webapp/bookstack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2025-11-03 02:13:16 +03:00
Code Activity
3,040 Commits 18 Branches 216 Tags
2d0abc41644896f4f0405103679a8832df9425b8
Commit Graph

597 Commits

Author SHA1 Message Date
Dan Brown
2633b94deb Applied StyleCI changes 2021-11-13 13:28:17 +00:00
Dan Brown
63d8d72d7e Added testing to cover search result highlighting 2021-11-13 13:26:11 +00:00
Dan Brown
7d0724e288 Added auto-conversion of search terms to exact values 
Will occur when a search term contains a character that's used to split
content into search terms.
Added testing to cover.
 2021-11-12 18:03:44 +00:00
Dan Brown
99587a0be6 Added tag values as part of the indexed search terms 
This allows finding content via tag name/values when just searching
using normal seach terms.
Added testing to cover.

Related to #1577
 2021-11-12 17:06:01 +00:00
Dan Brown
f28daa01d9 Added page content parsing to up-rank header text in search 
This adds parsing of page content so that headers apply a boost to
scores in the search term index.
Additionally, this merges title and content terms to reduce the amount
of stored terms a little.
Includes testing to cover.
 2021-11-12 13:47:23 +00:00
Dan Brown
da17004c3e Added test to cover search frquency rank changes 2021-11-09 15:05:02 +00:00
Dan Brown
899349c4b4 Added testing coverage for tag index 
Also:
- Extracted out index table row to its own view.
- Added empty state.
- Ensured query params are set on pagination links.
 2021-11-06 21:54:02 +00:00
Dan Brown
bc291bee78 Added inital phpstan/larastan setup 2021-11-05 16:18:06 +00:00
Dan Brown
c9c4dbcb5b Merge branch 'laravel_upgrade' 2021-11-04 22:42:35 +00:00
Dan Brown
a17be959d8 Applied latest styleci changes 2021-11-01 13:26:02 +00:00
Dan Brown
bfbccbede1 Updated attachments to not be saved with a complete extension 
Intended to limit impact in the event the storage path is potentially
exposed.
 2021-11-01 11:32:00 +00:00
Dan Brown
43830a372f Updated showImage file serving to not be traversable 
For #3030
 2021-10-31 23:53:17 +00:00
Dan Brown
ae155d6745 Added safe mime sniffing to prevent serving HTML 
(Amoung other content types)
For #3027
 2021-10-31 17:58:56 +00:00
Dan Brown
f139cded78 Laravel 8 shift squash & merge (#3029) 
* Temporarily moved back config path
* Apply Laravel coding style
* Shift exception handler
* Shift HTTP kernel and middleware
* Shift service providers
* Convert options array to fluent methods
* Shift to class based routes
* Shift console routes
* Ignore temporary framework files
* Shift to class based factories
* Namespace seeders
* Shift PSR-4 autoloading
* Shift config files
* Default config files
* Shift Laravel dependencies
* Shift return type of base TestCase methods
* Shift cleanup
* Applied stylci style changes
* Reverted config files location
* Applied manual changes to Laravel 8 shift

Co-authored-by: Shift <shift@laravelshift.com>
 2021-10-30 21:29:59 +01:00
Dan Brown
4f55fe2f8e Made further changes to page image extraction validation 
Fixes #3019
Increased testing to cover the failing case amoung others.
 2021-10-28 15:54:00 +01:00
Dan Brown
3166541002 Added test to cover #3010 2021-10-27 12:29:01 +01:00
Dan Brown
f77236aa38 Laravel 7.x Shift (#3011) 
* Apply Laravel coding style
* Shift bindings
* Shift core files
* Shift to Throwable
* Add laravel/ui dependency
* Shift Eloquent methods
* Shift config files
* Shift Laravel dependencies
* Shift cleanup
* Shift test config and references
* Applied styleci changes
* Applied fixes post shift to laravel 7

Co-authored-by: Shift <shift@laravelshift.com>
 2021-10-26 22:04:18 +01:00
Dan Brown
cdef1b3ab0 Updated SAML ACS post to retain user session 
Session was being lost due to the callback POST request cookies
not being provided due to samesite=lax. This instead adds an additional
hop in the flow to route the request via a GET request so the session is
retained. SAML POST data is stored encrypted in cache via a unique ID
then pulled out straight afterwards, and restored into POST for the SAML
toolkit to validate.

Updated testing to cover.
 2021-10-20 13:34:00 +01:00
Dan Brown
859934d6a3 Applied latest changes from styleCI 2021-10-20 10:49:45 +01:00
Dan Brown
2409d1850f Added TestCase for attachments API methods 2021-10-20 00:58:56 +01:00
Dan Brown
cb45c53029 Added base64 image extraction to markdown page content 
- Included tests to cover.
- Manually tested via API update and interface page update.

Closes #2898
 2021-10-18 11:42:50 +01:00
Dan Brown
6e325de226 Applied latest styles changes from style CI 2021-10-16 16:01:59 +01:00
Dan Brown
263384cf99 Merge branch 'oidc' 2021-10-16 15:51:13 +01:00
Dan Brown
f3c147d33b Applied latest styleci changes 2021-10-15 14:16:45 +01:00
Dan Brown
c9c0e5e16f Fixed guest user email showing in TOTP setup url 
- Occured during enforced MFA setup upon login.
- Added test to cover.

