hedgedoc

mirror of https://github.com/hedgedoc/hedgedoc.git synced 2025-02-18 07:14:51 +00:00

Author	SHA1	Message	Date
Tilman Vatteroth	d29e840bc6	fix(realtime): allow realtime user status updates from users that have read-only access Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-05-09 20:33:23 +02:00
Tilman Vatteroth	b199cdba67	test: increase coverage of constructor tests Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-05-09 12:33:09 +02:00
Tilman Vatteroth	2f59869e12	fix: retrieve read-only state for realtime user status adapter from connection Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-05-09 12:33:09 +02:00
Tilman Vatteroth	f012282a41	fix: restore of test state Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-05-09 12:33:09 +02:00
Tilman Vatteroth	02a3b7f07b	refactor: make displayName readonly Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-05-09 12:33:09 +02:00
Tilman Vatteroth	3c1ea7bda9	fix: allow change of accept edits in realtime connection Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-05-09 12:33:09 +02:00
Tilman Vatteroth	eebbb79d08	fix: retrieve read-only state for y-doc-sync-server-adapter from connection Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-05-09 12:33:09 +02:00
Yannick Bungers	ed3c688e8b	refactor: extract mocking in permissions.service.spec.ts Signed-off-by: Yannick Bungers <git@innay.de>	2023-05-07 20:45:15 +02:00
Yannick Bungers	d73bbcaeff	fix: increase test coverage Signed-off-by: Yannick Bungers <git@innay.de>	2023-05-07 20:45:15 +02:00
Yannick Bungers	dad60a25ea	fix: change logging from id to publicId in media upload Signed-off-by: Yannick Bungers <git@innay.de>	2023-05-07 20:45:15 +02:00
Yannick Bungers	c20e20b30a	refactor: exclude create permission from note permission check Signed-off-by: Yannick Bungers <git@innay.de> Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-05-07 20:45:15 +02:00
Yannick Bungers	fad5e1e22e	test: add private api tests for checkPermissionOnNote and checkMediaDeletePermission Signed-off-by: Yannick Bungers <git@innay.de> Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-05-07 20:45:15 +02:00
Yannick Bungers	001a49329c	refactor: extract permission checking from controllers and guard Signed-off-by: Yannick Bungers <git@innay.de> Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-05-07 20:45:15 +02:00
Yannick Bungers	485f7cd338	feat: Add guest file uploads and add deletion for note owners Signed-off-by: Yannick Bungers <git@innay.de> Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-05-07 20:45:15 +02:00
Yannick Bungers	0f464dedfe	fix: clean up decorators in the public notes.controller.ts Signed-off-by: Yannick Bungers <git@innay.de> Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-05-07 20:45:15 +02:00
Yannick Bungers	d369132519	fix: add CompleteRequest type to have better type checks for HTTP-Request attribute injection. Signed-off-by: Yannick Bungers <git@innay.de> Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-05-07 20:45:15 +02:00
Tilman Vatteroth	0263c09ce1	fix(deps): migrate zxcvbn Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-05-07 19:37:41 +02:00
Tilman Vatteroth	e02221acd2	fix: don't create user permissions for owner Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-05-04 22:34:24 +02:00
Tilman Vatteroth	a5e12b9ad0	fix(backend): fix extraction body values in permission controllers Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-05-04 14:54:37 +02:00
Avinash	bb7a6a74f7	refactor(backend): create mock function for noteRepo and eventemiter Signed-off-by: Avinash <avinash.kumar.cs92@gmail.com>	2023-04-16 20:55:26 +02:00
Tilman Vatteroth	0950e036b0	refactor(s3-backend): use URL object to construct complete URL instead of string template Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-04-16 18:41:03 +02:00
Tilman Vatteroth	b6db47a9c2	test(s3-backend): add unit test Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-04-16 18:41:03 +02:00
Tilman Vatteroth	e8d4fc692d	fix(s3-backend): remove redundant parameter Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-04-16 18:41:03 +02:00
Tilman Vatteroth	baaa41b1e5	fix(media config): expect HD_MEDIA_BACKEND_S3_ENDPOINT to be an uri Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-04-16 18:41:03 +02:00
Tilman Vatteroth	3c2f59c382	fix(s3-backend): force endpoint to be a uri Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-04-16 18:41:03 +02:00
Tilman Vatteroth	2016874a3d	fix(s3-backend): let minio lib handle the port fallback Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-04-16 18:41:03 +02:00
Tilman Vatteroth	a72f695124	fix(s3-backend): correct endpoint Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-04-16 18:41:03 +02:00
