Merge branch 'frontend-next' into t216-refactor-common

This commit is contained in:
Yukai Huang 2017-01-15 11:33:22 +08:00
commit c0e8306961
18 changed files with 306 additions and 69 deletions

View file

@ -130,8 +130,18 @@ Environment variables (will overwrite other server configs)
| HMD_DROPBOX_CLIENTSECRET | no example | Dropbox API client secret | | HMD_DROPBOX_CLIENTSECRET | no example | Dropbox API client secret |
| HMD_GOOGLE_CLIENTID | no example | Google API client id | | HMD_GOOGLE_CLIENTID | no example | Google API client id |
| HMD_GOOGLE_CLIENTSECRET | no example | Google API client secret | | HMD_GOOGLE_CLIENTSECRET | no example | Google API client secret |
| HMD_LDAP_URL | ldap://example.com | url of LDAP server |
| HMD_LDAP_BINDDN | no example | bindDn for LDAP access |
| HMD_LDAP_BINDCREDENTIALS | no example | bindCredentials for LDAP access |
| HMD_LDAP_TOKENSECRET | supersecretkey | secret used for generating access/refresh tokens |
| HMD_LDAP_SEARCHBASE | o=users,dc=example,dc=com | LDAP directory to begin search from |
| HMD_LDAP_SEARCHFILTER | (uid={{username}}) | LDAP filter to search with |
| HMD_LDAP_SEARCHATTRIBUTES | no example | LDAP attributes to search with |
| HMD_LDAP_TLS_CA | no example | Root CA for LDAP TLS in PEM format |
| HMD_LDAP_PROVIDERNAME | My institution | Optional name to be displayed at login form indicating the LDAP provider |
| HMD_IMGUR_CLIENTID | no example | Imgur API client id | | HMD_IMGUR_CLIENTID | no example | Imgur API client id |
| HMD_EMAIL | `true` or `false` | set to allow email register and signin | | HMD_EMAIL | `true` or `false` | set to allow email signin |
| HMD_ALLOW_EMAIL_REGISTER | `true` or `false` | set to allow email register (only applied when email is set, default is `true`) |
| HMD_IMAGE_UPLOAD_TYPE | `imgur`, `s3` or `filesystem` | Where to upload image. For S3, see our [S3 Image Upload Guide](docs/guides/s3-image-upload.md) | | HMD_IMAGE_UPLOAD_TYPE | `imgur`, `s3` or `filesystem` | Where to upload image. For S3, see our [S3 Image Upload Guide](docs/guides/s3-image-upload.md) |
| HMD_S3_ACCESS_KEY_ID | no example | AWS access key id | | HMD_S3_ACCESS_KEY_ID | no example | AWS access key id |
| HMD_S3_SECRET_ACCESS_KEY | no example | AWS secret key | | HMD_S3_SECRET_ACCESS_KEY | no example | AWS secret key |
@ -175,7 +185,8 @@ Application settings `config.json`
| heartbeatinterval | `5000` | socket.io heartbeat interval | | heartbeatinterval | `5000` | socket.io heartbeat interval |
| heartbeattimeout | `10000` | socket.io heartbeat timeout | | heartbeattimeout | `10000` | socket.io heartbeat timeout |
| documentmaxlength | `100000` | note max length | | documentmaxlength | `100000` | note max length |
| email | `true` or `false` | set to allow email register and signin | | email | `true` or `false` | set to allow email signin |
| allowemailregister | `true` or `false` | set to allow email register (only applied when email is set, default is `true`) |
| imageUploadType | `imgur`(default), `s3` or `filesystem` | Where to upload image | imageUploadType | `imgur`(default), `s3` or `filesystem` | Where to upload image
| s3 | `{ "accessKeyId": "YOUR_S3_ACCESS_KEY_ID", "secretAccessKey": "YOUR_S3_ACCESS_KEY", "region": "YOUR_S3_REGION", "bucket": "YOUR_S3_BUCKET_NAME" }` | When `imageUploadType` be setted to `s3`, you would also need to setup this key, check our [S3 Image Upload Guide](docs/guides/s3-image-upload.md) | | s3 | `{ "accessKeyId": "YOUR_S3_ACCESS_KEY_ID", "secretAccessKey": "YOUR_S3_ACCESS_KEY", "region": "YOUR_S3_REGION", "bucket": "YOUR_S3_BUCKET_NAME" }` | When `imageUploadType` be setted to `s3`, you would also need to setup this key, check our [S3 Image Upload Guide](docs/guides/s3-image-upload.md) |
@ -184,7 +195,7 @@ Third-party integration api key settings
| service | settings location | description | | service | settings location | description |
| ------- | --------- | ----------- | | ------- | --------- | ----------- |
| facebook, twitter, github, gitlab, dropbox, google | environment variables or `config.json` | for signin | | facebook, twitter, github, gitlab, dropbox, google, ldap | environment variables or `config.json` | for signin |
| imgur | environment variables or `config.json` | for image upload | | imgur | environment variables or `config.json` | for image upload |
| google drive(`google/apiKey`, `google/clientID`), dropbox(`dropbox/appKey`) | `config.json` | for export and import | | google drive(`google/apiKey`, `google/clientID`), dropbox(`dropbox/appKey`) | `config.json` | for export and import |

