liz/wikijs-fork
liz/wikijs-fork
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,987 Commits 1 Branch 0 Tags 31 MiB
acf89cbcc2
Commit Graph

874 Commits

Author SHA1 Message Date
NGPixel
1404d6343e fix: API key incorrectly forces token revalidation 2020-09-12 14:33:45 -04:00
NGPixel
8f6cba262f fix: draw.io svgs are no longer removed with linebreaks (#2415) 2020-09-12 14:05:24 -04:00
NGPixel
02c3c66084 fix: checkExclusiveAccess incorrectly includes root admin 2020-09-11 17:37:50 -04:00
NGPixel
7c0d6e2883 fix: prevent write:groups from self-promoting 2020-09-09 22:37:49 -04:00
NGPixel
f988c5f811 fix: logout URL endpoint option for oauth2 module 2020-09-09 20:20:55 -04:00
NGPixel
9009816290 fix: 2fa qr code - handle special chars in site title 2020-09-09 20:10:51 -04:00
NGPixel
aa96e97028 fix: force lowercase for email on local auth 2020-09-09 19:59:46 -04:00
NGPixel
5295e413be fix: bypass page rule check for global permission check + handle missing page extra field 2020-09-09 19:35:43 -04:00
Rus
68d31af7af
fix: discord auth module new URL. (#2390) 
Change "discordapp.com" to "discord.com"
 2020-09-07 20:04:19 -04:00
NGPixel
78417524b3 feat: ldap avatar support 2020-09-07 20:02:33 -04:00
NGPixel
794ecc6ef6 fix: new install local auth not enabled (#2375) 2020-09-07 14:49:02 -04:00
NGPixel
9f1ba0a32f fix: elastic apm rum client script 2020-09-06 16:57:45 -04:00
NGPixel
af054257bd fix: 2.5.108 migration (2) 2020-09-06 15:36:51 -04:00
NGPixel
0ce63c8ef7 fix: 2.5.108 migration 2020-09-06 15:21:06 -04:00
NGPixel
60f2a2a8d9 fix: migration error for new installs 2020-09-05 23:47:41 -04:00
NGPixel
ef739de970 feat: purge history utility 2020-09-05 23:32:00 -04:00
NGPixel
8490fc1267 feat: handle disabled auth strategies 2020-09-05 18:33:15 -04:00
NGPixel
17f8071abe fix: LDAP missing reqToCallback 2020-09-05 15:19:18 -04:00
NGPixel
062a0b7979 feat: logout by auth strategy + keycloak implementation 2020-09-01 20:01:39 -04:00
jaljo
cda1f1e805
feat: export creation date in dumped content (#2345) 
* Export creation date in dumped content

* date_creation -> dateCreated

Co-authored-by: Joris Langlois <joris.langlois@knplabs.com>
 2020-08-31 11:28:55 -04:00
NGPixel
ae733392f3 feat: password reset 2020-08-30 21:46:55 -04:00
NGPixel
4dcf664040 fix: handle removed auth strategies 2020-08-30 16:33:52 -04:00
NGPixel
e319355017 feat: enable/disable TFA per user 2020-08-30 14:18:22 -04:00
NGPixel
32d67adee1 feat: social login providers with dynamic instances 2020-08-30 01:36:37 -04:00
moonkey124
a7ddafd4aa
fix: incorrect error name for 1017 (#2331) 
Fixed a copy and paste mistake

***NO_CI***
 2020-08-29 21:25:22 -04:00
NGPixel
8c205b6950 fix: site title check + UI fixes + 2FA setup on account verify 2020-08-23 12:58:56 -04:00
NGPixel
f72530bf84 refactor: deps update + 2FA setup + verify 2020-08-22 19:37:49 -04:00
Dan Nicholson
d5d368cd33
feat: fix + enable OIDC auth method (#2282) 
* fix: pass userinfo URL in oidc strategy

The userinfo URL from the definition was not being provided to the
passport strategy, which resulted in a type error trying to resolve the
user's profile. Furthermore, the name of the defined URL was
inconsistent with all other authentication method URLs.

* fix: pass all necessary scopes to oidc auth method

When no scopes are provided, passport-openidconnect uses only `openid`,
which does not contain the username or email address. Include `profile`
and `email` to ensure the necessary claims are included.

