feat: uploads config + security admin page
This commit is contained in:
parent
9849b837a6
commit
134f057bb8
@ -89,6 +89,9 @@
|
|||||||
v-list-item(to='/mail', color='primary', v-if='hasPermission(`manage:system`)')
|
v-list-item(to='/mail', color='primary', v-if='hasPermission(`manage:system`)')
|
||||||
v-list-item-avatar(size='24', tile): v-icon mdi-email-multiple-outline
|
v-list-item-avatar(size='24', tile): v-icon mdi-email-multiple-outline
|
||||||
v-list-item-title {{ $t('admin:mail.title') }}
|
v-list-item-title {{ $t('admin:mail.title') }}
|
||||||
|
v-list-item(to='/security', v-if='hasPermission(`manage:system`)')
|
||||||
|
v-list-item-avatar(size='24', tile): v-icon mdi-lock-check
|
||||||
|
v-list-item-title {{ $t('admin:security.title') }}
|
||||||
v-list-item(to='/ssl', v-if='hasPermission(`manage:system`)')
|
v-list-item(to='/ssl', v-if='hasPermission(`manage:system`)')
|
||||||
v-list-item-avatar(size='24', tile): v-icon mdi-cloud-lock-outline
|
v-list-item-avatar(size='24', tile): v-icon mdi-cloud-lock-outline
|
||||||
v-list-item-title {{ $t('admin:ssl.title') }}
|
v-list-item-title {{ $t('admin:ssl.title') }}
|
||||||
@ -172,6 +175,7 @@ const router = new VueRouter({
|
|||||||
{ path: '/storage', component: () => import(/* webpackChunkName: "admin" */ './admin/admin-storage.vue') },
|
{ path: '/storage', component: () => import(/* webpackChunkName: "admin" */ './admin/admin-storage.vue') },
|
||||||
{ path: '/api', component: () => import(/* webpackChunkName: "admin" */ './admin/admin-api.vue') },
|
{ path: '/api', component: () => import(/* webpackChunkName: "admin" */ './admin/admin-api.vue') },
|
||||||
{ path: '/mail', component: () => import(/* webpackChunkName: "admin" */ './admin/admin-mail.vue') },
|
{ path: '/mail', component: () => import(/* webpackChunkName: "admin" */ './admin/admin-mail.vue') },
|
||||||
|
{ path: '/security', component: () => import(/* webpackChunkName: "admin" */ './admin/admin-security.vue') },
|
||||||
{ path: '/ssl', component: () => import(/* webpackChunkName: "admin" */ './admin/admin-ssl.vue') },
|
{ path: '/ssl', component: () => import(/* webpackChunkName: "admin" */ './admin/admin-ssl.vue') },
|
||||||
{ path: '/system', component: () => import(/* webpackChunkName: "admin" */ './admin/admin-system.vue') },
|
{ path: '/system', component: () => import(/* webpackChunkName: "admin" */ './admin/admin-system.vue') },
|
||||||
{ path: '/utilities', component: () => import(/* webpackChunkName: "admin" */ './admin/admin-utilities.vue') },
|
{ path: '/utilities', component: () => import(/* webpackChunkName: "admin" */ './admin/admin-utilities.vue') },
|
||||||
|
@ -167,93 +167,6 @@
|
|||||||
disabled
|
disabled
|
||||||
)
|
)
|
||||||
|
|
||||||
v-card.mt-5.animated.fadeInUp.wait-p5s
|
|
||||||
v-toolbar(color='red darken-2', dark, dense, flat)
|
|
||||||
v-toolbar-title.subtitle-1 Security
|
|
||||||
v-card-text
|
|
||||||
v-alert(outlined, color='red darken-2', icon='mdi-information-outline').body-2 Make sure to understand the implications before turning on / off a security feature.
|
|
||||||
v-switch.mt-3(
|
|
||||||
inset
|
|
||||||
label='Block IFrame Embedding'
|
|
||||||
color='red darken-2'
|
|
||||||
v-model='config.securityIframe'
|
|
||||||
persistent-hint
|
|
||||||
hint='Prevents other websites from embedding your wiki in an iframe. This provides clickjacking protection.'
|
|
||||||
)
|
|
||||||
|
|
||||||
v-divider.mt-3
|
|
||||||
v-switch(
|
|
||||||
inset
|
|
||||||
label='Same Origin Referrer Policy'
|
|
||||||
color='red darken-2'
|
|
||||||
v-model='config.securityReferrerPolicy'
|
|
||||||
persistent-hint
|
|
||||||
hint='Limits the referrer header to same origin.'
|
|
||||||
)
|
|
||||||
|
|
||||||
v-divider.mt-3
|
|
||||||
v-switch(
|
|
||||||
inset
|
|
||||||
label='Trust X-Forwarded-* Proxy Headers'
|
|
||||||
color='red darken-2'
|
|
||||||
v-model='config.securityTrustProxy'
|
|
||||||
persistent-hint
|
|
||||||
hint='Should be enabled when using a reverse-proxy like nginx, apache, CloudFlare, etc in front of Wiki.js. Turn off otherwise.'
|
|
||||||
)
|
|
||||||
|
|
||||||
v-divider.mt-3
|
|
||||||
v-switch(
|
|
||||||
inset
|
|
||||||
label='Subresource Integrity (SRI)'
|
|
||||||
color='red darken-2'
|
|
||||||
v-model='config.securitySRI'
|
|
||||||
persistent-hint
|
|
||||||
hint='This ensure that resources such as CSS and JS files are not altered during delivery.'
