Commit graph

339 commits

Author SHA1 Message Date
Philip Molares
73113dc361 PublicApi: Add correct prefix
Using nest-router for this purpose as it is a rather easy addition to our structure. As we don't add the Router to any e2e tests we don't need to change them.

fixes #523

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-16 20:19:45 +01:00
David Mehren
8b62b7d93c
Add missing logging context at various places
Our custom logger supports providing the name of the function that
calls the logger, this commit adds this context string where it
was previously missing.

Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-05 22:30:22 +01:00
Philip Molares
88ed1ec8ba Docs: Add api tags to group controller
For a better structure of the autogenerated apidoc website tags are used. Each Controller get it's own tag and will be put in a separate section.

See https://docs.nestjs.com/openapi/operations#tags

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-05 14:13:34 +01:00
Philip Molares
1becc9b3d2 Tests: Fix Mock Auth
This makes it possible to create the user before the mock auth guard does it's magic. This is necessary for some test, where we need the user object before the api is called.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-04 21:50:19 +01:00
Philip Molares
10ef4fcee1 History: Add unit and e2e test
Add unit tests for history service
Adapt relevant me e2e tests to work

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-04 21:50:19 +01:00
Philip Molares
7f1afc30c9 History: Add history service and usage
Add history service to allow for CRUD operations.
Use history service in controllers to:
  1. Allow manipulating of history entries
  2. Guaranty the correct existence of history entries

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-04 21:50:19 +01:00
Philip Molares
b76fa91a3c History: Add HistoryEntry
With this the backend now can hold a history entry.
Also included in this commit are some minor changes to tests and services so they can still work.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-04 21:50:14 +01:00
Yannick Bungers
c2b6c6fe49 Reformat code by yarn format
Signed-off-by: Yannick Bungers <git@innay.de>
2021-01-31 00:12:00 +01:00
Philip Molares
a7f35aaeec tests: Fix tests as part of the DTO Refactor
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-31 00:11:58 +01:00
Yannick Bungers
b07d6d478c Refactoring of controllers and service interfaces
DTO should only be used for sending information to and from user.
Services now have methods which return normal internal objects and
methods which convert them to DTOs. This conversion is done in the
controlers

Signed-off-by: Yannick Bungers <git@innay.de>
2021-01-30 00:15:05 +01:00
Philip Molares
08b3dd5db9 auth: Fix undefined secret error
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-29 22:24:19 +01:00
Philip Molares
ba517b3cfe auth: Fix UnauthorizedException throwing
Move conversion of Errors from AuthService to TokenStrategy.
This is necessary to correctly test the validateToken method.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-29 22:00:47 +01:00
Philip Molares
5a727d530b auth: Fix secret length
The former length of 64 bytes (512-bit) is transformed into base64url (a 6-bit code) ~86 characters long. This is too long for bcrypt as it ignores any characters beyond the 72th.
This fix therefore reduces the amount of generated bytes to 54 (as 72*6/8 = 54) characters. This ensures that removing one character from the token the hash won't be the same anymore.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-29 21:32:54 +01:00
David Mehren
b49c802c79
Merge pull request #776 from hedgedoc/fix/UnauthorizedException
auth: Fix handling of internal server errors
2021-01-29 20:52:36 +01:00
Philip Molares
84915b61ac auth: Fix handling of internal server errors
Catch all NotInDbErrors and TokenNotValidError and transform them to UnauthorizedException with the correct message.
This prevents nest from telling the api user that an internal server error has happened and instead display the correct http error code 401.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-29 20:33:56 +01:00
Philip Molares
2f17291079 config: Fix inconsistent env vars
This should make the translation from env var name to config name and vice versa more consistent.

