Commit Graph

576 Commits

Author SHA1 Message Date
Dan Brown
53a26a365c
Merge branch 'master' into 2019-design 2019-03-30 13:17:29 +00:00
Dan Brown
193e2ffebe
Prevent dbl exts. on img upload, Randomized attachment upload names 2019-03-24 19:08:21 +00:00
Dan Brown
f5fe524e6c
Added extension whitelist for image uploads
- A continuation of the security issues addressed in v0.25.3
2019-03-21 19:43:15 +00:00
Dan Brown
37b91b6b0e
Hardened image file validation by removing custom validation
- Added test to check PHP files cannot be uploaded as an image.
2019-03-20 23:59:55 +00:00
Dan Brown
8b7bee7c67
Updated standard entity lists 2019-03-17 15:07:03 +00:00
Dan Brown
5f2d226f09
Merge branch 'master' into 2019-design 2019-03-10 21:40:02 +00:00
Dan Brown
44c537de1a
Performed some LDAP service/test cleanup 2019-03-10 10:54:19 +00:00
Dan Brown
6bccf0e64a
Merge branch 'feature-ldap-attributes' of git://github.com/dfanara/BookStack into dfanara-feature-ldap-attributes 2019-03-10 10:31:09 +00:00
Dan Brown
042a6f9760
Updated shelf menu item to show on custom permission
- Extended new 'userCanOnAny' helper to take a entity class for
filtering.

Closes #1201
2019-03-09 21:15:45 +00:00
Dan Brown
5c9b528517
Abstracted userCanCreatePage helper to work for any permisison
- Added test to cover scenario where someone with create-own permission
would want to copy a viewable item into a container entity that they
own.
2019-03-09 16:50:22 +00:00
Dan Brown
6be2d3f28c
Merge branch 'Copy-For-View-Only' of git://github.com/mark-james/BookStack into mark-james-Copy-For-View-Only 2019-03-09 16:12:12 +00:00
Daniel Fanara
502ea608bf Issue #1306 - Unit Tests for LdapService Changes 2019-03-09 01:08:49 -05:00
Daniel Fanara
55b07c7076 Issue #1306 - Specify display name attribute from LDAP 2019-03-08 23:55:11 -05:00
Dan Brown
98a4359198
Updated user language select to use correct default
- Updated localisation system to take note of system defaul locale
before replacing the current locale
Fixes #1316
2019-03-07 21:09:23 +00:00
Dan Brown
035a0d8efb
Added experimental breadcrumb traversal 2019-02-24 15:57:35 +00:00
Dan Brown
f1e571a57c
Made shelf listing more unique & efficient
- Now includes listing of all books within.
2019-02-16 17:13:01 +00:00
Dan Brown
a112c11df8
Re-ordered and updated main settings page 2019-02-16 14:17:35 +00:00
Dan Brown
3286f29a61
Merge branch 'master' into 2019-design 2019-02-09 14:58:38 +00:00
Dan Brown
5325870271
Updated auth pages to new design, Removed public layout 2019-02-03 17:34:15 +00:00
Dan Brown
138f5d5c4f
Updated user and shelf views to new design 2019-02-03 13:45:45 +00:00
Dan Brown
20988962fe
Migrated a whole load more page/chapter/shelf views 2019-02-02 11:41:41 +00:00
Dan Brown
32603362a6
Updated a bunch of book views 2019-01-31 20:37:12 +00:00
abijeet
5ef0992d5b PHPCS related fixes. 2019-01-27 15:59:23 +05:30
Dan Brown
36424a24b5
Added ability for date format strings to be localized by back-end
Requires the locale to be installed on the system-side.
Closes #1214
2019-01-19 12:11:18 +00:00
Dan Brown
0efed43389
Converted more views to new layout and made breadcrumbs more flexible 2019-01-13 15:54:55 +00:00
Dan Brown
163a57cf70
Merge branch 'master' into 2019-design 2019-01-13 14:10:27 +00:00
Dan Brown
0e0a17cc30
Prevented page text content includes
Avoids possible permission issues where included content shown in search or preview
where the user would not normally have permission to view the included content.