Philip Molares	2fc89a7de5	feat: don't let read-only users send their cursors or selections This was done as it may be used to distract or annoy other users either intentionally or unintentionally. Signed-off-by: Philip Molares <philip.molares@udo.edu> Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-04-06 22:54:50 +02:00
Philip Molares	c2f41118b6	feat: check permissions in realtime code and frontend Signed-off-by: Philip Molares <philip.molares@udo.edu> Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-04-06 22:54:50 +02:00
Tilman Vatteroth	6fb58d56c2	fix: add missing tests for realtime-user-status-adapter Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-04-04 18:29:20 +02:00
Tilman Vatteroth	2a2d3756ad	refactor: test code of realtime Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-04-04 18:29:20 +02:00
Tilman Vatteroth	15374acb93	fix(backend): throw error if key in param decorator is not defined Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-03-31 15:43:28 +02:00
Tilman Vatteroth	598fc8ee11	feat(realtime): synchronize and show realtime activity state Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-03-29 01:16:43 +02:00
Tilman Vatteroth	8fc59aad82	refactor: make permission service less complex Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-03-26 20:21:13 +02:00
Tilman Vatteroth	0f8effd318	fix: use correct body parameter for permission controller Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-03-26 20:21:13 +02:00
David Mehren	f7f052fca1	refactor: use separate env vars for frontend/backend port As we moved to a combined .env file for simplicity, frontend and backend need to be configured with separate variables. Signed-off-by: David Mehren <git@herrmehren.de>	2023-03-26 15:53:49 +02:00
Erik Michelson	ca9836d691	enhancement(auth): better error message handling Signed-off-by: Erik Michelson <github@erik.michelson.eu>	2023-03-26 15:43:39 +02:00
Tilman Vatteroth	24b7514e25	feat: submit own style index on realtime user state set Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-03-25 13:11:40 +01:00
David Mehren	382e70bf7b	fix: replace Equals constructor TypeORMs Equals constructor is still broken, so this commit removes all remaining usages. See https://github.com/hedgedoc/hedgedoc/issues/2467 Signed-off-by: David Mehren <git@herrmehren.de>	2023-03-25 12:43:27 +01:00
Tilman Vatteroth	088f2905a5	fix(backend): Fix type errors in query builder mock Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-03-25 12:43:27 +01:00
David Mehren	162a8e8816	docs: Move 'User Profiles & Authentication' to design docs Signed-off-by: David Mehren <git@herrmehren.de>	2023-03-24 20:06:11 +01:00
Philip Molares	e01628cfb0	fix(backend): fix permission routes in NotesController Signed-off-by: Philip Molares <philip.molares@udo.edu>	2023-03-24 18:47:23 +01:00
Tilman Vatteroth	a826677225	refactor: save ydoc state in the database, so it can be restored easier By storing the ydoc state in the database we can reconnect lost clients easier and enable offline editing because we continue using the crdt data that has been used by the client before the connection loss. Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-03-24 16:03:55 +01:00
Tilman Vatteroth	3a06f84af1	refactor: reimplement realtime-communication This commit refactors a lot of things that are not easy to separate. It replaces the binary protocol of y-protocols with json. It introduces event based message processing. It implements our own code mirror plugins for synchronisation of content and remote cursors Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-03-24 14:06:03 +01:00
Tilman Vatteroth	229d4a4a1d	fix: change sessionstate type to prevent unset values Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>	2023-03-19 22:45:44 +01:00
David Mehren	7233f862f2	test(auth-service): add mock for find Signed-off-by: David Mehren <git@herrmehren.de>	2023-02-19 20:56:18 +01:00
David Mehren	ebb8b10804	fix(public/notes-controller): extract canEdit parameter from body Signed-off-by: David Mehren <git@herrmehren.de>	2023-02-19 20:56:18 +01:00
David Mehren	068517a73b	fix(public/notes-controller): bind setUserPermission to an URL Signed-off-by: David Mehren <git@herrmehren.de>	2023-02-19 20:56:18 +01:00
David Mehren	ada90ed30b	fix: map PermissionError to HTTP Forbidden Signed-off-by: David Mehren <git@herrmehren.de>	2023-02-19 20:56:18 +01:00
David Mehren	921cffb76f	fix(auth-service): typeorm query in getTokensbyUser TypeORM does not support WHERE queries for relation-colums directly. This replaces the Equal() constructor with a manual comparison of the IDs. See https://github.com/typeorm/typeorm/issues/2707 Signed-off-by: David Mehren <git@herrmehren.de>	2023-02-19 20:56:18 +01:00

1 2

73 commits