|
|
||||||
disabled
|
|
||||||
)
|
|
||||||
|
|
||||||
v-divider.mt-3
|
|
||||||
v-switch(
|
|
||||||
inset
|
|
||||||
label='Enforce HSTS'
|
|
||||||
color='red darken-2'
|
|
||||||
v-model='config.securityHSTS'
|
|
||||||
persistent-hint
|
|
||||||
hint='This ensures the connection cannot be established through an insecure HTTP connection.'
|
|
||||||
)
|
|
||||||
v-select.mt-5(
|
|
||||||
outlined
|
|
||||||
label='HSTS Max Age'
|
|
||||||
:items='hstsDurations'
|
|
||||||
v-model='config.securityHSTSDuration'
|
|
||||||
prepend-icon='mdi-subdirectory-arrow-right'
|
|
||||||
:disabled='!config.securityHSTS'
|
|
||||||
hide-details
|
|
||||||
style='max-width: 450px;'
|
|
||||||
)
|
|
||||||
.pl-11.mt-3
|
|
||||||
.caption Defines the duration for which the server should only deliver content through HTTPS.
|
|
||||||
.caption It's a good idea to start with small values and make sure that nothing breaks on your wiki before moving to longer values.
|
|
||||||
|
|
||||||
v-divider.mt-3
|
|
||||||
v-switch(
|
|
||||||
inset
|
|
||||||
label='Enforce CSP'
|
|
||||||
color='red darken-2'
|
|
||||||
v-model='config.securityCSP'
|
|
||||||
persistent-hint
|
|
||||||
hint='Restricts scripts to pre-approved content sources.'
|
|
||||||
disabled
|
|
||||||
)
|
|
||||||
v-textarea.mt-5(
|
|
||||||
label='CSP Directives'
|
|
||||||
outlined
|
|
||||||
v-model='config.securityCSPDirectives'
|
|
||||||
prepend-icon='mdi-subdirectory-arrow-right'
|
|
||||||
persistent-hint
|
|
||||||
hint='One directive per line.'
|
|
||||||
disabled
|
|
||||||
)
|
|
||||||
component(:is='activeModal')
|
component(:is='activeModal')
|
||||||
|
|
||||||
</template>
|
</template>
|
||||||
@ -296,24 +209,8 @@ export default {
|
|||||||
featurePageRatings: false,
|
featurePageRatings: false,
|
||||||
featurePageComments: false,
|
featurePageComments: false,
|
||||||
featurePersonalWikis: false,
|
featurePersonalWikis: false,
|
||||||
featureTinyPNG: false,
|
featureTinyPNG: false
|
||||||
securityIframe: true,
|
|
||||||
securityReferrerPolicy: true,
|
|
||||||
securityTrustProxy: true,
|
|
||||||
securitySRI: true,
|
|
||||||
securityHSTS: false,
|
|
||||||
securityHSTSDuration: 0,
|
|
||||||
securityCSP: false,
|
|
||||||
securityCSPDirectives: ''
|
|
||||||
},
|
},
|
||||||
hstsDurations: [
|
|
||||||
{ value: 300, text: '5 minutes' },
|
|
||||||
{ value: 86400, text: '1 day' },
|
|
||||||
{ value: 604800, text: '1 week' },
|
|
||||||
{ value: 2592000, text: '1 month' },
|
|
||||||
{ value: 31536000, text: '1 year' },
|
|
||||||
{ value: 63072000, text: '2 years' }
|
|
||||||
],
|
|
||||||
metaRobots: [
|
metaRobots: [
|
||||||
{ text: 'Index', value: 'index' },
|
{ text: 'Index', value: 'index' },
|
||||||
{ text: 'Follow', value: 'follow' },
|
{ text: 'Follow', value: 'follow' },
|
||||||
@ -360,14 +257,6 @@ export default {
|
|||||||
$featurePageRatings: Boolean!
|
$featurePageRatings: Boolean!
|
||||||
$featurePageComments: Boolean!
|
$featurePageComments: Boolean!
|
||||||
$featurePersonalWikis: Boolean!
|
$featurePersonalWikis: Boolean!
|
||||||
$securityIframe: Boolean!
|
|
||||||
$securityReferrerPolicy: Boolean!
|
|
||||||
$securityTrustProxy: Boolean!
|
|
||||||
$securitySRI: Boolean!
|
|
||||||
$securityHSTS: Boolean!
|
|
||||||
$securityHSTSDuration: Int!
|
|
||||||
$securityCSP: Boolean!
|
|
||||||
$securityCSPDirectives: String!
