Dan Brown
4f85ce02c6
Updated php deps again
2021-08-31 20:56:07 +01:00
Dan Brown
9eb65dcd78
Updated the login redirect logic to ignore mfa routes
2021-08-31 20:54:43 +01:00
Dan Brown
bee5e2c7ca
Added untrusted server fetching control
...
WKHTMLtoPDF provides limited control for external fetching
so that will now be disabled by default unless
ALLOW_UNTRUSTED_SERVER_FETCHING=true is specifically set.
This new option will also control DOMPDF fetching.
2021-08-31 20:22:42 +01:00
Dan Brown
8f12c8bc99
Applied styleci changes
2021-08-30 21:32:07 +01:00
Dan Brown
2740603d99
Added back email confirmation check in middleware
...
During writing of the update notes, found that the upgrade path would be
tricky from a security point of view. If people were pending email
confirmation but had an active session, they could technically be
actively logged in after the next release.
Added middlware as an extra precaution for now.
2021-08-30 21:28:17 +01:00
Dan Brown
3e870c30e1
Updated php deps
2021-08-30 12:03:52 +01:00
Dan Brown
8f0d08763a
Merge pull request #2899 from BookStackApp/export_permissions
...
Added role permissions for exporting content
2021-08-28 21:57:11 +01:00
Dan Brown
0e7166f7f6
Cleaned up DB usage in migration
2021-08-28 21:55:04 +01:00
Dan Brown
7d9de23a25
Applied styleci patches
2021-08-28 21:51:15 +01:00
Dan Brown
eda9e89c55
Added role permissions for exporting content
2021-08-28 21:48:17 +01:00
Dan Brown
82c6597a60
Added notice for lack of shelf permission cascade
...
Closes #2876
2021-08-28 15:44:44 +01:00
Dan Brown
cd35e13024
Added styleci badge
2021-08-24 21:27:21 +01:00
Dan Brown
4400ad7e8d
Applied stylci advisories
2021-08-24 21:23:55 +01:00
Dan Brown
610ee2c182
Updated markdown task list test to check new list class
...
- Updated to align with custom list item render added yesterday.
2021-08-24 21:09:40 +01:00
Dan Brown
4fd5dbcfdd
Updated visual consistency of lists and markdown task list rendering
...
- Numbered and bullet list margins have been made consistent
- Numbered lists margins were increase at some point to handle 3-digit
numbers, Normal bullet margins updated to match this.
- Consistent margin for sub-lists.
- System back-end markdown renderer (For pages) updated with a custom
list item renderer to apply class for to align with front-end renderer.
- This means that task list items will be consistent with the preview
and not render a number/bullet.
- Indentation styles for task list items fixed to be visually indented.
For #2854 and #2837
2021-08-23 22:31:07 +01:00
Dan Brown
613228fab2
Fixed issues caused by flex content parent in markdown preview
...
Fixes #2858
2021-08-22 18:30:46 +01:00
Dan Brown
a61c9c5e98
Reorgranised blade view files to form a convention
...
- Primarily moved and re-organised view files.
- Included readme within views to document the convention.
- Fixed some issues with page field select list in previous commit.
- Tweaked some route names while going through.
- Split some views out further.
Closes #2805
2021-08-22 13:17:32 +01:00
Dan Brown
2036618fbd
Merge branch 'master' of github.com:BookStackApp/BookStack
2021-08-21 20:25:22 +01:00
Dan Brown
ce6e25b341
Added lithuanian option to locale system
2021-08-21 20:24:58 +01:00
Dan Brown
73ebe571a1
New Crowdin updates ( #2892 )
...
