Commit Graph

467 Commits

Author SHA1 Message Date
Dan Brown
9b271e559f
Worked on MFA setup required flow
- Restructured some of the route naming to be a little more consistent.
- Moved the routes about to be more logically in one place.
- Created a new middleware to handle the auth of people that should be
  allowed access to mfa setup routes, since these could be used by
  existing logged in users or by people needing to setup MFA on access.
- Added testing to cover MFA setup required flow.
- Added TTL and method tracking to session last-login tracking system.
2021-08-02 22:02:25 +01:00
Dan Brown
4597069083
Added Backup code verification logic
Also added testing to cover as part of this in addition to adding the
core backup code handling required.

Also added the standardised translations for switching mfa mode and
adding testing for this switching.
2021-08-02 16:35:37 +01:00
Dan Brown
a3f19ebe96
Added TOTP verification upon access 2021-08-02 15:04:43 +01:00
Dan Brown
f696aa5eea
Added the ability to remove an MFA method
Includes testing to cover
2021-07-14 21:27:21 +01:00
Dan Brown
7c86c26cd0
Added command to reset user MFA
Includes tests to cover the command.
2021-07-14 20:50:36 +01:00
Dan Brown
cfc0c593db
Added MFA indicator to user list
Also fixed issue with showing incorrect MFA method count on user edit
page changes done in last commit
2021-07-14 20:19:05 +01:00
Dan Brown
bb43acef21
Added MFA setup link on user edit view 2021-07-14 20:06:41 +01:00
Dan Brown
09c2814dc7
Added role based MFA control
- Added new DB column for control and role updated create/update actions.
- Created new middleware as a start to actual enforcement logic.
- Added indicator to role list of whether MFA is enforced.
2021-07-03 13:34:48 +01:00
Dan Brown
529971c534
Added backup code setup flow
- Includes testing to cover flow.
- Moved TOTP logic to its own controller.
- Added some extra totp tests.
2021-07-02 20:53:33 +01:00
Dan Brown
83c8f73142
Covered TOTP setup with testing 2021-07-02 19:51:30 +01:00
Dan Brown
916a82616f
Complete base flow for TOTP setup
- Includes DB storage and code validation.
- Extracted TOTP work to its own service file.
- Still needs testing to cover this side of things.
2021-06-30 22:10:02 +01:00
Dan Brown
934a833818 Apply fixes from StyleCI 2021-06-26 15:23:15 +00:00
Dan Brown
3a402f6adc
Review of #2682, Also added parent deletion link on restore
On restore, added a link to the parent deletion restore if any exists
on a cascading parent. Added a test to cover this case to ensure its shown.

Also tweaked default empty state message on recycle bin item list to align
with new column count.

Also done a little existing code cleanup including a getUrl helper on
the deletion items.

Related to #2682 & #2594
2021-06-26 12:12:11 +01:00
Dan Brown
265f5db03f
Reviewed #2393, Removed image guessing and added testing
For review of meta tag additions as per PR #2393.
This commit removes any image guesswork and only uses images that have
been set by the author for the specific content.
This also adds tests to cover the expected OG tags.
2021-06-23 20:42:48 +01:00
Dan Brown
992f03a3c0
Added markdown export endpoints to API
- Added tests to cover.
- Added slight extra spaces at content joins.
2021-06-22 21:39:29 +01:00
Dan Brown
57ea2e92ec
Updated markdown export implementation
- Removed ZIP system for now, until the idea can be fleshed out.
- Added testing to cover.
- Upgraded used library.
- Added custom handling for BookStack callouts.
- Added HTML cleanup to better produce output for things like code
  blocks.
2021-06-22 21:02:18 +01:00
Dan Brown
7d951b842c
Made social account detach a POST request
Closes #2808
2021-06-14 22:37:58 +01:00
Dan Brown
94bf5b8fbb
Added test for social account detach 2021-06-14 22:30:53 +01:00
Dan Brown
2c34a99248
Merge pull request #2791 from BookStackApp/attachments_open_in_browser
Attachment serving without forced download
2021-06-13 14:03:08 +01:00
Dan Brown
b5caaa73b7
Fixed content parsing break with line html comment
Fixes issues thrown in custom HMTL head & page content filtering when
the content is comprised of only a single HTML comment.
Adds tests to cover.

For #2804
2021-06-13 12:53:04 +01:00
Dan Brown
7997300f96
Added front-end toggle and testing of inline attachments 2021-06-06 13:55:56 +01:00
Dan Brown
0627efe5e9
Updated base64 image extraction to use url instead of path
To ensure it works with all storage types and follows the format of
manually uploaded image content
2021-06-04 22:59:31 +01:00
Dan Brown
39928e1c63
Reviewed base64 image upload support
- Added test cases to cover.
- Altered parsing logic to be a little less reliant on regex.
- Added new iamge repo method for creating from data.
- Added extension validation and additional type support.
- Done some cleanup of common operations within PageContent.
- Added message to API docs/method to mention image usage.

