Commit graph

1437 commits

Author SHA1 Message Date
David Mehren
6944094b9b fix(api/private/me): require and document displayName
This renames the argument in the POST /profile route to `displayName`
to be more consistent with the UserDTO.

It also adds OpenAPI docs.

Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-07 13:54:43 +01:00
David Mehren
d6ea4d29fe feat(api/private/me): include authProvider in UserInfo
This information is supposed to be used by the frontend
to identify the login method that was used.

The used login method is saved as a string into the session data
and extracted via a new SessionAuthProvider decorator.

Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-07 13:54:43 +01:00
David Mehren
3f8e3b0589 refactor(api/public/media): return MediaUpload object instead of url
This ensures the POST /media API behaves in the same way as /me/media

Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-07 13:54:43 +01:00
David Mehren
8e31f3a393 refactor(api/private/media): return MediaUpload object instead of url
This ensures the private POST /media API behaves in the same way as /me/media

Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-07 13:54:43 +01:00
David Mehren
4f10e17d40 fix(frontend-config): iframe origins should be non-optional
Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-07 13:54:43 +01:00
Renovate Bot
67743b7cf5 chore(deps): lock file maintenance
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2022-03-07 03:38:57 +00:00
Renovate Bot
13a44727c7 fix(deps): pin dependencies
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2022-03-06 22:41:11 +01:00
David Mehren
268b39154d ci: move node version into a variable
Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-06 22:24:21 +01:00
David Mehren
d73c9b8e86 ci: add config for e2e tests with multiple DBs
Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-06 22:24:21 +01:00
David Mehren
513d64493e test: add and use a mocked DatabaseConfig
Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-06 22:24:21 +01:00
David Mehren
89297e748f fix: TypeError in HistoryEntryImportDto
For reasons, during testing, reflect-metadata might not be imported.
This causes the `@Type` annotation to crash the test with a TypeError.

Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-06 22:24:21 +01:00
David Mehren
f9448bb801 fix(session): limit subqueries for mariadb
MariaDB does not support `connect-typeorm`s subqueries,
so they need to be disabled if this dialect is used.

Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-06 22:24:21 +01:00
David Mehren
9c6d3d9dab test: test don't need to set up sessions by themselves
The setup is handled inside TestSetupBuilder.

Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-06 22:24:21 +01:00
David Mehren
9030488025 test: make tests order-independent
MariaDB seems to order the returned media objects in a different way,
making our tests fail.

This refactors the tests to be independent of the order of returned data.

Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-06 22:24:21 +01:00
David Mehren
c7e77d25a0 test: support running e2e tests with mariadb
Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-06 22:24:21 +01:00
David Mehren
552cb05d92 refactor(api/private/tokens): validate POST data with DTO
This adds a `AuthTokenCreateDto` which allows
to fully validate incoming JSON data.

Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-06 22:24:21 +01:00
David Mehren
fd3fde9cc8 refactor(api/private/history): validate POST data with DTO
This adds a `HistoryEntryImportListDto` which allows
to fully validate incoming JSON data.

Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-06 22:24:21 +01:00
David Mehren
a32d9e8305 fix(api/private/auth): wait for error
Previously, the `logout` method immediately returned and did not wait
for the possible error callback.

This wraps the call to `session.destroy` into a promise,
so the error can be properly handled.

Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-06 22:24:21 +01:00
David Mehren
72c354d5f6 refactor(history-service): use NoteService to get note
Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-06 22:24:21 +01:00
David Mehren
5b7026758a test: enable validationPipe in TestSetup
Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-06 22:24:21 +01:00
David Mehren
5eab4f42d6 refactor: merge AuthTokenDTOs into one file
Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-06 22:24:21 +01:00
David Mehren
de952fe3b2 feat(auth-service): accept undefined validUntil param
The `validUntil` parameter for `createTokenForUser` may be undefined
in some usages.
As it is easy to add handling for that here, this commit implements it.

Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-06 22:24:21 +01:00
David Mehren
a6734cc58f test: ensure testSetup.cleanup is called
Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-06 22:24:21 +01:00
David Mehren
f0e6f6150d test: allow running e2e tests with different DBs
This commits adds infrastructure for running the E2E tests
with databases other than sqlite.

Initially, support for Postgres is added.

Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-06 22:24:21 +01:00
Philip Molares
35075bdb0b test: add unit test for noteConfig
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2022-03-06 21:42:19 +01:00
Philip Molares
96747b6d68 fix: use joi positive and integer validators on HD_MAX_DOCUMENT_LENGTH
validate HD_MAX_DOCUMENT_LENGTH with the positive and integer validators of Joi.