66
app.js
View file

@ -381,36 +381,50 @@ if (config.google) {
failureRedirect: config.serverurl + '/' failureRedirect: config.serverurl + '/'
})); }));
} }
// ldap auth
if (config.ldap) {
app.post('/auth/ldap', urlencodedParser, function (req, res, next) {
if (!req.body.username || !req.body.password) return response.errorBadRequest(res);
setReturnToFromReferer(req);
passport.authenticate('ldapauth', {
successReturnToOrRedirect: config.serverurl + '/',
failureRedirect: config.serverurl + '/',
failureFlash: true
})(req, res, next);
});
}
// email auth // email auth
if (config.email) { if (config.email) {
app.post('/register', urlencodedParser, function (req, res, next) { if (config.allowemailregister)
if (!req.body.email || !req.body.password) return response.errorBadRequest(res); app.post('/register', urlencodedParser, function (req, res, next) {
if (!validator.isEmail(req.body.email)) return response.errorBadRequest(res); if (!req.body.email || !req.body.password) return response.errorBadRequest(res);
models.User.findOrCreate({ if (!validator.isEmail(req.body.email)) return response.errorBadRequest(res);
where: { models.User.findOrCreate({
email: req.body.email where: {
}, email: req.body.email
defaults: { },
password: req.body.password defaults: {
} password: req.body.password
}).spread(function (user, created) {
if (user) {
if (created) {
if (config.debug) logger.info('user registered: ' + user.id);
req.flash('info', "You've successfully registered, please signin.");
} else {
if (config.debug) logger.info('user found: ' + user.id);
req.flash('error', "This email has been used, please try another one.");
} }
}).spread(function (user, created) {
if (user) {
if (created) {
if (config.debug) logger.info('user registered: ' + user.id);
req.flash('info', "You've successfully registered, please signin.");
} else {
if (config.debug) logger.info('user found: ' + user.id);
req.flash('error', "This email has been used, please try another one.");
}
return res.redirect(config.serverurl + '/');
}
req.flash('error', "Failed to register your account, please try again.");
return res.redirect(config.serverurl + '/'); return res.redirect(config.serverurl + '/');
} }).catch(function (err) {
req.flash('error', "Failed to register your account, please try again."); logger.error('auth callback failed: ' + err);
return res.redirect(config.serverurl + '/'); return response.errorInternalError(res);
}).catch(function (err) { });
logger.error('auth callback failed: ' + err);
return response.errorInternalError(res);
}); });
});
app.post('/login', urlencodedParser, function (req, res, next) { app.post('/login', urlencodedParser, function (req, res, next) {
if (!req.body.email || !req.body.password) return response.errorBadRequest(res); if (!req.body.email || !req.body.password) return response.errorBadRequest(res);
if (!validator.isEmail(req.body.email)) return response.errorBadRequest(res); if (!validator.isEmail(req.body.email)) return response.errorBadRequest(res);
@ -627,7 +641,7 @@ process.on('SIGINT', function () {
var checkCleanTimer = setInterval(function () { var checkCleanTimer = setInterval(function () {
if (history.isReady() && realtime.isReady()) { if (history.isReady() && realtime.isReady()) {
models.Revision.checkAllNotesRevision(function (err, notes) { models.Revision.checkAllNotesRevision(function (err, notes) {
if (err) throw new Error(err); if (err) return logger.error(err);
if (!notes || notes.length <= 0) { if (!notes || notes.length <= 0) {
clearInterval(checkCleanTimer); clearInterval(checkCleanTimer);
return process.exit(0); return process.exit(0);

View file

@ -53,6 +53,18 @@
"clientSecret": "change this", "clientSecret": "change this",
"apiKey": "change this" "apiKey": "change this"
}, },
"ldap": {
"url": "ldap://change_this",
"bindDn": null,
"bindCredentials": null,
"tokenSecret": "change this",
"searchBase": "change this",
"searchFilter": "change this",
"searchAttributes": "change this",
"tlsOptions": {
"changeme": "See https://nodejs.org/api/tls.html#tls_tls_connect_options_callback"
}
},
"imgur": { "imgur": {
"clientID": "change this" "clientID": "change this"
} }