For #2700 and #2631.
2021-06-02 21:34:34 +01:00
Dan Brown
7634ac4e12
Updated test to align with export date format change 2021-05-30 13:23:51 +01:00
Dan Brown
57a063cdfb
Updated nav tests to look for shortened item names 2021-05-29 23:46:33 +01:00
Dan Brown
1fa90e4f12
Converted another couple of tests from browserkit 2021-05-29 23:42:21 +01:00
Dan Brown
ed6ec341df
Added testing to cover next/previous navigation
For #2511
2021-05-29 12:49:10 +01:00
Dan Brown
eb76e882c5
Added deletion of revisions on page delete
Added testing to cover.
Closes #2668
2021-05-26 16:40:56 +01:00
Dan Brown
df0e03cd07
Reviewed PR to add import user avatars va LDAP
- Reduced options to single new configuration paramter instead of two.
- Moved more logic into UserAvatars class.
- Updated LDAP avatar import to also run on login when no image is
  currently set.
- Added thumbnail fetching to search requests.
- Added testing to cover.

Related to PR #2320, and issue #1161
2021-05-24 18:54:08 +01:00
Dan Brown
fb5b5e138d
Updated existing tag tests away from browserkit testing 2021-05-24 16:16:58 +01:00
Dan Brown
3eaf03a7ac
Reviewed tag in seach work
- Refactored some tag code bits while reviewing.
- Updated tag design in search listing to be more subtle.
- Moved tags out of entity-list-item-basic template and instead moved
  them into entity-list-item, below the existing content.
- Tweaked existing tag colors a little.
- Changed tag icon to be more tag-like.
- Added tag-on-search test case.

Review of #2487, Related to #2462
2021-05-24 16:12:09 +01:00
Dan Brown
7d94da10fb
Merge branch 'v21.04.x' 2021-05-24 13:08:51 +01:00
Dan Brown
c7322a71f7
Added theme add social driver redirect configuration callback
Allows someone using the theme system to configure the social driver
before a redirect action occurs, by passing a callback as an additional
param to the theme 'addSocialDriver' method.
2021-05-24 12:55:45 +01:00
Dan Brown
2c3523f6a1
Updated image permission setting logic
To ensure thhat the visibility is still set on local storage options
since the previous recent changes could cause problems where in
scenarios where the server user could not read images uploaded by the
php process user.

Closes #2758
2021-05-24 12:09:28 +01:00
Dan Brown
ba8ba5c634
Added testing to favourite system
- Also removed some old view service references.
- Updated TopFavourites query to be based on favourites table and join
  in the views instead of the other way around, so that favourites still
show even if they have no views.
2021-05-23 14:34:36 +01:00
Dan Brown
db9aa41096
Started writing testing for favourites 2021-05-16 01:07:20 +01:00
Dan Brown
68ef6a842f
Fixed issue thrown upon empty markdown content save
Closes #2741
2021-05-15 17:33:53 +01:00
Dan Brown
7be7d7d1e7
Updated not-found image path handling to have better ux
Added test to cover.
Started refactoring some of the app error handling in
the process of this.

Fixes #2696
2021-05-08 18:49:58 +01:00
Dan Brown
7f8f3080c5 Removed php8-only 'mixed' type from test method 2021-05-08 13:23:28 +01:00
Dan Brown
9cf4191079 Reviewed and updated SAML2 authncontext option
Added tests to cover.
Changed default to align with existing default.
Added env option parsing.
For #1998
2021-05-08 13:07:25 +01:00
Dan Brown
a083ceaf44 Fixed item export with deleted creator/updated
Added test to cover.
Fixes #2733
2021-05-05 22:52:08 +01:00
Dan Brown
43b6633183 Filtered scripts in custom HTML head for exports
Since it appeared to cause problems in some scenarios.
Related to #2490
2021-05-03 23:59:52 +01:00
Dan Brown
83b576eb19
Prevented "Recently Viewed" homepage list showing non-user-viewed items
Triggered when the user has no/limited views. Added a test to cover.
Closes #2703
2021-04-27 21:05:01 +01:00
Dan Brown
ec827da5a5 Updated public view test case to be more reliable
Was failing due to either common name or view share being
sticky across requests.
2021-04-20 22:14:01 +01:00
Dan Brown
20528a2442 Fixed error thrown when owner existed but the creator did not
Added test to cover.
For #2687
2021-04-20 21:04:38 +01:00
Dan Brown
5c9c1d1a4b Updated shelf sort to allow default sort, added testing
Done during review of #2515
2021-03-21 23:06:15 +00:00
Dan Brown
06706a2d9c Added user filter to audit log
Included testing to cover.
Closes #2472
2021-03-21 15:04:32 +00:00
Dan Brown
8e5067ee91 Performed fixes for failing tests on php8
- Commands that run a truncate DB action failed due to messing up the
  test transations so we mnaully work around that now to ensure a
transaction exists for the test to cleanup afterwards.
- Updated dompdf lib version
2021-03-20 16:25:02 +00:00
Dan Brown
829fecd338 Updated app to PHP7.3 min supported version, For php8 support
- Updated remaining dependancies
- Upped min versions used
- Updated GH actions to drop 7.2 and include 8.0
- Updated phpunit & tests to 9.x
2021-03-20 15:35:39 +00:00
Dan Brown
691db40a33 Added login/register theme events 2021-03-19 21:54:50 +00:00