Dan Brown
5e686bb624
Added user ownership migrate to delete screen.
2021-01-01 18:31:01 +00:00
Dan Brown
99b14621f9
Moved permission updating to its own tool
...
And added support for owner changing.
2021-01-01 17:49:48 +00:00
Dan Brown
da9083bf1f
Fixed view path
2020-12-31 17:27:23 +00:00
Dan Brown
8833b5bc3b
Added user-select input
2020-12-31 17:25:20 +00:00
Dan Brown
b493becadf
Started change for entities to have concept of owners
2020-12-30 18:25:35 +00:00
Dan Brown
00308ad4ab
Cleaned up some user/image areas of the app
...
Further cleanup of docblocks and standardisation of repos.
2020-12-08 23:46:38 +00:00
Dan Brown
0b01a77c16
Swapped out HTML diff implementation for own, removes tidy depdendancy
2020-11-29 19:08:13 +00:00
Dan Brown
8aedba14a3
Added page export API controller
2020-11-28 15:39:40 +00:00
Dan Brown
53bcfe528d
Added pages API doc examples
...
Made some tweaks to related content and other examples while there.
2020-11-28 15:21:54 +00:00
Dan Brown
1c8102bb89
Started pages API
2020-11-22 14:56:19 +00:00
Dan Brown
ebeca256f0
Updated old exportService name in controllers
2020-11-22 01:26:14 +00:00
Dan Brown
a042e22481
Focused base Entity class cleanup
...
Removed some common functions from other entities.
Aligned implementation of getUrl()
Cleaned phpdocs and added typehinting.
Also extracted sibling search logic out of controller.
2020-11-22 01:20:38 +00:00
Dan Brown
ef1b98019a
Fixed some mis-refactoring and split search service
...
Search service broken into index and runner tools.
2020-11-22 00:17:45 +00:00
Dan Brown
c7a2d568bf
Moved models to folder, renamed managers to tools
...
Tools seems to fit better since the classes were a bit of a mixed bunch
and did not always manage.
Also simplified the structure of the SlugGenerator class.
Also focused EntityContext on shelves and simplified to use session
helper.
2020-11-21 23:20:54 +00:00
Dan Brown
5e01c30882
Aligned constructors across controller classes
...
Since they no longer needed to run the parent contructor
since the parent constructor was no longer needed.
2020-11-21 17:08:37 +00:00
Dan Brown
f76a2a69f7
Cleaned up api docs implementation, added missing titles
2020-11-21 17:03:24 +00:00
Dan Brown
bd6a1a66d1
Implemented remainder of activity types
...
Also fixed audit log to work for non-entity items.
2020-11-20 19:33:11 +00:00
Dan Brown
da37700ac2
Implemented user, api_tokem & role activity logging
...
Also refactored some role content, primarily updating the permission
controller to be RoleController since it only dealt with roles.
2020-11-20 18:53:01 +00:00
Dan Brown
3f7180fa99
Started widening of activity logging
...
In progress, Need to implement much of the logging in controllers.
Also cleaned up base controller along the way.
2020-11-18 23:40:39 +00:00
Dan Brown
712ccd23c4
Updated activities table format
...
Renamed some columns to be more generic and applicable.
Removed now redundant book_id column.
Allowed nullable entity morph columns for non-entity activity.
Ran tests and made required changes.
2020-11-08 00:03:19 +00:00
Dan Brown
ee7e1122d3
Removed use of book_id in activity
2020-11-07 23:15:13 +00:00
Dan Brown
c157dc3490
Organised activity types and moved most to repos
...
Repos are generally better since otherwise we end up duplicating
things between front-end and API.
Types moved to by CONST values within a class for better visibilty
of usage and listing of types.
2020-11-07 22:37:27 +00:00
Dan Brown
4824ef2760
Merge pull request #2283 from BookStackApp/recycle_bin
...
Recycle Bin Implementation
2020-11-07 15:10:17 +00:00
Dan Brown
483cb41665
Started testing work for recycle bin implementation
2020-11-06 12:54:39 +00:00
Dan Brown
9e033709a7
Added per-item recycle-bin delete and restore
2020-11-02 22:47:48 +00:00
Dan Brown
474770af51
Merge branch 'fixes' of git://github.com/imanghafoori1/BookStack into imanghafoori1-fixes
2020-10-31 22:11:27 +00:00
Dan Brown
349162ea13
Prevented possible XSS via link attachments
...
This filters out potentially malicious javascript: or data: uri's coming
through to be attached to attachments.
Added tests to cover.
Thanks to Yassine ABOUKIR (@yassineaboukir on twitter) for reporting this
vulnerability.
2020-10-31 15:01:52 +00:00
imanghafoori
704b808e9e
fixes from laravel-microscope
2020-10-16 18:40:10 +03:30
Dan Brown
ff7cbd14fc
Added recycle bin empty notification response with count
2020-10-03 18:53:09 +01:00
Dan Brown
04197e393a
Started work on the recycle bin interface
2020-10-03 18:44:12 +01:00
Dan Brown
691027a522
Started implementation of recycle bin functionality
2020-09-27 23:24:33 +01:00
Dan Brown
78bf044a7a
Added audit log interface
...
- Displays the currently tracked activities in the system.
Related to #2173 and #1167
2020-09-19 12:06:45 +01:00
Dan Brown
e5f0b4dd85
Split out Maintenance to separate controller
2020-09-19 09:24:58 +01:00
Dan Brown
5f1ee5fb0e
Removed role 'name' field from database
...
The 'name' field was really redundant and caused confusion in the
codebase, since the 'Display' name is often used and we have a
'system_name' for the admin and public role.