|
|
||||||
) {
|
) {
|
||||||
site {
|
site {
|
||||||
updateConfig(
|
updateConfig(
|
||||||
@ -382,15 +271,7 @@ export default {
|
|||||||
logoUrl: $logoUrl,
|
logoUrl: $logoUrl,
|
||||||
featurePageRatings: $featurePageRatings,
|
featurePageRatings: $featurePageRatings,
|
||||||
featurePageComments: $featurePageComments,
|
featurePageComments: $featurePageComments,
|
||||||
featurePersonalWikis: $featurePersonalWikis,
|
featurePersonalWikis: $featurePersonalWikis
|
||||||
securityIframe: $securityIframe,
|
|
||||||
securityReferrerPolicy: $securityReferrerPolicy,
|
|
||||||
securityTrustProxy: $securityTrustProxy,
|
|
||||||
securitySRI: $securitySRI,
|
|
||||||
securityHSTS: $securityHSTS,
|
|
||||||
securityHSTSDuration: $securityHSTSDuration,
|
|
||||||
securityCSP: $securityCSP,
|
|
||||||
securityCSPDirectives: $securityCSPDirectives
|
|
||||||
) {
|
) {
|
||||||
responseResult {
|
responseResult {
|
||||||
succeeded
|
succeeded
|
||||||
@ -414,15 +295,7 @@ export default {
|
|||||||
logoUrl: _.get(this.config, 'logoUrl', ''),
|
logoUrl: _.get(this.config, 'logoUrl', ''),
|
||||||
featurePageRatings: _.get(this.config, 'featurePageRatings', false),
|
featurePageRatings: _.get(this.config, 'featurePageRatings', false),
|
||||||
featurePageComments: _.get(this.config, 'featurePageComments', false),
|
featurePageComments: _.get(this.config, 'featurePageComments', false),
|
||||||
featurePersonalWikis: _.get(this.config, 'featurePersonalWikis', false),
|
featurePersonalWikis: _.get(this.config, 'featurePersonalWikis', false)
|
||||||
securityIframe: _.get(this.config, 'securityIframe', false),
|
|
||||||
securityReferrerPolicy: _.get(this.config, 'securityReferrerPolicy', false),
|
|
||||||
securityTrustProxy: _.get(this.config, 'securityTrustProxy', false),
|
|
||||||
securitySRI: _.get(this.config, 'securitySRI', false),
|
|
||||||
securityHSTS: _.get(this.config, 'securityHSTS', false),
|
|
||||||
securityHSTSDuration: _.get(this.config, 'securityHSTSDuration', 0),
|
|
||||||
securityCSP: _.get(this.config, 'securityCSP', false),
|
|
||||||
securityCSPDirectives: _.get(this.config, 'securityCSPDirectives', '')
|
|
||||||
},
|
},
|
||||||
watchLoading (isLoading) {
|
watchLoading (isLoading) {
|
||||||
this.$store.commit(`loading${isLoading ? 'Start' : 'Stop'}`, 'admin-site-update')
|
this.$store.commit(`loading${isLoading ? 'Start' : 'Stop'}`, 'admin-site-update')
|
||||||
@ -475,14 +348,6 @@ export default {
|
|||||||
featurePageRatings
|
featurePageRatings
|
||||||
featurePageComments
|
featurePageComments
|
||||||
featurePersonalWikis
|
featurePersonalWikis
|
||||||
securityIframe
|
|
||||||
securityReferrerPolicy
|
|
||||||
securityTrustProxy
|
|
||||||
securitySRI
|
|
||||||
securityHSTS
|
|
||||||
securityHSTSDuration
|
|
||||||
securityCSP
|
|
||||||
securityCSPDirectives
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
265
client/components/admin/admin-security.vue
Normal file
265
client/components/admin/admin-security.vue
Normal file
@ -0,0 +1,265 @@
|
|||||||
|
<template lang='pug'>
|
||||||
|
v-container(fluid, grid-list-lg)
|
||||||
|
v-layout(row wrap)
|
||||||
|
v-flex(xs12)
|
||||||
|
.admin-header
|
||||||
|
img.animated.fadeInUp(src='/svg/icon-private.svg', alt='Security', style='width: 80px;')
|
||||||
|
.admin-header-title
|
||||||
|
.headline.primary--text.animated.fadeInLeft {{ $t('admin:security.title') }}
|
||||||
|
.subtitle-1.grey--text.animated.fadeInLeft {{ $t('admin:security.subtitle') }}
|
||||||
|
v-spacer
|
||||||
|
v-btn.animated.fadeInDown(color='success', depressed, @click='save', large)
|
||||||
|
v-icon(left) mdi-check
|
||||||
|
span {{$t('common:actions.apply')}}
|
||||||
|
v-form.pt-3
|
||||||
|
v-layout(row wrap)
|
||||||
|
v-flex(lg6 xs12)
|
||||||
|
v-card.animated.fadeInUp
|
||||||
|
v-toolbar(color='red darken-2', dark, dense, flat)
|
||||||
|
v-toolbar-title.subtitle-1 Security
|
||||||
|
v-card-text
|
||||||
|
v-alert(outlined, color='red darken-2', icon='mdi-information-outline').body-2 Make sure to understand the implications before turning on / off a security feature.
|
||||||
|
v-switch.mt-3(
|
||||||
|
inset
|
||||||
|
label='Block IFrame Embedding'
|
||||||
|
color='red darken-2'
|
||||||
|
v-model='config.securityIframe'
|
||||||
|
persistent-hint
|
||||||
|
hint='Prevents other websites from embedding your wiki in an iframe. This provides clickjacking protection.'
|
||||||
|
)
|
||||||
|
|
||||||
|
v-divider.mt-3
|
||||||
|
v-switch(
|
||||||
|
inset
|
||||||
|
label='Same Origin Referrer Policy'
|
||||||
|
color='red darken-2'
|
||||||
|
v-model='config.securityReferrerPolicy'
|
||||||
|
persistent-hint
|
||||||
|
hint='Limits the referrer header to same origin.'
