Commit Graph

142 Commits

Author SHA1 Message Date
Dan Brown
887a79f130
Reviewed adding IP recording to activity & audit log
Review of #2936

- Added testing to cover
- Added APP_PROXIES to .env.example.complete with details.
- Renamed migration to better align the name and to set the migration
  date to fit with production deploy order.
- Removed index from IP column in migration since an index does not yet
  provide any value.
- Updated table header text label.
- Prevented IP recording when in demo mode.
2021-09-26 17:18:12 +01:00
Dan Brown
8972f7b212
Merge branch 'log-ip-address' of https://github.com/johnroyer/BookStack into johnroyer-log-ip-address 2021-09-26 16:17:28 +01:00
Dan Brown
c100560bd9
Applied style ci changes again 2021-09-26 15:49:25 +01:00
Dan Brown
5c7eb0df57
Caught old string helper function usage
Found by Laravel Shift Workbench
2021-09-26 15:41:11 +01:00
Zero
5cf0c99e32 Add IP column 2021-09-20 11:29:14 +08:00
Dan Brown
0e7166f7f6
Cleaned up DB usage in migration 2021-08-28 21:55:04 +01:00
Dan Brown
7d9de23a25
Applied styleci patches 2021-08-28 21:51:15 +01:00
Dan Brown
eda9e89c55
Added role permissions for exporting content 2021-08-28 21:48:17 +01:00
Dan Brown
09c2814dc7
Added role based MFA control
- Added new DB column for control and role updated create/update actions.
- Created new middleware as a start to actual enforcement logic.
- Added indicator to role list of whether MFA is enforced.
2021-07-03 13:34:48 +01:00
Dan Brown
916a82616f
Complete base flow for TOTP setup
- Includes DB storage and code validation.
- Extracted TOTP work to its own service file.
- Still needs testing to cover this side of things.
2021-06-30 22:10:02 +01:00
Dan Brown
934a833818 Apply fixes from StyleCI 2021-06-26 15:23:15 +00:00
Dan Brown
bf8e7f3393
Started addition of favourite system 2021-05-16 00:29:56 +01:00
Dan Brown
c4e31a0d5e
Updated hard-coded string lengths for indexed columns
Since this is what's causing issues for people during migration due to max
key lengths.
Related to #2710.
2021-04-27 20:53:22 +01:00
Dan Brown
3a9caea846 Started work on user slugs
Related to #2525
2021-03-08 22:34:22 +00:00
Dan Brown
44c41e9e4d Updated footer links to be a configurable list
Made so footer link ordering, names and urls can be set.
Cleaned up some of the setting-service and added support for array
setting types, which are cleaned on entry and stored as json with a new
type indicator column on the settings table for auto-decode.
Also added testing to cover this feature.

Related to #1973 and #854
2021-01-31 00:23:15 +00:00
Dan Brown
d27875bad1
Added owner field to DummyContentSeeder 2021-01-02 00:09:29 +00:00
Dan Brown
b493becadf
Started change for entities to have concept of owners 2020-12-30 18:25:35 +00:00
Dan Brown
ef1b98019a
Fixed some mis-refactoring and split search service
Search service broken into index and runner tools.
2020-11-22 00:17:45 +00:00
Dan Brown
712ccd23c4
Updated activities table format
Renamed some columns to be more generic and applicable.
Removed now redundant book_id column.
Allowed nullable entity morph columns for non-entity activity.

Ran tests and made required changes.
2020-11-08 00:03:19 +00:00
Dan Brown
04197e393a
Started work on the recycle bin interface 2020-10-03 18:44:12 +01:00
Dan Brown
691027a522
Started implementation of recycle bin functionality 2020-09-27 23:24:33 +01:00
Gertjan Krol
4b0d1ddf39 Fixed the AddActivityIndexes migration's down() method 2020-09-22 19:22:27 +02:00
Dan Brown
78bf044a7a
Added audit log interface
- Displays the currently tracked activities in the system.

Related to #2173 and #1167
2020-09-19 12:06:45 +01:00
Dan Brown
5f1ee5fb0e
Removed role 'name' field from database
The 'name' field was really redundant and caused confusion in the
codebase, since the 'Display' name is often used and we have a
'system_name' for the admin and public role.

This fixes #2032, Where external auth group matching has confusing
behaviour as matching was done against the display_name, if no
external_auth field is set, but only roles with a match 'name' field
would be considered.

This also fixes and error where the role users migration, on role
delete, would not actually fire due to mis-matching http body keys.
Looks like this has been an issue from the start. Added some testing to
cover. Fixes #2211.