Fixes #751

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-28 23:28:16 +01:00
David Mehren
3ba64f15f1
Swagger: Split public and private API
Fixes #759

Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-27 20:02:25 +01:00
Philip Molares
563f862846 auth: Encode secret in base64url
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-27 00:23:43 +01:00
Philip Molares
7aeb77b262 auth: Fix base64url transformation
The problem was that replace only replaces the first occurrence of a string and not all as is needed for this function.
tsconfig.json needed lib to be set to esnext or the replaceAll function won't be available…

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-26 10:56:45 +01:00
David Mehren
3dc223847d
HistoryEntryDto: Add doc comments
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-25 22:48:39 +01:00
David Mehren
3f16a398d2
HistoryEntryUpdateDto: Add doc comments
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-25 22:48:39 +01:00
David Mehren
5f71e779ef
NoteDto: Add doc comments
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-25 22:48:39 +01:00
David Mehren
be2dc0e4d6
NoteAuthorshipDto: Add doc comments
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-25 22:48:39 +01:00
David Mehren
84143eec7d
RevisionMetadataDto: Add doc comments
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-25 22:48:39 +01:00
David Mehren
43194500e9
RevisionDto: Add doc comments
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-25 22:48:38 +01:00
David Mehren
e4f0c5c064
NoteMetadata DTOs: Add doc comments
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-25 22:48:38 +01:00
David Mehren
a83a7c7a66
NotePermission DTOs: Add doc comments
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-25 22:48:38 +01:00
David Mehren
d3acd3d2db
UserInfoDto: Add doc comments
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-25 22:48:38 +01:00
Philip Molares
bfe14dad8d auth: Run removeInvalidTokens 5s after startup
This should prevent problem with the AuthToken purge on Sundays, as the service is either running on sunday or will be restarted there after.

Also move base64url comment to right function

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:30:08 +01:00
Philip Molares
67a5f3c7ec auth: Add maximum token lifetime of 2 years.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:30:08 +01:00
Philip Molares
99d6b39e00 auth: Run removeInvalidTokens 5s after startup
This should prevent problem with the AuthToken purge on Sundays, as the service is either running on sunday or will be restarted there after.

Also move base64url comment to right function

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:30:08 +01:00
Philip Molares
c2d759da53 auth: Add token limit of 200
This is a very high ceiling unlikely to hinder legitimate usage, but should prevent possible attack vectors

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:30:08 +01:00
Philip Molares
c96edb31a5 tokens: Add token creation
Fix token deletion
Update plantuml docs
Add token validUntil and lastUsed fields

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:30:08 +01:00
Philip Molares
28abc37e2c auth: fixes unit and e2e tests
adds MockAuthGuard which always return user 'hardcoded'

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:30:08 +01:00
Philip Molares
0a3247492a auth: Add cron to clean old tokens
Rename AuthToken.identifier to label

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:30:04 +01:00
Philip Molares
cc2fcac532 auth: Remove userName parameter of removeToken function
As suggested by @innaytool

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:30:02 +01:00
Philip Molares
f68caab6e8 auth: Integrate suggestions by @davidmehren
Add number type alias TimestampMillis
Remove solved ToDos
Change AuthToken and AuthTokenDto to use Date
Rename authService unit tests

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:30:02 +01:00
Philip Molares
265195e305 auth: Split randomBase64UrlString in two functions
add test for BufferToBase64Url and toAuthTokenDto

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:30:02 +01:00
Philip Molares
84ec528d14 auth: Add tests for AuthService
Move AuthTokens to auth folder

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:30:02 +01:00
Philip Molares
599fe57ec6 tokens: Add token creation
Fix token deletion
Update plantuml docs
Add token validUntil and lastUsed fields

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:30:02 +01:00
Philip Molares
fd70b2d121 auth: fixes unit and e2e tests
adds MockAuthGuard which always return user 'hardcoded'

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:30:02 +01:00
Philip Molares
74fd7abfb2 openapi: adds auth to all public api routes
See:
https://docs.nestjs.com/openapi/security
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:30:02 +01:00
Philip Molares
8d89614a4d auth: adds token-auth to public api
adds auth service
adds auth module
adds token-auth strategy
adds token-auth to all public api calls

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:29:59 +01:00
Philip Molares
9a65a9bd29 private: Add until to token creation
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:29:53 +01:00
Philip Molares
e8cdbdd677 private: removes collision check for tokens
this seems very unnecessary as the chance of this is 1 / 2^512