This fixes #2032 , Where external auth group matching has confusing
behaviour as matching was done against the display_name, if no
external_auth field is set, but only roles with a match 'name' field
would be considered.
This also fixes and error where the role users migration, on role
delete, would not actually fire due to mis-matching http body keys.
Looks like this has been an issue from the start. Added some testing to
cover. Fixes #2211 .
Also converted phpdoc to typehints in many areas of the reviewed code
during the above.
2020-08-04 14:55:01 +01:00
Dan Brown
7590ecd37c
Updated some comment elements and standardised more JS
...
- Updated comment routes to be simpler.
- Updated comments JS to align better with updated component system.
- Documented available global JS functions/services.
- Removed redundant controller method.
- Added window.$events helpers for validation messages and
success/error.
- Updated JS events system to not be class based for simplicity.
- Added window.trans_plural method to handle pluralisation/replacements
where you already have the translation string itself.
Fixes #1836
2020-07-28 18:19:18 +01:00
Dan Brown
2c0fdf83c1
Updated public-login redirect to check url
...
Direct links to the login pages for public instances could lead to a
redirect back to an external page upon login.
This adds a check to ensure the URL is a URL expected from the current
bookstack instance, or at least under the same domain.
Fixes #2073
2020-07-28 16:29:06 +01:00
Dan Brown
2ed0317129
Updated functionality for logging failed access
...
- Added testing to cover.
- Linked logging into Laravel's monolog logging system and made log
channel configurable.
- Updated env var names to be specific to login access.
- Added extra locations as to where failed logins would be captured.
Related to #1881 and #728
2020-07-28 12:59:43 +01:00
Dan Brown
2f6ff07347
Merge branch 'auth' of git://github.com/benrubson/BookStack into benrubson-auth
2020-07-28 10:46:40 +01:00
Dan Brown
02dc3154e3
Converted image-manager to be component/HTML based
...
Instead of vue based.
2020-07-25 00:20:58 +01:00
Dan Brown
3bfd26bf86
Converted the page editor from vue to component
2020-07-05 21:18:17 +01:00
Dan Brown
d41452f39c
Finished breakdown of attachment vue into components
2020-07-04 16:53:02 +01:00
Jasper Weyne
07a6d7655f
First basic OpenID Connect implementation
2020-07-01 23:27:50 +02:00
Dan Brown
14b6cd1091
Started migration of attachment manager from vue
...
- Created new dropzone component.
- Added standard component event system using custom DOM events.
- Added tabs component.
- Added ajax-delete-row component.
2020-06-30 22:12:45 +01:00
Dan Brown
573c4e26d5
Finished moving tag-manager from a vue to a component
...
Now tags load with the page, not via AJAX.
2020-06-29 22:11:03 +01:00
Dan Brown
715dee2d0e
Converted search filters to not be vue based
2020-06-27 13:29:00 +01:00
benrubson
9d7ce59b18
Move logFailedAccess into Activity
2020-05-23 15:37:38 +02:00
Dan Brown
3502abdd49
Fixed revision issues caused by page fillable changes
2020-05-23 12:28:14 +01:00
benrubson
8f1f73defa
Properly use env/config functions
2020-05-23 12:06:37 +02:00
Dan Brown
8a6cf0cdec
Added chapters to the API
2020-05-23 00:28:41 +01:00
Nikhil Jha
e287d965f5
move zip export into exportservice
2020-05-13 20:07:19 -07:00
Nikhil Jha
ea82c2f61b
support exporting books as zip files
2020-05-13 19:57:59 -07:00
Nikhil Jha
a34a07c610
basic markdown export
2020-05-12 21:12:26 -07:00
Dan Brown
9666c8c0f7
Updated shelf-list view to enforce view permissions for child books
...
- Aligned shelf-homepage behaviour to match
- Updated testing to cover.
For #2111
2020-05-12 22:21:45 +01:00
benrubson
58df3ad956
Log failed accesses option
2020-05-03 16:20:02 +02:00
Dan Brown
3c26e7b727
Updated comment md rendering to be server-side
2020-05-01 23:24:11 +01:00
Dan Brown
07831df2d3
Updated user-create endpoint so saml and ldap is consistent.
2020-04-25 18:28:07 +01:00
Dan Brown
519283e643
Authenticated admins on all guards upon login
...
For #2031
2020-04-25 18:19:22 +01:00
Dan Brown
573c848d51
Added dark/light mode toggle to profile dropdown menu
...
- Also fixed some remaining areas which needed dark mode support.
2020-04-11 20:37:51 +01:00
Dan Brown
7b8fe5fbc6
Added book-export endpoints to the API
2020-04-10 16:05:17 +01:00
Dan Brown
29705a25ce
Reviewed and added testing for BookShelf API implementation
...
- Tweaked how books are passed on update to prevent unassignment if
parameter is not provided.
- Added books to validation so they show in docs.
- Added request/response examples.
- Added tests to cover.
- Added child book info to shelf info.
Review of #1908
2020-04-10 15:19:18 +01:00
Dan Brown
da1cea06ca
Merge branch 'master' of git://github.com/osmansorkar/BookStack into osmansorkar-master
2020-04-10 13:49:28 +01:00
Dan Brown
ba1be9d710
Updated password reset process not to indicate if email exists
...
- Intended to prevent enumeration to check if a user exists.
- Updated messages on both the reqest-reset and set-password elements.
- Also updated notification auto-hide to be dynamic based upon the
amount of words within the notification.
- Added tests to cover.
For #2016
2020-04-10 13:38:08 +01:00
Dan Brown
053cbbd5b6
Updated view-change endpoints to be clearer, separated books and shelf
...