Closes #1178
2019-01-05 17:18:40 +00:00
Dan Brown
a2087fe3ff
Made delete permissions a requirement for move operations
Closes #1200
2019-01-05 14:39:40 +00:00
Mark James
19770d2792 Use joint_permissions to determine is a user has an available page or chapter to copy. 2019-01-02 16:55:28 +11:00
Mark James
99c6d70c51 Initial updates to allow for page copy when the user can read the page but can't update it. 2018-12-31 17:01:49 +11:00
Dan Brown
2317bf2350
Added check for last admin on role change
Will show error message if last admin and admin role is removed.
Closes #1124
Also cleaned up user controller a little.
2018-12-30 16:11:58 +00:00
Dan Brown
68017e2553
Added testing for avatar fetching systems & config
Abstracts imageservice http interaction.
Closes #1193
2018-12-23 15:34:38 +00:00
Dan Brown
b56fc21aaf
Abstracted user avatar fetching away from gravatar
Still uses gravatar as a default.
Updated URL placeholders to follow LDAP format.
Potential breaking config change: `GRAVATAR=false` replaced by `AVATAR_URL=false`
Builds upon #1111
2018-12-22 19:29:19 +00:00
Dan Brown
d673bf61c2
Merge branch 'custom-avatar-provider' of git://github.com/Vinrobot/BookStack into Vinrobot-custom-avatar-provider 2018-12-22 18:18:14 +00:00
Dan Brown
7c8edf5673
Merge pull request #1096 from christophert/add-ldaptlsinsecure
Add option to disable LDAPS Certificate Validation
2018-12-22 16:38:50 +00:00
Dan Brown
26ec1cc3dc
Added proper escaping to LDAP filter operations
To cover #1163
2018-12-20 20:04:09 +00:00
Dan Brown
7f6929d716
Re-enabled plaintext view for email notifications
Updated mail notifications to set the HTML and plaintext views since before
no plaintext version was being created.

Closes #1182
2018-12-16 20:44:57 +00:00
Dan Brown
323bff7d6d
Extended translations system for arrays & extension
Extended the base Laravel translation system to
allow a locale to be based upon another.

Also adds functionality to take base & fallback locales into account when fetching
an array of translations.

Related to work done in #1159
2018-12-12 20:46:27 +00:00
Dan Brown
4c574c22a8
Implemented functionality to make books sort function
Also changed public user settings to be stored in session rather than DB.
Cleaned existing list view type logic.
2018-12-07 18:33:53 +00:00
Dan Brown
4a872012c5
Merge branch 'master' into 2019-design 2018-11-11 11:44:35 +00:00
Vinrobot
5e6c039b08
Added config to change Gravatar URL 2018-11-10 16:11:11 +01:00
Dan Brown
178b5af83a
Added google select_account test
Also cleaned the function naming a little to be more descriptive of the
work they do.
2018-11-10 14:52:43 +00:00
Dan Brown
4be0c567cc
Merge pull request #1063 from justein230/master
Add select account parameter for google authorization
2018-11-10 14:32:28 +00:00
Dan Brown
038b2418f7
Fixed baseURL helper when no app url is set
Also cleaned variable naming to be more obvious
2018-11-09 21:29:30 +00:00
Justin Stein
2ca8038df2 Removed return from documentation for function redirectToSocialProvider 2018-11-04 11:07:04 -08:00
Justin Stein
89de328439 Merge branch 'master' of https://github.com/BookStackApp/BookStack 2018-11-04 11:04:30 -08:00
Justin Stein
c37e73b626 Moved redirect functionality back to start register and log in functions 2018-11-04 10:48:55 -08:00
Justin Stein
0283ab11b5 Added function for redirect with parameters for Socialite 2018-11-04 10:40:06 -08:00
Dan Brown
ffc1aa873e
Merge branch 'v0.24-dev' 2018-11-04 15:36:40 +00:00
Dan Brown
19b7093438
Fixed redirect issue when custom app url in use
Fixes #956 & #1048
Also added tests to cover this url logic.
Also removed debugbar during tests to maybe improve test speed.
2018-11-04 15:18:27 +00:00