View file

@ -7,6 +7,7 @@ var GithubStrategy = require('passport-github').Strategy;
var GitlabStrategy = require('passport-gitlab2').Strategy; var GitlabStrategy = require('passport-gitlab2').Strategy;
var DropboxStrategy = require('passport-dropbox-oauth2').Strategy; var DropboxStrategy = require('passport-dropbox-oauth2').Strategy;
var GoogleStrategy = require('passport-google-oauth20').Strategy; var GoogleStrategy = require('passport-google-oauth20').Strategy;
var LdapStrategy = require('passport-ldapauth');
var LocalStrategy = require('passport-local').Strategy; var LocalStrategy = require('passport-local').Strategy;
var validator = require('validator'); var validator = require('validator');
@ -110,6 +111,62 @@ if (config.google) {
callbackURL: config.serverurl + '/auth/google/callback' callbackURL: config.serverurl + '/auth/google/callback'
}, callback)); }, callback));
} }
// ldap
if (config.ldap) {
passport.use(new LdapStrategy({
server: {
url: config.ldap.url || null,
bindDn: config.ldap.bindDn || null,
bindCredentials: config.ldap.bindCredentials || null,
searchBase: config.ldap.searchBase || null,
searchFilter: config.ldap.searchFilter || null,
searchAttributes: config.ldap.searchAttributes || null,
tlsOptions: config.ldap.tlsOptions || null
},
},
function(user, done) {
var profile = {
id: 'LDAP-' + user.uidNumber,
username: user.uid,
displayName: user.displayName,
emails: user.mail ? [user.mail] : [],
avatarUrl: null,
profileUrl: null,
provider: 'ldap',
}
var stringifiedProfile = JSON.stringify(profile);
models.User.findOrCreate({
where: {
profileid: profile.id.toString()
},
defaults: {
profile: stringifiedProfile,
}
}).spread(function (user, created) {
if (user) {
var needSave = false;
if (user.profile != stringifiedProfile) {
user.profile = stringifiedProfile;
needSave = true;
}
if (needSave) {
user.save().then(function () {
if (config.debug)
logger.info('user login: ' + user.id);
return done(null, user);
});
} else {
if (config.debug)
logger.info('user login: ' + user.id);
return done(null, user);
}
}
}).catch(function (err) {
logger.error('ldap auth failed: ' + err);
return done(err, null);
});
}));
}
// email // email
if (config.email) { if (config.email) {
passport.use(new LocalStrategy({ passport.use(new LocalStrategy({
@ -130,4 +187,4 @@ if (config.email) {
return done(err); return done(err);
}); });
})); }));
} }

View file

@ -95,8 +95,44 @@ var google = (process.env.HMD_GOOGLE_CLIENTID && process.env.HMD_GOOGLE_CLIENTSE
clientID: process.env.HMD_GOOGLE_CLIENTID, clientID: process.env.HMD_GOOGLE_CLIENTID,
clientSecret: process.env.HMD_GOOGLE_CLIENTSECRET clientSecret: process.env.HMD_GOOGLE_CLIENTSECRET
} : (config.google && config.google.clientID && config.google.clientSecret) || false; } : (config.google && config.google.clientID && config.google.clientSecret) || false;
var ldap = config.ldap || (
process.env.HMD_LDAP_URL ||
process.env.HMD_LDAP_BINDDN ||
process.env.HMD_LDAP_BINDCREDENTIALS ||
process.env.HMD_LDAP_TOKENSECRET ||
process.env.HMD_LDAP_SEARCHBASE ||
process.env.HMD_LDAP_SEARCHFILTER ||
process.env.HMD_LDAP_SEARCHATTRIBUTES ||
process.env.HMD_LDAP_PROVIDERNAME
) || false;
if (ldap == true)
ldap = {};
if (process.env.HMD_LDAP_URL)
ldap.url = process.env.HMD_LDAP_URL;
if (process.env.HMD_LDAP_BINDDN)
ldap.bindDn = process.env.HMD_LDAP_BINDDN;
if (process.env.HMD_LDAP_BINDCREDENTIALS)
ldap.bindCredentials = process.env.HMD_LDAP_BINDCREDENTIALS;
if (process.env.HMD_LDAP_TOKENSECRET)
ldap.tokenSecret = process.env.HMD_LDAP_TOKENSECRET;
if (process.env.HMD_LDAP_SEARCHBASE)
ldap.searchBase = process.env.HMD_LDAP_SEARCHBASE;
if (process.env.HMD_LDAP_SEARCHFILTER)
ldap.searchFilter = process.env.HMD_LDAP_SEARCHFILTER;
if (process.env.HMD_LDAP_SEARCHATTRIBUTES)
ldap.searchAttributes = process.env.HMD_LDAP_SEARCHATTRIBUTES;
if (process.env.HMD_LDAP_TLS_CA) {
var ca = {
ca: process.env.HMD_LDAP_TLS_CA
}
ldap.tlsOptions = ldap.tlsOptions ? Object.assign(ldap.tlsOptions, ca) : ca
}
if (process.env.HMD_LDAP_PROVIDERNAME) {
ldap.providerName = process.env.HMD_LDAP_PROVIDERNAME;
}
var imgur = process.env.HMD_IMGUR_CLIENTID || config.imgur || false; var imgur = process.env.HMD_IMGUR_CLIENTID || config.imgur || false;
var email = process.env.HMD_EMAIL ? (process.env.HMD_EMAIL === 'true') : !!config.email; var email = process.env.HMD_EMAIL ? (process.env.HMD_EMAIL === 'true') : !!config.email;
var allowemailregister = process.env.HMD_ALLOW_EMAIL_REGISTER ? (process.env.HMD_ALLOW_EMAIL_REGISTER === 'true') : ((typeof config.allowemailregister === 'boolean') ? config.allowemailregister : true);
function getserverurl() { function getserverurl() {
var url = ''; var url = '';
@ -156,8 +192,10 @@ module.exports = {
gitlab: gitlab, gitlab: gitlab,
dropbox: dropbox, dropbox: dropbox,
google: google, google: google,
ldap: ldap,
imgur: imgur, imgur: imgur,
email: email, email: email,
allowemailregister: allowemailregister,
imageUploadType: imageUploadType, imageUploadType: imageUploadType,
s3: s3, s3: s3,
s3bucket: s3bucket s3bucket: s3bucket