* fix: update oidc method to call processProfile correctly

Now the profile object and providerKey are passed to processProfile. The
usernameClaim no longer has any use as the email address is the
username.

* fix: mark oidc authentication method as available
 2020-08-15 13:32:58 -04:00
Marks Polakovs
95b6a7ad82
fix: resolve tags on pages in GraphQL (#2247) 2020-08-09 20:04:44 -04:00
Seyed Sajad Kahani
15bca54bdf
fix: change language in edit, history and source pages (#2194) 
* change language in edit, history and source pages

* fix: remove unnecessary i18n locale switch for download page

Co-authored-by: Nicolas Giard <github@ngpixel.com>
 2020-07-29 19:54:31 -04:00
Higor Tavares
06c372d53f
fix: foreign key constraint when page have comments (#2199) 
* Solving foreing key contraint when page have comments

* Update pages.js

remove indentation changes

Co-authored-by: Higor Tavares <paulo.freire@dellead.com>
 2020-07-29 19:39:47 -04:00
NGPixel
26af63a80b fix: login input hints 2020-07-20 00:22:29 -04:00
NGPixel
4cd6fe8a56 fix: unauthorized admin should receive 403 code 2020-07-19 15:30:29 -04:00
NGPixel
4f16dd0c81 fix: admin permissions + restrict nav settings 2020-07-19 15:26:51 -04:00
NGPixel
10f17c5712 feat: redirect on login based on group 2020-07-19 15:13:35 -04:00
NGPixel
be499e5795 fix: auth strategy dependent username label 2020-07-19 13:20:43 -04:00
NGPixel
52d0af19b4 feat: diagram rendering + post-processor (wip) 2020-07-12 15:58:45 -04:00
Regev Brody
b2ff064d34
fix: stream assets from storage local locations (#2087) 2020-07-12 12:19:01 -04:00
NGPixel
57f5cbd5b6 misc: knex update for mssql constraint bug 2020-07-11 16:53:18 -04:00
NGPixel
1ced9649c7 feat: enforce 2fa admin setting + hide local on login screen 2020-07-05 23:55:11 -04:00
NGPixel
b2f292cc39 fix: MSSQL migration 2.5.1 2020-07-05 15:59:02 -04:00
NGPixel
31661b2cb3 fix: token renewal date 2020-07-05 14:16:16 -04:00
NGPixel
b475795595 feat: login bg + bypass + hide local option 2020-07-05 01:36:02 -04:00
NGPixel
5282a82afe fix: wait for sideload locales before server start (#1248) 2020-07-04 17:01:35 -04:00
Nicolas Giard
c009cc1392
feat: new login experience (#2139) 
* feat: multiple auth instances

* fix: auth setup + strategy initialization

* feat: admin auth - add strategy

* feat: redirect on login - group setting

* feat: oauth2 generic - props definitions

* feat: new login UI (wip)

* feat: new login UI (wip)