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:29:53 +01:00
Philip Molares
0a1c3426c0 private: fixed token generation bugs
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:29:53 +01:00
Philip Molares
5e6e5d0e5f private: save token hashed
Auth tokens are now saved in hashed form.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:29:52 +01:00
Philip Molares
37a9f6526b auth: hash auth token
Since the auth token will be stored in hashed form in the db, we need to hash each provided auth token in order to search in the db for them.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:29:52 +01:00
Philip Molares
15ca030b67 auth: add hash function
the hash function uses bcrypt with 2^16 iterations.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:29:52 +01:00
Philip Molares
025f24122c private: adds tokens controller
adds private api
adds AuthTokenDto and AuthTokenWithSecretDto
adds necessary methods in the users service
adds RandomnessError

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:29:52 +01:00
Philip Molares
a4522d7230 auth: hash auth token
Since the auth token will be stored in hashed form in the db, we need to hash each provided auth token in order to search in the db for them.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:29:52 +01:00
Philip Molares
cbf6ac912a private: adds tokens controller
adds private api
adds AuthTokenDto and AuthTokenWithSecretDto
adds necessary methods in the users service
adds RandomnessError

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:29:52 +01:00
Yannick Bungers
17ceb9c31f Removed special table name in Note object
and changed table names in plantuml file

Signed-off-by: Yannick Bungers <git@innay.de>
2021-01-23 22:26:49 +01:00
Philip Molares
454a883f17 config: Improve error messages
Add labels to most Joi objects
Convert all auth variable insert names to upper case to prevent inconsistent naming of the variables
Rewrite auth errors to correctly point out the problematic variable
Add tests for the config utils functions

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-21 21:35:59 +01:00
Philip Molares
9c3d329bc9 tests: Removed unnecessary import of appConfigMock
As suggested by an review of David Mehren

Co-authored by: David Mehren <git@herrmehren.de>

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-19 12:45:36 +01:00
Philip Molares
2c4098dc55 config: splits config in multiple files
splits the big appConfig in multiple configs
adds media.config.mock.ts

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-17 21:19:45 +01:00
Philip Molares
4f6d15439c config: removes unnecessary options
removes options that we don't need from the config
removes linkify-header-style.enum.ts

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-17 21:19:45 +01:00
Yannick Bungers
0d95c29df2
Merge pull request #709 from hedgedoc/fix/api-notes-metadata 2021-01-15 22:47:52 +01:00
Philip Molares
929795637a
Extend config with various options from 1.x
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-13 22:09:07 +01:00
David Mehren
ce65f2c51a
Add config to tests in various places
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-13 21:45:23 +01:00
David Mehren
9f170bca4c
FilesystemBackend: Use scoped appConfig
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-13 21:45:23 +01:00
David Mehren
75b6d3cc2b
MediaService: Get media backend from configuration
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-13 21:45:23 +01:00
David Mehren
0e7845e38f
Get port and upload path from config
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2021-01-13 21:45:23 +01:00
David Mehren
cbd4684785
Load config to global scope
Otherwise every module would have to parse the config again

Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-13 21:45:23 +01:00
David Mehren
c55f7060be
Add proof of concept config system
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2021-01-13 21:45:21 +01:00
David Mehren
6301a264dd
NotesService: updateNoteByIdOrAlias should return the new note
Fixes #702

Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-10 20:31:56 +01:00
David Mehren
4a1bec8eec
Move note permission route under metadata
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-10 20:25:28 +01:00
David Mehren
65c76d0998
NotesService: Get note creation time from database
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-10 20:12:39 +01:00
David Mehren
32feb5ee10
NotesService: rename getLastRevision to getLatestRevision
This fixes an inconsistency with `RevisionsService`

Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-10 20:12:39 +01:00
David Mehren
644d7a278a
MarkdownBody: Register swagger metadata
As explained in https://github.com/nestjs/swagger/issues/32#issuecomment-716169471, it's possible to register swagger metadata in custom decorators by providing an array of `enhancers`.
We now add metadata with the `MarkdownBody` decorator: The request needs a `body` with content-type `text/markdown`.

Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-10 19:21:19 +01:00
David Mehren
141dc349e3
NotesController: Do not crash on nonexistent notes
This commit adds proper error handling and returns 404 when a note does not exist.
Previously, we leaked the `NotInDBError` and sent a 500 status code.

Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-09 22:58:16 +01:00
David Mehren
f81e67a3a1
Format with Prettier 2
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-06 23:49:45 +01:00
Tilman Vatteroth
0c56466dc1
Change year in copyright to 2021
Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>
2021-01-06 22:10:19 +01:00
David Mehren
f0835f5b62
Fix prettier errors
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-06 13:05:15 +01:00
Philip Molares
6896daa62a added reuse information
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-05 22:12:38 +01:00
David Mehren
61e6020c6b
Fix tests
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-24 22:21:46 +02:00
David Mehren
85ee6780ad
Remove PUT /notes/{note}/metadata and corresponding service code
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-24 22:21:45 +02:00
David Mehren
6a1da64cf6
Remove NoteUtils class, as the planned parsing logic is not needed anymore
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-24 22:21:45 +02:00
David Mehren
b2085efb1d
Add missing TagRepository provider in unit tests
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-24 22:21:44 +02:00
David Mehren
c1886ff1dc
NotesController: Add PUT :noteIdOrAlias/metadata route
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-24 22:21:44 +02:00
David Mehren
3726b27849
NotesService: Implement updateNoteMetadata
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-24 22:21:43 +02:00
David Mehren
943c8b4bab
NoteEntity: Enable eager loading and cascades for tags
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-24 22:21:43 +02:00
David Mehren
b349d25bd7
NotesService: Get metadata from database
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-24 22:21:43 +02:00
David Mehren
f1f57eca54
Add note metadata properties and Tag entity.
These were planned to be parsed at runtime from the note-content in the database, but having to run a markdown parser in the backend was found to be a bad idea. Now the frontend (that already implements the parsing logic) has to set title, description and tags.

Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-24 22:21:42 +02:00
David Mehren
be5b6dcf0e
NoteMetadataDto: Rename permission to permissions
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-24 22:19:14 +02:00
David Mehren
61014f1bc4
Update NotePermissionsUpdate DTOs to be aware of groups
The NotePermissionsUpdateDto was not updated when group permissions were introduced.

Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-24 22:19:12 +02:00
David Mehren
d42bc83e38
FilesystemBackend: Ensure uploads directory exists
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-24 12:28:52 +02:00
David Mehren
5030a6d814
AppModule: Remove unused imports
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-24 11:49:19 +02:00
David Mehren
0711dbb6ff
MediaService: Simplify saveFile signature
As the `saveFile` method only really uses the files `Buffer`, this commit changes the signature so it directly gets a `Buffer` instead of a complicated `MulterFile` object. This also simplifies testing.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-24 11:49:01 +02:00
David Mehren
9aa2a64a53
UserEntity: Fix column types for create/update dates
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-24 11:34:49 +02:00
David Mehren
5f13c34a07
UsersService: Improve logging in getNoteByIdOrAlias
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-24 11:34:16 +02:00
David Mehren
560efc71d8
Use useStaticAssets instead of @nestjs/serve-static
`serve-static` does not work with `createTestingModule` and is not recommended when "just" serving a few images.

See https://github.com/nestjs/serve-static/issues/240

Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-24 11:32:23 +02:00
David Mehren
e2696e647b
Merge pull request #534 from codimd/media-controller 2020-10-19 21:07:13 +02:00
David Mehren
3686685f08
MediaController: Add DELETE /{filename} route
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 21:54:44 +02:00
David Mehren
9e7e15a20a
MediaService: Implement delete feature
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 21:54:08 +02:00
David Mehren
db869418d4
FilesystemBackend: ESLint fixes
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 21:53:34 +02:00
David Mehren
6e6ab84391
UsersService: Wait for the DB to find a user
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 21:52:59 +02:00
David Mehren
16b5f3a5c8
Use POST /media for file upload
The old `/media/upload` subpath does not follow the convention of REST APIs.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 20:58:10 +02:00
David Mehren
ffef4425f5
MediaService: Only allow upload of common image formats and PDFs
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 20:50:20 +02:00
David Mehren
ed142815e3
Add various missing imports and provider ovverides in unit tests
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 20:24:07 +02:00
David Mehren
4cd80a3212
MediaController: Handle errors when trying to save file
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 20:24:07 +02:00
David Mehren
8e662167dc
MediaService: Improve error handling and logging
Add debug logging to `saveFile` method and throw the proper errors when problems with the mime type are encountered

Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 20:24:07 +02:00
David Mehren
7997a0955a
UsersService: Add methods to find, create and delete users
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 20:24:07 +02:00
David Mehren
ec8cf6d33e
NotesService: Throw NotInDBError when the note wasn't found
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 20:23:28 +02:00
David Mehren
dea3c1d393
MediaController: Get parent note from HedgeDoc-Note header
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 19:58:22 +02:00
David Mehren
3da16baeae
FilesystemBackend: Implement deleteFile and getFileURL.
We use `fs.unlink` instead of `fs.rm`, as the latter is only available in the fsPromises API since Node 14.14

Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 19:58:22 +02:00
David Mehren
9743018591
Use serve-static to serve uploaded files.
Add `@nestjs/serve-static` to serve uploaded media from the upload directory on the local filesystem.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 19:58:22 +02:00
David Mehren
8e234962d6
MediaController: Use MediaService to store media
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 19:58:22 +02:00
David Mehren
7a6c06d068
Add MediaService
This service is responsible for operations regarding uploaded media. It should perform save, get and delete operations with the configured backend.
The service also checks, if the mime type of the uploaded media is allowed.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 19:58:22 +02:00
David Mehren
f3e093c715
Do not save file extension as a separate field.
It turned out that saving the file extension in a separate field is not necessary. Instead, the extension is saved in the complete filename in the `id` field.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 19:58:22 +02:00
David Mehren
3689741ad9
Implement filesystem media backend
This backend stores uploaded media into files on the local filesystem.
This commit also adds a `BackendType` enum, which can be used to distinguish different media backends.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 19:58:22 +02:00
David Mehren
9d8086bf3e
Define a MediaBackend interface
This interface defines the functionality that all media backends (like S3 or Azure) must implement.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 19:58:22 +02:00
David Mehren
f01c7dbbe2
Add MediaUpload entity & Media module
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 19:58:22 +02:00
Jonas Zohren
8fbca1bf79 Source version from package.json
Signed-off-by: Jonas Zohren <jonas.zohren@adesso.de>
2020-10-09 22:40:45 +02:00
David Mehren
6af4379a27
NestConsoleLoggerService: Propagate trace parameter to consoleLoggerService
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-03 15:54:00 +02:00
Yannick Bungers
258dd1db56 Added markdownbody-decorator
which puts the markdown text directly to a variable in the route function.
Content-type of the http request is checked to be text/markdown because we dealing with markdown. Technically by now there can be any content which can be encoded. There could be features in the software which do not work properly if the text can't be parsed as markdown.

Signed-off-by: Yannick Bungers <git@innay.de>
2020-10-02 21:31:10 +02:00
David Mehren
d7f407da2d
Switch to using the new custom logger
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-27 21:48:42 +02:00
David Mehren
1a2959f6dc
Add logger module and custom logger implementation
ConsoleLoggerService is based on the default Nest LoggerService, but adds the ability to give context about the function that is logging something. It also removes the `[Nest]` string and the PID at the beginning of each log line.

NestConsoleLoggerService is a wrapper around ConsoleLoggerService and makes it possible to use our implementation as a default Nest LoggerService

Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-27 21:43:52 +02:00
David Mehren
a0740ffdf7
NotesService: Add TODO that createNote still needs to calculate a proper patch
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-26 16:01:01 +02:00
David Mehren
8fada8809c
UsersService: Merge if-statements and add null to return type in toUserDto
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-26 16:00:17 +02:00
David Mehren
a028dac448
RevisionsService: Asynchronously inject NotesService to resolve circular dependency while testing
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:37:40 +02:00
David Mehren
2ce87f3d64
Add various missing imports and provider overrides to fix unit tests.
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:37:40 +02:00
David Mehren
6e4893d179
NotesService: Implement getNoteContent and getNoteMetdata
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:37:40 +02:00
David Mehren
8b9a45b738
NotesService: Let createNote create an actual Note and introduce createNoteDto to create & convert in one step.
It might be handy to have access to the original `Note` after creating one, so the creation and conversion to a `NoteDto` is now split.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:37:39 +02:00
David Mehren
881263f2a4
RevisionsService: Get note revision from database
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:37:39 +02:00
David Mehren
51aec1ea54
RevisionService: Implement getNoteRevisionMetadatas
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:37:39 +02:00
David Mehren
e1079947e1
NotesController: revisionId is a number
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:37:39 +02:00
David Mehren
7c0e069cbf
RevisionMetadataDto: Rename attribute updatedAt to createdAt
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:37:39 +02:00
David Mehren
47bf8c9c17
NotesService: Use the database for delete and update actions.
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:37:39 +02:00
David Mehren
e43008c627
NotesController: Get text from request body when updating and deleting a note.
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:37:39 +02:00
David Mehren
99dccc0567
RevisionEntity: Change primary key type from UUID to number
The precision of sqlites datetime() timestamp is only one second (see https://www.sqlite.org/lang_datefunc.html). Therefore we could not order revisions of one note that were created in the same second. To remedy this, the primary key was changed to a monotonically increasing number, which solves the ordering problem.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:37:39 +02:00
David Mehren
1a22f749be
NotesController: Get text from request body when creating a named note.
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:37:39 +02:00
David Mehren
a2a9ad224f
NotesService: Find note by ID or alias in database
This commit also introduces the `getNoteDtoByIdOrAlias` method, that converts a `Note` entity to a `NoteDto`

Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:37:39 +02:00
David Mehren
e97f9fe174
NoteEntity: Lazy-load revisions relation
Using a `Promise` type in a TypeORM entity automatically enables lazy-loading of that relation.
See https://typeorm.io/#/eager-and-lazy-relations/lazy-relations

Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:37:39 +02:00
David Mehren
74b03fc1fd
RevisionsService: Implement getLatestRevision and createRevision methods
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:37:39 +02:00
David Mehren
fae8c679a9
UsersService: Add null check to toUserDto() converter
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:37:39 +02:00
David Mehren
6805c2a41e
NotesService: Get more note metadata from the database
Some previously hardcoded metadata-values are now retrieved from the database.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:37:39 +02:00
David Mehren
e1e0e45434
UsersService: Add toUserDto() converter
This conversion function makes sure that a photo URL exists.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:37:39 +02:00
David Mehren
f937042439
NoteUtils: Add methods to parse note metadata
These methods are intended to parse metadata details from YAML tags, but not implemented for now.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:37:39 +02:00
David Mehren
f5e043b8b1
NoteEntity: Always initialize arrays
The `create()` function did not initialize all arrays, which caused them to be `undefined` instead of empty.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:37:38 +02:00
David Mehren
5d07481387
RevisionEntity: Add create() method
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:37:38 +02:00
David Mehren
2ab90917bc
NotesService: createNote() now saves new notes to the database
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:37:38 +02:00
David Mehren
39410ab9c8
NoteEntity: Move constructor-code to create() method
TypeORM does not like having application code in the constructor (https://github.com/typeorm/typeorm/issues/1772#issuecomment-514787854), therefore that is moved into a new `create() static method. Additionally, the constructor is now `private`, which enforces the use of the new method.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:37:38 +02:00
David Mehren
8c050b3c2f
NoteEntity: Formatting fixes
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:37:38 +02:00
David Mehren
4ff60b162e
NoteEntity: Enable CASCADE for revision column
This makes creating new Notes easier, as the first Revision is automatically created in the database.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:37:38 +02:00
David Mehren
2c3a75187e
NoteController: Do not use text/markdown as response content-type for createNote
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:37:38 +02:00
David Mehren
b17da345c7
NoteDto: Rename attribute metdata to metadata
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:35:47 +02:00
David Mehren
b4b91acddb
NotesController: Use custom logic to access raw markdown
NestJS does not support content-types other than application/json.
Therefore we need to directly access the request object to get the raw body content.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:35:47 +02:00
David Mehren
d55e3bb622
NotesController: Add missing mock repositories for testing
Signed-off-by: David Mehren <git@herrmehren.de>
2020-08-20 19:57:56 +02:00
David Mehren
35051986be
MeController: Add missing mock repositories for testing
Signed-off-by: David Mehren <git@herrmehren.de>
2020-08-20 19:57:47 +02:00