* New translations entities.php (Spanish, Argentina)
* New translations entities.php (German Informal)
* New translations activities.php (Lithuanian)
* New translations settings.php (Lithuanian)
* New translations passwords.php (Lithuanian)
* New translations errors.php (Lithuanian)
* New translations entities.php (Lithuanian)
* New translations common.php (Lithuanian)
* New translations auth.php (Lithuanian)
* New translations validation.php (Spanish, Argentina)
* New translations settings.php (Spanish, Argentina)
* New translations common.php (Spanish, Argentina)
* New translations auth.php (Spanish, Argentina)
* New translations activities.php (Spanish, Argentina)
* New translations validation.php (Lithuanian)
2021-08-21 20:24:31 +01:00
Dan Brown
a274406038
Merge pull request #2868 from ffranchina/master
...
Adding Lithuanian language
2021-08-21 20:05:35 +01:00
Dan Brown
1a6293ce24
Optimized loading of page/chapter URLs to be a little more efficient
...
- Loaded book_slug as part of chapter/page queries instead of books
being loaded in afterwards.
- Removed unused page method.
- Updated some page queries to load specific attributes.
2021-08-21 19:59:55 +01:00
Dan Brown
8db047de70
New Crowdin updates ( #2807 )
...
* New translations entities.php (Chinese Simplified)
* New translations settings.php (Chinese Simplified)
* New translations common.php (Chinese Simplified)
* New translations entities.php (Chinese Simplified)
* New translations settings.php (Portuguese)
* New translations activities.php (Portuguese)
* New translations common.php (Portuguese)
* New translations entities.php (Portuguese)
* New translations settings.php (French)
* New translations entities.php (Latvian)
* New translations common.php (Latvian)
* New translations common.php (Italian)
* New translations settings.php (Italian)
* New translations entities.php (Italian)
* New translations entities.php (German)
* New translations entities.php (Dutch)
* New translations settings.php (German)
* New translations settings.php (Dutch)
* New translations common.php (German)
* New translations common.php (Dutch)
* New translations settings.php (Italian)
* New translations activities.php (Persian)
* New translations activities.php (Persian)
* New translations auth.php (Persian)
* New translations auth.php (Persian)
* New translations validation.php (Persian)
* New translations validation.php (Persian)
* New translations common.php (Persian)
* New translations pagination.php (Persian)
* New translations passwords.php (Persian)
* New translations common.php (Persian)
* New translations components.php (Persian)
* New translations errors.php (Persian)
* New translations errors.php (Persian)
* New translations entities.php (Persian)
* New translations activities.php (Norwegian Bokmal)
* New translations common.php (Norwegian Bokmal)
* New translations entities.php (Norwegian Bokmal)
* New translations errors.php (Norwegian Bokmal)
* New translations settings.php (Norwegian Bokmal)
* New translations settings.php (Norwegian Bokmal)
* New translations activities.php (Polish)
* New translations common.php (Polish)
* New translations errors.php (Polish)
* New translations settings.php (Polish)
* New translations activities.php (Czech)
* New translations activities.php (Czech)
* New translations auth.php (Czech)
* New translations common.php (Czech)
* New translations entities.php (Czech)
* New translations errors.php (Czech)
* New translations passwords.php (Czech)
* New translations auth.php (Czech)
* New translations entities.php (Czech)
* New translations settings.php (Czech)
* New translations validation.php (Czech)
* New translations auth.php (Czech)
* New translations auth.php (Czech)
* New translations entities.php (Czech)
* New translations settings.php (Czech)
* New translations components.php (Czech)
* New translations activities.php (Czech)
* New translations activities.php (Indonesian)
* New translations entities.php (Indonesian)
* New translations settings.php (Indonesian)
* New translations errors.php (Vietnamese)
* New translations common.php (Vietnamese)
* New translations activities.php (Chinese Traditional)
* New translations common.php (Chinese Traditional)
* New translations entities.php (Chinese Traditional)
* New translations errors.php (Chinese Traditional)
* New translations errors.php (Chinese Traditional)
* New translations settings.php (Chinese Traditional)