25
lib/letter-avatars.js Normal file
View file

@ -0,0 +1,25 @@
"use strict";
// external modules
var randomcolor = require('randomcolor');
// core
module.exports = function(name) {
var color = randomcolor({
seed: name,
luminosity: 'dark'
});
var letter = name.substring(0, 1).toUpperCase();
var svg = '<?xml version="1.0" encoding="UTF-8" standalone="no"?>';
svg += '<svg xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns="http://www.w3.org/2000/svg" height="96" width="96" version="1.1" viewBox="0 0 96 96">';
svg += '<g>';
svg += '<rect width="96" height="96" fill="' + color + '" />';
svg += '<text font-size="64px" font-family="sans-serif" text-anchor="middle" fill="#ffffff">';
svg += '<tspan x="48" y="72" stroke-width=".26458px" fill="#ffffff">' + letter + '</tspan>';
svg += '</text>';
svg += '</g>';
svg += '</svg>';
return 'data:image/svg+xml;base64,' + new Buffer(svg).toString('base64');
};

View file

@ -23,7 +23,7 @@ var logger = require("../logger.js");
var ot = require("../ot/index.js"); var ot = require("../ot/index.js");
// permission types // permission types
var permissionTypes = ["freely", "editable", "locked", "private"]; var permissionTypes = ["freely", "editable", "limited", "locked", "protected", "private"];
module.exports = function (sequelize, DataTypes) { module.exports = function (sequelize, DataTypes) {
var Note = sequelize.define("Note", { var Note = sequelize.define("Note", {
@ -333,7 +333,7 @@ module.exports = function (sequelize, DataTypes) {
if (meta.slideOptions && (typeof meta.slideOptions == "object")) if (meta.slideOptions && (typeof meta.slideOptions == "object"))
_meta.slideOptions = meta.slideOptions; _meta.slideOptions = meta.slideOptions;
} }
return _meta; return _meta;
}, },
updateAuthorshipByOperation: function (operation, userId, authorships) { updateAuthorshipByOperation: function (operation, userId, authorships) {
var index = 0; var index = 0;
@ -532,4 +532,4 @@ module.exports = function (sequelize, DataTypes) {
}); });
return Note; return Note;
}; };

View file

@ -7,6 +7,7 @@ var scrypt = require('scrypt');
// core // core
var logger = require("../logger.js"); var logger = require("../logger.js");
var letterAvatars = require('../letter-avatars.js');
module.exports = function (sequelize, DataTypes) { module.exports = function (sequelize, DataTypes) {
var User = sequelize.define("User", { var User = sequelize.define("User", {
@ -105,6 +106,16 @@ module.exports = function (sequelize, DataTypes) {
case "google": case "google":
photo = profile.photos[0].value.replace(/(\?sz=)\d*$/i, '$196'); photo = profile.photos[0].value.replace(/(\?sz=)\d*$/i, '$196');
break; break;
case "ldap":
//no image api provided,
//use gravatar if email exists,
//otherwise generate a letter avatar
if (profile.emails[0]) {
photo = 'https://www.gravatar.com/avatar/' + md5(profile.emails[0]) + '?s=96';
} else {
photo = letterAvatars(profile.username);
}
break;
} }
return photo; return photo;
}, },

