1
0
mirror of https://github.com/BookStackApp/BookStack.git synced 2024-10-30 07:32:39 +01:00
Commit Graph

2350 Commits

Author SHA1 Message Date
Dan Brown
fd67f61b43
Merge branch 'master' of github.com:BookStackApp/BookStack 2021-01-02 02:46:25 +00:00
Dan Brown
92922288dd
Added iframe CSP, improved session cookie security
Added iframe CSP headers with configuration via .env.
Updated session cookies to be lax by default, dynamically changing to
none when iframes configured to allow third-party control.
Updated cookie security to be auto-secure if a https APP_URL is set.

Related to #2427 and #2207.
2021-01-02 02:43:50 +00:00
Dan Brown
280f1a0a5b
Create FUNDING.yml 2021-01-02 01:25:49 +00:00
Dan Brown
588fd7d165
Fixed short editor in firefox and optimised some queries
Optimised permission fetching so that it won't initialise a bunch
of models for the role permissions and instead does a manual
query to get the data directly.
2021-01-02 01:22:41 +00:00
Dan Brown
857d9ed3f1
Merge pull request #2436 from BookStackApp/ownership_system
Entity Ownership System
2021-01-02 00:29:22 +00:00
Dan Brown
d27875bad1
Added owner field to DummyContentSeeder 2021-01-02 00:09:29 +00:00
Dan Brown
de989ffa9a
Tested new ownership + (delete/change) systems 2021-01-01 23:58:53 +00:00
Dan Brown
b43f997dab
Added manual type conversion to fix failing tests 2021-01-01 18:38:54 +00:00
Dan Brown
5e686bb624
Added user ownership migrate to delete screen. 2021-01-01 18:31:01 +00:00
Dan Brown
99b14621f9
Moved permission updating to its own tool
And added support for owner changing.
2021-01-01 17:49:48 +00:00
Dan Brown
da9083bf1f
Fixed view path 2020-12-31 17:27:23 +00:00
Dan Brown
8833b5bc3b
Added user-select input 2020-12-31 17:25:20 +00:00
Dan Brown
33e35c9a8a
Converted breadcrumb-listing to new component system 2020-12-31 15:27:25 +00:00
Dan Brown
e408067b10
Fixed test helper method signature 2020-12-30 22:25:10 +00:00
Dan Brown
4c580d1571
Added owners to entity creation and updated tests 2020-12-30 22:18:28 +00:00
Dan Brown
b493becadf
Started change for entities to have concept of owners 2020-12-30 18:25:35 +00:00
Dan Brown
c71f00b2ec
Updated readme newsletter links 2020-12-30 16:51:55 +00:00
Dan Brown
4e82d93350
Updated wording of image cleanup option
As per #2352
2020-12-18 22:59:47 +00:00
Dan Brown
f1e1a745b0
Fixed failing home test after changes in last commit
Also made a restriction test more reliable.
Also renamed restrictionstest to entitypermissionstest to be more
consistent with newer app wording.
2020-12-18 21:44:35 +00:00
Dan Brown
4b4642c8ea
Aligned book and shelf grid item views
Updated the titles so they are limited via CSS rather than by a
estimated hardcoded limit.

For #1469
2020-12-18 21:26:22 +00:00
Dan Brown
2b603b0488
Updated deps based on changes done for php8 readiness
Commit cherry-picked from branch then made further changes.
Updates min php version.
2020-12-18 20:29:33 +00:00
Dan Brown
20bb76afdb
Fixed changed namespaces for merged test 2020-12-18 20:04:48 +00:00
Dan Brown
cf04a0d818
Merge branch 'v0.30.x' 2020-12-18 14:16:13 +00:00
Dan Brown
2acef3c2ec
Fixed issue where restricted page content in plaintext export
The content of pages made non-viewable to a user via permissions, within a visible parent, could be seen via the plaintext export option. Before v0.30.6 this would have applied only to scenarios where all pages within the chapter were made non-visible. In v0.30.6 this would make all pages within the chapter visible.

As per #2414
2020-12-18 13:56:00 +00:00
Dan Brown
9884cca00c
Merge branch 'v0.30.x' 2020-12-17 21:47:59 +00:00
Dan Brown
3f3fad7113
Fixed book-tree-gen page visibility issue
When book trees were generated, pages in chapters where ALL pages within
were not supposed to be visibile, would be visible due to the code
falling back on the raw relation which would not account for
permissions.