|
||||||
|
)
|
||||||
|
|
||||||
|
v-divider.mt-3
|
||||||
|
v-switch(
|
||||||
|
inset
|
||||||
|
label='Trust X-Forwarded-* Proxy Headers'
|
||||||
|
color='red darken-2'
|
||||||
|
v-model='config.securityTrustProxy'
|
||||||
|
persistent-hint
|
||||||
|
hint='Should be enabled when using a reverse-proxy like nginx, apache, CloudFlare, etc in front of Wiki.js. Turn off otherwise.'
|
||||||
|
)
|
||||||
|
|
||||||
|
//- v-divider.mt-3
|
||||||
|
//- v-switch(
|
||||||
|
//- inset
|
||||||
|
//- label='Subresource Integrity (SRI)'
|
||||||
|
//- color='red darken-2'
|
||||||
|
//- v-model='config.securitySRI'
|
||||||
|
//- persistent-hint
|
||||||
|
//- hint='This ensure that resources such as CSS and JS files are not altered during delivery.'
|
||||||
|
//- disabled
|
||||||
|
//- )
|
||||||
|
|
||||||
|
v-divider.mt-3
|
||||||
|
v-switch(
|
||||||
|
inset
|
||||||
|
label='Enforce HSTS'
|
||||||
|
color='red darken-2'
|
||||||
|
v-model='config.securityHSTS'
|
||||||
|
persistent-hint
|
||||||
|
hint='This ensures the connection cannot be established through an insecure HTTP connection.'
|
||||||
|
)
|
||||||
|
v-select.mt-5(
|
||||||
|
outlined
|
||||||
|
label='HSTS Max Age'
|
||||||
|
:items='hstsDurations'
|
||||||
|
v-model='config.securityHSTSDuration'
|
||||||
|
prepend-icon='mdi-subdirectory-arrow-right'
|
||||||
|
:disabled='!config.securityHSTS'
|
||||||
|
hide-details
|
||||||
|
style='max-width: 450px;'
|
||||||
|
)
|
||||||
|
.pl-11.mt-3
|
||||||
|
.caption Defines the duration for which the server should only deliver content through HTTPS.
|
||||||
|
.caption It's a good idea to start with small values and make sure that nothing breaks on your wiki before moving to longer values.
|
||||||
|
|
||||||
|
v-divider.mt-3
|
||||||
|
v-switch(
|
||||||
|
inset
|
||||||
|
label='Enforce CSP'
|
||||||
|
color='red darken-2'
|
||||||
|
v-model='config.securityCSP'
|
||||||
|
persistent-hint
|
||||||
|
hint='Restricts scripts to pre-approved content sources.'
|
||||||
|
disabled
|
||||||
|
)
|
||||||
|
v-textarea.mt-5(
|
||||||
|
label='CSP Directives'
|
||||||
|
outlined
|
||||||
|
v-model='config.securityCSPDirectives'
|
||||||
|
prepend-icon='mdi-subdirectory-arrow-right'
|
||||||
|
persistent-hint
|
||||||
|
hint='One directive per line.'
|
||||||
|
disabled
|
||||||
|
)
|
||||||
|
|
||||||
|
v-flex(lg6 xs12)
|
||||||
|
v-card.animated.fadeInUp.wait-p2s
|
||||||
|
v-toolbar(color='primary', dark, dense, flat)
|
||||||
|
v-toolbar-title.subtitle-1 {{ $t('admin:security.uploads') }}
|
||||||
|
v-card-text
|
||||||
|
v-text-field(
|
||||||
|
outlined
|
||||||
|
:label='$t(`admin:security.maxUploadSize`)'
|
||||||
|
required
|
||||||
|
v-model='config.uploadMaxFileSize'
|
||||||
|
prepend-icon='mdi-progress-upload'
|
||||||
|
:hint='$t(`admin:security.maxUploadSizeHint`)'
|
||||||
|
persistent-hint
|
||||||
|
:suffix='$t(`admin:security.maxUploadSizeSuffix`)'
|
||||||
|
style='max-width: 450px;'
|
||||||
|
)
|
||||||
|
v-text-field.mt-3(
|
||||||
|
outlined
|
||||||
|
:label='$t(`admin:security.maxUploadBatch`)'
|
||||||
|
required
|
||||||
|
v-model='config.uploadMaxFiles'
|
||||||
|
prepend-icon='mdi-upload-lock'
|
||||||
|
:hint='$t(`admin:security.maxUploadBatchHint`)'
|
||||||
|
persistent-hint
|
||||||
|
:suffix='$t(`admin:security.maxUploadBatchSuffix`)'
|
||||||
|
style='max-width: 450px;'