* feat: admin security login settings

* feat: tabset editor indicators + print view improvements

* fix: code styling
 2020-07-03 19:36:33 -04:00
Regev Brody
1c4829f70f
fix: tags filtered by access (#2100) 2020-07-03 17:49:54 -04:00
Regev Brody
41327dd1e8
feat: support MultiMarkdown tables (#2126) 2020-07-03 17:46:07 -04:00
TakeruDMC
cf3a48a6fa
fix: "undefined" error on deletePage by git storage (#2132) 2020-07-03 17:44:42 -04:00
Seyed Sajad Kahani
3c5352fb53
fix: change reconnectLink behavior for page move (#1991) 2020-06-28 21:08:17 -04:00
Maho Hiyajo
ea3962d143
fix: change discord module ‘discordapp.com’ to ‘discord.com’ (#2117) 2020-06-27 17:01:00 -04:00
Nicolas Giard
2409b286da
fix: matomo module siteId 2020-06-26 15:34:53 -04:00
NGPixel
1c18f3a4c2 fix: revoke typo 2020-06-25 23:48:16 -04:00
NGPixel
98f21b9f6a fix: revalidate tokens created prior to server startup 2020-06-25 22:04:21 -04:00
NGPixel
92b29d1f06 fix: check revalidation timestamp 2020-06-25 19:25:08 -04:00
NGPixel
c37b0ad1d7 fix: remove console log from authenticate func 2020-06-25 00:04:08 -04:00
NGPixel
a25431bcf8 fix: token revocation incorrect TTL 2020-06-25 00:02:39 -04:00
NGPixel
a690e5597f fix: revocation token list for users + groups 2020-06-24 23:57:35 -04:00
Regev Brody
33a9d5774c
fix: GraphQL error with MySQL and FULL OUTER JOIN (#2104) 
* fix: GraphQL error with MySQL and FULL OUTER JOIN #2071
 2020-06-24 18:51:21 -04:00
Regev Brody
6ef7b0f130
fix: deactivated users can still refresh their token (#2105) 2020-06-24 18:15:36 -04:00
Regev Brody
4bc284b06e
fix: page schema validation for extra field (#2097) 2020-06-23 18:26:29 -04:00
NGPixel
4cb7f33dcf feat: visual editor code + sub/sup + table props 2020-06-21 14:47:11 -04:00
NGPixel
4855051d87 feat: page published state + comments localization 2020-06-20 22:08:59 -04:00
NGPixel
83b83a7510 feat: page css + scripts 2020-06-20 16:39:36 -04:00
NGPixel
53ddb50b51 feat: save page scripts + styles 2020-06-20 01:11:05 -04:00
NGPixel
718c14dd74 feat: editor props scripts + styles code editor 2020-06-19 21:00:44 -04:00
Regev Brody
0a16929a57
fix: editing buttons showing up even if no action is allowed (#2043) 
* feat: Edit / Page Create Buttons showing up even if no action is allowed #1780
 2020-06-19 18:54:05 -04:00
NGPixel
b723d7d626 fix: markdown core props + styles/scripts permissions 2020-06-18 22:49:26 -04:00
Regev Brody
77086a6e0a
feat: optional kroki/plantuml svg caching (#2047) 
* feat: Caching kroki svgs #2020
 2020-06-18 18:39:25 -04:00
Regev Brody
e03a80dccc
feat: underline markdown support (#2073) 
* fix: no markdown support for underline #2072
 2020-06-18 18:37:24 -04:00
Regev Brody
0e6340f51e
fix: use config value for tokenRenewal expiration (#2042) 
* fix: tokenRenewal seems to be hard coded #1540
 2020-06-18 13:08:57 -04:00
jonasjoest
3b055f2ed5
fix: use first email address when retrieving multiple from LDAP (#2051) 
Signed-off-by: Jonas Jöst <jonas@gpplanet.de>
 2020-06-16 00:11:38 -04:00
Nicolas Giard
9e08718ee9
Merge pull request from GHSA-9jgg-4xj2-vjjj 2020-06-13 21:43:21 -04:00
Regev Brody
4ffd1325bd
fix: sidebar is empty when the jwt token is expired (#2037) 2020-06-10 09:11:14 -04:00
Regev Brody
037822b994
fix: secure html module removes target attribute from links (#2012) 2020-06-07 19:23:33 -04:00
NGPixel
ca0708ea75 feat: extra options for generic S3 module 2020-06-07 18:28:16 -04:00
NGPixel
e45145986a feat: generic S3 module 2020-06-07 18:08:33 -04:00
Regev Brody
a508a27475
fix: validate permissions when listing assets (#1928) 
* fix: assets permission issues #1926
 2020-06-07 16:58:12 -04:00
NGPixel
65f71d8e3b fix: strip starting slash from path during page create 2020-06-05 14:52:36 -04:00
NGPixel
deacd80c45 fix: dashboard invalid version on load 2020-06-05 14:46:54 -04:00
NGPixel
c2a0773633 fix: site config host slice 2020-06-04 00:33:27 -04:00
NGPixel
2013ee4fa2 fix: failed auth strategy prevent local auth from initializing 2020-06-01 21:20:21 -04:00
NGPixel
3891816758 fix: setup assets location + mysql migration 2.4.13 2020-05-31 22:39:45 -04:00
NGPixel
7a946ec0f5 feat: edit comment 2020-05-31 18:15:15 -04:00
NGPixel
e74605501f feat: comments post min delay 2020-05-31 15:54:20 -04:00
NGPixel
8a74904731 feat: comments delete + refresh on post + formatting 2020-05-31 02:13:41 -04:00
NGPixel
83f7c2867d fix: admin security UI 2020-05-30 16:42:48 -04:00
NGPixel
1f9e5b3fd0 feat: delete user with replace target 2020-05-30 16:34:09 -04:00
daneallen
20e6bc1a70
fix: Open Redirect Vulnerability Mitigation - CWE 601 (#1963) 
* Open redirect vulnerabilty mitigation

* Refacted Open Redirect to user configurable and corrected incorrect security variable names.

