webapp/bookstack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2025-08-05 00:42:14 +03:00
Code Activity
3,836 Commits 14 Branches 213 Tags
user_permissions
Commit Graph

182 Commits

Author SHA1 Message Date
Dan Brown
932e1d7c61 Got entity relation query permission application working 
May be issues at points of use though, Added todo for this in code.
Also added extra indexes to collapsed table for better query
performance.
 2023-01-13 17:10:20 +00:00
Dan Brown
451e4ac452 Fixed collapsed perm. gen for book sub-items. 
Also converted the existing "JointPermission" usage to the new
collapsed permission system.
 2022-12-23 14:05:43 +00:00
Dan Brown
39acbeac68 Started new permission-caching/querying model 2022-12-22 15:09:17 +00:00
Dan Brown
0411185fbb Added, and built perm. gen for, joint_user_permissions table 2022-12-11 14:51:53 +00:00
Dan Brown
1c53ffc4d1 Updated entity_permissions table for user perms. 
As start of user permissions work
 2022-12-07 14:57:23 +00:00
Dan Brown
06a7f1b54a Added migration to drop entity restricted field 2022-10-08 15:30:03 +01:00
Dan Brown
1d3dbd6f6e Migrated entity_permissions table to new flat format 
Simplifies structure and limits content count, while allowing direct
mapping of new UI intent, where we may have entries with no permissions.
Not yet updated app logic to suit.

Tested via migrating and rolling-back, then comparing export data,
across a set of custom permission entries.
 2022-10-07 15:07:09 +01:00
Dan Brown
d0dc5e5c5d Added a little protection to migration query 
Just to be sure the query is filtered as expected to only affect
shelf-based images.
 2022-09-08 12:26:14 +01:00
Dan Brown
f28ed0ef0b Fixed shelf covers being stored as 'cover_book' 
Are now stored as 'cover_bookshelf' as expected.
Added a migrate to alter existing shelf cover image types.
 2022-09-02 12:54:54 +01:00
Dan Brown
5d29d0cc7b Added reference storage system, and command to re-index 
Also re-named/orgranized some files for this, to make them "References"
specific instead of a subset of "Util".
 2022-08-17 14:40:14 +01:00
Dan Brown
837fd74bf6 Refactored search-based code to its own folder 
Also applied StyleCI changes
 2022-08-16 11:28:05 +01:00
Dan Brown
8f90996cef Dropped use of non-view joint permissions 2022-07-16 21:50:42 +01:00
Dan Brown
b0a4d3d059 Renamed and cleaned up existing permission service classes use 2022-07-12 20:15:41 +01:00
Dan Brown
2d4f708c79 Extracted permission building out of permission service 2022-07-12 19:38:11 +01:00
Dan Brown
c8b123bfac Updated composer deps, applied styleci changes 2022-06-08 18:00:30 +01:00
Dan Brown
d795af04df Added ability to escape role "External Auth ID" commas 
- Using a backslash in this field before a comma.
- Could potentially (Although unlikely) be a breaking change.

For #3405
 2022-05-04 21:03:13 +01:00
Dan Brown
f1a8ad4980 Applied latest StyleCI changes 2022-04-25 18:42:31 +01:00
Dan Brown
d5b7fff102 Merge branch 'recycle_bin_api_endpoints' into development 2022-04-25 18:32:55 +01:00
Dan Brown
0930e8519c Updated polymorphic database relation types to simpler version 
- Means we can use these simpler types in API response, As desired in #3377.

Closes #3395
 2022-04-25 18:31:37 +01:00
Dan Brown
2b0ae23da0 Updated composer deps, applied latest StyleCI changes 2022-04-24 18:22:40 +01:00
Dan Brown
0c5723d76e Switched to database-based tracking for page editor 
- Works better to avoid bad assumptions when showing the editor based
  upon content type.
- Also updated some previous tests to cleaner format.
 2022-04-23 23:20:46 +01:00
Dan Brown
e8e38f1f7b Added an 'editor-change' role permission 2022-04-17 14:33:06 +01:00
Dan Brown
00eedafbfd Added timeout and debugging statuses to webhooks 
- Added a user-configurable timeout option to webhooks.
- Added webhook fields for last-call/error datetime, in addition to last
  error string, which are shown on  webhook edit view.

