hedgedoc

mirror of https://github.com/hedgedoc/hedgedoc.git synced 2024-10-20 06:02:09 -04:00

Author	SHA1	Message	Date
David Mehren	2398499f5d	Rename openapi.yml to public_api.yml	2020-08-20 19:43:16 +02:00
Yannick Bungers	0ec8d61669	Added serverVersion to status by using SemVer Signed-off-by: Yannick Bungers <git@innay.de>	2020-08-20 19:43:16 +02:00
Erik Michelson	71158f93dc	Reorganized openapi.yml for external API structure As this document should contain the details of the stable external API, it was refactored and cleaned up. Co-Authored-By: David Mehren <dmehren1@gmail.com> Co-Authored-By: Yannick Bungers <git@innay.de> Co-Authored-By: Philip Molares <philip.molares@udo.edu>	2020-08-20 19:43:16 +02:00
Erik Michelson	7d20e97348	Added entries for image proxying and registering Signed-off-by: Erik Michelson <github@erik.michelson.eu>	2020-08-20 19:43:16 +02:00
Philip Molares	74421e7264	server tag is now called backend Signed-off-by: Philip Molares <philip.molares@udo.edu>	2020-08-20 19:43:16 +02:00
Philip Molares	8f0761af96	/me is now a put and not a post since it's an update method Signed-off-by: Philip Molares <philip.molares@udo.edu>	2020-08-20 19:43:16 +02:00
Philip Molares	4d424842e6	fixed typo Signed-off-by: Philip Molares <philip.molares@udo.edu>	2020-08-20 19:43:15 +02:00
Philip Molares	7dbadd2d0b	descriptions always end with a dot summaries never end with a dot Signed-off-by: Philip Molares <philip.molares@udo.edu>	2020-08-20 19:43:15 +02:00
Philip Molares	4c11b81dfb	the api doc is now referring to the backend as such and not as system und CodiMD instance Signed-off-by: Philip Molares <philip.molares@udo.edu>	2020-08-20 19:43:15 +02:00
Philip Molares	3561da0457	/config is now tagged as server to Signed-off-by: Philip Molares <philip.molares@udo.edu>	2020-08-20 19:43:15 +02:00
Philip Molares	3cb60fbc11	moved the /history endpoints to /me/history Signed-off-by: Philip Molares <philip.molares@udo.edu>	2020-08-20 19:43:15 +02:00
Philip Molares	8cae3f3c07	user is now always explicitly currently logged-in user Signed-off-by: Philip Molares <philip.molares@udo.edu>	2020-08-20 19:43:15 +02:00
Philip Molares	f6b26b5d77	base name now is /api/v2/ this change makes sense, because v2 client should still be able to call /api/v2/ on v2.1 servers Signed-off-by: Philip Molares <philip.molares@udo.edu>	2020-08-20 19:43:15 +02:00
Philip Molares	7207602c81	fixed typo Signed-off-by: Philip Molares <philip.molares@udo.edu>	2020-08-20 19:43:15 +02:00
Philip Molares	a279203c10	removed trailing / on /history/{note} Signed-off-by: Philip Molares <philip.molares@udo.edu>	2020-08-20 19:43:14 +02:00
Philip Molares	da07476009	renamed revision to revisions Signed-off-by: Philip Molares <philip.molares@udo.edu>	2020-08-20 19:43:14 +02:00
Philip Molares	7dfe2ec8c1	removed /notes/{note}/websocket Signed-off-by: Philip Molares <philip.molares@udo.edu>	2020-08-20 19:43:14 +02:00
Philip Molares	db9917e77b	added export tag to /me/export Signed-off-by: Philip Molares <philip.molares@udo.edu>	2020-08-20 19:43:14 +02:00
Erik Michelson	58a7a29986	Removed tokens from API spec With the suggested usage of an Authorization header instead of relying on session-cookies, the API will finally become stateless. Therefore we don't need the tokens for user password change and deletion anymore. Signed-off-by: Erik Michelson <github@erik.michelson.eu>	2020-08-20 19:43:14 +02:00
Erik Michelson	670a5e8233	Added missing endpoint for updating user information Signed-off-By: Erik Michelson <github@erik.michelson.eu>	2020-08-20 19:43:14 +02:00
Erik Michelson	b2b5a1ba51	Added endpoints required for the user profile page Signed-off-by: Erik Michelson <github@erik.michelson.eu>	2020-08-20 19:43:14 +02:00
Philip Molares	60dc77b9d2	added version to /config Signed-off-by: Philip Molares <philip.molares@udo.edu>	2020-08-20 19:43:14 +02:00
Philip Molares	07e8242752	response codes are strings now Signed-off-by: Philip Molares <philip.molares@udo.edu>	2020-08-20 19:43:13 +02:00
Philip Molares	b6974a0095	added /history/{note}	2020-08-20 19:43:13 +02:00
Philip Molares	2994e2776f	added /config	2020-08-20 19:43:13 +02:00
Philip Molares	6b6801963f	added /history	2020-08-20 19:43:13 +02:00
Philip Molares	ee2d840075	added /notes/{note}/websocket	2020-08-20 19:43:13 +02:00
Philip Molares	050e43576d	removed NewNote schema	2020-08-20 19:43:13 +02:00
Philip Molares	abe38fa6be	changed /note/ to /notes/ added /notes/{note}/permissions	2020-08-20 19:43:13 +02:00
Philip Molares	4f10dc7621	removed /note/{note}/info	2020-08-20 19:43:12 +02:00
Philip Molares	ba3ea8a073	added /n/ prefix to note calls added Note object	2020-08-20 19:43:12 +02:00
Philip Molares	c7511df450	added openapi definition for api 2.0	2020-08-20 19:43:12 +02:00
Sheogorath	a2522888b2	Remove PDF export As we already decleared in earlier versions, this patch removes PDF export entirely. It's a not acceptable security risk for every CodiMD instance. The current implementation allowed to extract arbitary files from the CodiMD host and therefore leaking secrets from a `/etc/passwd` to CodiMD's own config files and all secrets contained in it. Thanks to Joona for finding this vulnerability in August last year, which lead to an emergency disabling of PDF exports in 1.5.0. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>	2020-02-26 15:05:54 +01:00
Erik Michelson	ae4d5c619a	Fixed JSON syntax error in api doc example Signed-off-by: Erik Michelson <erik@liltv.de>	2019-10-18 10:59:39 +02:00
Erik Michelson	b7c02a901f	Finishing openapi doc version 1.6.0 is noted as this document already contains the 1.6.0 endpoint /new/alias Signed-off-by: Erik Michelson <erik@liltv.de>	2019-10-17 23:26:48 +02:00
Erik Michelson	93ca037a75	WIP: Adding openapi doc Signed-off-by: Erik Michelson <erik@liltv.de>	2019-10-15 00:58:40 +02:00

36 commits