Co-authored-by: danallendds <daniel.allen@friends.dds.mil>
 2020-05-29 18:24:20 -04:00
NGPixel
1222355046 feat: comments - default provider create (wip) + permissions 2020-05-26 22:56:24 -04:00
NGPixel
8205faca53 feat: use asar for twemoji assets 2020-05-24 18:02:05 -04:00
NGPixel
a0618ee4f6 feat: comments UI improvements 2020-05-23 18:49:10 -04:00
Regev Brody
8a1b5b1383
fix: S3 Export all trigger (#1922) 2020-05-22 13:20:47 -04:00
NGPixel
6b561623ee fix: incorrect migration name 2.4.14 2020-05-21 00:20:57 -04:00
NGPixel
df246af3bb fix: remove makefile + update nvmrc version 2020-05-21 00:20:57 -04:00
NGPixel
e1382771cf feat: extensions check + resolver 2020-05-21 00:20:57 -04:00
NGPixel
fb6c01c538 fix: legacy page view 2020-05-21 00:20:57 -04:00
NGPixel
887e8a0f5a feat: comments disqus + commento 2020-05-21 00:20:57 -04:00
NGPixel
f6bad765a2 feat: assets move + comments migration + admin users UI 2020-05-21 00:20:57 -04:00
NGPixel
1def5289af feat: admin comments page 2020-05-21 00:20:57 -04:00
Robert Lanyi
a581d9837a feat: add Kroki renderer (#1900) 
* feat: Kroki integration

see https://kroki.io/

* fix: markdown-kroki def updates

Co-authored-by: Nicolas Giard <github@ngpixel.com>
 2020-05-17 18:41:29 -04:00
Simon Lichtinghagen
764d98fa1d
fix: use fullname from keycloak profile info with username as fallback (#1888) 2020-05-15 13:28:55 -04:00
kaziu687
66e725f426
fix: elasticsearch partial match (#1882) 
Improved full text search in elastic provider
 2020-05-13 19:32:28 -04:00
NGPixel
1a33a43a0d fix: use semver for latest version check 2020-05-11 00:09:10 -04:00
NGPixel
7508d92f92 feat: redirect editor UI (wip) 2020-05-10 18:43:45 -04:00
NGPixel
134f057bb8 feat: uploads config + security admin page 2020-05-10 15:55:28 -04:00
NGPixel
53da387082 feat: plantuml in markdown preview 2020-05-08 22:51:32 -04:00
NGPixel
cc9f022051 fix: nav external blank option 2020-05-08 18:48:07 -04:00
NGPixel
98bf0d9ccb fix: escape mustache template chars in content 2020-05-08 17:00:02 -04:00
NGPixel
2ff0e42c1d fix: add verifySSL option to mail settings 2020-05-08 14:35:57 -04:00
NGPixel
6a4b25bc28 fix: plantuml deflate raw 2020-05-08 14:15:19 -04:00
daneallen
4aa7828a92
fix: add rel option to external links in content (#1853) 
* #1853: XSS attack fix by adding rel noferrer or rel noopen to _blank target external links

