Dan Brown
2633b94deb
Applied StyleCI changes
2021-11-13 13:28:17 +00:00
Dan Brown
63d8d72d7e
Added testing to cover search result highlighting
2021-11-13 13:26:11 +00:00
Dan Brown
7d0724e288
Added auto-conversion of search terms to exact values
...
Will occur when a search term contains a character that's used to split
content into search terms.
Added testing to cover.
2021-11-12 18:03:44 +00:00
Dan Brown
99587a0be6
Added tag values as part of the indexed search terms
...
This allows finding content via tag name/values when just searching
using normal seach terms.
Added testing to cover.
Related to #1577
2021-11-12 17:06:01 +00:00
Dan Brown
f28daa01d9
Added page content parsing to up-rank header text in search
...
This adds parsing of page content so that headers apply a boost to
scores in the search term index.
Additionally, this merges title and content terms to reduce the amount
of stored terms a little.
Includes testing to cover.
2021-11-12 13:47:23 +00:00
Dan Brown
da17004c3e
Added test to cover search frquency rank changes
2021-11-09 15:05:02 +00:00
Dan Brown
899349c4b4
Added testing coverage for tag index
...
Also:
- Extracted out index table row to its own view.
- Added empty state.
- Ensured query params are set on pagination links.
2021-11-06 21:54:02 +00:00
Dan Brown
bc291bee78
Added inital phpstan/larastan setup
2021-11-05 16:18:06 +00:00
Dan Brown
c9c4dbcb5b
Merge branch 'laravel_upgrade'
2021-11-04 22:42:35 +00:00
Dan Brown
a17be959d8
Applied latest styleci changes
2021-11-01 13:26:02 +00:00
Dan Brown
bfbccbede1
Updated attachments to not be saved with a complete extension
...
Intended to limit impact in the event the storage path is potentially
exposed.
2021-11-01 11:32:00 +00:00
Dan Brown
43830a372f
Updated showImage file serving to not be traversable
...
For #3030
2021-10-31 23:53:17 +00:00
Dan Brown
ae155d6745
Added safe mime sniffing to prevent serving HTML
...
(Amoung other content types)
For #3027
2021-10-31 17:58:56 +00:00
Dan Brown
f139cded78
Laravel 8 shift squash & merge ( #3029 )
...
* Temporarily moved back config path
* Apply Laravel coding style
* Shift exception handler
* Shift HTTP kernel and middleware
* Shift service providers
* Convert options array to fluent methods
* Shift to class based routes
* Shift console routes
* Ignore temporary framework files
* Shift to class based factories
* Namespace seeders
* Shift PSR-4 autoloading
* Shift config files
* Default config files
* Shift Laravel dependencies
* Shift return type of base TestCase methods
* Shift cleanup
* Applied stylci style changes
* Reverted config files location
* Applied manual changes to Laravel 8 shift
Co-authored-by: Shift <shift@laravelshift.com>
2021-10-30 21:29:59 +01:00
Dan Brown
4f55fe2f8e
Made further changes to page image extraction validation
...
Fixes #3019
Increased testing to cover the failing case amoung others.
2021-10-28 15:54:00 +01:00
Dan Brown
3166541002
Added test to cover #3010
2021-10-27 12:29:01 +01:00
Dan Brown
f77236aa38
Laravel 7.x Shift ( #3011 )
...
* Apply Laravel coding style
* Shift bindings
* Shift core files
* Shift to Throwable
* Add laravel/ui dependency
* Shift Eloquent methods
* Shift config files
* Shift Laravel dependencies
* Shift cleanup
* Shift test config and references
* Applied styleci changes
* Applied fixes post shift to laravel 7
Co-authored-by: Shift <shift@laravelshift.com>
2021-10-26 22:04:18 +01:00
Dan Brown
cdef1b3ab0
Updated SAML ACS post to retain user session
...
Session was being lost due to the callback POST request cookies
not being provided due to samesite=lax. This instead adds an additional
hop in the flow to route the request via a GET request so the session is
retained. SAML POST data is stored encrypted in cache via a unique ID
then pulled out straight afterwards, and restored into POST for the SAML
toolkit to validate.
Updated testing to cover.
2021-10-20 13:34:00 +01:00
Dan Brown
859934d6a3
Applied latest changes from styleCI
2021-10-20 10:49:45 +01:00
Dan Brown
2409d1850f
Added TestCase for attachments API methods
2021-10-20 00:58:56 +01:00
Dan Brown
cb45c53029
Added base64 image extraction to markdown page content
...
- Included tests to cover.
- Manually tested via API update and interface page update.
Closes #2898
2021-10-18 11:42:50 +01:00
Dan Brown
6e325de226
Applied latest styles changes from style CI
2021-10-16 16:01:59 +01:00
Dan Brown
263384cf99
Merge branch 'oidc'
2021-10-16 15:51:13 +01:00
Dan Brown
f3c147d33b
Applied latest styleci changes
2021-10-15 14:16:45 +01:00
Dan Brown
c9c0e5e16f
Fixed guest user email showing in TOTP setup url
...
