Commit Graph

794 Commits

Author SHA1 Message Date
Higor Tavares
06c372d53f
fix: foreign key constraint when page have comments (#2199)
* Solving foreing key contraint when page have comments

* Update pages.js

remove indentation changes

Co-authored-by: Higor Tavares <paulo.freire@dellead.com>
2020-07-29 19:39:47 -04:00
NGPixel
26af63a80b fix: login input hints 2020-07-20 00:22:29 -04:00
NGPixel
4cd6fe8a56 fix: unauthorized admin should receive 403 code 2020-07-19 15:30:29 -04:00
NGPixel
4f16dd0c81 fix: admin permissions + restrict nav settings 2020-07-19 15:26:51 -04:00
NGPixel
10f17c5712 feat: redirect on login based on group 2020-07-19 15:13:35 -04:00
NGPixel
be499e5795 fix: auth strategy dependent username label 2020-07-19 13:20:43 -04:00
NGPixel
52d0af19b4 feat: diagram rendering + post-processor (wip) 2020-07-12 15:58:45 -04:00
Regev Brody
b2ff064d34
fix: stream assets from storage local locations (#2087) 2020-07-12 12:19:01 -04:00
NGPixel
57f5cbd5b6 misc: knex update for mssql constraint bug 2020-07-11 16:53:18 -04:00
NGPixel
1ced9649c7 feat: enforce 2fa admin setting + hide local on login screen 2020-07-05 23:55:11 -04:00
NGPixel
b2f292cc39 fix: MSSQL migration 2.5.1 2020-07-05 15:59:02 -04:00
NGPixel
31661b2cb3 fix: token renewal date 2020-07-05 14:16:16 -04:00
NGPixel
b475795595 feat: login bg + bypass + hide local option 2020-07-05 01:36:02 -04:00
NGPixel
5282a82afe fix: wait for sideload locales before server start (#1248) 2020-07-04 17:01:35 -04:00
Nicolas Giard
c009cc1392
feat: new login experience (#2139)
* feat: multiple auth instances

* fix: auth setup + strategy initialization

* feat: admin auth - add strategy

* feat: redirect on login - group setting

* feat: oauth2 generic - props definitions

* feat: new login UI (wip)

* feat: new login UI (wip)