- Separated books-list and shelf-show view types to be saved separately.
During review of #1755
2020-04-10 12:49:16 +01:00
Dan Brown
b8c16b15a9
Merge branch 'feature_change_view_in_shelves_show' of git://github.com/philjak/BookStack into philjak-feature_change_view_in_shelves_show
2020-04-10 12:21:56 +01:00
Dan Brown
47e645909e
Reviewed #1688 , Show parent shelves on books page
...
- Moved list to the left of the page to align with other navigational
items.
- Hid list of no shelves, to help hide shelf references if not in use.
- Tweaked test to ensure it wasn't finding shelf name in breadcrumb
rather than list being tested.
2020-04-09 17:29:22 +01:00
Dan Brown
898cedf536
Merge branch 'feature/#1598' of git://github.com/cw1998/BookStack into cw1998-feature/#1598
2020-04-09 17:18:37 +01:00
Dan Brown
5f61620cc2
Added support for changing the draw.io instance URL
...
- Allowed DRAWIO env option to be passed as URL to point to instance.
- Updated tests to check URL gets passed to pages correctly.
- Update default URL to be the default theme.
For #826
2020-04-05 17:27:16 +01:00
Dan Brown
ea9e9565ef
Removed bmp and tiff support from uploaded images.
...
Fixes #1990
2020-04-05 16:15:05 +01:00
Dan Brown
7f6cbead33
Performed review of "public intended" functionality provided in #1817
...
- Updated logic to take url from referrer rather than pass as a query parameter.
- Added tests to cover functionality.
- Updated 404 page with login action button if not signed in.
- Updated 404 page with text to indicate permissions may be affecting visibility.
Related to #1817 and #1706
2020-03-14 18:29:31 +00:00
Dan Brown
a95588dc2e
Merge branch 'feature/public-login-redirect' of git://github.com/Xiphoseer/BookStack into Xiphoseer-feature/public-login-redirect
2020-03-14 17:46:30 +00:00
Dan Brown
200772da72
Merge branch 'validation_fixes' of git://github.com/TBK/BookStack into TBK-validation_fixes
2020-03-14 12:42:59 +00:00
Dan Brown
59aefe5371
Updated social auth to take name from email if empty
...
- Added tests to cover.
Fixes #1853
2020-03-10 19:09:22 +00:00
TBK
57f587a78b
Allow book, shelf, settings & profile form input validation to skip image
2020-03-04 00:17:53 +01:00
TBK
d3737d5a87
Remove redundant getImageValidationRules method
2020-03-04 00:17:49 +01:00
TBK
5cd56f63ff
Change check to verify that request is present and contains a file
2020-03-04 00:17:45 +01:00
osmansorkar
1859c7917f
added api functionality to handle book Shelves
2020-02-23 11:41:49 +06:00
Dan Brown
6caedc7a37
Fixed issues preventing breadcrumb navigation menus from opening
...
- Added tests to cover endpoint
Fixes #1884
2020-02-15 19:09:33 +00:00
Dan Brown
98ab3c1ffb
Merge branch 'new_bookshelf_cover_fix' of git://github.com/TBK/BookStack into TBK-new_bookshelf_cover_fix
2020-02-15 18:34:45 +00:00
Dan Brown
49386b42da
Updated email test send to show error on failure
...
- Added test to cover
- Closes #1874
2020-02-15 14:13:15 +00:00
TBK
9533e0646e
Fix for missing cover on create new shelf
2020-02-14 20:33:07 +01:00
benrubson
12a9a45747
Log failed accesses
2020-02-09 10:01:33 +01:00
Dan Brown
9d77cca734
Cleaned setting section redirect path
2020-02-02 17:57:21 +00:00
Dan Brown
b4f2b73590
Updated settings-save action to return to the same section
2020-02-02 17:35:16 +00:00
Dan Brown
3991fbe726
Checked over and aligned registration option behavior across all auth options
...
- Added tests to cover
2020-02-02 17:31:00 +00:00
Dan Brown
e6c6de0848
Simplified guard names and rolled out guard route checks
...
- Included tests to cover for LDAP and SAML
- Updated wording for external auth id option.
- Updated 'assertPermissionError' test case to be usable in BrowserKitTests
2020-02-02 13:10:21 +00:00
Dan Brown
e743cd3f60
Added files missed in previous commit
2020-02-02 10:59:03 +00:00
Dan Brown
7728931f15
Set more appropriate login validation and broken up LDAP guide a bit
2020-02-01 14:30:23 +00:00
Dan Brown
575b85021d
Started alignment of auth services
...
- Removed LDAP specific logic from login controller, placed in Guard.
- Created safer base user provider for ldap login, to be used for SAML
soon.
- Moved LDAP auth work from user provider to guard.
2020-02-01 11:42:22 +00:00
Dan Brown
92690d1ae9
Moved socal auth routes to their own controller
...
Also cleaned some phpdocs and extracted register actions to their own
service.
2020-01-26 14:42:50 +00:00
Dan Brown
b9fb655b60
Added "Getting Started" API docs
2020-01-18 14:03:11 +00:00
Dan Brown
45b5e631e2
Added a view for the API docs
2020-01-15 20:18:02 +00:00
Dan Brown
bed2498667
Started work on generating API docs
2020-01-12 16:25:14 +00:00
Dan Brown
04a8614136
Filled out base Book API endpoints, added example responses
2020-01-12 14:45:54 +00:00
Dan Brown
a7a97a53f1
Added API listing filtering & cleaned ApiAuthenticate returns
...