Fixes #2971
 2021-10-14 18:02:16 +01:00
Dan Brown
ffa4377e65 Added testing to cover debug view 2021-10-14 17:40:22 +01:00
Dan Brown
a5d72aa458 Fleshed out testing for OIDC system 2021-10-13 16:51:27 +01:00
Dan Brown
c167f40af3 Renamed OIDC files to all be aligned 2021-10-12 23:04:28 +01:00
Dan Brown
790723dfc5 Added further OIDC core class testing 2021-10-12 16:48:54 +01:00
Dan Brown
f3d54e4a2d Added positive test case for OIDC implementation 
- To continue coverage and spec cases next.
 2021-10-12 00:01:51 +01:00
Dan Brown
ca764caf2d Added throttling to password reset requests 2021-10-08 23:19:37 +01:00
Dan Brown
a9b3df537f Applied changes from styleci 2021-10-08 22:23:17 +01:00
Dan Brown
41541df6ec Added testing to cover work done in last commit 
Relevant to comments in 7224fbcc89.
Added test cases. Ensured they failed pre-commit.
Also tested a range of the altered endpoints manually on both local and
s3-like filesystems.
 2021-10-08 21:47:59 +01:00
Dan Brown
41ac69adb1 Forced response cache revalidation on logged-in responses 
- Prevents authenticated responses being visible when back button
  pressed in browser.
- Previously, 'no-cache, private' was added by default by Symfony which
  would have prevents proxy cache issues but this adds no-store and a
  max-age option to also invalidate all caching.

Thanks to @haxatron via huntr.dev
Ref: https://huntr.dev/bounties/6cda9df9-4987-4e1c-b48f-855b6901ef53/
 2021-10-08 15:22:09 +01:00
Dan Brown
193d7fb3fe Merge branch 'openid' of https://github.com/jasperweyne/BookStack into jasperweyne-openid 2021-10-06 13:18:21 +01:00
Dan Brown
f99af807d0 Reviewed and refactored additional editor draft save warnings 
- Added testing to cover warning cases.
- Refactored logic to be simpler and move much of the business out of
  the controller.
- Added new message that's more suitable to the case this was handling.
- For detecting an outdated draft, checked the draft created_at time
  instead of updated_at to better fit the scenario being checked.
- Updated some method types to align with those potentially being used
  in the logic of the code.
- Added a cache of shown messages on the front-end to prevent them
  re-showing on every save during the session, even if dismissed.
 2021-10-04 20:26:55 +01:00
Dan Brown
d3a9645161 Allowed page includes on custom home 
For #2279
Old hold-over for when include content permissions were handled less
delicately.
 2021-10-04 11:26:26 +01:00
Dan Brown
505d7e604e Applied StyleCI changes 2021-09-29 23:53:11 +01:00
Dan Brown
887a79f130 Reviewed adding IP recording to activity & audit log 
Review of #2936

- Added testing to cover
- Added APP_PROXIES to .env.example.complete with details.
- Renamed migration to better align the name and to set the migration
  date to fit with production deploy order.
- Removed index from IP column in migration since an index does not yet
  provide any value.
- Updated table header text label.
- Prevented IP recording when in demo mode.
 2021-09-26 17:18:12 +01:00
Dan Brown
05d99a312d Applied styleci changes 2021-09-26 15:48:22 +01:00
Dan Brown
c32b315cd7 Standardised facade usage to use via their FQCN 
Done via Laravel Shift Workbench
 2021-09-26 15:37:55 +01:00
Dan Brown
ffdfdc7449 Fixed dodgy test helper signature causing tests to fail 
Just needed some argument defaults to make them optional for existing
uses.
 2021-09-18 21:29:42 +01:00
Dan Brown
ba075b46f9 Merge pull request #2928 from BookStackApp/browserkit_removal 
Convert old BrowserKit tests
 2021-09-18 21:28:16 +01:00
Dan Brown
c08c8d7aa3 Applied styleci style changes 2021-09-18 21:21:44 +01:00
Dan Brown
6454e24657 Removed browserkit testing from project 
Converted last bits of the roles tests and removed dependancies.
Updated other PHP dependancies at the same time.
 2021-09-18 21:20:38 +01:00
Dan Brown
d74255df5d Started updating RolesTest away from Browserkit 2021-09-18 00:33:03 +01:00
Dan Brown
a4d9bca9e1 Converted AuthTest away from BrowserKit 
Moved some user managment tests out to more relevant classess along the
way.
Found some tweaks to make for email confirmation routing as part of
this.
 2021-09-17 23:44:54 +01:00
Dan Brown
90c759e5ca Rewrote entity permissions tests to be non-browser-kit 2021-09-17 22:35:28 +01:00
Dan Brown
5d93dd258e Finished moving EntityTests out to new TestCase files 2021-09-17 21:29:16 +01:00
Dan Brown
de8cceb0f7 Moved more tests out of EntityTest 2021-09-15 22:18:37 +01:00