Renovate Bot
34de07fbc7
chore(deps): update dependency mkdocs-material to v6.2.7
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-01 21:06:50 +00:00
Renovate Bot
c39d159cf2
Update dependency mkdocs-material to v6.2.6
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-01-27 17:23:14 +00:00
Renovate Bot
fa235f6fe1
Update dependency pymdown-extensions to v8.1.1
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-01-26 01:46:17 +00:00
Philip Molares
0a3247492a
auth: Add cron to clean old tokens
...
Rename AuthToken.identifier to label
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:30:04 +01:00
Philip Molares
599fe57ec6
tokens: Add token creation
...
Fix token deletion
Update plantuml docs
Add token validUntil and lastUsed fields
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:30:02 +01:00
Philip Molares
0bd7a8f4bc
db-schema: updates plantuml
...
adds identifier and createdAt to AuthToken
renames authToken in User to authTokens
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:29:52 +01:00
Yannick Bungers
17ceb9c31f
Removed special table name in Note object
...
and changed table names in plantuml file
Signed-off-by: Yannick Bungers <git@innay.de>
2021-01-23 22:26:49 +01:00
Renovate Bot
c4fbe53a51
Update dependency mkdocs-material to v6.2.5
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-01-17 10:38:44 +00:00
David Mehren
4a1bec8eec
Move note permission route under metadata
...
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-10 20:25:28 +01:00
Renovate Bot
01b44082f3
Update dependency mkdocs-material to v6.2.4
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-01-10 19:09:49 +00:00
David Mehren
e15fb2c8a3
Merge branch 'develop' into develop
2021-01-10 18:04:32 +01:00
David Mehren
ffce2de2db
Merge branch 'develop' into docs/cherrypickHistory
2021-01-10 17:52:49 +01:00
Philip Molares
6d5710a917
Fix some typos in history.md
...
(cherry picked from commit 0195d074a8
)
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-09 12:35:51 +01:00
Simon C
4559d52d52
docs: Fix indentation of code
2021-01-08 14:58:01 +01:00
Tilman Vatteroth
0c56466dc1
Change year in copyright to 2021
...
Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>
2021-01-06 22:10:19 +01:00
Tilman Vatteroth
bc777a2369
Add license headers
...
Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>
2021-01-06 14:07:34 +01:00
Tilman Vatteroth
f9fdea36ca
Several theme changes ( #659 )
...
* Several theme changes
- Add max width of 1440px
- Rename css file
- Fix edit button
- Add local Roboto font
Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>
(cherry picked from commit 5bdb392413
)
2021-01-06 13:59:14 +01:00
Philip Molares
6896daa62a
added reuse information
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-05 22:12:38 +01:00
Tilman Vatteroth
4b7318ca33
Move docs into subdirectory to make mkdocs work in a subdirectory
...
Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>
(cherry picked from commit eaeb88401d
)
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-05 21:09:18 +01:00
Yannick Bungers
8a6e81e1c8
Merge branch 'develop' into public-api-uploads
2020-10-30 22:46:08 +01:00
David Mehren
241a577a02
DB Schema: Make layout pretty
...
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-24 22:21:45 +02:00
David Mehren
b9dfd880f7
Note.alias should be optional in db schema
...
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-24 22:21:42 +02:00
David Mehren
b9279a5d20
Add note metadata to db schema
...
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-24 22:21:41 +02:00
David Mehren
b7195c563c
Public API: Cleanup history schemas
...
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-24 22:20:00 +02:00
David Mehren
cfe8169fc2
Public API: NoteRevisionsMetadata
is not an array
...
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-24 22:20:00 +02:00
David Mehren
a4ac295ada
Public API: Remove PUT /notes/{note}/metadata
...
The note metadata will be automatically extracted from the note content and cannot be updated separately.
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-24 22:19:59 +02:00
David Mehren
7adcad2ce6
Public API: Fix PUT /notes/{note}/permissions
response
...
This route should return a full `NotePermissions` object instead of only `NotePermissionsUpdate`
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-24 22:19:14 +02:00
David Mehren
a640dea1aa
Public API: Update description of /notes/{note} POST and PUT routes.
...
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-24 22:19:14 +02:00
David Mehren
67633c375d
Public API: Successful POST requests should result in a 201.
...
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-24 22:19:13 +02:00
David Mehren
b63593aa8b
Public API: Simplify PUT /me/history/{note}
...
Previously, one had to send a complete `NoteMetadata` object when updating the pinned status of a note. A new `HistoryUpdateObject` type was introduced, that only contains the pinned status boolean.