Related to #3122
 2022-01-03 19:42:48 +00:00
Dan Brown
67b6c07548 Updated failing tests, Applied StyleCI changes 2021-12-18 16:41:42 +00:00
Dan Brown
04f37e21e2 Applied latest StyleCI changes 2021-12-18 11:43:05 +00:00
Dan Brown
a3ead5062a Merge branch 'webhooks' 2021-12-18 11:40:08 +00:00
Dan Brown
d00ac3101d Allowed database queue usage where desired 2021-12-13 18:34:18 +00:00
Dan Brown
dbd4281ae8 Added active toggle to webhooks 
To allow easy temporary de-activation without deletion or other
workarounds. Updated tests to cover.
 2021-12-12 17:39:06 +00:00
Dan Brown
9079700170 Refactored the activity service 
- Renamed to "ActivityLogger" to be more focused in usage.
- Extracted out query elements to seperate "ActivityQueries" class.
- Removed old 'addForEntity' activity method to limit activity record
  points.
 2021-12-11 17:29:33 +00:00
Dan Brown
f2cb3b94f9 Added missing migration down table drop 2021-12-10 14:58:14 +00:00
Dan Brown
6381041252 Added testing for webhook management interface 2021-12-10 14:54:58 +00:00
Zero
2fd7b1f0d5 Update index name to 'activities_ip_index' 2021-12-10 14:50:04 +08:00
Zero
a93254430c Add index for user IP address 2021-12-10 14:50:04 +08:00
Dan Brown
8716b1922b Completed webhook management interface 
Got webhook CRUD actions in place within the interface.
Quick manual test pass done, Needs automated tests.
 2021-12-08 17:35:58 +00:00
Dan Brown
a3a3055695 Started webhook implementation 2021-12-07 14:55:11 +00:00
Dan Brown
9e0164f4f4 Further search system refactorings 
- Moved search term querying to its own method.
- Updated Large content seeder to be more performant
 2021-11-08 11:29:25 +00:00
Dan Brown
e1b8fe45b0 Refactored search runner a little to be neater 2021-11-08 11:04:27 +00:00
Dan Brown
6f75aa9cdc Reverted shift change to old migration 2021-11-04 22:38:55 +00:00
Dan Brown
f139cded78 Laravel 8 shift squash & merge (#3029) 
* Temporarily moved back config path
* Apply Laravel coding style
* Shift exception handler
* Shift HTTP kernel and middleware
* Shift service providers
* Convert options array to fluent methods
* Shift to class based routes
* Shift console routes
* Ignore temporary framework files
* Shift to class based factories
* Namespace seeders
* Shift PSR-4 autoloading
* Shift config files
* Default config files
* Shift Laravel dependencies
* Shift return type of base TestCase methods
* Shift cleanup
* Applied stylci style changes
* Reverted config files location
* Applied manual changes to Laravel 8 shift

Co-authored-by: Shift <shift@laravelshift.com>
 2021-10-30 21:29:59 +01:00
Dan Brown
f77236aa38 Laravel 7.x Shift (#3011) 
* Apply Laravel coding style
* Shift bindings
* Shift core files
* Shift to Throwable
* Add laravel/ui dependency
* Shift Eloquent methods
* Shift config files
* Shift Laravel dependencies
* Shift cleanup
* Shift test config and references
* Applied styleci changes
* Applied fixes post shift to laravel 7

Co-authored-by: Shift <shift@laravelshift.com>
 2021-10-26 22:04:18 +01:00
Dan Brown
887a79f130 Reviewed adding IP recording to activity & audit log 
Review of #2936

- Added testing to cover
- Added APP_PROXIES to .env.example.complete with details.
- Renamed migration to better align the name and to set the migration
  date to fit with production deploy order.
- Removed index from IP column in migration since an index does not yet
  provide any value.
- Updated table header text label.
- Prevented IP recording when in demo mode.
 2021-09-26 17:18:12 +01:00
Dan Brown
8972f7b212 Merge branch 'log-ip-address' of https://github.com/johnroyer/BookStack into johnroyer-log-ip-address 2021-09-26 16:17:28 +01:00
Dan Brown
c100560bd9 Applied style ci changes again 2021-09-26 15:49:25 +01:00
Dan Brown
5c7eb0df57 Caught old string helper function usage 
Found by Laravel Shift Workbench
 2021-09-26 15:41:11 +01:00
Zero
5cf0c99e32 Add IP column 2021-09-20 11:29:14 +08:00
Dan Brown
0e7166f7f6 Cleaned up DB usage in migration 2021-08-28 21:55:04 +01:00
Dan Brown
7d9de23a25 Applied styleci patches 2021-08-28 21:51:15 +01:00
Dan Brown
eda9e89c55 Added role permissions for exporting content 2021-08-28 21:48:17 +01:00
Dan Brown
09c2814dc7 Added role based MFA control 
- Added new DB column for control and role updated create/update actions.
- Created new middleware as a start to actual enforcement logic.
- Added indicator to role list of whether MFA is enforced.
 2021-07-03 13:34:48 +01:00
Dan Brown
916a82616f Complete base flow for TOTP setup 
- Includes DB storage and code validation.
- Extracted TOTP work to its own service file.
- Still needs testing to cover this side of things.
 2021-06-30 22:10:02 +01:00