Higor Tavares
06c372d53f
fix: foreign key constraint when page have comments ( #2199 )
...
* Solving foreing key contraint when page have comments
* Update pages.js
remove indentation changes
Co-authored-by: Higor Tavares <paulo.freire@dellead.com>
2020-07-29 19:39:47 -04:00
NGPixel
26af63a80b
fix: login input hints
2020-07-20 00:22:29 -04:00
NGPixel
4cd6fe8a56
fix: unauthorized admin should receive 403 code
2020-07-19 15:30:29 -04:00
NGPixel
4f16dd0c81
fix: admin permissions + restrict nav settings
2020-07-19 15:26:51 -04:00
NGPixel
10f17c5712
feat: redirect on login based on group
2020-07-19 15:13:35 -04:00
NGPixel
be499e5795
fix: auth strategy dependent username label
2020-07-19 13:20:43 -04:00
NGPixel
52d0af19b4
feat: diagram rendering + post-processor (wip)
2020-07-12 15:58:45 -04:00
Regev Brody
b2ff064d34
fix: stream assets from storage local locations ( #2087 )
2020-07-12 12:19:01 -04:00
NGPixel
57f5cbd5b6
misc: knex update for mssql constraint bug
2020-07-11 16:53:18 -04:00
NGPixel
1ced9649c7
feat: enforce 2fa admin setting + hide local on login screen
2020-07-05 23:55:11 -04:00
NGPixel
b2f292cc39
fix: MSSQL migration 2.5.1
2020-07-05 15:59:02 -04:00
NGPixel
31661b2cb3
fix: token renewal date
2020-07-05 14:16:16 -04:00
NGPixel
b475795595
feat: login bg + bypass + hide local option
2020-07-05 01:36:02 -04:00
NGPixel
5282a82afe
fix: wait for sideload locales before server start ( #1248 )
2020-07-04 17:01:35 -04:00
Nicolas Giard
c009cc1392
feat: new login experience ( #2139 )
...
* feat: multiple auth instances
* fix: auth setup + strategy initialization
* feat: admin auth - add strategy
* feat: redirect on login - group setting
* feat: oauth2 generic - props definitions
* feat: new login UI (wip)
* feat: new login UI (wip)
* feat: admin security login settings
* feat: tabset editor indicators + print view improvements
* fix: code styling
2020-07-03 19:36:33 -04:00
Regev Brody
1c4829f70f
fix: tags filtered by access ( #2100 )
2020-07-03 17:49:54 -04:00
Regev Brody
41327dd1e8
feat: support MultiMarkdown tables ( #2126 )
2020-07-03 17:46:07 -04:00
TakeruDMC
cf3a48a6fa
fix: "undefined" error on deletePage by git storage ( #2132 )
2020-07-03 17:44:42 -04:00
Seyed Sajad Kahani
3c5352fb53
fix: change reconnectLink behavior for page move ( #1991 )
2020-06-28 21:08:17 -04:00
Maho Hiyajo
ea3962d143
fix: change discord module ‘discordapp.com’ to ‘discord.com’ ( #2117 )
2020-06-27 17:01:00 -04:00
Nicolas Giard
2409b286da
fix: matomo module siteId
2020-06-26 15:34:53 -04:00
NGPixel
1c18f3a4c2
fix: revoke typo
2020-06-25 23:48:16 -04:00
NGPixel
98f21b9f6a
fix: revalidate tokens created prior to server startup
2020-06-25 22:04:21 -04:00
NGPixel
92b29d1f06
fix: check revalidation timestamp
2020-06-25 19:25:08 -04:00
NGPixel
c37b0ad1d7
fix: remove console log from authenticate func
2020-06-25 00:04:08 -04:00
NGPixel
a25431bcf8
fix: token revocation incorrect TTL
2020-06-25 00:02:39 -04:00
NGPixel
a690e5597f
fix: revocation token list for users + groups
2020-06-24 23:57:35 -04:00
Regev Brody
33a9d5774c
fix: GraphQL error with MySQL and FULL OUTER JOIN ( #2104 )
...
* fix: GraphQL error with MySQL and FULL OUTER JOIN #2071
2020-06-24 18:51:21 -04:00
Regev Brody
6ef7b0f130
fix: deactivated users can still refresh their token ( #2105 )
2020-06-24 18:15:36 -04:00
Regev Brody
4bc284b06e
fix: page schema validation for extra field ( #2097 )
2020-06-23 18:26:29 -04:00
NGPixel
4cb7f33dcf
feat: visual editor code + sub/sup + table props
2020-06-21 14:47:11 -04:00
NGPixel
4855051d87
feat: page published state + comments localization
2020-06-20 22:08:59 -04:00
NGPixel
83b83a7510
feat: page css + scripts
2020-06-20 16:39:36 -04:00
NGPixel
53ddb50b51
feat: save page scripts + styles
2020-06-20 01:11:05 -04:00
NGPixel
718c14dd74
feat: editor props scripts + styles code editor
2020-06-19 21:00:44 -04:00
Regev Brody
0a16929a57
fix: editing buttons showing up even if no action is allowed ( #2043 )
...