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-24 22:19:13 +02:00
David Mehren
2be1defd7a
Public API: Split-out a /notes/{note}/permissions route to set only permissions
...
Previously, the metadata route was used to both update note metadata (like title, description and tags) and the permissions. Additionally, one had to send many unchangeable properties. In this commit, a /notes/{note}/permissions route is introduced, that only changes permissions. Additionally, PUT /notes/{note}/metadata now needs only the properties that are actually changeable.
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-24 22:19:13 +02:00
David Mehren
4a975dcca2
Public API: Add routes to get uploads by user or note
...
Co-authored-by: Yannick Bungers <git@innay.de>
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-24 21:48:29 +02:00
David Mehren
a728866ebb
Public API: Add media deletion
...
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 21:55:05 +02:00
David Mehren
16b5f3a5c8
Use POST /media
for file upload
...
The old `/media/upload` subpath does not follow the convention of REST APIs.
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 20:58:10 +02:00
David Mehren
e0f8031fab
Public API: Update /media/upload
route with supported content-types
...
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 20:55:48 +02:00
David Mehren
f3e093c715
Do not save file extension as a separate field.
...
It turned out that saving the file extension in a separate field is not necessary. Instead, the extension is saved in the complete filename in the `id` field.
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 19:58:22 +02:00
David Mehren
0a0732049a
DB Schema: Add MediaUpload entity
...
MediaUpload stores the uploading user, the note the media was uploaded to and backend data.
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 19:58:22 +02:00
David Mehren
b0b9b75e65
Public API: /media/upload returns the URL of the uploaded file
...
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 19:58:22 +02:00
Yannick Bungers
e86898ce18
Fixes types of timestamps and property name
...
Signed-off-by: Yannick Bungers <git@innay.de>
2020-10-01 13:11:47 +02:00
David Mehren
4f5bb75766
Public API spec: Update NoteRevisionsMetadata and timestamp definition
...
NoteRevisionsMetadata is an array containing revision data and not an object with a single property containing an array.
Revision timestamps are ISO strings, not UNIX timestamps.
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:37:39 +02:00
David Mehren
99dccc0567
RevisionEntity: Change primary key type from UUID to number
...
The precision of sqlites datetime() timestamp is only one second (see https://www.sqlite.org/lang_datefunc.html ). Therefore we could not order revisions of one note that were created in the same second. To remedy this, the primary key was changed to a monotonically increasing number, which solves the ordering problem.
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:37:39 +02:00
David Mehren
99f44f2551
Reverse cardinality of owner relationship
...
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 21:37:34 +02:00
Nicolas Lenz
110b9cb077
Update db schema layouting
...
Previously, single dashes were used for associatons, which makes PlantUML layout all of them in an horizontal line. I changed that to two dashes so that PlantUML uses normal layouting. I think that is far clearer.
(See https://plantuml.com/class-diagram for more on layouting)
Signed-off-by: Nicolas Lenz <nicolas@eisfunke.com>
2020-08-29 18:42:28 +02:00
Yannick Bungers
91200cb3b3
Removed unnecessary objects and flattened updateTime
...
Signed-off-by: Yannick Bungers <git@innay.de>
2020-08-20 19:43:17 +02:00
Yannick Bungers
3f6fe71bab
Fixed Typos, removed unnecessary type: object
...
and fixed copy paste errors in descriptions
Signed-off-by: Yannick Bungers <git@innay.de>
2020-08-20 19:43:17 +02:00
Yannick Bungers
7f00c87c68
Added GET /me/history/{note} to get data for updating history
...
Signed-off-by: Yannick Bungers <git@innay.de>
2020-08-20 19:43:16 +02:00
David Mehren
2398499f5d
Rename openapi.yml to public_api.yml
2020-08-20 19:43:16 +02:00
Yannick Bungers
0ec8d61669
Added serverVersion to status by using SemVer
...
Signed-off-by: Yannick Bungers <git@innay.de>
2020-08-20 19:43:16 +02:00
Erik Michelson
71158f93dc
Reorganized openapi.yml for external API structure
...
As this document should contain the details of the stable external API, it was refactored and cleaned up.