API listing endpoint filter can be found via &filter[name]=my+book query
parameters. There are a range of operators that can be used such as
&filter[id:gte]=4
2020-01-01 16:33:47 +00:00
Dan Brown
349b4629be
Extracted API auth into guard
...
Also implemented more elegant solution to allowing session auth for API
routes; A new 'StartSessionIfCookieExists' middleware, which wraps the
default 'StartSession' middleware will run for API routes which only
sets up the session if a session cookie is found on the request. Also
decrypts only the session cookie.
Also cleaned some TokenController codeclimate warnings.
2019-12-30 14:51:28 +00:00
Dan Brown
2cfa37399c
Fixed some empty-expiry conditions of token ui flows
2019-12-29 20:18:37 +00:00
Dan Brown
692fc46c7d
Removed token 'client' text, avoid confusion w/ oAuth
...
- Instead have a token_id and a secret.
- Displayed a 'Token ID' and 'Token Secret'.
2019-12-29 20:07:28 +00:00
Dan Brown
832fbd65af
Added testing coverage to user API token interfaces
2019-12-29 19:46:46 +00:00
Dan Brown
dccb279c84
Built out interfaces & endpoints for API token managment
2019-12-29 17:03:52 +00:00
Dan Brown
d336ba6874
Started work on API token controls
...
- Added access-api permission.
- Started user profile UI work.
- Created database table and model for tokens.
- Fixed incorrect templates down migration :(
2019-12-29 13:02:26 +00:00
Dan Brown
04137e7c98
Started core API route work
2019-12-28 14:58:07 +00:00
Dan Brown
e06f9f7fe3
Removed setting override system due to confusing behaviour
...
- Was only used to disable registration when LDAP was enabled.
- Caused saved option not to show on settings page causing confusion.
- Extended setting logic where used to take ldap into account instead of
global override.
- Added warning on setting page to show registration enable setting is
not used while ldap is active.
For #1541
2019-12-22 13:19:17 +00:00
Dan Brown
017703ff1a
Updated page delete to return to chapter if within one
...
- Added test to cover
Closes #1715
2019-12-16 11:54:53 +00:00
Daniel Seiler
afa501e75b
Recall previous route when manually clicking login
2019-12-14 08:41:22 +01:00
Dan Brown
c33ef4b9b2
Added tests to cover saml and added controller middleware
2019-11-17 19:15:37 +00:00
Dan Brown
6d899f3b17
Added icon for saml, added saml to register page, updated complete env
2019-11-17 16:07:06 +00:00
Dan Brown
aef6eb81e4
Added SAML singleLogoutService capabilities
2019-11-17 15:40:36 +00:00
Dan Brown
3a17ba2cb9
Started using OneLogin SAML lib directly
...
- Aligned and formatted config options.
- Provided way to override onelogin lib options if required.
- Added endpoints in core bookstack routes.
- Provided way to debug details provided by idp and formatted by
bookstack.
- Started on test work
- Handled case of email address already in use.
2019-11-17 13:26:43 +00:00
Dan Brown
bb1f43cbd8
Merge branch 'feature/saml' of git://github.com/Xiphoseer/BookStack into Xiphoseer-feature/saml
2019-11-16 12:42:45 +00:00
jakob
6cd26e23a8
Allow toggling between grid and list view in shelf view (shelves.show)
2019-10-30 11:23:42 +01:00
jakob
bea983ab85
Download and assign avatar when creating LDAP user in database. Fixes issue #1161
2019-10-29 22:18:02 +00:00
Timo Schwarzer
61a9139bf0
Add feature to send test e-mails
2019-10-16 08:24:33 +02:00
Dan Brown
31f5786e01
Entity Repo & Controller Refactor ( #1690 )
...
* Started mass-refactoring of the current entity repos
* Rewrote book tree logic
- Now does two simple queries instead of one really complex one.
- Extracted logic into its own class.
- Remove model-level akward union field listing.
- Logic now more readable than being large separate query and
compilation functions.
* Extracted and split book sort logic
* Finished up Book controller/repo organisation
* Refactored bookshelves controllers and repo parts
* Fixed issues found via phpunit
* Refactored Chapter controller
* Updated Chapter export controller
* Started Page controller/repo refactor
* Refactored another chunk of PageController
* Completed initial pagecontroller refactor pass
* Fixed tests and continued reduction of old repos
* Removed old page remove and further reduced entity repo
* Removed old entity repo, split out page controller
* Ran phpcbf and split out some page content methods
* Tidied up some EntityProvider elements
* Fixed issued caused by viewservice change
2019-10-05 12:55:01 +01:00
Christopher Wilkinson
4ad4dfa55a
Show bookshelves that a book belongs to on a book view
...
Closes #1598
2019-09-27 00:45:22 +01:00
Dan Brown
7cd956b24b
Removed some unused parameters and fixed env test logic
2019-09-20 01:18:59 +01:00
Dan Brown
8b550991a4
Refactored some core entity actions
...
- Created BookChild class to share some page/chapter logic.
- Gave entities the power to generate their own permissions and slugs.
- Moved bits out of BaseController constructor since it was overly
sticky.
- Moved slug generation logic into its own class.
- Created a facade for permissions due to high use.
- Fixed failing test issues from last commits
2019-09-20 00:18:28 +01:00
Dan Brown
f7a5a0705b
Moved shelf book append logic
2019-09-19 18:20:09 +01:00
Dan Brown
615b2de433
Simplified activity facade interface
...
Also cleaned up any other bits along the way.