|
||||||
|
)
|
||||||
|
</template>
|
||||||
|
|
||||||
|
<script>
|
||||||
|
import _ from 'lodash'
|
||||||
|
import { sync } from 'vuex-pathify'
|
||||||
|
import gql from 'graphql-tag'
|
||||||
|
|
||||||
|
export default {
|
||||||
|
data() {
|
||||||
|
return {
|
||||||
|
config: {
|
||||||
|
uploadMaxFileSize: 0,
|
||||||
|
uploadMaxFiles: 0,
|
||||||
|
securityIframe: true,
|
||||||
|
securityReferrerPolicy: true,
|
||||||
|
securityTrustProxy: true,
|
||||||
|
securitySRI: true,
|
||||||
|
securityHSTS: false,
|
||||||
|
securityHSTSDuration: 0,
|
||||||
|
securityCSP: false,
|
||||||
|
securityCSPDirectives: ''
|
||||||
|
},
|
||||||
|
hstsDurations: [
|
||||||
|
{ value: 300, text: '5 minutes' },
|
||||||
|
{ value: 86400, text: '1 day' },
|
||||||
|
{ value: 604800, text: '1 week' },
|
||||||
|
{ value: 2592000, text: '1 month' },
|
||||||
|
{ value: 31536000, text: '1 year' },
|
||||||
|
{ value: 63072000, text: '2 years' }
|
||||||
|
]
|
||||||
|
}
|
||||||
|
},
|
||||||
|
computed: {
|
||||||
|
activeModal: sync('editor/activeModal')
|
||||||
|
},
|
||||||
|
methods: {
|
||||||
|
async save () {
|
||||||
|
try {
|
||||||
|
await this.$apollo.mutate({
|
||||||
|
mutation: gql`
|
||||||
|
mutation (
|
||||||
|
$uploadMaxFileSize: Int
|
||||||
|
$uploadMaxFiles: Int
|
||||||
|
$securityIframe: Boolean
|
||||||
|
$securityReferrerPolicy: Boolean
|
||||||
|
$securityTrustProxy: Boolean
|
||||||
|
$securitySRI: Boolean
|
||||||
|
$securityHSTS: Boolean
|
||||||
|
$securityHSTSDuration: Int
|
||||||
|
$securityCSP: Boolean
|
||||||
|
$securityCSPDirectives: String
|
||||||
|
) {
|
||||||
|
site {
|
||||||
|
updateConfig(
|
||||||
|
uploadMaxFileSize: $uploadMaxFileSize,
|
||||||
|
uploadMaxFiles: $uploadMaxFiles,
|
||||||
|
securityIframe: $securityIframe,
|
||||||
|
securityReferrerPolicy: $securityReferrerPolicy,
|
||||||
|
securityTrustProxy: $securityTrustProxy,
|
||||||
|
securitySRI: $securitySRI,
|
||||||
|
securityHSTS: $securityHSTS,
|
||||||
|
securityHSTSDuration: $securityHSTSDuration,
|
||||||
|
securityCSP: $securityCSP,
|
||||||
|
securityCSPDirectives: $securityCSPDirectives
|
||||||
|
) {
|
||||||
|
responseResult {
|
||||||
|
succeeded
|
||||||
|
errorCode
|
||||||
|
slug
|
||||||
|
message
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
`,
|
||||||
|
variables: {
|
||||||
|
uploadMaxFileSize: _.toSafeInteger(_.get(this.config, 'uploadMaxFileSize', 0)),
|
||||||
|
uploadMaxFiles: _.toSafeInteger(_.get(this.config, 'uploadMaxFiles', 0)),
|
||||||
|
securityIframe: _.get(this.config, 'securityIframe', false),
|
||||||
|
securityReferrerPolicy: _.get(this.config, 'securityReferrerPolicy', false),
|
||||||
|
securityTrustProxy: _.get(this.config, 'securityTrustProxy', false),
|
||||||
|
securitySRI: _.get(this.config, 'securitySRI', false),
|
||||||
|
securityHSTS: _.get(this.config, 'securityHSTS', false),
|
||||||
|
securityHSTSDuration: _.get(this.config, 'securityHSTSDuration', 0),
|
||||||
|
securityCSP: _.get(this.config, 'securityCSP', false),
|
||||||
|
securityCSPDirectives: _.get(this.config, 'securityCSPDirectives', '')
|
||||||
|
},
|
||||||
|
watchLoading (isLoading) {
|
||||||
|
this.$store.commit(`loading${isLoading ? 'Start' : 'Stop'}`, 'admin-site-update')
|
||||||
|
}
|
||||||
|
})
|
||||||
|
this.$store.commit('showNotification', {
|
||||||