* New translations common.php (Portuguese, Brazilian)
* New translations common.php (Portuguese, Brazilian)
* New translations activities.php (Chinese Traditional)
* New translations common.php (Chinese Simplified)
* New translations activities.php (Ukrainian)
* New translations auth.php (Ukrainian)
* New translations common.php (Ukrainian)
* New translations settings.php (Ukrainian)
* New translations validation.php (Ukrainian)
* New translations activities.php (Chinese Simplified)
* New translations auth.php (Chinese Simplified)
* New translations settings.php (Chinese Simplified)
* New translations settings.php (Turkish)
* New translations validation.php (Chinese Simplified)
* New translations auth.php (Chinese Traditional)
* New translations validation.php (Chinese Traditional)
* New translations activities.php (Vietnamese)
* New translations auth.php (Vietnamese)
* New translations common.php (Vietnamese)
* New translations settings.php (Vietnamese)
* New translations validation.php (Vietnamese)
* New translations validation.php (Turkish)
* New translations common.php (Turkish)
* New translations auth.php (Portuguese, Brazilian)
* New translations auth.php (Slovenian)
* New translations validation.php (Russian)
* New translations activities.php (Slovak)
* New translations auth.php (Slovak)
* New translations common.php (Slovak)
* New translations settings.php (Slovak)
* New translations validation.php (Slovak)
* New translations activities.php (Slovenian)
* New translations common.php (Slovenian)
* New translations auth.php (Turkish)
* New translations settings.php (Slovenian)
* New translations validation.php (Slovenian)
* New translations activities.php (Swedish)
* New translations auth.php (Swedish)
* New translations common.php (Swedish)
* New translations settings.php (Swedish)
* New translations validation.php (Swedish)
* New translations activities.php (Turkish)
* New translations activities.php (Portuguese, Brazilian)
* New translations settings.php (Portuguese, Brazilian)
* New translations common.php (Russian)
* New translations validation.php (Bosnian)
* New translations common.php (Latvian)
* New translations settings.php (Latvian)
* New translations validation.php (Latvian)
* New translations activities.php (Bosnian)
* New translations auth.php (Bosnian)
* New translations common.php (Bosnian)
* New translations settings.php (Bosnian)
* New translations activities.php (Norwegian Bokmal)
* New translations activities.php (Latvian)
* New translations auth.php (Norwegian Bokmal)
* New translations common.php (Norwegian Bokmal)
* New translations settings.php (Norwegian Bokmal)
* New translations validation.php (Norwegian Bokmal)
* New translations activities.php (German Informal)
* New translations auth.php (German Informal)
* New translations common.php (German Informal)
* New translations settings.php (German Informal)
* New translations auth.php (Latvian)
* New translations validation.php (Croatian)
* New translations validation.php (Portuguese, Brazilian)
* New translations settings.php (Persian)
* New translations activities.php (Indonesian)
* New translations auth.php (Indonesian)
* New translations common.php (Indonesian)
* New translations settings.php (Indonesian)
* New translations validation.php (Indonesian)
* New translations activities.php (Persian)
* New translations auth.php (Persian)
* New translations common.php (Persian)
* New translations validation.php (Persian)
* New translations settings.php (Croatian)
* New translations activities.php (Spanish, Argentina)
* New translations auth.php (Spanish, Argentina)
* New translations common.php (Spanish, Argentina)
* New translations settings.php (Spanish, Argentina)
* New translations validation.php (Spanish, Argentina)
* New translations activities.php (Croatian)
* New translations auth.php (Croatian)
* New translations common.php (Croatian)
* New translations settings.php (Russian)
* New translations auth.php (Russian)
* New translations common.php (Chinese Traditional)
* New translations common.php (Czech)
* New translations validation.php (Bulgarian)
* New translations activities.php (Catalan)
* New translations auth.php (Catalan)
* New translations common.php (Catalan)
* New translations settings.php (Catalan)
* New translations validation.php (Catalan)
* New translations auth.php (Czech)
* New translations settings.php (Czech)