View file

@ -251,13 +251,13 @@ function getStatus(callback) {
return logger.error('count user failed: ' + err); return logger.error('count user failed: ' + err);
}); });
}).catch(function (err) { }).catch(function (err) {
return logger.error('count note failed: ' + err); return logger.error('count note failed: ' + err);
}); });
} }
function isReady() { function isReady() {
return realtime.io return realtime.io
&& Object.keys(notes).length == 0 && Object.keys(users).length == 0 && Object.keys(notes).length == 0 && Object.keys(users).length == 0
&& connectionSocketQueue.length == 0 && !isConnectionBusy && connectionSocketQueue.length == 0 && !isConnectionBusy
&& disconnectSocketQueue.length == 0 && !isDisconnectBusy; && disconnectSocketQueue.length == 0 && !isDisconnectBusy;
} }
@ -374,7 +374,7 @@ function finishConnection(socket, note, user) {
return interruptConnection(socket, note, user); return interruptConnection(socket, note, user);
} }
//check view permission //check view permission
if (note.permission == 'private') { if (note.permission == 'limited' || note.permission == 'protected' || note.permission == 'private') {
if (socket.request.user && socket.request.user.logged_in && socket.request.user.id == note.owner) { if (socket.request.user && socket.request.user.logged_in && socket.request.user.id == note.owner) {
//na //na
} else { } else {
@ -420,7 +420,7 @@ function finishConnection(socket, note, user) {
function startConnection(socket) { function startConnection(socket) {
if (isConnectionBusy) return; if (isConnectionBusy) return;
isConnectionBusy = true; isConnectionBusy = true;
var noteId = socket.noteId; var noteId = socket.noteId;
if (!noteId) { if (!noteId) {
return failConnection(404, 'note id not found', socket); return failConnection(404, 'note id not found', socket);
@ -521,7 +521,7 @@ function disconnect(socket) {
logger.info("SERVER disconnected a client"); logger.info("SERVER disconnected a client");
logger.info(JSON.stringify(users[socket.id])); logger.info(JSON.stringify(users[socket.id]));
} }
if (users[socket.id]) { if (users[socket.id]) {
delete users[socket.id]; delete users[socket.id];
} }
@ -618,12 +618,12 @@ function ifMayEdit(socket, callback) {
case "freely": case "freely":
//not blocking anyone //not blocking anyone
break; break;
case "editable": case "editable": case "limited":
//only login user can change //only login user can change
if (!socket.request.user || !socket.request.user.logged_in) if (!socket.request.user || !socket.request.user.logged_in)
mayEdit = false; mayEdit = false;
break; break;
case "locked": case "private": case "locked": case "private": case "protected":
//only owner can change //only owner can change
if (!note.owner || note.owner != socket.request.user.id) if (!note.owner || note.owner != socket.request.user.id)
mayEdit = false; mayEdit = false;
@ -652,17 +652,25 @@ function operationCallback(socket, operation) {
if (!user) return; if (!user) return;
userId = socket.request.user.id; userId = socket.request.user.id;
if (!note.authors[userId]) { if (!note.authors[userId]) {
models.Author.create({ models.Author.findOrCreate({
noteId: noteId, where: {
userId: userId, noteId: noteId,
color: user.color userId: userId
}).then(function (author) { },
note.authors[author.userId] = { defaults: {
userid: author.userId, noteId: noteId,
color: author.color, userId: userId,
photo: user.photo, color: user.color
name: user.name }
}; }).spread(function (author, created) {
if (author) {
note.authors[author.userId] = {
userid: author.userId,
color: author.color,
photo: user.photo,
name: user.name
};
}
}).catch(function (err) { }).catch(function (err) {
return logger.error('operation callback failed: ' + err); return logger.error('operation callback failed: ' + err);
}); });
@ -672,7 +680,7 @@ function operationCallback(socket, operation) {
var noteId = note.alias ? note.alias : LZString.compressToBase64(note.id); var noteId = note.alias ? note.alias : LZString.compressToBase64(note.id);
if (note.server) history.updateHistory(userId, noteId, note.server.document); if (note.server) history.updateHistory(userId, noteId, note.server.document);
}, 0); }, 0);
} }
// save authorship // save authorship
note.authorship = models.Note.updateAuthorshipByOperation(operation, userId, note.authorship); note.authorship = models.Note.updateAuthorshipByOperation(operation, userId, note.authorship);
@ -689,10 +697,10 @@ function connection(socket) {
} }
if (isDuplicatedInSocketQueue(socket, connectionSocketQueue)) return; if (isDuplicatedInSocketQueue(socket, connectionSocketQueue)) return;
// store noteId in this socket session // store noteId in this socket session
socket.noteId = noteId; socket.noteId = noteId;
//initialize user data //initialize user data
//random color //random color
var color = randomcolor(); var color = randomcolor();
@ -782,7 +790,7 @@ function connection(socket) {
var sock = note.socks[i]; var sock = note.socks[i];
if (typeof sock !== 'undefined' && sock) { if (typeof sock !== 'undefined' && sock) {
//check view permission //check view permission
if (permission == 'private') { if (permission == 'limited' || permission == 'protected' || permission == 'private') {
if (sock.request.user && sock.request.user.logged_in && sock.request.user.id == note.owner) { if (sock.request.user && sock.request.user.logged_in && sock.request.user.id == note.owner) {
//na //na
} else { } else {