2019-09-19 18:03:17 +01:00
Dan Brown
2a2cc858f0
Refactored notification showing and global view data
2019-09-19 15:12:10 +01:00
Dan Brown
60d0f96cd7
Extracted some methods into a BookRepo
2019-09-15 23:28:23 +01:00
Dan Brown
d28abf24d4
Split out export actions into own controllers
2019-09-15 22:33:27 +01:00
Dan Brown
3281925375
Standardised how request is injected into controller methods
...
Puts it in-line with how Laravel recommend.
2019-09-15 18:53:30 +01:00
Dan Brown
be08dc1588
Ran phpcbf and updated helpers typehinting
2019-09-15 18:29:51 +01:00
Dan Brown
140298bd96
Updated to Laravel 5.8
2019-09-13 23:58:40 +01:00
Dan Brown
6917ea088f
Upgraded app to Laravel 5.7
2019-09-06 23:36:16 +01:00
Dan Brown
213e9d2941
Upgraded to Laravel 5.6
2019-09-06 22:14:39 +01:00
Dan Brown
b27a5c7fb8
Made a mass of accessibility improvements
...
- Changed default focus styles
- Updated dropdowns with keyboard navigation
- Updated modals with esc exiting
- Added accessibility attirbutes where needed
- Made many more elements focusable
- Updated hover effects of many items to also apply when focused within
Related to #1320 and #1198
2019-08-24 18:29:02 +01:00
Dan Brown
42d8548960
Finished new user invite flow
2019-08-18 13:11:30 +01:00
Dan Brown
e5155a5dcb
Refactored confirm actions to their own controller
2019-08-18 10:47:59 +01:00
Dan Brown
44330bdd24
Start user invite system
2019-08-17 15:52:33 +01:00
Dan Brown
20c36d58a6
Merge pull request #1527 from BookStackApp/129-page-templates
...
Page Templates Implementation
2019-08-11 20:21:17 +01:00
Dan Brown
de3e9ab094
Added ability to use templates
...
- Added replace, append and prepend actions for template content into
both the WYSIWYG editor and markdown editor.
- Added further testing to cover.
2019-08-11 20:04:43 +01:00
Daniel Seiler
bda0082461
Add login and automatic registration; Prepare Group sync
2019-08-06 23:42:46 +02:00
Dan Brown
421dd93ffd
Merge branch 'v0.26'
2019-08-06 21:50:56 +01:00
Dan Brown
f417675b1d
Prevented normal users from changing own email
...
To address #1542
Updates to only allow email changes by users with the users-manage role
permission.
2019-08-06 21:29:42 +01:00
Daniel Seiler
3c41b15be6
Initial work on SAML integration
2019-08-05 20:06:39 +02:00
Dan Brown
4b0c4e621a
Replaced use of custom 'baseUrl' helper with 'url'
...
Also changed up how base URL setting was being done
by manipulating incoming request URLs instead of
altering then on generation.
2019-08-04 14:26:39 +01:00
Dan Brown
30da105812
Started refactor of URL system to better extend Laravel
2019-07-21 21:32:08 +01:00
Dan Brown
15c39c1976
Updated JS translations to be inserted from back-end
...
Removes old awkward JS translations endpoint.
New system still a little akward in code but not now in process.
Also extracted out page editors into their own files.
Closes #1258
2019-07-06 14:52:25 +01:00
Dan Brown
13c0386e84
Updated string functions to use mulitbyte versions where needed
...
Fixes #816
2019-05-25 16:15:19 +01:00
Dan Brown
97ffbaa740
Fixed issue where books titles could be leaked via shelf home view
...
- Also added test to cover
Fixes #1425
2019-05-07 22:42:48 +01:00
Dan Brown
ba09dad1fe
Fixed shelf activity display & updated book sort operation
2019-05-05 15:54:22 +01:00
Dan Brown
3f83c548f8
Ran phpcbf
2019-05-05 14:54:37 +01:00
Dan Brown
8c190324ac
Updated existing image tests to reflect changes
...
- Also added some new tests
2019-05-04 18:11:19 +01:00
Dan Brown
79f6dc00a3
Change image-selector to not use manager
...
- Now changes the images directly for user, system & cover.
- Extra permission checks added to edit & delete actions.
2019-05-04 15:50:29 +01:00
Dan Brown
cb832a2c10
Started diversion to not using image manager for cover/system/user
2019-04-27 14:55:23 +01:00
Dan Brown
a87ae16010
Started extraction of image controller to separate controllers
2019-04-27 14:18:00 +01:00
Dan Brown
aeb1fc4d49
Started rewriting back-end image managment
2019-04-21 15:52:29 +01:00
Christopher Wilkinson
c8cf6731e2
Add min length validation on name on register form & add sign up link
2019-04-16 12:18:51 +01:00
Dan Brown
7f3f6e65b9
Aligned item creation wording and updated shelf-book-add logic
2019-04-15 20:45:04 +01:00
Christopher Wilkinson
d3cd369247
Fix phpcs issues
2019-04-15 09:27:17 +01:00
Christopher Wilkinson
faa3a8b842
Add button to add a book directly from a shelf view
2019-04-15 09:27:17 +01:00
Dan Brown
9406b4d4c9
Updated view toggle to store date
...
Also added test for user list order preferences
2019-04-14 13:01:51 +01:00
Dan Brown
b12ae6d11b
Added bookshelves to breadcrumbs
...
- Updated breadcrumb dropdown switchers and back-end sibling code to handle new breadcrumbs.
- Added breadcrumb view composer and EntityContext system to mangage
tracking if in the context of a bookshelf.
2019-04-07 18:28:11 +01:00
Dan Brown
221a483b40
Standardised view referencing to dot-notation
2019-04-07 12:00:09 +01:00
Dan Brown
0a06e2bce3
Actioned some todo items, Cleaned old grid css
2019-04-07 09:57:48 +01:00
Dan Brown
7cda9b026e
Updated tests to suit layout changes, Updated 404 page
...