Also converted phpdoc to typehints in many areas of the reviewed code
during the above.
2020-08-04 14:55:01 +01:00
Dan Brown
a9f02550f0
Removed joint_permissions auto_increment id
Removed auto_incrementing id and set a primary key of the [role_id,
entity_type, entity_id, action] instead since this table could recieve a
lot of activity, especially when permission regeneration was automated,
leading to very high auto_increment counts which could max out the
integer limit.

Also updated some RolesTest comment endpoints to align with
recent route changes.

Should fix #2091
2020-08-04 13:02:31 +01:00
Dan Brown
3d11cba223
Added testing coverage to API token auth 2019-12-30 19:42:46 +00:00
Dan Brown
692fc46c7d
Removed token 'client' text, avoid confusion w/ oAuth
- Instead have a token_id and a secret.
   - Displayed a 'Token ID' and 'Token Secret'.
2019-12-29 20:07:28 +00:00
Dan Brown
832fbd65af
Added testing coverage to user API token interfaces 2019-12-29 19:46:46 +00:00
Dan Brown
dccb279c84
Built out interfaces & endpoints for API token managment 2019-12-29 17:03:52 +00:00
Dan Brown
d336ba6874
Started work on API token controls
- Added access-api permission.
- Started user profile UI work.
- Created database table and model for tokens.
- Fixed incorrect templates down migration :(
2019-12-29 13:02:26 +00:00
Dan Brown
58a79fcb19
Removed old str_random functions from seeders 2019-09-14 14:17:55 +01:00
Dan Brown
cbf9d701af
Updated to laravel 6 2019-09-14 14:12:39 +01:00
Dan Brown
213e9d2941
Upgraded to Laravel 5.6 2019-09-06 22:14:39 +01:00
Dan Brown
44330bdd24
Start user invite system 2019-08-17 15:52:33 +01:00
Dan Brown
71167426bb
Started implementation of page template 2019-07-07 13:45:46 +01:00
Dan Brown
919660678b
Re-structured the app code to be feature based rather than code type based 2018-09-25 12:30:50 +01:00
Dan Brown
818c02ed44
Added null role check to migrate path
Also added check for existing bookshelf role_permissions
in the event the user got that for.
Also related to #1027
2018-09-24 16:30:08 +01:00
Dan Brown
9abdab3991
Updated migration to convert MyISAM tables to InnoDB
New bookshelves_books tables requires foreign constraints which error on MyISAM.
For #1027
2018-09-24 15:58:40 +01:00
Dan Brown
b62afcad1f Removed search indexing from migration path to prevent Bookshelf issue 2018-09-23 13:25:12 +01:00
Dan Brown
eebfd8904e
Removed old fulltext indexes from migrations
Prevents forcing of MyISAM for some databases
Removed old code to add indexes and added checks for existing indexes before removal.
Should still allow upgrades, rollbacks to old bookstack versions may be funky but
should not be high use-case.
2018-09-23 00:30:48 +01:00
Dan Brown
0b6f83837b
Removed joint_permission generation in older migration 2018-09-20 16:03:01 +01:00
Dan Brown
81eb642f75
Added bookshelves homepage options
- Updated homepage selection UI to be more scalable
- Cleaned homepage selection logic in code
- Added seed test data for bookshelves
- Added bookshelves to permission system
2018-09-20 15:27:30 +01:00
Dan Brown
47b08888ba
Added bookshelf view, update, delete
- Enabled proper ordering of Books in a shelf.
- Improved related item destroy for all entities.
2018-09-16 19:34:09 +01:00
Dan Brown
b89411c108
Copied book content, Added create routes
Added view control
Added pivot table for books relation
Added control to assign books
2018-08-27 14:18:09 +01:00
Dan Brown
c3986cedfc
Added shelve icon, improved migration, added role permission
Icon is placeholder for now
Migration will now copy permissions from Books to apply to shelves.
Role view updated with visibility on shelve permission
2018-08-04 12:45:45 +01:00
Dan Brown
b5a2d3c1c4
Merge remote-tracking branch 'origin' into bookshelves 2018-08-04 11:35:01 +01:00
Dan Brown
f421d83627
Added ability to set custom ldap group -> role mapping
Added input in role form to allow matching against custom names.
Changed default mapping to use role display name instead of the hidden
DB name.
2018-07-15 19:34:42 +01:00
Dan Brown
4948b443b6
Started work on bookshelves 2018-06-24 13:38:19 +01:00
Dan Brown
a50153d221
Slimmed down testing DB sized and improved permission caching 2018-04-14 22:17:47 +01:00
Dan Brown
261e57fc4e
Converted books view setting to user setting
Also cleaned up/moved new CSS and removed redundant new book methods.
2017-12-06 16:34:26 +00:00