webapp/bookstack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2025-10-31 03:50:27 +03:00
Code Activity
2,161 Commits 20 Branches 216 Tags
d617dba61c20d7921245a7affad5be53a3a2af64
Commit Graph

327 Commits

Author SHA1 Message Date
Dan Brown
ad542f0407 Prevented potential inline JS event usage 
- Removes 'on*' attributes from elements.
- Also updated script logic to remove scripts instead of escaping.
- All JS injection removal now uses DomDocument + xpath parsing.
 2019-05-05 13:53:37 +01:00
Dan Brown
8c190324ac Updated existing image tests to reflect changes 
- Also added some new tests
 2019-05-04 18:11:19 +01:00
Dan Brown
aeb1fc4d49 Started rewriting back-end image managment 2019-04-21 15:52:29 +01:00
Dan Brown
4e49d06182 Merge branch 'fix/registraion-form-validation' of git://github.com/cw1998/BookStack into cw1998-fix/registraion-form-validation 2019-04-21 12:24:39 +01:00
Dan Brown
2bb06463d5 Added deeper content id de-duplication 
Closes #1393
 2019-04-21 12:22:41 +01:00
Dan Brown
0bc5ccba32 Add revision restore confirm and changed http method 
Closes #1321
 2019-04-20 13:25:16 +01:00
Dan Brown
6c66a8935a Added test to check page HTML id de-duplication 
Relates to #1393
 2019-04-20 13:01:56 +01:00
Dan Brown
c24764018a Updated ldap server option parsing to work with protocol and port 
- Aligns with PHP behaviour where ports is ignore for full LDAP URI.
- Added tests to check format being passed to LDAP is as expected.
- May be related to #1220
- Related to #1386 and #1278
 2019-04-16 22:47:53 +01:00
Christopher Wilkinson
c8cf6731e2 Add min length validation on name on register form & add sign up link 2019-04-16 12:18:51 +01:00
Dan Brown
c380c10d54 Prevented bad duplicate IDs causing major exception 
Related to #1393
 2019-04-15 21:20:32 +01:00
Dan Brown
7f3f6e65b9 Aligned item creation wording and updated shelf-book-add logic 2019-04-15 20:45:04 +01:00
Christopher Wilkinson
50a9c71de0 Add tests for creating a book and adding directly to a shelf 2019-04-15 09:27:17 +01:00
Christopher Wilkinson
faa3a8b842 Add button to add a book directly from a shelf view 2019-04-15 09:27:17 +01:00
Dan Brown
9406b4d4c9 Updated view toggle to store date 
Also added test for user list order preferences
 2019-04-14 13:01:51 +01:00
Dan Brown
b12ae6d11b Added bookshelves to breadcrumbs 
- Updated breadcrumb dropdown switchers and back-end sibling code to handle new breadcrumbs.
- Added breadcrumb view composer and EntityContext system to mangage
tracking if in the context of a bookshelf.
 2019-04-07 18:28:11 +01:00
Dan Brown
7cda9b026e Updated tests to suit layout changes, Updated 404 page 
- Also replaced 'or' usage in templates with null coalescing operator
 2019-04-06 18:36:17 +01:00
Dan Brown
193e2ffebe Prevent dbl exts. on img upload, Randomized attachment upload names 2019-03-24 19:08:21 +00:00
Dan Brown
f5fe524e6c Added extension whitelist for image uploads 
- A continuation of the security issues addressed in v0.25.3
 2019-03-21 19:43:15 +00:00
Dan Brown
37b91b6b0e Hardened image file validation by removing custom validation 
- Added test to check PHP files cannot be uploaded as an image.
 2019-03-20 23:59:55 +00:00
Dan Brown
44c537de1a Performed some LDAP service/test cleanup 2019-03-10 10:54:19 +00:00
Dan Brown
6bccf0e64a Merge branch 'feature-ldap-attributes' of git://github.com/dfanara/BookStack into dfanara-feature-ldap-attributes 2019-03-10 10:31:09 +00:00
Dan Brown
042a6f9760 Updated shelf menu item to show on custom permission 
- Extended new 'userCanOnAny' helper to take a entity class for
filtering.

Closes #1201
 2019-03-09 21:15:45 +00:00
Dan Brown
5c9b528517 Abstracted userCanCreatePage helper to work for any permisison 
- Added test to cover scenario where someone with create-own permission
would want to copy a viewable item into a container entity that they
own.
 2019-03-09 16:50:22 +00:00
Daniel Fanara
6d20bdc1fb Preserve original display_name_attribute configuration values. 2019-03-09 01:13:30 -05:00
Daniel Fanara
502ea608bf Issue #1306 - Unit Tests for LdapService Changes 2019-03-09 01:08:49 -05:00
Dan Brown
0e0a17cc30 Prevented page text content includes 
Avoids possible permission issues where included content shown in search or preview
where the user would not normally have permission to view the included content.