- Occured during enforced MFA setup upon login.
- Added test to cover.
Fixes #2971
2021-10-14 18:02:16 +01:00
Dan Brown
ffa4377e65
Added testing to cover debug view
2021-10-14 17:40:22 +01:00
Dan Brown
a5d72aa458
Fleshed out testing for OIDC system
2021-10-13 16:51:27 +01:00
Dan Brown
c167f40af3
Renamed OIDC files to all be aligned
2021-10-12 23:04:28 +01:00
Dan Brown
790723dfc5
Added further OIDC core class testing
2021-10-12 16:48:54 +01:00
Dan Brown
f3d54e4a2d
Added positive test case for OIDC implementation
...
- To continue coverage and spec cases next.
2021-10-12 00:01:51 +01:00
Dan Brown
ca764caf2d
Added throttling to password reset requests
2021-10-08 23:19:37 +01:00
Dan Brown
a9b3df537f
Applied changes from styleci
2021-10-08 22:23:17 +01:00
Dan Brown
41541df6ec
Added testing to cover work done in last commit
...
Relevant to comments in 7224fbcc89
.
Added test cases. Ensured they failed pre-commit.
Also tested a range of the altered endpoints manually on both local and
s3-like filesystems.
2021-10-08 21:47:59 +01:00
Dan Brown
41ac69adb1
Forced response cache revalidation on logged-in responses
...
- Prevents authenticated responses being visible when back button
pressed in browser.
- Previously, 'no-cache, private' was added by default by Symfony which
would have prevents proxy cache issues but this adds no-store and a
max-age option to also invalidate all caching.
Thanks to @haxatron via huntr.dev
Ref: https://huntr.dev/bounties/6cda9df9-4987-4e1c-b48f-855b6901ef53/
2021-10-08 15:22:09 +01:00
Dan Brown
193d7fb3fe
Merge branch 'openid' of https://github.com/jasperweyne/BookStack into jasperweyne-openid
2021-10-06 13:18:21 +01:00
Dan Brown
f99af807d0
Reviewed and refactored additional editor draft save warnings
...
- Added testing to cover warning cases.
- Refactored logic to be simpler and move much of the business out of
the controller.
- Added new message that's more suitable to the case this was handling.
- For detecting an outdated draft, checked the draft created_at time
instead of updated_at to better fit the scenario being checked.
- Updated some method types to align with those potentially being used
in the logic of the code.
- Added a cache of shown messages on the front-end to prevent them
re-showing on every save during the session, even if dismissed.
2021-10-04 20:26:55 +01:00
Dan Brown
d3a9645161
Allowed page includes on custom home
...
For #2279
Old hold-over for when include content permissions were handled less
delicately.
2021-10-04 11:26:26 +01:00
Dan Brown
505d7e604e
Applied StyleCI changes
2021-09-29 23:53:11 +01:00
Dan Brown
887a79f130
Reviewed adding IP recording to activity & audit log
...
Review of #2936
- Added testing to cover
- Added APP_PROXIES to .env.example.complete with details.
- Renamed migration to better align the name and to set the migration
date to fit with production deploy order.
- Removed index from IP column in migration since an index does not yet
provide any value.
- Updated table header text label.
- Prevented IP recording when in demo mode.
2021-09-26 17:18:12 +01:00
Dan Brown
05d99a312d
Applied styleci changes
2021-09-26 15:48:22 +01:00
Dan Brown
c32b315cd7
Standardised facade usage to use via their FQCN
...
Done via Laravel Shift Workbench
2021-09-26 15:37:55 +01:00
Dan Brown
ffdfdc7449
Fixed dodgy test helper signature causing tests to fail
...
Just needed some argument defaults to make them optional for existing
uses.
2021-09-18 21:29:42 +01:00
Dan Brown
ba075b46f9
Merge pull request #2928 from BookStackApp/browserkit_removal
...
Convert old BrowserKit tests
2021-09-18 21:28:16 +01:00
Dan Brown
c08c8d7aa3
Applied styleci style changes
2021-09-18 21:21:44 +01:00
Dan Brown
6454e24657
Removed browserkit testing from project
...
Converted last bits of the roles tests and removed dependancies.
Updated other PHP dependancies at the same time.
2021-09-18 21:20:38 +01:00
Dan Brown
d74255df5d
Started updating RolesTest away from Browserkit
2021-09-18 00:33:03 +01:00
Dan Brown
a4d9bca9e1
Converted AuthTest away from BrowserKit
...
Moved some user managment tests out to more relevant classess along the
way.
Found some tweaks to make for email confirmation routing as part of
this.
2021-09-17 23:44:54 +01:00
Dan Brown
90c759e5ca
Rewrote entity permissions tests to be non-browser-kit
2021-09-17 22:35:28 +01:00
Dan Brown
5d93dd258e
Finished moving EntityTests out to new TestCase files
2021-09-17 21:29:16 +01:00
Dan Brown
de8cceb0f7
Moved more tests out of EntityTest
2021-09-15 22:18:37 +01:00