Commit Graph

920 Commits

Author SHA1 Message Date
El Gato da Great
e3d94f7177
fix: don't push files to git if ignored (#5334)
* fix: don't push files to git if ignored

* tweak: change gitPath var to gitFilePath

* fix: "update" instead of "create" of updated file

Co-authored-by: Jacob Parker <blocckba5her@gmail.com>
Co-authored-by: DevBlocky <16978528+DevBlocky@users.noreply.github.com>
2022-05-26 20:42:14 -04:00
Nicolas Giard
cd33ff0afb
feat(admin): export tool for full migration / backup (#5294)
* feat: export content utility (wip)

* feat: export navigation + groups + users

* feat: export comments + navigation + pages + pages history + settings

* feat: export assets
2022-05-16 01:13:42 -04:00
Nicolas Giard
a37d733523
fix(auth): update SAML authnContext hint text for multiple values 2022-05-14 21:24:14 -04:00
Maximilian Bosch
b345375477
fix(auth): SAML authnContext parameter should be an array (#5290)
* saml auth: `authnContext` must be a list now

This fixes

    this.options.authnContext.forEach is not a function

when trying to login via SAML on wiki-js 2.5.281.

Reason for that is that `authnContext` must be a list now which is
apparently a breaking change that was missed while upgrading
passport-saml[1].

Resolves #5289

[1] https://github.com/node-saml/passport-saml/pull/615

* fix(auth): split authnContext for SAML authenticaiton module

Co-authored-by: Nicolas Giard <github@ngpixel.com>
2022-05-14 21:17:17 -04:00
Erik Bigler
9b40d60261
fix: update to working twitch passport strategy (#5279) 2022-05-13 16:20:09 -04:00
Nicolas Giard
d9076c4ee9
fix: typo in saml auth module 2022-05-09 21:51:40 -04:00
myml
b3731dd26e
fix: handle unicode chars when syncing files using git storage (#5272)
git has the quotopath option enabled by default,
filepaths with unicode characters will be escaped,
causing the wiki to not handle changes.
2022-05-09 21:39:08 -04:00
NGPixel
78d02dc8e5
fix: prevent manage system assignment from manage groups permission 2022-05-09 21:36:13 -04:00
Nicolas Giard
8205c1f243
fix: update saml strategy to use new config options 2022-05-02 00:18:19 -04:00
NGPixel
2cb7b9fb4e
fix: update passport-saml dependency + set cert as required 2022-05-01 18:54:31 -04:00
myml
559b8ae8cf
fix: undefined author in git commit when deleting a page (#5215) 2022-04-30 23:26:06 -04:00
Nicolas Giard
485aa765d0
fix: add sfo3 to digitalocean spaces module 2022-04-29 21:38:39 -04:00
NGPixel
13890a92ab
fix: default comment provider not displaying 2022-04-29 19:36:47 -04:00
Ivan Fedorov
3407ac8829
feat: add X-Mailer header to outgoing emails (#5238)
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2022-04-29 19:00:52 -04:00
Trisztán Piller
de151031ea
feat(auth): OAuth2 access_token in GET query string in userInfoURL (#5188) 2022-04-16 20:39:07 -04:00
Nicolas Giard
a647626a51
fix: external comments template using incorrect page variables 2022-04-14 22:09:45 -04:00
myml
74887baa86
feat(auth): OAuth2 scope support (#5181) 2022-04-12 00:14:02 -04:00
rajatchauhanyti
44b3fd1794
fix: admin - general settings not saving with empty value (#5165) 2022-04-09 02:42:16 -04:00
NGPixel
dc5d8ddeb2
fix: handle page metadata parse failure 2022-04-03 15:59:58 -04:00
NGPixel
05b4053954
fix: encode filenames for assets force download 2022-04-03 15:51:17 -04:00
NGPixel
a50712ea80
fix: handle links to same host but different port as external 2022-04-03 15:48:51 -04:00
Nicolas Giard
a652e43ab1
fix: handle multi social auth strategies 2022-03-25 21:17:04 -04:00
Manuel
1f489a3d8e
fix: handle multiple LDAP strategies (#5116) 2022-03-25 21:11:24 -04:00
Gabriel A. Devenyi
2c83472b63
fix(ldap): typo spelling of distinguished (#5066) 2022-03-01 11:54:06 -05:00
NGPixel
a3bf1f7916
fix: apply locale restrictions to page rules 2022-02-20 19:33:19 -05:00
NGPixel
411802ec2f
fix: check update page access using original page path 2022-02-20 18:46:03 -05:00
Nicolas Giard
3f5388d093
fix(logging): add default fallback for logFormat config 2022-02-18 19:57:15 -05:00
Marián Skrip
de6d4beef9
feat(config): add option to specify default value to env var expansion (#5020)
* feat: Add option to specify default value to env var expansion