Closes #1178
 2019-01-05 17:18:40 +00:00
Dan Brown
50e5527483 Added test to cover "users" header link in correct permission conditions 2019-01-05 15:22:47 +00:00
Dan Brown
70ad707c3c Tweaked profile page anchor links and swapped register/login links 
Also added test for login/register links on non-auth app view
Relates to #1146
 2019-01-05 15:01:16 +00:00
Dan Brown
a2087fe3ff Made delete permissions a requirement for move operations 
Closes #1200
 2019-01-05 14:39:40 +00:00
Dan Brown
2317bf2350 Added check for last admin on role change 
Will show error message if last admin and admin role is removed.
Closes #1124
Also cleaned up user controller a little.
 2018-12-30 16:11:58 +00:00
Dan Brown
68017e2553 Added testing for avatar fetching systems & config 
Abstracts imageservice http interaction.
Closes #1193
 2018-12-23 15:34:38 +00:00
Dan Brown
f4ea5f1f55 Updated page exports to use absolute time format 
For #1065
 2018-12-22 16:35:04 +00:00
Dan Brown
26ec1cc3dc Added proper escaping to LDAP filter operations 
To cover #1163
 2018-12-20 20:04:09 +00:00
Dan Brown
651ae2f3be Fixed failing language test after addition of formatter 2018-12-16 15:46:02 +00:00
Dan Brown
323bff7d6d Extended translations system for arrays & extension 
Extended the base Laravel translation system to
allow a locale to be based upon another.

Also adds functionality to take base & fallback locales into account when fetching
an array of translations.

Related to work done in #1159
 2018-12-12 20:46:27 +00:00
Dan Brown
178b5af83a Added google select_account test 
Also cleaned the function naming a little to be more descriptive of the
work they do.
 2018-11-10 14:52:43 +00:00
Dan Brown
ffc1aa873e Merge branch 'v0.24-dev' 2018-11-04 15:36:40 +00:00
Dan Brown
19b7093438 Fixed redirect issue when custom app url in use 
Fixes #956 & #1048
Also added tests to cover this url logic.
Also removed debugbar during tests to maybe improve test speed.
 2018-11-04 15:18:27 +00:00
Dan Brown
85f330c79a Extracted many page-specific repo methods into page-specific repo 2018-10-13 11:27:55 +01:00
Dan Brown
919660678b Re-structured the app code to be feature based rather than code type based 2018-09-25 12:30:50 +01:00
Dan Brown
9243c635f2 Made search test a little more consistent 2018-09-23 15:15:44 +01:00
Dan Brown
7b32aa163f Added Bookshelves to search system. 
Also cleaned up and made search indexing system a little more efficient.
Closes #1023
 2018-09-23 12:34:30 +01:00
Dan Brown
da58c41ab6 Prevented attachDefaultRole from trying to re-attach if already existing 
Fixes #1003
Added test to cover
 2018-09-22 22:09:34 +01:00
Dan Brown
3f58800ed1 Added ability to configure revision limit 2018-09-22 17:30:42 +01:00
Dan Brown
1cb6ae39c8 Added base RTL support 
For #939

- Adds way to check if current language is RTL via config system.
- Made TinyMCE default direction be based on current language text
direction.
- Fixed bullet points to be RTL compatible.
- Set page content body to have direction based on content.
 2018-09-22 13:18:26 +01:00
Dan Brown
e3e484e561 Added custom head content to exports 
Closes #981

Also fixed incorrect download tests.
 2018-09-22 11:53:40 +01:00
Dan Brown
e60d11ee04 Altered social auto-reg to be configurable per service 
- Added {$service}_AUTO_REGISTER and {$service}_AUTO_CONFIRM_EMAIL env
options for each social auth system.
- Auto-register will allow registration from login, even if registration
is disabled.
- Auto-confirm-email indicates trust and will mark new registrants as
'email_confirmed' and skip 'confirmation email' flow.
- Also added covering tests.
 2018-09-21 18:05:06 +01:00
Dan Brown
131fcae4c7 Merge pull request #947 from BookStackApp/bookshelves 
Bookshelves
 2018-09-21 15:29:52 +01:00
Dan Brown
c8d893fac7 Updated 404 test to not fail based on random long name 2018-09-21 15:24:29 +01:00
Dan Brown
b59e5942c8 Added testing coverage for Bookshelves 
Created modified TestResponse so we can use DOM operations in new
Testcases as we move away from the BrowserKit tests.
 2018-09-21 15:15:16 +01:00