* New translations common.php (Bulgarian)
* New translations validation.php (Czech)
* New translations activities.php (Danish)
* New translations auth.php (Danish)
* New translations common.php (Danish)
* New translations settings.php (Danish)
* New translations validation.php (Danish)
* New translations activities.php (German)
* New translations auth.php (German)
* New translations settings.php (Bulgarian)
* New translations auth.php (Bulgarian)
* New translations settings.php (German)
* New translations activities.php (Spanish)
* New translations settings.php (Chinese Traditional)
* New translations common.php (Portuguese, Brazilian)
* New translations activities.php (Czech)
* New translations activities.php (French)
* New translations auth.php (French)
* New translations common.php (French)
* New translations settings.php (French)
* New translations validation.php (French)
* New translations auth.php (Spanish)
* New translations activities.php (Bulgarian)
* New translations common.php (Spanish)
* New translations settings.php (Spanish)
* New translations validation.php (Spanish)
* New translations activities.php (Arabic)
* New translations auth.php (Arabic)
* New translations common.php (Arabic)
* New translations settings.php (Arabic)
* New translations validation.php (Arabic)
* New translations common.php (German)
* New translations validation.php (German)
* New translations activities.php (Russian)
* New translations activities.php (Polish)
* New translations settings.php (Korean)
* New translations validation.php (Korean)
* New translations activities.php (Dutch)
* New translations auth.php (Dutch)
* New translations common.php (Dutch)
* New translations settings.php (Dutch)
* New translations validation.php (Dutch)
* New translations auth.php (Polish)
* New translations auth.php (Korean)
* New translations common.php (Polish)
* New translations settings.php (Polish)
* New translations validation.php (Polish)
* New translations activities.php (Portuguese)
* New translations auth.php (Portuguese)
* New translations common.php (Portuguese)
* New translations settings.php (Portuguese)
* New translations validation.php (Portuguese)
* New translations common.php (Korean)
* New translations activities.php (Korean)
* New translations activities.php (Hebrew)
* New translations validation.php (Hungarian)
* New translations auth.php (Hebrew)
* New translations common.php (Hebrew)
* New translations settings.php (Hebrew)
* New translations validation.php (Hebrew)
* New translations activities.php (Hungarian)
* New translations auth.php (Hungarian)
* New translations common.php (Hungarian)
* New translations settings.php (Hungarian)
* New translations activities.php (Italian)
* New translations validation.php (Japanese)
* New translations auth.php (Italian)
* New translations common.php (Italian)
* New translations settings.php (Italian)
* New translations validation.php (Italian)
* New translations activities.php (Japanese)
* New translations auth.php (Japanese)
* New translations common.php (Japanese)
* New translations settings.php (Japanese)
* New translations validation.php (German Informal)
* New translations activities.php (Spanish)
* New translations auth.php (Spanish)
* New translations common.php (Spanish)
* New translations settings.php (Spanish)
* New translations validation.php (Spanish)
2021-08-21 18:57:32 +01:00
Dan Brown
b005acdd6c
Updated pages API to not clear content if not provided
...
Can now update page details without supplying page content.
Added test to cover.
Closes #2856
2021-08-21 18:54:38 +01:00
Dan Brown
822fea4303
Updated js dependancies
2021-08-21 15:53:45 +01:00
Dan Brown
ac110eb6b2
Merge pull request #2890 from BookStackApp/analysis-kabPRy
...
Apply fixes from StyleCI
2021-08-21 15:50:16 +01:00
Dan Brown
64785ed9da
Apply fixes from StyleCI
2021-08-21 14:49:40 +00:00
Dan Brown
cac31b2074
Merge pull request #2827 from BookStackApp/mfa
...
MFA System
2021-08-21 15:47:55 +01:00
Dan Brown
2d306949b5
Cleaned some unused elements during testing
2021-08-21 15:38:43 +01:00
Dan Brown
78e94bb003
Improved login redirect and setup experience
...
- Updated auth system for mfa to not update intended URL so that the
user is not redirected to mfa setup after eventual login.
- Added notification for users setting up MFA, after setup when
redirected back to login screen to advise that MFA setup was complete
but they need to login again.