* feat: admin security login settings

* feat: tabset editor indicators + print view improvements

* fix: code styling
2020-07-03 19:36:33 -04:00
Regev Brody
1c4829f70f
fix: tags filtered by access (#2100) 2020-07-03 17:49:54 -04:00
Regev Brody
41327dd1e8
feat: support MultiMarkdown tables (#2126) 2020-07-03 17:46:07 -04:00
TakeruDMC
cf3a48a6fa
fix: "undefined" error on deletePage by git storage (#2132) 2020-07-03 17:44:42 -04:00
Seyed Sajad Kahani
3c5352fb53
fix: change reconnectLink behavior for page move (#1991) 2020-06-28 21:08:17 -04:00
Maho Hiyajo
ea3962d143
fix: change discord module ‘discordapp.com’ to ‘discord.com’ (#2117) 2020-06-27 17:01:00 -04:00
Nicolas Giard
2409b286da
fix: matomo module siteId 2020-06-26 15:34:53 -04:00
NGPixel
1c18f3a4c2 fix: revoke typo 2020-06-25 23:48:16 -04:00
NGPixel
98f21b9f6a fix: revalidate tokens created prior to server startup 2020-06-25 22:04:21 -04:00
NGPixel
92b29d1f06 fix: check revalidation timestamp 2020-06-25 19:25:08 -04:00
NGPixel
c37b0ad1d7 fix: remove console log from authenticate func 2020-06-25 00:04:08 -04:00
NGPixel
a25431bcf8 fix: token revocation incorrect TTL 2020-06-25 00:02:39 -04:00
NGPixel
a690e5597f fix: revocation token list for users + groups 2020-06-24 23:57:35 -04:00
Regev Brody
33a9d5774c
fix: GraphQL error with MySQL and FULL OUTER JOIN (#2104)
* fix: GraphQL error with MySQL and FULL OUTER JOIN #2071
2020-06-24 18:51:21 -04:00
Regev Brody
6ef7b0f130
fix: deactivated users can still refresh their token (#2105) 2020-06-24 18:15:36 -04:00
Regev Brody
4bc284b06e
fix: page schema validation for extra field (#2097) 2020-06-23 18:26:29 -04:00
NGPixel
4cb7f33dcf feat: visual editor code + sub/sup + table props 2020-06-21 14:47:11 -04:00
NGPixel
4855051d87 feat: page published state + comments localization 2020-06-20 22:08:59 -04:00
NGPixel
83b83a7510 feat: page css + scripts 2020-06-20 16:39:36 -04:00
NGPixel
53ddb50b51 feat: save page scripts + styles 2020-06-20 01:11:05 -04:00
NGPixel
718c14dd74 feat: editor props scripts + styles code editor 2020-06-19 21:00:44 -04:00
Regev Brody
0a16929a57
fix: editing buttons showing up even if no action is allowed (#2043)
* feat: Edit / Page Create Buttons showing up even if no action is allowed #1780
2020-06-19 18:54:05 -04:00
NGPixel
b723d7d626 fix: markdown core props + styles/scripts permissions 2020-06-18 22:49:26 -04:00
Regev Brody
77086a6e0a
feat: optional kroki/plantuml svg caching (#2047)
* feat: Caching kroki svgs #2020
2020-06-18 18:39:25 -04:00
Regev Brody
e03a80dccc
feat: underline markdown support (#2073)
* fix: no markdown support for underline #2072
2020-06-18 18:37:24 -04:00
Regev Brody
0e6340f51e
fix: use config value for tokenRenewal expiration (#2042)
* fix: tokenRenewal seems to be hard coded #1540
2020-06-18 13:08:57 -04:00
jonasjoest
3b055f2ed5
fix: use first email address when retrieving multiple from LDAP (#2051)
Signed-off-by: Jonas Jöst <jonas@gpplanet.de>
2020-06-16 00:11:38 -04:00
Nicolas Giard
9e08718ee9
Merge pull request from GHSA-9jgg-4xj2-vjjj 2020-06-13 21:43:21 -04:00
Regev Brody
4ffd1325bd
fix: sidebar is empty when the jwt token is expired (#2037) 2020-06-10 09:11:14 -04:00
Regev Brody
037822b994
fix: secure html module removes target attribute from links (#2012) 2020-06-07 19:23:33 -04:00
NGPixel
ca0708ea75 feat: extra options for generic S3 module 2020-06-07 18:28:16 -04:00
NGPixel
e45145986a feat: generic S3 module 2020-06-07 18:08:33 -04:00
Regev Brody
a508a27475
fix: validate permissions when listing assets (#1928)
* fix: assets permission issues #1926
2020-06-07 16:58:12 -04:00
NGPixel
65f71d8e3b fix: strip starting slash from path during page create 2020-06-05 14:52:36 -04:00
NGPixel
deacd80c45 fix: dashboard invalid version on load 2020-06-05 14:46:54 -04:00
NGPixel
c2a0773633 fix: site config host slice 2020-06-04 00:33:27 -04:00
NGPixel
2013ee4fa2 fix: failed auth strategy prevent local auth from initializing 2020-06-01 21:20:21 -04:00
NGPixel
3891816758 fix: setup assets location + mysql migration 2.4.13 2020-05-31 22:39:45 -04:00
NGPixel
7a946ec0f5 feat: edit comment 2020-05-31 18:15:15 -04:00
NGPixel
e74605501f feat: comments post min delay 2020-05-31 15:54:20 -04:00
NGPixel
8a74904731 feat: comments delete + refresh on post + formatting 2020-05-31 02:13:41 -04:00
NGPixel
83f7c2867d fix: admin security UI 2020-05-30 16:42:48 -04:00
NGPixel
1f9e5b3fd0 feat: delete user with replace target 2020-05-30 16:34:09 -04:00
daneallen
20e6bc1a70
fix: Open Redirect Vulnerability Mitigation - CWE 601 (#1963)
* Open redirect vulnerabilty mitigation

* Refacted Open Redirect to user configurable and corrected incorrect security variable names.

Co-authored-by: danallendds <daniel.allen@friends.dds.mil>
2020-05-29 18:24:20 -04:00
NGPixel
1222355046 feat: comments - default provider create (wip) + permissions 2020-05-26 22:56:24 -04:00
NGPixel
8205faca53 feat: use asar for twemoji assets 2020-05-24 18:02:05 -04:00
NGPixel
a0618ee4f6 feat: comments UI improvements 2020-05-23 18:49:10 -04:00
Regev Brody
8a1b5b1383
fix: S3 Export all trigger (#1922) 2020-05-22 13:20:47 -04:00
NGPixel
6b561623ee fix: incorrect migration name 2.4.14 2020-05-21 00:20:57 -04:00
NGPixel
df246af3bb fix: remove makefile + update nvmrc version 2020-05-21 00:20:57 -04:00
NGPixel
e1382771cf feat: extensions check + resolver 2020-05-21 00:20:57 -04:00
NGPixel
fb6c01c538 fix: legacy page view 2020-05-21 00:20:57 -04:00
NGPixel
887e8a0f5a feat: comments disqus + commento 2020-05-21 00:20:57 -04:00
NGPixel
f6bad765a2 feat: assets move + comments migration + admin users UI 2020-05-21 00:20:57 -04:00
NGPixel
1def5289af feat: admin comments page 2020-05-21 00:20:57 -04:00
Robert Lanyi
a581d9837a feat: add Kroki renderer (#1900)
* feat: Kroki integration