* fix: remove unused capturing group for env var replacement

Co-authored-by: Nicolas Giard <github@ngpixel.com>
2022-02-18 19:56:02 -05:00
Marián Skrip
2815f38c52
feat(logging): add option to configure JSON logging (#5022)
* fix: Use logger for logs using console logging

* feat: Add option to configure JSON logging

* fix: use generic logFormat instead of json specific

* fix: use logFormat for docker config

* fix: use logFormat to build winston formatters

Co-authored-by: Nicolas Giard <github@ngpixel.com>
2022-02-18 19:48:22 -05:00
Marián Skrip
69e9ccc636
fix: remove wild log that was possibly for debugging (#5021) 2022-02-18 19:10:13 -05:00
NGPixel
afafb4f4e0
fix: md task list - use same config as client 2022-02-12 17:28:34 -05:00
matthgyver
7988fa62ca
fix: use body parser limit config with fallback value (#4985)
* permit bodyParserLimitSize configuration

set bodyParserLimitSize by default to 1mb
permit modifications by environment variable

* fix: use bodyparserlimit config with fallback default

Co-authored-by: Nicolas Giard <github@ngpixel.com>
2022-02-11 23:42:28 -05:00
Nicolas Giard
8e3af9ac15
feat: use config value for json body parser limit 2022-02-11 23:38:34 -05:00
Nicolas Giard
7b14b39de0
fix: prevent upload bypass via uppercase path 2022-01-29 18:45:51 -05:00
NGPixel
a04f7bd650
fix: force uploads to use auth headers instead of cookie 2022-01-22 19:52:59 -05:00
NGPixel
92fe9d3e31
fix: view source of page version crash (#3297) 2022-01-10 17:20:13 -05:00
NGPixel
e84c15b926
fix: scanSVG incorrect ext reference (#4825) 2021-12-26 17:30:18 -05:00
cybrwshl
802dbd96c3
feat: extends plausible analytics to support self hosted installations (#4824) 2021-12-26 00:17:57 -05:00
NGPixel
79bdd44093
fix: force download of unsafe extensions 2021-12-24 20:18:12 -05:00
NGPixel
57b56d3a5b
fix: validate svg file extension in addition to client mime type 2021-12-24 19:36:30 -05:00
NGPixel
5d3e81496f
fix: sanitize SVG uploads 2021-12-17 21:41:38 -05:00
NGPixel
5173c4802e
fix: use replace instead of replaceAll to support pre-Node16 2021-12-06 14:01:26 -05:00
NGPixel
414033de9d
fix: asset path traversal on windows 2021-12-03 22:30:22 -05:00
Nicolas Giard
87fcfca6d7 feat: add Plausible Analytics module 2021-10-28 22:30:28 -04:00
NGPixel
5911867b21
fix: various OAuth2 fixes 2021-10-15 22:36:30 -04:00
Artur Shaik
87084c66b0
feat: Generic OAuth2 authentication implementation (#3094)
* OAuth2 authentication implementation

This PR shoul fix #2392. Used `passport-oauth2` strategy.