View file

@ -66,7 +66,9 @@ function showIndex(req, res, next) {
gitlab: config.gitlab, gitlab: config.gitlab,
dropbox: config.dropbox, dropbox: config.dropbox,
google: config.google, google: config.google,
ldap: config.ldap,
email: config.email, email: config.email,
allowemailregister: config.allowemailregister,
signin: req.isAuthenticated(), signin: req.isAuthenticated(),
infoMessage: req.flash('info'), infoMessage: req.flash('info'),
errorMessage: req.flash('error') errorMessage: req.flash('error')
@ -94,6 +96,7 @@ function responseHackMD(res, note) {
gitlab: config.gitlab, gitlab: config.gitlab,
dropbox: config.dropbox, dropbox: config.dropbox,
google: config.google, google: config.google,
ldap: config.ldap,
email: config.email email: config.email
}); });
} }
@ -122,6 +125,11 @@ function checkViewPermission(req, note) {
return false; return false;
else else
return true; return true;
} else if (note.permission == 'limited' || note.permission == 'protected') {
if( !req.isAuthenticated() ) {
return false;
}
return true;
} else { } else {
return true; return true;
} }
@ -161,7 +169,7 @@ function showNote(req, res, next) {
findNote(req, res, function (note) { findNote(req, res, function (note) {
// force to use note id // force to use note id
var noteId = req.params.noteId; var noteId = req.params.noteId;
var id = LZString.compressToBase64(note.id); var id = LZString.compressToBase64(note.id);
if ((note.alias && noteId != note.alias) || (!note.alias && noteId != id)) if ((note.alias && noteId != note.alias) || (!note.alias && noteId != id))
return res.redirect(config.serverurl + "/" + (note.alias || id)); return res.redirect(config.serverurl + "/" + (note.alias || id));
return responseHackMD(res, note); return responseHackMD(res, note);
@ -413,7 +421,7 @@ function publishSlideActions(req, res, next) {
res.redirect(config.serverurl + '/' + (note.alias ? note.alias : LZString.compressToBase64(note.id))); res.redirect(config.serverurl + '/' + (note.alias ? note.alias : LZString.compressToBase64(note.id)));
break; break;
default: default:
res.redirect(config.serverurl + '/p/' + note.shortid); res.redirect(config.serverurl + '/p/' + note.shortid);
break; break;
} }
}); });

View file

@ -85,6 +85,7 @@
"passport-github": "^1.1.0", "passport-github": "^1.1.0",
"passport-gitlab2": "^2.2.0", "passport-gitlab2": "^2.2.0",
"passport-google-oauth20": "^1.0.0", "passport-google-oauth20": "^1.0.0",
"passport-ldapauth": "^0.6.0",
"passport-local": "^1.0.0", "passport-local": "^1.0.0",
"passport-twitter": "^1.0.4", "passport-twitter": "^1.0.4",
"passport.socketio": "^3.7.0", "passport.socketio": "^3.7.0",

View file

@ -240,6 +240,9 @@ body {
} }
.dropdown-menu > li > a { .dropdown-menu > li > a {
cursor: pointer; cursor: pointer;
text-overflow: ellipsis;
max-width: calc(100vw - 30px);
overflow: hidden;
} }
.dropdown-menu.CodeMirror-other-cursor { .dropdown-menu.CodeMirror-other-cursor {
transition: none; transition: none;

View file

@ -3,7 +3,7 @@ body {
font-smoothing: subpixel-antialiased !important; font-smoothing: subpixel-antialiased !important;
-webkit-font-smoothing: subpixel-antialiased !important; -webkit-font-smoothing: subpixel-antialiased !important;
-moz-osx-font-smoothing: auto !important; -moz-osx-font-smoothing: auto !important;
text-shadow: 1px 1px 1.2px rgba(0, 0, 0, 0.004); text-shadow: 0 0 1em transparent, 1px 1px 1.2px rgba(0, 0, 0, 0.004);
/*text-rendering: optimizeLegibility;*/ /*text-rendering: optimizeLegibility;*/
-webkit-overflow-scrolling: touch; -webkit-overflow-scrolling: touch;
font-family: "Source Sans Pro", Helvetica, Arial, sans-serif; font-family: "Source Sans Pro", Helvetica, Arial, sans-serif;

View file

@ -118,9 +118,11 @@ $(".ui-history").click(() => {
function checkHistoryList() { function checkHistoryList() {
if ($("#history-list").children().length > 0) { if ($("#history-list").children().length > 0) {
$('.pagination').show();
$(".ui-nohistory").hide(); $(".ui-nohistory").hide();
$(".ui-import-from-browser").hide(); $(".ui-import-from-browser").hide();
} else if ($("#history-list").children().length == 0) { } else if ($("#history-list").children().length == 0) {
$('.pagination').hide();
$(".ui-nohistory").slideDown(); $(".ui-nohistory").slideDown();
getStorageHistory(data => { getStorageHistory(data => {
if (data && data.length > 0 && getLoginState() && historyList.items.length == 0) { if (data && data.length > 0 && getLoginState() && historyList.items.length == 0) {