see https://kroki.io/

* fix: markdown-kroki def updates

Co-authored-by: Nicolas Giard <github@ngpixel.com>
2020-05-17 18:41:29 -04:00
Simon Lichtinghagen
764d98fa1d
fix: use fullname from keycloak profile info with username as fallback (#1888) 2020-05-15 13:28:55 -04:00
kaziu687
66e725f426
fix: elasticsearch partial match (#1882)
Improved full text search in elastic provider
2020-05-13 19:32:28 -04:00
NGPixel
1a33a43a0d fix: use semver for latest version check 2020-05-11 00:09:10 -04:00
NGPixel
7508d92f92 feat: redirect editor UI (wip) 2020-05-10 18:43:45 -04:00
NGPixel
134f057bb8 feat: uploads config + security admin page 2020-05-10 15:55:28 -04:00
NGPixel
53da387082 feat: plantuml in markdown preview 2020-05-08 22:51:32 -04:00
NGPixel
cc9f022051 fix: nav external blank option 2020-05-08 18:48:07 -04:00
NGPixel
98bf0d9ccb fix: escape mustache template chars in content 2020-05-08 17:00:02 -04:00
NGPixel
2ff0e42c1d fix: add verifySSL option to mail settings 2020-05-08 14:35:57 -04:00
NGPixel
6a4b25bc28 fix: plantuml deflate raw 2020-05-08 14:15:19 -04:00
daneallen
4aa7828a92
fix: add rel option to external links in content (#1853)
* #1853: XSS attack fix by adding rel noferrer or rel noopen to _blank target external links

* fix: relAttributeExternalLink noopener

Co-authored-by: danallendds <daniel.allen@friends.dds.mil>
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2020-05-07 16:45:11 -04:00
NGPixel
d2b99a2032 feat: timezone + dateFOrmat + appearance profile settings 2020-05-03 00:38:02 -04:00
NGPixel
c81ba5a503 fix: markdown footnotes id incorrectly stripped 2020-05-02 15:13:58 -04:00
NGPixel
281172a9f4 feat: mathjax markdown module 2020-04-29 22:32:03 -04:00
NGPixel
954262f517 fix: tabs renderer remove switchTab handler 2020-04-26 21:18:51 -04:00
NGPixel
5d43f6ada1 feat: content tabs 2020-04-26 21:04:08 -04:00
NGPixel
bbe64ef6b6 feat: static navigation menu option 2020-04-25 17:45:59 -04:00
NGPixel
b2931471c0 fix: remove ssh port param for git module 2020-04-25 14:04:14 -04:00
NGPixel
89debd57f7 fix: path chars check typo 2020-04-25 02:58:00 -04:00
NGPixel
7306fabdba fix: auto-trim trailing slash from paths + illegal chars check during move 2020-04-24 20:39:07 -04:00
NGPixel
566043ec43 fix: perform git move manually to prevent bad source 2020-04-24 20:30:08 -04:00
NGPixel
bade9430f2 fix: storage internalSchedule typo 2020-04-24 00:37:50 -04:00
NGPixel
d1dd1f195b fix: ldap allow disable cert check + icon 2020-04-24 00:29:49 -04:00
NGPixel
ec2d10c7f2 fix: trim and auto-remove trailing slash for Site URL in Admin General 2020-04-24 00:17:10 -04:00
NGPixel
7c59bfed08 fix: browse tree ancestors not converted in mariadb 2020-04-24 00:07:27 -04:00
GaliTW
ac11cd2cdd
fix: move page with wrong object key (#1757) 2020-04-22 11:08:46 -04:00
NGPixel
4308152a08 fix: uriencode git user/pass for http remote 2020-04-21 23:35:49 -04:00
NGPixel
dae64f00a0 fix: brute-knex refactor 2020-04-21 23:16:13 -04:00
NGPixel
2213ba2c81 fix: git custom ssh port not handled 2020-04-21 19:45:25 -04:00
NGPixel
02816b68d0 fix: db inline CA cert reconstruct 2020-04-20 22:00:59 -04:00