* indentations cleanup

* cleanup code
2021-10-15 22:25:15 -04:00
broxen
12aef93cd6
fix: remove excess div wrappers (#4528)
* Removing superfluous div wrapping

It seems like standalone text is already wrapped in paragraph elements, so this code seems superfluous. Additionally, it adds div wrappers at every line break as described in #4524

* Fix for newlines and returns

This change skips newlines and returns to focus on unbounded text only.

* misc: fix indentation

* misc: fix indentation (2)

Co-authored-by: Nicolas Giard <github@ngpixel.com>
2021-10-09 14:09:54 -04:00
mordini
d93bd1ad5a
fix: git storage - 'import everything' feature restored (#4559) (#4572) 2021-10-09 13:59:47 -04:00
broxen
db73b650c9
fix: issue with Custom Header IDs (#4527)
Fix the issue described in discussion #3502 regarding header links and TOC failing to properly generate when header ID is custom defined.
2021-10-01 20:22:55 -04:00
Beh
ed3925b1c5
fix: use first email address in Rocket.Chat auth response (#3122) 2021-09-29 20:42:48 -04:00
craph
3814eef922
fix: admin email setup toLowerCase (#4516) 2021-09-29 20:41:04 -04:00
Frederic Alix
8d1f752620
feat: add possibility to set PostgreSQL schema other than public (#4161) 2021-09-24 22:56:44 -04:00
Paul Saunders
66bf914725
fix: scheduled git sync task (#4481)
Signed-off-by: Paul Saunders <paul.saunders@finbourne.com>

Co-authored-by: Rainshaw <rxg@live.com>
2021-09-24 22:51:56 -04:00
Rainshaw
1dc974245f
fix: sftp error when dir already exists (#4024)
when the dir exists, sftp.mkdir() would raise an error and ends the for loop.
2021-09-14 20:14:32 -04:00
Andrew Yefanov
94aab69ba8
fix: add beacon and error beacon newrelic parameters for eu region support (#4421)
* add beacon and error beacon newrelic parameters for eu region support
* add default NewRelic beacon URIs
2021-09-14 20:11:57 -04:00
NGPixel
d5a5820c2f fix: remove unused middleware 2021-09-11 21:02:53 -04:00
Eric Knibbe
c5a45e578e
fix: git storage - handle renamed files & assets (#4307) 2021-09-01 12:11:33 -04:00
Étienne
9864be884d
fix: replace passport-slack implementation (#4369)
This commit replaces the observably defunct @aoberoi/passport-slack
implementation with that of nmaves's passport-slack-oauth2
2021-09-01 12:07:34 -04:00
Denis
ee8006892e
feat: add support of hd auth parameter to work with G Suite domains (#4010)
* Add support of hd google auth parameter - to work with G Suite domains

* Style-fix

* fix: google auth hostedDomain hint

Co-authored-by: Nicolas Giard <github@ngpixel.com>
2021-05-24 18:04:11 -04:00
opalmay
9081232e7c
fix: disallow # char in file uploads (#3770) 2021-05-20 15:16:26 -04:00
LK HO
a103127545
fix: graceful shutdown (#3821)
* fix: missing graceful shutdown handler

* fix: asar - use async fs operation

* fix: scheduler - graceful shutdown and wait for running jobs to complete
2021-04-12 11:45:33 -04:00
LK HO
71aa0c9346
fix: jobs/worker - pass through job error from worker process (#3822) 2021-04-12 11:41:36 -04:00
LK HO
a20f70ed8d
fix: rendering/html-core - null checks (#3823) 2021-04-12 11:39:35 -04:00
NGPixel
f55caab359 fix: convert page - handle tabsets 2021-04-02 17:30:04 -04:00
NGPixel
84b927915e fix: convert page - task list + UI fixes 2021-04-02 15:15:35 -04:00
NGPixel
26f1c0f372 feat: convert page 2021-04-02 00:39:11 -04:00
NGPixel
d75c5532d1 fix: handle raw mustache expressions over multiple lines 2021-03-25 23:50:59 -04:00
NGPixel
c57c9d9018 fix: disable cors 2021-03-25 21:21:03 -04:00
Max
033b8e6b21
fix: S3 copyObject usage - Missing bucket name (#3745)
* Fix copyObject usage: supply bucket name