- Also replaced 'or' usage in templates with null coalescing operator
2019-04-06 18:36:17 +01:00
Dan Brown
745a0bb98d
Updated custom homepage views
2019-04-06 17:31:59 +01:00
Dan Brown
aedff7dc6d
Added book selector to books sort
...
Now more efficient rather than listing all books in the system.
2019-04-06 16:59:04 +01:00
Dan Brown
17969c0bbf
Added shelves and search shortcuts to profile page
2019-04-06 16:21:20 +01:00
Dan Brown
37bf7f11e4
Implemented new design in entity selector
...
- Also showed entity path in search.
- Cleaned popular entity fetch logic.
- Cleaned entity selector JS code a little
2019-03-30 16:54:15 +00:00
Dan Brown
53a26a365c
Merge branch 'master' into 2019-design
2019-03-30 13:17:29 +00:00
Dan Brown
193e2ffebe
Prevent dbl exts. on img upload, Randomized attachment upload names
2019-03-24 19:08:21 +00:00
Dan Brown
f5fe524e6c
Added extension whitelist for image uploads
...
- A continuation of the security issues addressed in v0.25.3
2019-03-21 19:43:15 +00:00
Dan Brown
37b91b6b0e
Hardened image file validation by removing custom validation
...
- Added test to check PHP files cannot be uploaded as an image.
2019-03-20 23:59:55 +00:00
Dan Brown
5f2d226f09
Merge branch 'master' into 2019-design
2019-03-10 21:40:02 +00:00
Dan Brown
6be2d3f28c
Merge branch 'Copy-For-View-Only' of git://github.com/mark-james/BookStack into mark-james-Copy-For-View-Only
2019-03-09 16:12:12 +00:00
Dan Brown
035a0d8efb
Added experimental breadcrumb traversal
2019-02-24 15:57:35 +00:00
Dan Brown
f1e571a57c
Made shelf listing more unique & efficient
...
- Now includes listing of all books within.
2019-02-16 17:13:01 +00:00
Dan Brown
a112c11df8
Re-ordered and updated main settings page
2019-02-16 14:17:35 +00:00
Dan Brown
5325870271
Updated auth pages to new design, Removed public layout
2019-02-03 17:34:15 +00:00
Dan Brown
138f5d5c4f
Updated user and shelf views to new design
2019-02-03 13:45:45 +00:00
Dan Brown
20988962fe
Migrated a whole load more page/chapter/shelf views
2019-02-02 11:41:41 +00:00
Dan Brown
32603362a6
Updated a bunch of book views
2019-01-31 20:37:12 +00:00
Dan Brown
0efed43389
Converted more views to new layout and made breadcrumbs more flexible
2019-01-13 15:54:55 +00:00
Dan Brown
163a57cf70
Merge branch 'master' into 2019-design
2019-01-13 14:10:27 +00:00
Dan Brown
a2087fe3ff
Made delete permissions a requirement for move operations
...
Closes #1200
2019-01-05 14:39:40 +00:00
Mark James
99c6d70c51
Initial updates to allow for page copy when the user can read the page but can't update it.
2018-12-31 17:01:49 +11:00
Dan Brown
2317bf2350
Added check for last admin on role change
...
Will show error message if last admin and admin role is removed.
Closes #1124
Also cleaned up user controller a little.
2018-12-30 16:11:58 +00:00
Dan Brown
b56fc21aaf
Abstracted user avatar fetching away from gravatar
...
Still uses gravatar as a default.
Updated URL placeholders to follow LDAP format.
Potential breaking config change: `GRAVATAR=false` replaced by `AVATAR_URL=false`
Builds upon #1111
2018-12-22 19:29:19 +00:00
Dan Brown
323bff7d6d
Extended translations system for arrays & extension
...
Extended the base Laravel translation system to
allow a locale to be based upon another.
Also adds functionality to take base & fallback locales into account when fetching
an array of translations.
Related to work done in #1159
2018-12-12 20:46:27 +00:00
Dan Brown
4c574c22a8
Implemented functionality to make books sort function
...
Also changed public user settings to be stored in session rather than DB.
Cleaned existing list view type logic.
2018-12-07 18:33:53 +00:00
Dan Brown
85f330c79a
Extracted many page-specific repo methods into page-specific repo
2018-10-13 11:27:55 +01:00
Dan Brown
495d18814a
Updated various classes to take EntityProvider instead of separate entities
2018-09-25 18:00:40 +01:00
Dan Brown
257a5a23ec
Fleshed out entity provided and optimized imports
2018-09-25 16:58:03 +01:00
Dan Brown
919660678b
Re-structured the app code to be feature based rather than code type based
2018-09-25 12:30:50 +01:00
Dan Brown
5c2e3f4e56
Extracted download response logic into controller method
...
Fixes incorrect 'Content-Disposition' header value.
Fixes #581
2018-09-22 11:34:09 +01:00
Dan Brown
c47b578599
Fixed formatting via phpcbf
2018-09-21 18:48:47 +01:00
Dan Brown
e60d11ee04
Altered social auto-reg to be configurable per service
...
- Added {$service}_AUTO_REGISTER and {$service}_AUTO_CONFIRM_EMAIL env
options for each social auth system.
- Auto-register will allow registration from login, even if registration
is disabled.
- Auto-confirm-email indicates trust and will mark new registrants as
'email_confirmed' and skip 'confirmation email' flow.
- Also added covering tests.