Co-Authored-By: David Mehren <dmehren1@gmail.com>
Co-Authored-By: Yannick Bungers <git@innay.de>
Co-Authored-By: Philip Molares <philip.molares@udo.edu>
2020-08-20 19:43:16 +02:00
Erik Michelson
7d20e97348
Added entries for image proxying and registering
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2020-08-20 19:43:16 +02:00
Philip Molares
74421e7264
server tag is now called backend
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2020-08-20 19:43:16 +02:00
Philip Molares
8f0761af96
/me is now a put and not a post since it's an update method
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2020-08-20 19:43:16 +02:00
Philip Molares
4d424842e6
fixed typo
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2020-08-20 19:43:15 +02:00
Philip Molares
7dbadd2d0b
descriptions always end with a dot
...
summaries never end with a dot
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2020-08-20 19:43:15 +02:00
Philip Molares
4c11b81dfb
the api doc is now referring to the backend as such and not as system und CodiMD instance
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2020-08-20 19:43:15 +02:00
Philip Molares
3561da0457
/config is now tagged as server to
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2020-08-20 19:43:15 +02:00
Philip Molares
3cb60fbc11
moved the /history endpoints to /me/history
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2020-08-20 19:43:15 +02:00
Philip Molares
8cae3f3c07
user is now always explicitly currently logged-in user
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2020-08-20 19:43:15 +02:00
Philip Molares
f6b26b5d77
base name now is /api/v2/
...
this change makes sense, because v2 client should still be able to call /api/v2/ on v2.1 servers
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2020-08-20 19:43:15 +02:00
Philip Molares
7207602c81
fixed typo
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2020-08-20 19:43:15 +02:00
Philip Molares
a279203c10
removed trailing / on /history/{note}
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2020-08-20 19:43:14 +02:00
Philip Molares
da07476009
renamed revision to revisions
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2020-08-20 19:43:14 +02:00
Philip Molares
7dfe2ec8c1
removed /notes/{note}/websocket
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2020-08-20 19:43:14 +02:00
Philip Molares
db9917e77b
added export tag to /me/export
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2020-08-20 19:43:14 +02:00
Erik Michelson
58a7a29986
Removed tokens from API spec
...
With the suggested usage of an Authorization header instead of relying on session-cookies, the API will finally become stateless. Therefore we don't need the tokens for user password change and deletion anymore.
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2020-08-20 19:43:14 +02:00
Erik Michelson
670a5e8233
Added missing endpoint for updating user information
...
Signed-off-By: Erik Michelson <github@erik.michelson.eu>
2020-08-20 19:43:14 +02:00
Erik Michelson
b2b5a1ba51
Added endpoints required for the user profile page
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2020-08-20 19:43:14 +02:00
Philip Molares
60dc77b9d2
added version to /config
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2020-08-20 19:43:14 +02:00
Philip Molares
07e8242752
response codes are strings now
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2020-08-20 19:43:13 +02:00
Philip Molares
b6974a0095
added /history/{note}
2020-08-20 19:43:13 +02:00
Philip Molares
2994e2776f
added /config
2020-08-20 19:43:13 +02:00
Philip Molares
6b6801963f
added /history
2020-08-20 19:43:13 +02:00
Philip Molares
ee2d840075
added /notes/{note}/websocket
2020-08-20 19:43:13 +02:00
Philip Molares
050e43576d
removed NewNote schema
2020-08-20 19:43:13 +02:00
Philip Molares
abe38fa6be
changed /note/ to /notes/
...
added /notes/{note}/permissions
2020-08-20 19:43:13 +02:00
Philip Molares
4f10dc7621
removed /note/{note}/info
2020-08-20 19:43:12 +02:00
Philip Molares
ba3ea8a073
added /n/ prefix to note calls
...
added Note object
2020-08-20 19:43:12 +02:00
Philip Molares
c7511df450
added openapi definition for api 2.0
2020-08-20 19:43:12 +02:00
David Mehren
a6fa562a17
Fix cardinality between Authorship and User in database schema
...
Signed-off-by: David Mehren <git@herrmehren.de>
2020-08-20 19:43:11 +02:00
David Mehren
a38622ea19
Delete superfluous authorship attribute from Revision in the database schema.
...
Authorships are saved in a separate table, this attribute was probably left over from the old schema.
Signed-off-by: David Mehren <git@herrmehren.de>
2020-08-20 19:43:11 +02:00
David Mehren
c3af748a52
Fix cardinality between NoteGroupPermission and Group in database schema
...
Signed-off-by: David Mehren <git@herrmehren.de>
2020-08-20 19:43:11 +02:00
David Mehren
2050f5acc2
Update database schema.
...
Signed-off-by: David Mehren <git@herrmehren.de>
2020-08-20 19:43:10 +02:00
David Mehren
d0c1c93fba
Add (still incomplete) database schema
...
Signed-off-by: David Mehren <git@herrmehren.de>
2020-08-20 19:43:10 +02:00
David Mehren
574c7d1dd4
Log warnings when using hardcoded data.
...