* No semicolon

* Assign empty string on initialization

* Remove empty line
2021-03-23 11:14:29 -04:00
PaulD987
3f001dca2c
fix: loginRedirect doesn't work for non local strategies (#3222) 2021-03-18 21:56:59 -04:00
pylr
e87d511978
fix: HSTS header max-age value (#3225) 2021-03-18 21:53:55 -04:00
NGPixel
5ffa189383 fix: add v-pre to pre tags at render time 2021-03-11 19:23:24 -05:00
Thomas Nilefalk
919d7c12a1
fix: syntax error in rebuild-tree.js (#3048) 2021-02-08 11:26:55 -05:00
Paul
806e4e8f11
fix: get syncInterval from model instead of module data (#3003) 2021-02-01 17:45:34 -05:00
Kevyn Bruyere
b106018029
fix: LDAP - avoid reading empty tls cert file (#2980)
Co-authored-by: Kevyn Bruyere <kevyn@inovasi.fr>
2021-01-31 01:03:24 -05:00
scienceasdf
4b80bab88e
fix: rebuilding tree error when the page number is large enough in sqlite (#2830)
When the total page number is large enough (usually about 80+), sqlite will throw error: "Too many variables". This commit reduces the chunk size for sqlite configuration.
2021-01-29 14:16:33 -05:00
Adrián Martínez Interactiv4
52304a8149
fix: update storage.js to match pageHelper.injectPageMetadata (#2832)
* Update storage.js to match pageHelper.injectPageMetadata

At pageHelper.injectPageMetadata references editorKey and tags to build metadata, but this data seems not to be supplied to this function, since page object is only built from specified columns.

As a result, tags are always empty when exporting pages, and editor key appears as undefined.

It happens also with git storage, but may happen with another storage providers.

I run into this issue running Wiki.js 2.5.170 with the following Docker stack:

CONTAINER ID        IMAGE                                   COMMAND                  CREATED             STATUS              PORTS                                         NAMES
39373979b693        requarks/wiki:2                         "docker-entrypoint.s…"   44 minutes ago      Up 9 minutes        0.0.0.0:80->3000/tcp, 0.0.0.0:443->3443/tcp   wiki
608de6278aaa        requarks/wiki-update-companion:latest   "dotnet wiki-update-…"   5 months ago        Up 6 hours          80/tcp                                        wiki-update-companion
12c7b35ba295        postgres:11                             "docker-entrypoint.s…"   5 months ago        Up 6 hours          5432/tcp                                      db

* Provide id to allow to query for tags

* Update git storage to provide editorKey and tags
2021-01-29 14:15:22 -05:00
drewblin
063251248c
fix: set autocommit for mysql (#2638)
If in server config mysql has autocommit = 0, then wikijs fails with locks like this:
```
2020-10-30T12:56:51.725Z [JOB] error: Rebuilding page tree: [ FAILED ]
2020-10-30T12:56:51.726Z [JOB] error: truncate `pageTree` - Lock wait timeout exceeded; try restarting transaction
```
2020-12-13 14:57:20 -05:00
scienceasdf
d7d00b44f6
fix: search engine broken when renaming or moving pages (#2815)
For building suggest in elasticsearch, the safeContent field will be splitted into arrays. If the page is renamed or moved, the server will throw error: "Cannot read property 'split' of Undefined", and the index will be broken. Here two lines are added to fix this issue.
2020-12-13 14:51:44 -05:00
scienceasdf
d89224405c
feat: set analyzer for elasticsearch (#2793)
* Feature: Custom configuration for elasticsearch

For better search results especially in Chinese, which the standard token analyzer may not work well.