View file

@ -864,7 +864,9 @@ window.ui = {
freely: $(".ui-permission-freely"), freely: $(".ui-permission-freely"),
editable: $(".ui-permission-editable"), editable: $(".ui-permission-editable"),
locked: $(".ui-permission-locked"), locked: $(".ui-permission-locked"),
private: $(".ui-permission-private") private: $(".ui-permission-private"),
limited: $(".ui-permission-limited"),
protected: $(".ui-permission-protected")
}, },
delete: $(".ui-delete-note") delete: $(".ui-delete-note")
}, },
@ -2254,6 +2256,14 @@ ui.infobar.permission.locked.click(function () {
ui.infobar.permission.private.click(function () { ui.infobar.permission.private.click(function () {
emitPermission("private"); emitPermission("private");
}); });
//limited
ui.infobar.permission.limited.click(function() {
emitPermission("limited");
});
//protected
ui.infobar.permission.protected.click(function() {
emitPermission("protected");
});
// delete note // delete note
ui.infobar.delete.click(function () { ui.infobar.delete.click(function () {
$('.delete-modal').modal('show'); $('.delete-modal').modal('show');
@ -2284,10 +2294,18 @@ function updatePermission(newPermission) {
label = '<i class="fa fa-shield"></i> Editable'; label = '<i class="fa fa-shield"></i> Editable';
title = "Signed people can edit"; title = "Signed people can edit";
break; break;
case "limited":
label = '<i class="fa fa-id-card"></i> Limited';
title = "Signed people can edit (forbid guest)"
break;
case "locked": case "locked":
label = '<i class="fa fa-lock"></i> Locked'; label = '<i class="fa fa-lock"></i> Locked';
title = "Only owner can edit"; title = "Only owner can edit";
break; break;
case "protected":
label = '<i class="fa fa-umbrella"></i> Protected';
title = "Only owner can edit (forbid guest)";
break;
case "private": case "private":
label = '<i class="fa fa-hand-stop-o"></i> Private'; label = '<i class="fa fa-hand-stop-o"></i> Private';
title = "Only owner can view & edit"; title = "Only owner can view & edit";
@ -2309,6 +2327,7 @@ function havePermission() {
bool = true; bool = true;
break; break;
case "editable": case "editable":
case "limited":
if (!personalInfo.login) { if (!personalInfo.login) {
bool = false; bool = false;
} else { } else {
@ -2317,6 +2336,7 @@ function havePermission() {
break; break;
case "locked": case "locked":
case "private": case "private":
case "protected":
if (!owner || personalInfo.userid != owner) { if (!owner || personalInfo.userid != owner) {
bool = false; bool = false;
} else { } else {
@ -2933,14 +2953,14 @@ function sortOnlineUserList(list) {
else if (usera.idle && !userb.idle) else if (usera.idle && !userb.idle)
return 1; return 1;
else { else {
if (usera.name && usera.name.toLowerCase() < userb.name.toLowerCase()) { if (usera.name && userb.name && usera.name.toLowerCase() < userb.name.toLowerCase()) {
return -1; return -1;
} else if (usera.name && usera.name.toLowerCase() > userb.name.toLowerCase()) { } else if (usera.name && userb.name && usera.name.toLowerCase() > userb.name.toLowerCase()) {
return 1; return 1;
} else { } else {
if (usera.color && usera.color.toLowerCase() < userb.color.toLowerCase()) if (usera.color && userb.color && usera.color.toLowerCase() < userb.color.toLowerCase())
return -1; return -1;
else if (usera.color && usera.color.toLowerCase() > userb.color.toLowerCase()) else if (usera.color && userb.color && usera.color.toLowerCase() > userb.color.toLowerCase())
return 1; return 1;
else else
return 0; return 0;