* fix: relAttributeExternalLink noopener

Co-authored-by: danallendds <daniel.allen@friends.dds.mil>
Co-authored-by: Nicolas Giard <github@ngpixel.com>
 2020-05-07 16:45:11 -04:00
NGPixel
d2b99a2032 feat: timezone + dateFOrmat + appearance profile settings 2020-05-03 00:38:02 -04:00
NGPixel
c81ba5a503 fix: markdown footnotes id incorrectly stripped 2020-05-02 15:13:58 -04:00
NGPixel
281172a9f4 feat: mathjax markdown module 2020-04-29 22:32:03 -04:00
NGPixel
954262f517 fix: tabs renderer remove switchTab handler 2020-04-26 21:18:51 -04:00
NGPixel
5d43f6ada1 feat: content tabs 2020-04-26 21:04:08 -04:00
NGPixel
bbe64ef6b6 feat: static navigation menu option 2020-04-25 17:45:59 -04:00
NGPixel
b2931471c0 fix: remove ssh port param for git module 2020-04-25 14:04:14 -04:00
NGPixel
89debd57f7 fix: path chars check typo 2020-04-25 02:58:00 -04:00
NGPixel
7306fabdba fix: auto-trim trailing slash from paths + illegal chars check during move 2020-04-24 20:39:07 -04:00
NGPixel
566043ec43 fix: perform git move manually to prevent bad source 2020-04-24 20:30:08 -04:00
NGPixel
bade9430f2 fix: storage internalSchedule typo 2020-04-24 00:37:50 -04:00
NGPixel
d1dd1f195b fix: ldap allow disable cert check + icon 2020-04-24 00:29:49 -04:00
NGPixel
ec2d10c7f2 fix: trim and auto-remove trailing slash for Site URL in Admin General 2020-04-24 00:17:10 -04:00
NGPixel
7c59bfed08 fix: browse tree ancestors not converted in mariadb 2020-04-24 00:07:27 -04:00
GaliTW
ac11cd2cdd
fix: move page with wrong object key (#1757) 2020-04-22 11:08:46 -04:00
NGPixel
4308152a08 fix: uriencode git user/pass for http remote 2020-04-21 23:35:49 -04:00
NGPixel
dae64f00a0 fix: brute-knex refactor 2020-04-21 23:16:13 -04:00
NGPixel
2213ba2c81 fix: git custom ssh port not handled 2020-04-21 19:45:25 -04:00
NGPixel
02816b68d0 fix: db inline CA cert reconstruct 2020-04-20 22:00:59 -04:00
NGPixel
81732da709 fix: db inline CA cert mode 2020-04-20 18:47:06 -04:00
NGPixel
d651412d34 fix: pg db connection problem 2020-04-20 17:51:27 -04:00
NGPixel
cf81ad910d fix: HA reload group guest expiration 2020-04-19 22:47:02 -04:00
NGPixel
405187b8e0 fix: HA event publish 2020-04-19 22:47:02 -04:00
NGPixel
bd4263ecb2 feat: HA event handling + emitting 2020-04-19 22:47:02 -04:00
NGPixel
6a00a5dbce fix: git ssh port incorrect default value 2020-04-19 22:47:02 -04:00
NGPixel
7cd5721ca1 feat: handle event propagation via DB (HA) 2020-04-19 22:47:02 -04:00
NGPixel
8aba5305d8 feat: sidebar item permissions + admin nav edit 2020-04-18 18:33:22 -04:00
NGPixel
9a93ac28f2 feat: admin dashboard last logins 2020-04-18 18:33:22 -04:00
NGPixel
514d31a46d feat: hide sidebar option 2020-04-18 18:33:22 -04:00
NGPixel
a33691d642 fix: bypass users model when updating lastLoginAt 2020-04-18 18:33:22 -04:00
NGPixel
1c80faa94d feat: browse nav + pageTree ancestors 2020-04-18 18:33:22 -04:00
NGPixel
3ca72ccc1e feat: new nav UI (wip) 2020-04-18 18:33:22 -04:00
NGPixel
53ceea74f1 fix: skip telemetry if devmode 2020-04-17 17:14:02 -04:00
NGPixel
17f833509f fix: html sanitizer - whitelist start prop for ol tag 2020-04-17 13:09:08 -04:00
NGPixel
2ff3abe0d8 fix: html sanitizer - whitelist i tag 2020-04-17 13:04:56 -04:00
NGPixel
71be4660bf fix: use new telemetry endpoint 2020-04-16 20:39:14 -04:00
NGPixel
76ade8df53 feat: link autocomplete + insert link modal (markdown) 2020-04-11 00:19:23 -04:00
NGPixel
245104c6ae fix: mssql + older mariadb migration 2.2.17 failure 2020-04-10 16:06:43 -04:00
NGPixel
77548c8778 fix: tags input normalization 2020-04-09 21:56:24 -04:00