c
Started implementation of new search system 2017-03-19 12:48:44 +00:00
Dan Brown
d369d315a7
Fixed non-browserkit testcase and seeder issues 2017-02-05 14:37:50 +00:00
Abijeet
148350009c #47 Adds comment permission to each role. 2017-01-29 14:25:20 +05:30
Abijeet
70991fc1e5 Merge branch 'master' of https://github.com/Abijeet/BookStack 2017-01-29 09:35:46 +05:30
Dan Brown
8f19231ed5
Added options to use database cache & sessions 2017-01-21 16:39:50 +00:00
Abijeet
397db04428 Added comments controller, model, repo, and the database schema. Modified existing Page model to associate with comments. 2017-01-13 21:45:48 +05:30
Dan Brown
581c382f65
Fixed image delete permission issue
Also fixed missing translations and wrote tests to cover issue.
Fixes #258
2017-01-08 19:19:30 +00:00
Dan Brown
e639600ba5
Renamed files to attachments 2016-11-12 14:12:26 +00:00
Dan Brown
7ee695d74a
File upload deletion complete & added extension handling
Also fixed issue with file editing on JS side
2016-10-23 13:36:45 +01:00
Dan Brown
ac0b29fb6d
Added view, deletion and permissions for files 2016-10-10 20:30:27 +01:00
Dan Brown
673c74ddfc
Started work on attachments
Created base models and started user-facing controls.
2016-10-09 18:58:22 +01:00
Dan Brown
771626b6ec
Started work on making the public role/user configurable
Create a new 'public' guest user and made the public
role visible on role setting screens.
2016-09-29 12:43:46 +01:00
Dan Brown
9dc9724e15 Laravel 5.3 upgrade (#189)
* Started move to laravel 5.3

* Started updating login & registration flows for laravel 5.3 update

* Updated app emails to notification system

* Fixed registations bugs and removed email confirmation model

* Fixed large portion of laravel post-upgrade issues

* Fixed and tested LDAP process
2016-09-17 18:22:04 +01:00
Younès EL BIACHE
6bc72e157a edit summary 2016-07-07 20:53:43 +02:00
Dan Brown
1bec3eaa1e Added checks to use MyISAM if MySQL 5.5 is found 2016-06-04 16:32:57 +01:00
robert
4acf0c4ee0 Making sure MyISAM is set for the tables that need it for new installtions that are using mariadb. 2016-05-25 23:52:43 +02:00
Dan Brown
9d3f329bc9 Fixed missing column drop on migration rollback 2016-05-22 14:56:26 +01:00
Dan Brown
b80184cd93 Renamed attribute to tags & continued interface
Also fixed page create route broken in last commit
2016-05-13 21:20:21 +01:00
Dan Brown
1fa079b466 Started the page attributes interface 2016-05-12 23:12:05 +01:00
Dan Brown
fcfb9470c9 Added further attribute endpoints and added tests 2016-05-07 14:29:43 +01:00
Dan Brown
5080b4996e Started base work on attribute system 2016-05-06 20:33:08 +01:00
Dan Brown
75a4fc905b Major permission naming refactor and database migration cleanup 2016-05-01 22:33:56 +01:00
Dan Brown
05666efda9 Added hidden public role to fit with new permissions system 2016-05-01 19:36:53 +01:00
Dan Brown
9a31b83b2a Worked around create permission quirks 2016-04-26 21:48:17 +01:00
Dan Brown
a81a56706e Rolled out new permissions system throughout application 2016-04-24 16:54:20 +01:00
Dan Brown
ada7c83e96 Continued with database work for permissions overhaul
Added to the entity_permissions table with further required fields and indexes.
Wrote the code for checking permissions.
2016-04-23 18:14:26 +01:00
Dan Brown
ea287ebf86 Started creation of intermediate permission table 2016-04-20 21:37:57 +01:00
Dan Brown
6e03078de3 Started work towards adding role view permissions
Work halted as re-write required.
In reference to #92
2016-04-09 12:40:07 +01:00
Dan Brown
e1994ef2cf Added editor control in admin settings & Fixed some markdown editor bugs
Also updated the setting system with a more sane approach to handling default values. (Now done via the setting-defaults config file)
2016-03-29 19:26:13 +01:00
Dan Brown
26965fa08f Added a markdown editor 2016-03-25 14:41:15 +00:00
Dan Brown
dbe11c1360 Attached images to pages and added restriction filtering
Closes #79
2016-03-13 13:30:47 +00:00
Dan Brown
5283919d24 Added new page drafts and started image entity attaching
Closes #80.
2016-03-13 12:04:08 +00:00
Dan Brown
59ce228c2e Moved page editing to angular controller and started work on update drafts 2016-03-09 22:32:07 +00:00
Dan Brown
8e6248f57f Added restriction tests and fixed any bugs in the process
Also updated many styles within areas affected by the new permission and roles system.
2016-03-05 18:09:21 +00:00
Dan Brown
8e274a5a84 Refactored some permission controls and increased testing for roles system 2016-03-02 22:35:01 +00:00
Dan Brown
201f788806 Implemented database structure and inital interfaces for entity restrictions 2016-02-28 10:49:41 +00:00
Dan Brown
473261be35 Finished initial implementation of custom role system 2016-02-27 19:24:42 +00:00
Dan Brown
54e3122540 Added smarter page finding so changing the page name does not break old urls
Added page & book slug history to revisions so they can be looked up if a page is not found.
2016-02-25 20:01:59 +00:00
Dan Brown
4442a2e6d1 Started work on user profile pages 2016-02-16 21:25:11 +00:00
Dan Brown
d32460070f Made ldap auth use the 'dn' if a 'uid' is not present.
Fixes #56
2016-02-08 19:45:01 +00:00
Dan Brown
4bb7f0613f Fixed issue with initial user not having a password 2016-02-01 18:30:50 +00:00
Dan Brown
1c8c9e65c5 Got LDAP auth working to a functional state 2016-01-11 22:41:05 +00:00
Dan Brown
d3709de035 Added more tests to increase test coverage 2016-01-02 14:48:35 +00:00
Dan Brown
8f7c642f32 Added custom user avatars 2015-12-09 22:30:55 +00:00
Dan Brown
c88096b7e2 Revamped image system to use driver-agnotstic storage and be more efficent 2015-12-07 23:00:34 +00:00
Dan Brown
46c905df8a Added search name weighting. Closes #27. 2015-12-05 15:11:48 +00:00