- Updated some bits of wording to display better.
2021-08-21 15:14:24 +01:00
Dan Brown
622ea03c65
Added attribution for new libs added
...
- Also hard-set TOTP algorithm with comment from testing others.
2021-08-08 14:52:29 +01:00
Dan Brown
f1f59cf086
Extracted text to translation files
...
Also aligned mfa method delete route to align with others.
2021-08-08 14:24:44 +01:00
Dan Brown
773be963ba
Updated auth changes to work with remember me
2021-08-07 22:32:19 +01:00
Dan Brown
ef9354a0cb
Verified mfa session expires on logout
...
Since sessions are invalidated upon logout.
2021-08-07 21:53:13 +01:00
Dan Brown
39a205ed28
Quick test of email confirmation routes and fix of tests
2021-08-07 21:18:59 +01:00
Dan Brown
70f39757b1
Updated API auth handling of email confirmations
...
Email confirmations are now done within the guard during auth checking
instead of at the middleware layer.
2021-08-05 22:07:08 +01:00
Dan Brown
c429cf7818
Merge branch 'v21.05.x'
2021-08-04 21:32:29 +01:00
Dan Brown
65ebffa002
Updated when github actions run
2021-08-04 21:22:53 +01:00
Dan Brown
a04064f981
Updated php dependancies up minor versions
2021-08-04 21:10:55 +01:00
Dan Brown
7d19057e68
Fixed issue where user id still used on profile pages
...
Updated to use slugs and added testing to cover.
2021-08-04 21:08:51 +01:00
Dan Brown
0de0507137
Added vb.net code language option
...
Related to #2869
2021-08-04 20:56:34 +01:00
Dan Brown
7a8954ee65
Fixed audit log user dropdown usability issue
...
User search input blur would trigger the submission of the search
filters which would cause strange thing where you'd click on a search
filtered user which would blur the input hence submit, but the user
would think they've clicked the user and the page would reload but the
input had not updated at that point.
Related to #2863
2021-08-04 20:48:23 +01:00
Francesco Franchina
a3ad840bdd
Adding Lithuanian language
2021-08-03 23:42:34 +02:00
Dan Brown
9b271e559f
Worked on MFA setup required flow
...
- Restructured some of the route naming to be a little more consistent.
- Moved the routes about to be more logically in one place.
- Created a new middleware to handle the auth of people that should be
allowed access to mfa setup routes, since these could be used by
existing logged in users or by people needing to setup MFA on access.
- Added testing to cover MFA setup required flow.
- Added TTL and method tracking to session last-login tracking system.
2021-08-02 22:02:25 +01:00
Dan Brown
4597069083
Added Backup code verification logic
...
Also added testing to cover as part of this in addition to adding the
core backup code handling required.
Also added the standardised translations for switching mfa mode and
adding testing for this switching.
2021-08-02 16:35:37 +01:00
Dan Brown
a3f19ebe96
Added TOTP verification upon access
2021-08-02 15:04:43 +01:00
Dan Brown
1af5bbf3f7
Added login redirect system to confirm/mfa
...
Also continued a bit on the MFA verification system.
Moved some MFA routes to public space using updated login service to get
the current user that is either logged in or last attempted login (With
correct creds).
2021-07-18 16:52:31 +01:00
Dan Brown
1278fb4969
Started moving MFA and email confirmation to new login flow
...
Instead of being soley middleware based.
2021-07-17 18:24:50 +01:00
Dan Brown
9249addb5c
Updated all login events to route through single service
2021-07-17 17:45:00 +01:00
Dan Brown
78f9c01519
Started on some MFA access-time checks
...
Discovered some difficult edge cases:
- User image loading in header bar when using local_secure storage
- 404s showing user-specific visible content due to content listing on
404 page since user is in semi-logged in state. Maybe need to go
through and change up how logins are handled to centralise and
provide us better control at login time to prevent any auth level.
2021-07-16 23:23:36 +01:00