2018-09-21 18:05:06 +01:00
Dan Brown
131fcae4c7
Merge pull request #947 from BookStackApp/bookshelves
...
Bookshelves
2018-09-21 15:29:52 +01:00
Dan Brown
6eead437d8
Added bookshelf permission control UI and copy-down ability
2018-09-20 19:16:11 +01:00
Dan Brown
81eb642f75
Added bookshelves homepage options
...
- Updated homepage selection UI to be more scalable
- Cleaned homepage selection logic in code
- Added seed test data for bookshelves
- Added bookshelves to permission system
2018-09-20 15:27:30 +01:00
Dan Brown
47b08888ba
Added bookshelf view, update, delete
...
- Enabled proper ordering of Books in a shelf.
- Improved related item destroy for all entities.
2018-09-16 19:34:09 +01:00
Abijeet
08b967607f
Changes as per code review, and fixes failing test cases.
...
Signed-off-by: Abijeet <abijeetpatro@gmail.com>
2018-09-16 20:44:09 +05:30
Abijeet
0c8b6b7324
Final tweaks after code review and fixing failing test cases.
2018-09-16 01:12:36 +05:30
Abijeet
54ca4487fa
Adds tests and few fixes.
...
Signed-off-by: Abijeet <abijeetpatro@gmail.com>
2018-09-15 21:05:51 +05:30
Abijeet
25da4d9a8b
Added a success message on deletion of revision.
...
Signed-off-by: Abijeet <abijeetpatro@gmail.com>
2018-09-15 16:08:20 +05:30
Abijeet
714c7bbd3a
Adds code to delete the revision.
...
Signed-off-by: Abijeet <abijeetpatro@gmail.com>
2018-09-15 15:15:42 +05:30
Dan Brown
b89411c108
Copied book content, Added create routes
...
Added view control
Added pivot table for books relation
Added control to assign books
2018-08-27 14:18:09 +01:00
Dan Brown
d2a9b312e9
Fixed LDAP group sync using wrong user filter
...
LDAP group sync was trying to find users based on the external_auth_id
which is not garunteed to match the username entered so somtimes
the search for a user would fail.
This passes the username to the group sync.
Picked up by @yoyokko in #959 .
2018-08-19 15:24:42 +01:00
Dan Brown
92c9837157
Fixed incorrect type error in LDAP group sync
...
Should fix #951
2018-08-12 13:28:40 +01:00
Dan Brown
f421d83627
Added ability to set custom ldap group -> role mapping
...
Added input in role form to allow matching against custom names.
Changed default mapping to use role display name instead of the hidden
DB name.
2018-07-15 19:34:42 +01:00
Dan Brown
be2ca9d4bb
Refactored out the LDAP repo
2018-07-15 18:21:45 +01:00
Dan Brown
17bca662a7
Added tests to cover ldap group mapping
...
Also updated .env.example formatting.
Updated how LdapRepo uses Ldap so can be mocked by testing.
2018-07-15 17:57:25 +01:00
Dan Brown
1776204870
Merge branch 'master' of git://github.com/brennanmurphy/BookStack into brennanmurphy-master
2018-07-14 14:17:55 +01:00
Dan Brown
2bcc159fd6
Allowed creating pages in visible chapters in invisible books
...
Fixes permissions with test to cover in the event a page is created,
with permission, in a chapter but the user does not have permission to
see the parent book.
Fixes #912
2018-07-14 14:12:29 +01:00
Brennan Murphy
37aa8b05f8
Update files to PSR-2 standards
2018-07-02 17:27:43 +00:00
Brennan Murphy
d640cc1eee
LDAP groups sync to Bookstack roles.
...
Closes #75
2018-07-02 17:09:39 +00:00
Dan Brown
6b84a76af1
Merge branch 'drawing_updates'
2018-05-27 19:42:25 +01:00
Dan Brown
2bd6ba9895
Added maintenance view with image-cleanup
2018-05-27 19:40:07 +01:00
Dan Brown
0c9c1e4c6b
Reverted work on revisions
...
Improved linkage of drawings and image manager.
Updated image updates to create new versions.
2018-05-20 16:41:14 +01:00
Dan Brown
6e7adcc095
Embedded SVG icons in css/js files
...
Allows removal of hacky /icon endpoint solution.
Fixes PDF exports with WKHTML and allows the icon to show in HTML
exports.
Fixes #796
2018-05-20 11:55:23 +01:00
Dan Brown
a1ecdcacba
Fixed attachment error handling, Allowed all link types
...
Related to #812
2018-05-20 11:06:10 +01:00
Dan Brown
63f96c1c6f
Reorganised home and robots views
...
Extracted home view sidebar into own view.
Moved home and robot views into 'common' folder so that we only have
layouts in the top-level views folder.
2018-05-20 10:11:56 +01:00
Dan Brown
8df9dab80a
Merge branch 'master' into feature/615
2018-05-20 09:51:45 +01:00
Dan Brown
6cdb943916
Started work on revisions in image manager
2018-05-19 18:44:40 +01:00
Dan Brown
d3d8ddbe52
Improved 404 handling and fixed editor error
...
404 handling now not a hack-around and uses Laravel 'fallback' routes
instead. Prevents errors with the session when you have mulitple errors
on a page where a post/put/delete is made.
2018-05-19 17:01:33 +01:00
Dan Brown
13ad0031d6
Drawings now generate revisions, not replace
...
Updated drawing update test to accomodate.
Image deletion system now takes revisions into account.
2018-05-13 17:41:35 +01:00
Dan Brown
d5b922aa50
Started work on drawing revisions
...
Improved sidebar and selection styling of image manager.
Allowed image manager imageType to be changed on open.