Signed-off-by: David Mehren <git@herrmehren.de>
2020-08-20 19:43:08 +02:00
Bennet Bleßmann
8811ba6dfe
add ldap.starttls to config file docs
...
Signed-off-by: Bennet Bleßmann <bb-github@t-online.de>
2020-08-05 00:45:38 +02:00
Erik Michelson
7838f9b03a
Added config property for locales
...
There's a new config property 'localesPath' - pointing to './locales' by default. The path resolution is similar to the docsPath, uploadsPath etc.
Signed-off-by: Erik Michelson <erik@liltv.de>
2020-04-24 19:09:18 +02:00
Sheogorath
4104f9835d
Merge pull request #278 from elespike/master
...
Add OIDC scopes for email & profile retrieval
2020-04-22 20:56:58 +02:00
Sheogorath
a2522888b2
Remove PDF export
...
As we already decleared in earlier versions, this patch removes PDF
export entirely. It's a not acceptable security risk for every CodiMD
instance.
The current implementation allowed to extract arbitary files from the
CodiMD host and therefore leaking secrets from a `/etc/passwd` to
CodiMD's own config files and all secrets contained in it.
Thanks to Joona for finding this vulnerability in August last year,
which lead to an emergency disabling of PDF exports in 1.5.0.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2020-02-26 15:05:54 +01:00
Erik Michelson
c976217c12
Remove mattermost integration
...
Signed-off-by: Erik Michelson <erik@liltv.de>
2020-02-25 14:33:30 +01:00
Marius
574781ed6e
Add environment variables and doc entries
...
Signed-off-by: Marius <elespike@lab26.net>
2020-02-22 00:16:26 -05:00
Stefan Peters
5ee3213086
Adjust description of CMD_ALLOW_ANONYMOUS_EDITS
...
`CMD_ALLOW_ANONYMOUS_EDITS` is only applied when `CMD_ALLOW_ANONYMOUS` is `false`, see [here](9c1665ae5b/lib/config/index.js (L71-L73)
).
Signed-off-by: Stefan Peters <stefandesu@exo.pm>
2020-02-11 13:32:22 +09:00
Sheogorath
651db60985
Update CDN defaults
...
As we noticed in our poll about CDN usage, that most people
intentionally turn it off, but very little intetionally turn it on or
leave it on. [1]
There is also strong indicators that CDNs don't really provide any
benefits in loading time and due to the small deployments of CodiMD,
there is no big savings due to CDNs either. [2]
Therefore this patch changes the CDN default settings to off in order to
reduce the exposed user data.
[1]: https://community.codimd.org/t/poll-on-cdn-usage/28
[2]: https://csswizardry.com/2019/05/self-host-your-static-assets/
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2020-02-09 21:59:17 +01:00
ike
197223dc81
Add Google oauth variable: hostedDomain
...
Which is part of `passport-google-oauth2`.
It could be used as whitelist to a domain supported by google oauth.
Ref: https://github.com/jaredhanson/passport-google-oauth2/issues/3
Signed-off-by: ike <developer@ikewat.com>
2020-02-08 15:57:22 +08:00
Amolith
412540b8e5
update env docs in reference to #247
...
Signed-off-by: Amolith <amolith@nixnet.xyz>
2020-01-16 17:25:41 -05:00
Ian Tsai
deb3b94662
Update example config for gitlab authorization
...
Update example config for gitlab authorization
Signed-off-by: Ian Tsai <b10102016@gmail.com>
2020-01-13 19:30:15 +08:00
Matteo Savatteri
8496baa5b9
[DOC] Run manage_users
with NODE_ENV=production
set.
...
`manage_user` script defaults to `development` environment.
Signed-off-by: Matteo Savatteri <matteosavatteri@lcm.mi.infn.it>
2019-12-24 18:02:55 +01:00
Enrico Guiraud
ed2a792886
[DOC] Use npm start
, not yarn start
to start
...
`yarn start --production` ignores the `--production` flag,
`npm start --production` does not.
Signed-off-by: Enrico Guiraud <enrico.guiraud@cern.ch>
2019-12-20 11:08:40 +01:00
Enrico Guiraud
5c552b81a0
[DOC] Misc improvements to manual setup instructions
...
Signed-off-by: Enrico Guiraud <enrico.guiraud@cern.ch>
2019-12-20 00:26:48 +01:00
Sheogorath
31803d6730
Merge pull request #209 from davidmehren/webpack_docs
...
Improve webpack dev documentation
2019-10-29 14:18:14 +01:00
David Mehren
b714baa36e
Improve webpack dev documentation
...
Signed-off-by: David Mehren <dmehren1@gmail.com>
2019-10-25 20:52:15 +02:00