|
style: 'success',
|
||||||
|
message: 'Configuration saved successfully.',
|
||||||
|
icon: 'check'
|
||||||
|
})
|
||||||
|
} catch (err) {
|
||||||
|
this.$store.commit('pushGraphError', err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
apollo: {
|
||||||
|
config: {
|
||||||
|
query: gql`
|
||||||
|
{
|
||||||
|
site {
|
||||||
|
config {
|
||||||
|
uploadMaxFileSize
|
||||||
|
uploadMaxFiles
|
||||||
|
securityIframe
|
||||||
|
securityReferrerPolicy
|
||||||
|
securityTrustProxy
|
||||||
|
securitySRI
|
||||||
|
securityHSTS
|
||||||
|
securityHSTSDuration
|
||||||
|
securityCSP
|
||||||
|
securityCSPDirectives
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
`,
|
||||||
|
fetchPolicy: 'network-only',
|
||||||
|
update: (data) => _.cloneDeep(data.site.config),
|
||||||
|
watchLoading (isLoading) {
|
||||||
|
this.$store.commit(`loading${isLoading ? 'Start' : 'Stop'}`, 'admin-security-refresh')
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
</script>
|
||||||
|
|
||||||
|
<style lang='scss'>
|
||||||
|
|
||||||
|
</style>
|
1
client/static/svg/icon-private.svg
Normal file
1
client/static/svg/icon-private.svg
Normal file
@ -0,0 +1 @@
|
|||||||
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 64 64" width="96px" height="96px"><linearGradient id="sjY3Z3RjS0RqXT5Ds3orNa" x1="35" x2="35" y1="39.75" y2="46.768" gradientUnits="userSpaceOnUse" spreadMethod="reflect"><stop offset="0" stop-color="#6dc7ff"/><stop offset=".216" stop-color="#87c1ff"/><stop offset="1" stop-color="#e6abff"/></linearGradient><path fill="url(#sjY3Z3RjS0RqXT5Ds3orNa)" d="M34,46h-2v-1c0-2.757,2.243-5,5-5h1v2h-1c-1.654,0-3,1.346-3,3V46z"/><linearGradient id="sjY3Z3RjS0RqXT5Ds3orNb" x1="32" x2="32" y1="4" y2="60.514" gradientUnits="userSpaceOnUse" spreadMethod="reflect"><stop offset="0" stop-color="#1a6dff"/><stop offset="1" stop-color="#c822ff"/></linearGradient><path fill="url(#sjY3Z3RjS0RqXT5Ds3orNb)" d="M58,32C58,17.664,46.336,6,32,6S6,17.664,6,32s11.664,26,26,26c3.539,0,6.915-0.713,9.993-2 H42v-0.003C51.387,52.071,58,42.794,58,32z M23,31v1h2v-1v-5.5v-4c0-0.827,0.673-1.5,1.5-1.5s1.5,0.673,1.5,1.5V27v5h2v-5v-5.5V18 c0-1.103,0.897-2,2-2s2,0.897,2,2v4v9v1h2v-1v-9c0-1.103,0.897-2,2-2s2,0.897,2,2v15.755c0,0.801,0.455,1.499,1.187,1.823 c0.731,0.324,1.555,0.19,2.147-0.348l3.252-2.958c0.78-0.779,2.049-0.779,2.828,0C49.792,36.65,50,37.152,50,37.687 c0,0.534-0.208,1.036-0.586,1.414l-6.262,6.262C41.451,47.063,39.19,48,36.785,48H25c-2.757,0-5-2.243-5-5V25.5 c0-0.827,0.673-1.5,1.5-1.5s1.5,0.673,1.5,1.5V31z M30,52v3.91c-0.675-0.056-1.342-0.139-2-0.25V52h-2v3.24 c-1.387-0.358-2.722-0.843-4-1.432v-4.494C22.911,49.75,23.925,50,25,50h11.785c1.106,0,2.186-0.162,3.215-0.475v5.099 c-1.287,0.456-2.624,0.805-4,1.036V52h-2v3.91C33.34,55.965,32.674,56,32,56v-4H30z M42,53.809V48.69 c0.932-0.503,1.796-1.143,2.566-1.913l6.262-6.262C51.584,39.759,52,38.755,52,37.687c0-1.069-0.416-2.073-1.172-2.829 c-0.755-0.755-1.76-1.171-2.828-1.171s-2.073,0.416-2.794,1.138L42,37.755V22c0-2.206-1.794-4-4-4c-0.732,0-1.409,0.212-2,0.556V18 c0-2.206-1.794-4-4-4s-4,1.794-4,4v0.351C27.544,18.133,27.039,18,26.5,18c-1.93,0-3.5,1.57-3.5,3.5v0.851 C22.544,22.133,22.039,22,21.5,22c-1.93,0-3.5,1.57-3.5,3.5V43c0,1.902,0.765,3.627,2,4.89v4.881C12.834,48.615,8,40.864,8,32 C8,18.767,18.767,8,32,8s24,10.767,24,24C56,41.665,50.253,50.009,42,53.809z"/></svg>