View file

@ -17,7 +17,9 @@
<ul class="dropdown-menu" aria-labelledby="permissionLabel"> <ul class="dropdown-menu" aria-labelledby="permissionLabel">
<li class="ui-permission-freely"<% if(!allowAnonymous) { %> style="display: none;"<% } %>><a><i class="fa fa-leaf fa-fw"></i> Freely - Anyone can edit</a></li> <li class="ui-permission-freely"<% if(!allowAnonymous) { %> style="display: none;"<% } %>><a><i class="fa fa-leaf fa-fw"></i> Freely - Anyone can edit</a></li>
<li class="ui-permission-editable"><a><i class="fa fa-shield fa-fw"></i> Editable - Signed people can edit</a></li> <li class="ui-permission-editable"><a><i class="fa fa-shield fa-fw"></i> Editable - Signed people can edit</a></li>
<li class="ui-permission-limited"><a><i class="fa fa-id-card fa-fw"></i> Limited - Signed people can edit (forbid guest)</a></li>
<li class="ui-permission-locked"><a><i class="fa fa-lock fa-fw"></i> Locked - Only owner can edit</a></li> <li class="ui-permission-locked"><a><i class="fa fa-lock fa-fw"></i> Locked - Only owner can edit</a></li>
<li class="ui-permission-protected"><a><i class="fa fa-umbrella fa-fw"></i> Protected - Only owner can edit (forbid guest)</a></li>
<li class="ui-permission-private"><a><i class="fa fa-hand-stop-o fa-fw"></i> Private - Only owner can view &amp; edit</a></li> <li class="ui-permission-private"><a><i class="fa fa-hand-stop-o fa-fw"></i> Private - Only owner can view &amp; edit</a></li>
<li class="divider"></li> <li class="divider"></li>
<li class="ui-delete-note"><a><i class="fa fa-trash-o fa-fw"></i> Delete this note</a></li> <li class="ui-delete-note"><a><i class="fa fa-trash-o fa-fw"></i> Delete this note</a></li>

View file

@ -58,7 +58,7 @@
<% if (errorMessage && errorMessage.length > 0) { %> <% if (errorMessage && errorMessage.length > 0) { %>
<div class="alert alert-danger" style="max-width: 400px; margin: 0 auto;"><%= errorMessage %></div> <div class="alert alert-danger" style="max-width: 400px; margin: 0 auto;"><%= errorMessage %></div>
<% } %> <% } %>
<% if(facebook || twitter || github || gitlab || dropbox || google || email) { %> <% if(facebook || twitter || github || gitlab || dropbox || google || ldap || email) { %>
<span class="ui-signin"> <span class="ui-signin">
<br> <br>
<a type="button" class="btn btn-lg btn-success ui-signin" data-toggle="modal" data-target=".signin-modal" style="min-width: 170px;"><%= __('Sign In') %></a> <a type="button" class="btn btn-lg btn-success ui-signin" data-toggle="modal" data-target=".signin-modal" style="min-width: 170px;"><%= __('Sign In') %></a>
@ -98,7 +98,7 @@
</div> </div>
<div id="history" class="section"<% if(!signin) { %> style="display:none;"<% } %>> <div id="history" class="section"<% if(!signin) { %> style="display:none;"<% } %>>
<% if(facebook || twitter || github || gitlab || dropbox || google || email) { %> <% if(facebook || twitter || github || gitlab || dropbox || google || ldap || email) { %>
<div class="ui-signin"> <div class="ui-signin">
<p><%= __('Below is the history from browser') %></p> <p><%= __('Below is the history from browser') %></p>
</div> </div>

View file

@ -38,7 +38,32 @@
<i class="fa fa-google"></i> <%= __('Sign in via %s', 'Google') %> <i class="fa fa-google"></i> <%= __('Sign in via %s', 'Google') %>
</a> </a>
<% } %> <% } %>
<% if((facebook || twitter || github || gitlab || dropbox || google) && email) { %> <% if((facebook || twitter || github || gitlab || dropbox || google) && ldap) { %>
<hr>
<% }%>
<% if(ldap) { %>
<h4>Via <% if (ldap.providerName) { %> <%- ldap.providerName %> (LDAP) <% } else { %> LDAP <% } %></h4>
<form data-toggle="validator" role="form" class="form-horizontal" method="post" enctype="application/x-www-form-urlencoded">
<div class="form-group">
<div class="col-sm-12">
<input type="username" class="form-control" name="username" placeholder="Username" required>
<span class="help-block control-label with-errors" style="display: inline;"></span>
</div>
</div>
<div class="form-group">
<div class="col-sm-12">
<input type="password" class="form-control" name="password" placeholder="Password" required>
<span class="help-block control-label with_errors" style="display: inline;"></span>
</div>
</div>
<div class="form-group">
<div class="col-sm-12">
<button type="submit" class="btn btn-primary" formaction="<%- url %>/auth/ldap">Sign in</button>
</div>
</div>
</form>
<% } %>
<% if((facebook || twitter || github || gitlab || dropbox || google || ldap) && email) { %>
<hr> <hr>
<% }%> <% }%>
<% if(email) { %> <% if(email) { %>
@ -59,7 +84,7 @@
<div class="form-group"> <div class="form-group">
<div class="col-sm-12"> <div class="col-sm-12">
<button type="submit" class="btn btn-primary" formaction="<%- url %>/login">Sign in</button> <button type="submit" class="btn btn-primary" formaction="<%- url %>/login">Sign in</button>
<button type="submit" class="btn btn-default" formaction="<%- url %>/register">Register</button> <% if(allowemailregister) { %><button type="submit" class="btn btn-default" formaction="<%- url %>/register">Register</button><% }%>
</div> </div>
</div> </div>
</form> </form>
@ -67,4 +92,4 @@
</div> </div>
</div> </div>
</div> </div>
</div> </div>