* Set default analyzer in settings when building index

* Remove dangling comma
2020-12-08 21:41:45 -05:00
Eric Knibbe
d04e33eb6b
fix: use absolute URL for logo in email if path relative (#2628) 2020-11-11 11:39:16 -05:00
avioral
089b7850d9 fix: broken draw io diagram on rtl mode, improve elasticsearch config (#2647)
* - Modify elastic settings
- Add tags field to index
- Modify elastic search query
- Remove empty entities from build suggests list

* Fix map parser error

* - Fix broken drawio svg diagram (rtl issue)

* - Restore the spaces in objects to respect the project formatting rules.
- Omit explanation line
2020-11-02 11:59:34 -05:00
YAEGASHI Takeshi
a3513b1bdf
fix: enable passport-azure-ad workaround for SameSite cookies (#2567)
This adds cookieEncryptionKeyString configuration in the Azure AD
authentication module.  It represents an array of cookie encryption
strings and enables workaround for SameSite cookies.
2020-11-01 13:10:50 -05:00
Chris
a6bf2412d7
fix: superscript typo in module definition.yml (#2577)
Fix spelling of "superscript"
***NO_CI***
2020-11-01 13:08:04 -05:00
Nicolas Giard
04a1896811
fix: revert refactor in markdown-kroki and plantuml modules (#2619) 2020-10-25 23:26:55 -04:00
Jafar Akhondali
5ba36ee421
refactor: server code (#2545)
+ Remove duplicated await
+ Replace some legacy codes with ES6
+ Fix some of eslint problems
2020-10-14 11:16:27 -04:00
NGPixel
63c8a308ba fix: remove bugsnag + update deps 2020-10-03 17:30:56 -04:00
NGPixel
fe890979af fix: bypass auth redirect cookie when set to homepage 2020-10-03 17:11:34 -04:00
NGPixel
0fa5b9750d fix: handle missing extra field during page render 2020-10-03 16:50:51 -04:00
NGPixel
9762bdc2ce fix: set enableArithAbort explicit value for tedious driver 2020-10-03 16:46:30 -04:00
Mirko Iannella
31a18c8a67
fix: check for email array during processProfile (#2515)
In our setup (based on yunohost) the profile.email field could be either a string (and that was properly handled) or an array.
This code adds support for the case where it is an array.
2020-10-03 16:23:58 -04:00
Aaron
23e3403054
fix: update Matomo integration client code (#2526)
Signed-off-by: Aaron <admin@datahoarder.dev>
2020-10-03 16:22:02 -04:00
NGPixel
084dcd69d1 fix: strip directory traversal sequences from asset paths 2020-10-03 01:44:57 -04:00
NGPixel
b0f61d6605 feat: rocket.chat auth module 2020-09-20 20:15:51 -04:00
Иван
79c5b8fac2
fix: security html module removes allow attribute from iframes (#2354)
* fix: secure html module removes allowfullscreen, allow and frameborder attributes from iframes
* Apply suggestions from code review
fix: remove deprecated attributes for iframe in secure html module

Co-authored-by: Nicolas Giard <github@ngpixel.com>
2020-09-13 13:55:32 -04:00
Riccardo Re
660b78d9e2
fix: support permissions by tags for basic db search engine (#2416)
This code will allow the "search" component to correctly filter pages by usergroup permissions based on tags instead of paths

Co-authored-by: Riccardo Re <riccardo.re@clevermind.cloud>
2020-09-13 13:53:31 -04:00
NGPixel
1404d6343e fix: API key incorrectly forces token revalidation 2020-09-12 14:33:45 -04:00
NGPixel
8f6cba262f fix: draw.io svgs are no longer removed with linebreaks (#2415) 2020-09-12 14:05:24 -04:00
NGPixel
02c3c66084 fix: checkExclusiveAccess incorrectly includes root admin 2020-09-11 17:37:50 -04:00
NGPixel
7c0d6e2883 fix: prevent write:groups from self-promoting 2020-09-09 22:37:49 -04:00