|
After Width: | Height: | Size: 2.1 KiB |
@ -105,18 +105,6 @@ bindIP: 0.0.0.0
|
|||||||
|
|
||||||
logLevel: info
|
logLevel: info
|
||||||
|
|
||||||
# ---------------------------------------------------------------------
|
|
||||||
# Upload Limits
|
|
||||||
# ---------------------------------------------------------------------
|
|
||||||
# If you're using a reverse-proxy in front of Wiki.js, you must also
|
|
||||||
# change your proxy upload limits!
|
|
||||||
|
|
||||||
uploads:
|
|
||||||
# Maximum upload size in bytes per file (default: 5242880 (5 MB))
|
|
||||||
maxFileSize: 5242880
|
|
||||||
# Maximum file uploads per request (default: 10)
|
|
||||||
maxFiles: 10
|
|
||||||
|
|
||||||
# ---------------------------------------------------------------------
|
# ---------------------------------------------------------------------
|
||||||
# Offline Mode
|
# Offline Mode
|
||||||
# ---------------------------------------------------------------------
|
# ---------------------------------------------------------------------
|
||||||
|
@ -24,9 +24,6 @@ defaults:
|
|||||||
min: 1
|
min: 1
|
||||||
bindIP: 0.0.0.0
|
bindIP: 0.0.0.0
|
||||||
logLevel: info
|
logLevel: info
|
||||||
uploads:
|
|
||||||
maxFileSize: 5242880
|
|
||||||
maxFiles: 10
|
|
||||||
offline: false
|
offline: false
|
||||||
ha: false
|
ha: false
|
||||||
# DB defaults
|
# DB defaults
|
||||||
@ -67,6 +64,9 @@ defaults:
|
|||||||
securityCSPDirectives: ''
|
securityCSPDirectives: ''
|
||||||
server:
|
server:
|
||||||
sslRedir: false
|
sslRedir: false
|
||||||
|
uploads:
|
||||||
|
maxFileSize: 5242880
|
||||||
|
maxFiles: 10
|
||||||
flags:
|
flags:
|
||||||
ldapdebug: false
|
ldapdebug: false
|
||||||
sqllog: false
|
sqllog: false
|
||||||
|
@ -10,13 +10,15 @@ const sanitize = require('sanitize-filename')
|
|||||||
/**
|
/**
|
||||||
* Upload files
|
* Upload files
|
||||||
*/
|
*/
|
||||||
router.post('/u', multer({
|
router.post('/u', (req, res, next) => {
|
||||||
|
multer({
|
||||||
dest: path.resolve(WIKI.ROOTPATH, WIKI.config.dataPath, 'uploads'),
|
dest: path.resolve(WIKI.ROOTPATH, WIKI.config.dataPath, 'uploads'),
|
||||||
limits: {
|
limits: {
|
||||||
fileSize: WIKI.config.uploads.maxFileSize,
|
fileSize: WIKI.config.uploads.maxFileSize,
|
||||||
files: WIKI.config.uploads.maxFiles
|
files: WIKI.config.uploads.maxFiles
|
||||||
}
|
}
|
||||||
}).array('mediaUpload'), async (req, res, next) => {
|
}).array('mediaUpload')(req, res, next)
|
||||||
|
}, async (req, res, next) => {
|
||||||
if (!_.some(req.user.permissions, pm => _.includes(['write:assets', 'manage:system'], pm))) {
|
if (!_.some(req.user.permissions, pm => _.includes(['write:assets', 'manage:system'], pm))) {
|
||||||
return res.status(403).json({
|
return res.status(403).json({
|
||||||
succeeded: false,
|
succeeded: false,
|
||||||
|
@ -20,44 +20,69 @@ module.exports = {
|
|||||||
logoUrl: WIKI.config.logoUrl,
|
logoUrl: WIKI.config.logoUrl,
|
||||||
...WIKI.config.seo,
|
...WIKI.config.seo,
|
||||||
...WIKI.config.features,
|
...WIKI.config.features,
|
||||||
...WIKI.config.security
|
...WIKI.config.security,
|
||||||
|
uploadMaxFileSize: WIKI.config.uploads.maxFileSize,
|
||||||
|
uploadMaxFiles: WIKI.config.uploads.maxFiles
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
SiteMutation: {
|
SiteMutation: {
|
||||||
async updateConfig(obj, args, context) {
|
async updateConfig(obj, args, context) {
|
||||||
|
try {
|
||||||
|
if (args.host) {
|
||||||
let siteHost = _.trim(args.host)
|
let siteHost = _.trim(args.host)
|
||||||
if (siteHost.endsWith('/')) {
|
if (siteHost.endsWith('/')) {
|
||||||
siteHost = siteHost.splice(0, -1)
|
siteHost = siteHost.splice(0, -1)
|
||||||
}
|
}
|
||||||
try {
|
|
||||||
WIKI.config.host = siteHost
|
WIKI.config.host = siteHost
|
||||||
|
}
|
||||||
|
|
||||||
|
if (args.title) {
|
||||||
WIKI.config.title = _.trim(args.title)
|
WIKI.config.title = _.trim(args.title)
|
||||||
|
}
|
||||||
|
|
||||||
|
if (args.company) {
|
||||||
WIKI.config.company = _.trim(args.company)
|
WIKI.config.company = _.trim(args.company)
|
||||||
|
}
|
||||||
|
|
||||||
|
if (args.contentLicense) {
|
||||||
WIKI.config.contentLicense = args.contentLicense
|
WIKI.config.contentLicense = args.contentLicense
|
||||||
WIKI.config.seo = {
|
|
||||||
description: args.description,
|
|
||||||
robots: args.robots,
|
|
||||||
analyticsService: args.analyticsService,
|
|
||||||
analyticsId: args.analyticsId
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (args.logoUrl) {
|
||||||
WIKI.config.logoUrl = _.trim(args.logoUrl)
|
WIKI.config.logoUrl = _.trim(args.logoUrl)
|
||||||
|
}
|
||||||
|
|
||||||
|
WIKI.config.seo = {
|
||||||
|
description: _.get(args, 'description', WIKI.config.seo.description),
|
||||||
|
robots: _.get(args, 'robots', WIKI.config.seo.robots),
|