Created models for image revisions.
2018-05-13 12:07:38 +01:00
Abijeet
86b2ddbd28
Implemented displaying of the books list on home page.
2018-05-10 09:05:18 +05:30
Dan Brown
cdb1c7ef88
Added destination permission checking to entity move
2018-04-14 18:47:13 +01:00
Dan Brown
0f7b0ad45a
Added ability to copy a page
...
In 'More' menu alongside move.
Allows you to move if you have permission to create within the new
target parent.
Closes #673
2018-04-14 18:00:16 +01:00
Dan Brown
0ade9b5b9b
Refactored moment.js out of app
...
Reduces bundle size by 25%
2018-04-01 14:10:44 +01:00
Dan Brown
1a72208d27
Added configurable robots.txt file.
...
Deleted old static file.
Default output depends on app-public setting.
Otherwise can be overidden in `.env` file via `ALLOW_ROBOTS`
Otherwise view file can be customized.
Fixes #779
2018-03-31 12:41:40 +01:00
Dan Brown
582158f70e
Added tags to chapters and books
...
Closes #121
2018-03-30 14:09:51 +01:00
Dan Brown
f101c1a622
Made search more efficient and tweaked weighting
...
Added per-entity weighting changes.
Now Books score higher than chapters which score higher than pages.
Reduced queries required on search by only searching once but at a
higher count to see if there's another page.
2018-03-24 18:46:31 +00:00
Dan Brown
3df7d828eb
Fixed failing tests
...
Fixed syntax error in french translations.
Removed 'required' on image validation which was breaking tests
2018-03-24 15:25:13 +00:00
Abijeet Patro
0335f58478
Merge branch 'master' into bug/image-upload
2018-03-18 23:44:33 +05:30
Dan Brown
d2eec4fbce
Markdown editor image paste sets cursor correctly
...
Now sets cursor to alt text rather than end of placeholder image.
Fixed #751
2018-03-18 11:33:30 +00:00
Abijeet
f42d355fd7
Fixes issue with the validation message not being translated.
...
Signed-off-by: Abijeet <abijeetpatro@gmail.com>
2018-03-13 09:10:23 +05:30
Dan Brown
81fa021083
Finished migrated from icon-font to SVG
2018-02-17 19:49:00 +00:00
Dan Brown
548dcd4db1
Fixed error when accessing non-authed attachment
...
Also updated attachment tests to use standard test-case.
Fixes #681
2018-02-11 12:37:02 +00:00
Dan Brown
bed7ba78d3
Updated grid view to use CSS grid and flexbox
...
Provides a cleaner height-matched design.
Closes #701
2018-02-11 11:36:51 +00:00
Dan Brown
a45922616f
Made default books view configurable in .env
...
Under 'APP_VIEWS_BOOKS' key.
Closes #675
2018-02-04 11:36:58 +00:00
Dan Brown
59e809be16
Added command to add a new admin user
...
Closes #609
2018-01-28 18:09:26 +00:00
Dan Brown
ec050a5eef
Fixed validation issue on register post
...
Added test to cover and also cleaned up RegisterController comments.
Fixes #670
2018-01-28 17:15:30 +00:00
Dan Brown
62342433f4
Set /app PHP code to PSR-2 standard
...
Also adde draw.io to attribution list.
Closes #649
2018-01-28 16:58:52 +00:00
Dan Brown
88d09a2a3b
Added drawing endpoint tests
...
Also refactored ImageTests away from BrowserKit
Also added image upload type validation.
2018-01-28 13:18:28 +00:00
Dan Brown
0c383eee5b
Merge branch 'master' into draw.io to fetch auth image changes
2018-01-20 14:06:44 +00:00
Dan Brown
f4bfbf91db
Merge pull request #665 from BookStackApp/authed_images
...
Adds ability to secure images behind auth
2018-01-20 14:05:03 +00:00
Dan Brown
34782fbc91
Merge branch 'master' into draw.io
2018-01-20 14:01:56 +00:00
Dan Brown
1bfd77e7a1
Added drawing update ability
2018-01-20 14:01:35 +00:00
Dan Brown
281da59bae
Refactored book sort using collections
2018-01-13 16:44:47 +00:00
Dan Brown
0afa417b0a
Added ability to secure images behind auth
...
Still in testing.
Adds STORAGE_TYPE=local_secure option for setting images to be behind
auth. Stores images alongside attachments in /storage/uploads/images.
2018-01-13 11:11:23 +00:00
Abijeet
a77756a2da
Refactored the code to first check for the permissions before sorting the book.
...
Signed-off-by: Abijeet <abijeetpatro@gmail.com>
2018-01-06 01:04:48 +05:30
Abijeet
e13e71cbe0
Changed the sort view to only show books to which we have an update permission.
...
Signed-off-by: Abijeet <abijeetpatro@gmail.com>
2017-12-31 16:44:46 +05:30
Abijeet
4a24d1c31b
Checks the target and the source book before performing the sort.
...
Signed-off-by: Abijeet <abijeetpatro@gmail.com>
2017-12-31 16:25:21 +05:30
Dan Brown
920964a561
Enabled system-storage of drawings made via draw.io
2017-12-30 15:26:39 +00:00
Dan Brown
141bf22725
Updated book view change to PATCH + other amends
...
Moved toggle to right of header bar and added unique text and icon for
each view type.
Removed old profile setting to keep things clean.
2017-12-29 16:49:03 +00:00
Dan Brown
1aa4d0dc59
Merge branch 'feature-613' of git://github.com/Abijeet/BookStack into Abijeet-feature-613
2017-12-29 16:25:15 +00:00