See also:
- https://joi.dev/api/#numberpositive
- https://joi.dev/api/#numberinteger

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2022-03-06 21:42:19 +01:00
Philip Molares
de8bad13cf test: add unit test for appConfig
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2022-03-06 21:35:58 +01:00
Philip Molares
029881f380 chore: add mocked-env dev dependency
This will be used to create unit test for the different config objects.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2022-03-06 21:35:58 +01:00
Philip Molares
45df0e6edb fix: rename parseOptionalInt to parseOptionalNumber
This allows us to handle the possible errors due to non-integer numbers with joi and return more precise error messages.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2022-03-06 21:35:58 +01:00
Philip Molares
151e12a8a7 fix: use joi positive, integer and max validators on PORT
validate PORT with the positive, integer and max validators of Joi.

See also:
- https://joi.dev/api/#numberpositive
- https://joi.dev/api/#numberinteger
- https://joi.dev/api/#numbermax

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2022-03-06 21:35:58 +01:00
Philip Molares
0a778d8a64 fix: use joi uri validator in appConfig
validate HD_DOMAIN and HD_RENDERER_ORIGIN with the uri validator of Joi. This should prevent the problem described in #2150.

Fixes #2150

See also: https://joi.dev/api/#stringurioptions

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2022-03-06 21:35:58 +01:00
David Mehren
7e8716ec95 fix: ensure dates are properly transformed
To correctly transform Date objects from ISO-strings in JSON
to instances, class-transformer requires the `@Type` annotation.

References:
https://github.com/typestack/class-transformer#%D1%81onverting-date-strings-into-date-objects
Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-06 20:54:46 +01:00
David Mehren
59a235ebc4 fix: ensure nested objects are properly validated & transformed
To validate nested objects, class-transformer requires
the `@ValidateNested` annotation.
For arrays, class-transfomer requires
setting `each: true`.

To correctly transform nested objects from JSON to instances,
class-transformer requires the `@Type` annotation.

References:
https://github.com/typestack/class-validator#validating-nested-objects
https://github.com/typestack/class-validator#validating-arrays
https://github.com/typestack/class-transformer#working-with-nested-objects
Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-06 20:54:46 +01:00
David Mehren
324536bc2d feat(validation): send error message to client
Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-06 20:52:52 +01:00
Renovate Bot
a31e4f4dfc chore(deps): update dependency ts-node to v10.7.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2022-03-06 17:37:40 +01:00
Renovate Bot
d5c70b0302 chore(deps): update dependency mkdocs-material to v8.2.5
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2022-03-06 17:30:01 +01:00
Renovate Bot
4817431166 chore(deps): update linters
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2022-03-05 10:47:14 +01:00
Renovate Bot
8aee78c78e chore(deps): update actions/checkout action to v3
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2022-03-05 10:40:33 +01:00
Renovate Bot
a850939acb fix(deps): update nestjs packages to v8.4.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2022-03-05 10:39:31 +01:00
Renovate Bot
bc59085ce4 chore(deps): update dependency typescript to v4.6.2
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2022-03-05 10:36:44 +01:00
Renovate Bot
7aee869610 chore(deps): update dependency ts-node to v10.6.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2022-03-05 10:29:20 +01:00
Renovate Bot
4030d11840 fix(deps): update dependency typeorm to v0.2.45
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2022-03-05 10:28:55 +01:00
Renovate Bot
47e99816af chore(deps): update dependency tsconfig-paths to v3.13.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2022-03-05 10:23:21 +01:00
Renovate Bot
1514ea1646 fix(deps): update dependency raw-body to v2.5.1
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2022-03-05 09:24:01 +01:00
Renovate Bot
ddca4eaec7 chore(deps): update dependency mkdocs-material to v8.2.4
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2022-03-05 05:00:47 +00:00
Renovate Bot
1827b7c615 chore(deps): update dependency @nestjs/cli to v8.2.2
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2022-03-05 02:56:36 +00:00
David Mehren
0be8e4ea55 feat(api/private): add GroupsController
The GroupsController can be used to fetch information about groups.

Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-01 20:20:18 +01:00
David Mehren
0394679134 feat(user-info-dto): split email into separate DTO
The email address should only be available
in /me routes.
This commit splits the email address into a new FullUserInfoDto.

Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-01 20:20:18 +01:00
David Mehren
a7edf00ebc feat(api/private): add UsersController
The UsersController can be used to fetch information about users.

Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-01 20:20:18 +01:00
Renovate Bot
908f418620 chore(deps): lock file maintenance
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2022-02-28 02:23:45 +00:00