* feat: Edit / Page Create Buttons showing up even if no action is allowed #1780
2020-06-19 18:54:05 -04:00
NGPixel
b723d7d626
fix: markdown core props + styles/scripts permissions
2020-06-18 22:49:26 -04:00
Regev Brody
77086a6e0a
feat: optional kroki/plantuml svg caching ( #2047 )
...
* feat: Caching kroki svgs #2020
2020-06-18 18:39:25 -04:00
Regev Brody
e03a80dccc
feat: underline markdown support ( #2073 )
...
* fix: no markdown support for underline #2072
2020-06-18 18:37:24 -04:00
Regev Brody
0e6340f51e
fix: use config value for tokenRenewal expiration ( #2042 )
...
* fix: tokenRenewal seems to be hard coded #1540
2020-06-18 13:08:57 -04:00
jonasjoest
3b055f2ed5
fix: use first email address when retrieving multiple from LDAP ( #2051 )
...
Signed-off-by: Jonas Jöst <jonas@gpplanet.de>
2020-06-16 00:11:38 -04:00
Nicolas Giard
9e08718ee9
Merge pull request from GHSA-9jgg-4xj2-vjjj
2020-06-13 21:43:21 -04:00
Regev Brody
4ffd1325bd
fix: sidebar is empty when the jwt token is expired ( #2037 )
2020-06-10 09:11:14 -04:00
Regev Brody
037822b994
fix: secure html module removes target attribute from links ( #2012 )
2020-06-07 19:23:33 -04:00
NGPixel
ca0708ea75
feat: extra options for generic S3 module
2020-06-07 18:28:16 -04:00
NGPixel
e45145986a
feat: generic S3 module
2020-06-07 18:08:33 -04:00
Regev Brody
a508a27475
fix: validate permissions when listing assets ( #1928 )
...
* fix: assets permission issues #1926
2020-06-07 16:58:12 -04:00
NGPixel
65f71d8e3b
fix: strip starting slash from path during page create
2020-06-05 14:52:36 -04:00
NGPixel
deacd80c45
fix: dashboard invalid version on load
2020-06-05 14:46:54 -04:00
NGPixel
c2a0773633
fix: site config host slice
2020-06-04 00:33:27 -04:00
NGPixel
2013ee4fa2
fix: failed auth strategy prevent local auth from initializing
2020-06-01 21:20:21 -04:00
NGPixel
3891816758
fix: setup assets location + mysql migration 2.4.13
2020-05-31 22:39:45 -04:00
NGPixel
7a946ec0f5
feat: edit comment
2020-05-31 18:15:15 -04:00
NGPixel
e74605501f
feat: comments post min delay
2020-05-31 15:54:20 -04:00
NGPixel
8a74904731
feat: comments delete + refresh on post + formatting
2020-05-31 02:13:41 -04:00
NGPixel
83f7c2867d
fix: admin security UI
2020-05-30 16:42:48 -04:00
NGPixel
1f9e5b3fd0
feat: delete user with replace target
2020-05-30 16:34:09 -04:00
daneallen
20e6bc1a70
fix: Open Redirect Vulnerability Mitigation - CWE 601 ( #1963 )
...
* Open redirect vulnerabilty mitigation
* Refacted Open Redirect to user configurable and corrected incorrect security variable names.
Co-authored-by: danallendds <daniel.allen@friends.dds.mil>
2020-05-29 18:24:20 -04:00
NGPixel
1222355046
feat: comments - default provider create (wip) + permissions
2020-05-26 22:56:24 -04:00
NGPixel
8205faca53
feat: use asar for twemoji assets
2020-05-24 18:02:05 -04:00
NGPixel
a0618ee4f6
feat: comments UI improvements
2020-05-23 18:49:10 -04:00
Regev Brody
8a1b5b1383
fix: S3 Export all trigger ( #1922 )
2020-05-22 13:20:47 -04:00
NGPixel
6b561623ee
fix: incorrect migration name 2.4.14
2020-05-21 00:20:57 -04:00
NGPixel
df246af3bb
fix: remove makefile + update nvmrc version
2020-05-21 00:20:57 -04:00
NGPixel
e1382771cf
feat: extensions check + resolver
2020-05-21 00:20:57 -04:00
NGPixel
fb6c01c538
fix: legacy page view
2020-05-21 00:20:57 -04:00
NGPixel
887e8a0f5a
feat: comments disqus + commento
2020-05-21 00:20:57 -04:00
NGPixel
f6bad765a2
feat: assets move + comments migration + admin users UI
2020-05-21 00:20:57 -04:00
NGPixel
1def5289af
feat: admin comments page
2020-05-21 00:20:57 -04:00
Robert Lanyi
a581d9837a
feat: add Kroki renderer ( #1900 )
...