||||||
|
analyticsService: _.get(args, 'analyticsService', WIKI.config.seo.analyticsService),
|
||||||
|
analyticsId: _.get(args, 'analyticsId', WIKI.config.seo.analyticsId)
|
||||||
|
}
|
||||||
|
|
||||||
WIKI.config.features = {
|
WIKI.config.features = {
|
||||||
featurePageRatings: args.featurePageRatings,
|
featurePageRatings: _.get(args, 'featurePageRatings', WIKI.config.features.featurePageRatings),
|
||||||
featurePageComments: args.featurePageComments,
|
featurePageComments: _.get(args, 'featurePageComments', WIKI.config.features.featurePageComments),
|
||||||
featurePersonalWikis: args.featurePersonalWikis
|
featurePersonalWikis: _.get(args, 'featurePersonalWikis', WIKI.config.features.featurePersonalWikis)
|
||||||
}
|
}
|
||||||
|
|
||||||
WIKI.config.security = {
|
WIKI.config.security = {
|
||||||
securityIframe: args.securityIframe,
|
securityIframe: _.get(args, 'securityIframe', WIKI.config.security.securityIframe),
|
||||||
securityReferrerPolicy: args.securityReferrerPolicy,
|
securityReferrerPolicy: _.get(args, 'securityReferrerPolicy', WIKI.config.security.securityReferrerPolicy),
|
||||||
securityTrustProxy: args.securityTrustProxy,
|
securityTrustProxy: _.get(args, 'securityTrustProxy', WIKI.config.security.securityTrustProxy),
|
||||||
securitySRI: args.securitySRI,
|
securitySRI: _.get(args, 'securitySRI', WIKI.config.security.securitySRI),
|
||||||
securityHSTS: args.securityHSTS,
|
securityHSTS: _.get(args, 'securityHSTS', WIKI.config.security.securityHSTS),
|
||||||
securityHSTSDuration: args.securityHSTSDuration,
|
securityHSTSDuration: _.get(args, 'securityHSTSDuration', WIKI.config.security.securityHSTSDuration),
|
||||||
securityCSP: args.securityCSP,
|
securityCSP: _.get(args, 'securityCSP', WIKI.config.security.securityCSP),
|
||||||
securityCSPDirectives: args.securityCSPDirectives
|
securityCSPDirectives: _.get(args, 'securityCSPDirectives', WIKI.config.security.securityCSPDirectives)
|
||||||
}
|
}
|
||||||
await WIKI.configSvc.saveToDb(['host', 'title', 'company', 'contentLicense', 'seo', 'logoUrl', 'features', 'security'])
|
|
||||||
|
WIKI.config.uploads = {
|
||||||
|
maxFileSize: _.get(args, 'uploadMaxFileSize', WIKI.config.uploads.maxFileSize),
|
||||||
|
maxFiles: _.get(args, 'uploadMaxFiles', WIKI.config.uploads.maxFiles)
|
||||||
|
}
|
||||||
|
|
||||||
|
await WIKI.configSvc.saveToDb(['host', 'title', 'company', 'contentLicense', 'seo', 'logoUrl', 'features', 'security', 'uploads'])
|
||||||
|
|
||||||
if (WIKI.config.security.securityTrustProxy) {
|
if (WIKI.config.security.securityTrustProxy) {
|
||||||
WIKI.app.enable('trust proxy')
|
WIKI.app.enable('trust proxy')
|
||||||
|
@ -24,26 +24,29 @@ type SiteQuery {
|
|||||||
|
|
||||||
type SiteMutation {
|
type SiteMutation {
|
||||||
updateConfig(
|
updateConfig(
|
||||||
host: String!
|
host: String
|
||||||
title: String!
|
title: String
|
||||||
description: String!
|
description: String
|
||||||
robots: [String]!
|
robots: [String]
|
||||||
analyticsService: String!
|
analyticsService: String
|
||||||
analyticsId: String!
|
analyticsId: String
|
||||||
company: String!
|
company: String
|
||||||
contentLicense: String!
|
contentLicense: String
|
||||||
logoUrl: String!
|
logoUrl: String
|
||||||
featurePageRatings: Boolean!
|
featurePageRatings: Boolean
|
||||||
featurePageComments: Boolean!
|
featurePageComments: Boolean
|
||||||
featurePersonalWikis: Boolean!
|
featurePersonalWikis: Boolean
|
||||||
securityIframe: Boolean!
|
securityIframe: Boolean
|
||||||
securityReferrerPolicy: Boolean!
|
securityReferrerPolicy: Boolean
|
||||||
securityTrustProxy: Boolean!
|
securityTrustProxy: Boolean
|
||||||
securitySRI: Boolean!
|
securitySRI: Boolean
|
||||||
securityHSTS: Boolean!
|
securityHSTS: Boolean
|
||||||
securityHSTSDuration: Int!
|
securityHSTSDuration: Int
|
||||||
securityCSP: Boolean!
|
securityCSP: Boolean
|
||||||
securityCSPDirectives: String!
|
securityCSPDirectives: String
|
||||||
|
uploadMaxFileSize: Int
|
||||||
|
uploadMaxFiles: Int
|
||||||
|
|
||||||
): DefaultResponse @auth(requires: ["manage:system"])
|
): DefaultResponse @auth(requires: ["manage:system"])
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -72,4 +75,6 @@ type SiteConfig {
|
|||||||
securityHSTSDuration: Int!
|
securityHSTSDuration: Int!
|
||||||
securityCSP: Boolean!
|
securityCSP: Boolean!
|
||||||
securityCSPDirectives: String!
|
securityCSPDirectives: String!
|
||||||
|
uploadMaxFileSize: Int!
|
||||||
|
uploadMaxFiles: Int!
|
||||||
}
|
}
|
||||||
|
@ -186,6 +186,7 @@ module.exports = () => {
|
|||||||
'sessionSecret',
|
'sessionSecret',
|
||||||
'telemetry',
|
'telemetry',
|
||||||
'theming',
|
'theming',
|
||||||
|
'uploads',
|
||||||
'title'
|
'title'
|
||||||
], false)
|
], false)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user