This has now been changed so that a custom 'visible_pages' attribute is set and used by any book tree structures, to ensure it does not fall back to the raw relation.

Added an extra test to cover.

For #2414
2020-12-17 17:31:18 +00:00
Dan Brown
5ab0db9690
Updated chapter delete wording to fit with new logic 2020-12-17 02:29:53 +00:00
Dan Brown
00308ad4ab
Cleaned up some user/image areas of the app
Further cleanup of docblocks and standardisation of repos.
2020-12-08 23:46:38 +00:00
Dan Brown
6c09334ba0
Fixed issue where page export contain system would miss images 2020-12-06 22:23:21 +00:00
Dan Brown
65b2c90522
Merge branch 'v0.30.x' 2020-12-06 21:32:01 +00:00
Dan Brown
884664bfe9
Ensured base64 images are read from image upload folder
Also removed unused storage systems and updated testing.
2020-12-06 15:34:18 +00:00
Dan Brown
8911e3f441
Removed http fetching from image base64 generation 2020-12-06 14:24:22 +00:00
Dan Brown
7d38c96a23
Removed generic "UploadService" which was doing very little 2020-12-06 12:58:40 +00:00
Dan Brown
162d893143
Updated .env.example to encorage use of setting APP_URL
For the purposes of secure URL generation and to avoid common problems
found when people are using reverse proxies.
2020-12-06 12:31:36 +00:00
Dan Brown
0b01a77c16
Swapped out HTML diff implementation for own, removes tidy depdendancy 2020-11-29 19:08:13 +00:00
Dan Brown
bf8716bb22
Fixed bad collection/array mixing causing error on seed 2020-11-28 16:42:12 +00:00
Dan Brown
d56e7e7c79
Merge pull request #2382 from BookStackApp/pages_api
Pages API
2020-11-28 16:31:35 +00:00
Dan Brown
57754c8211
Added testing to cover the pages API 2020-11-28 16:30:30 +00:00
Dan Brown
8aedba14a3
Added page export API controller 2020-11-28 15:39:40 +00:00
Dan Brown
875a8bdaff
Made docs sidebar a slight bit easier to scroll
Now it easily goes off the page, made it indapentally scrollable.
Will probably do something different in future as it grows more.
2020-11-28 15:28:44 +00:00
Dan Brown
53bcfe528d
Added pages API doc examples
Made some tweaks to related content and other examples while there.
2020-11-28 15:21:54 +00:00
Dan Brown
1c8102bb89
Started pages API 2020-11-22 14:56:19 +00:00
Dan Brown
ebeca256f0
Updated old exportService name in controllers 2020-11-22 01:26:14 +00:00
Dan Brown
a042e22481
Focused base Entity class cleanup
Removed some common functions from other entities.
Aligned implementation of getUrl()
Cleaned phpdocs and added typehinting.
Also extracted sibling search logic out of controller.
2020-11-22 01:20:38 +00:00
Dan Brown
ef1b98019a
Fixed some mis-refactoring and split search service
Search service broken into index and runner tools.
2020-11-22 00:17:45 +00:00
Dan Brown
c7a2d568bf
Moved models to folder, renamed managers to tools
Tools seems to fit better since the classes were a bit of a mixed bunch
and did not always manage.
Also simplified the structure of the SlugGenerator class.
Also focused EntityContext on shelves and simplified to use session
helper.
2020-11-21 23:20:54 +00:00
Dan Brown
66917520cb
Service provider and other cleanup
- Removed old 'exposeTranslations' system to instead use new component
 option system.
- Extracted validation rules into their own service provider.
- Cleaned up some formatting/comments in the repos.
2020-11-21 17:52:49 +00:00
Dan Brown
5e01c30882
Aligned constructors across controller classes
Since they no longer needed to run the parent contructor
since the parent constructor was no longer needed.
2020-11-21 17:08:37 +00:00
Dan Brown
f76a2a69f7
Cleaned up api docs implementation, added missing titles 2020-11-21 17:03:24 +00:00
Dan Brown
65ddd16532
Merge pull request #2360 from BookStackApp/activity_revamp
Tracked activity update
2020-11-21 16:12:25 +00:00