* feat: Kroki integration
see https://kroki.io/
* fix: markdown-kroki def updates
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2020-05-17 18:41:29 -04:00
Simon Lichtinghagen
764d98fa1d
fix: use fullname from keycloak profile info with username as fallback ( #1888 )
2020-05-15 13:28:55 -04:00
kaziu687
66e725f426
fix: elasticsearch partial match ( #1882 )
...
Improved full text search in elastic provider
2020-05-13 19:32:28 -04:00
NGPixel
1a33a43a0d
fix: use semver for latest version check
2020-05-11 00:09:10 -04:00
NGPixel
7508d92f92
feat: redirect editor UI (wip)
2020-05-10 18:43:45 -04:00
NGPixel
134f057bb8
feat: uploads config + security admin page
2020-05-10 15:55:28 -04:00
NGPixel
53da387082
feat: plantuml in markdown preview
2020-05-08 22:51:32 -04:00
NGPixel
cc9f022051
fix: nav external blank option
2020-05-08 18:48:07 -04:00
NGPixel
98bf0d9ccb
fix: escape mustache template chars in content
2020-05-08 17:00:02 -04:00
NGPixel
2ff0e42c1d
fix: add verifySSL option to mail settings
2020-05-08 14:35:57 -04:00
NGPixel
6a4b25bc28
fix: plantuml deflate raw
2020-05-08 14:15:19 -04:00
daneallen
4aa7828a92
fix: add rel option to external links in content ( #1853 )
...
* #1853 : XSS attack fix by adding rel noferrer or rel noopen to _blank target external links
* fix: relAttributeExternalLink noopener
Co-authored-by: danallendds <daniel.allen@friends.dds.mil>
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2020-05-07 16:45:11 -04:00
NGPixel
d2b99a2032
feat: timezone + dateFOrmat + appearance profile settings
2020-05-03 00:38:02 -04:00
NGPixel
c81ba5a503
fix: markdown footnotes id incorrectly stripped
2020-05-02 15:13:58 -04:00
NGPixel
281172a9f4
feat: mathjax markdown module
2020-04-29 22:32:03 -04:00
NGPixel
954262f517
fix: tabs renderer remove switchTab handler
2020-04-26 21:18:51 -04:00
NGPixel
5d43f6ada1
feat: content tabs
2020-04-26 21:04:08 -04:00
NGPixel
bbe64ef6b6
feat: static navigation menu option
2020-04-25 17:45:59 -04:00
NGPixel
b2931471c0
fix: remove ssh port param for git module
2020-04-25 14:04:14 -04:00
NGPixel
89debd57f7
fix: path chars check typo
2020-04-25 02:58:00 -04:00
NGPixel
7306fabdba
fix: auto-trim trailing slash from paths + illegal chars check during move
2020-04-24 20:39:07 -04:00
NGPixel
566043ec43
fix: perform git move manually to prevent bad source
2020-04-24 20:30:08 -04:00
NGPixel
bade9430f2
fix: storage internalSchedule typo
2020-04-24 00:37:50 -04:00
NGPixel
d1dd1f195b
fix: ldap allow disable cert check + icon
2020-04-24 00:29:49 -04:00
NGPixel
ec2d10c7f2
fix: trim and auto-remove trailing slash for Site URL in Admin General
2020-04-24 00:17:10 -04:00
NGPixel
7c59bfed08
fix: browse tree ancestors not converted in mariadb
2020-04-24 00:07:27 -04:00
GaliTW
ac11cd2cdd
fix: move page with wrong object key ( #1757 )
2020-04-22 11:08:46 -04:00
NGPixel
4308152a08
fix: uriencode git user/pass for http remote
2020-04-21 23:35:49 -04:00
NGPixel
dae64f00a0
fix: brute-knex refactor
2020-04-21 23:16:13 -04:00
NGPixel
2213ba2c81
fix: git custom ssh port not handled
2020-04-21 19:45:25 -04:00
NGPixel
02816b68d0
fix: db inline CA cert reconstruct
2020-04-20 22:00:59 -04:00