Commit graph

542 commits

Author SHA1 Message Date
Philip Molares
5a9634400a
UserEntity: Make userName unique
Each username should only be given once.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-05 00:25:06 +01:00
Philip Molares
cbf0ce98dd
NotesService: Get user and group of the permission
This also fetches to user and group of permissions and not only the `canEdit` property.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-04-02 20:46:34 +02:00
Philip Molares
305a3f1bea
NotesService: Set Permissions
Set the necessary information for the permissions to be correctly inserted into the db.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-17 10:27:29 +01:00
Philip Molares
979154b8a5
Permissions: Add cascade
This makes it possible to create permissions by setting them in the note entity and delete them when either the user or note is deleted.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-17 10:26:42 +01:00
Philip Molares
aa41bebbf0
PublicAPI: Add file upload dialog to swagger api
This makes it possible to truly upload a file with swagger api documentation.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-04-15 14:29:33 +02:00
Philip Molares
846bbeb390
UnitTests: Add appConfigMock
This is necessary as the Logger needs this config for the loglevel.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-04-14 00:19:09 +02:00
Philip Molares
edc62285a2
Logging: Handle calls with 'undefined' context
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-04-13 23:21:55 +02:00
Philip Molares
6fe10bab4c
Logging: Add LogLevels to ConsoleLoggerService
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-04-13 23:13:47 +02:00
Philip Molares
e9664b4aa7
Utils: Add needToLog function
This functions makes it possible to make a partial order of the Loglevel enum. This simplifies the if statements in ConsoleLogger.
This is done, because the Loglevel enum already has a string backing for easy conversion from the config environmental variables and therefore can't also have a ordinal number assigned…

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-04-18 12:29:15 +02:00
Philip Molares
697ca823d5
Logging: Remove NestConsoleLoggerService
This is not necessary anymore, because we can inject ConsoleLoggerService directly.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-04-02 19:08:30 +02:00
Philip Molares
8dd3a3d7dd
Logging: Add OpenAPI log messages
Let the user know where the OpenAPI docs can be found.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-04-02 17:40:44 +02:00
Philip Molares
ebc8d459fb
Logging: Improve mediabackend filesystem log message.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-04-02 17:38:22 +02:00
Philip Molares
9043e39dc6
MediaBackend: Add WebdavBackend
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-04-16 13:22:03 +02:00
Philip Molares
edf71cc177
Config: Add WebDAV to media config
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-04-16 13:19:13 +02:00
Philip Molares
c1d706b350
PrivateAPI: Add lastVisited to HistoryEntryImportDto
As the DTO is only for importing an existing history the lastVisited of those entries should also be posted.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-04-11 12:37:47 +02:00
Philip Molares
eeaa74b385
PrivateAPI: Add pinStatus to HistoryEntryImportDto
As the DTO is only for importing an existing history the pinStatus of those entries should also be posted.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-04-10 23:31:18 +02:00
Philip Molares
1154894876
PrivateAPI: Rename HistoryEntryCreationDto to HistoryEntryImportDto
As the DTO is used to import a whole list of history entries rather than creating a single history entry (there is no way of doing that at the moment)

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-04-10 23:26:58 +02:00
Philip Molares
fa724c2603
Utils: Fix getServerVersionFromPackageJson
The cache is never null, because it defaults to undefined, and therefore this function always returns undefined.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-04-15 18:15:25 +02:00
Philip Molares
9759d85fdd
Tests: Fix eslint errors
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-04-12 18:05:27 +02:00
Philip Molares
ff44a6567e
Tests: Removed all eslint-disable lines
As we now disable what we don't need in the eslint config, we don't need this anymore.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-04-12 17:06:59 +02:00
Philip Molares
1df74df65c
FileMediaBackend: Fix generated urls
All urls should be of the form `uploads/<filename>.<extension>` regardless of what the uploadDirectory is, because the backend proxies all locally uploaded files.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-31 23:01:29 +02:00
Philip Molares
e955e204c4
MediaConfigMock: Change upload path
This changes the upload path in all test to 'test_uploads' to ensure no real uploads are lost.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-31 22:58:15 +02:00
Philip Molares
1835cb7499
PrivateAPI: Add media controller
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-25 21:20:56 +01:00
Philip Molares
fe0c7b425f
PrivateAPI: Add notes controller
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-24 00:12:54 +01:00
Philip Molares
86f5498f51
PrivateApi: Add config controller
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-01 21:16:34 +01:00
Philip Molares
9747ea209c
FrontendConfig: Add new service
This service handles the config for the frontend.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-01 21:16:01 +01:00
Philip Molares
a7c3d06216
Config: Add rendererOrigin and maxDocumentLength to AppConfig
These are used in the /config private API call.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-01 21:00:55 +01:00
Philip Molares
22081756b0
Config: Add identifier to all multi auth provider to AuthConfig
These are used in the /config private API call and needed to distinguish with which of the multiple auth providers a login should occur.
This also fixes the types of the multiple auth provider arrays to something that works, as `[{}]` specifics exactly on object in an array.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-01 21:07:43 +01:00
Philip Molares
e3f1d1b0f4
Config: Create new config mocks for tests
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-01 21:12:48 +01:00
Philip Molares
64846eb641
Config: Add two new Subconfigs
CustomizationConfig holds all possible customization configs.
ExternalConfig holds external services that may be configured.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-01 21:10:16 +01:00
Philip Molares
c6e341aab9
Config: Extend AppConfig mock
This is now more in line what you would get from the regular config code

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-02 10:49:39 +01:00
Philip Molares
c1a9eee6a4
Config: Move config mocks in own folder
To clean up the config folder, all mocks are now in it's own folder.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-01 21:12:01 +01:00
Philip Molares
4dc18c01fb
Utils: Extract getServerVersionFromPackageJson into own file
We need this function in at least on other part of the application so extracting it into an util file was only logical.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-01 20:52:46 +01:00
Philip Molares
935d5cd548
PublicApi: Add GET /api/v2/notes/{note}/media
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-19 16:53:04 +01:00
Philip Molares
890de2dea1
MediaService: Add listUploadsByNote method
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-19 16:47:52 +01:00
Philip Molares
53f5093630
Docs: Add more documentation to the public api
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-19 12:10:46 +01:00
Philip Molares
0e44f545a1
Docs: Add description for common http codes
These are the descriptions for all 401, 403, 404 and 204 HTTP responses in HedgeDoc.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-19 12:09:50 +01:00
Philip Molares
47ca8be78b
Docs: Add ApiProperty to all Dtos
This makes it possible for the autogenerated openapi file to contain all the dtos instead of nothing.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-19 12:08:34 +01:00
Philip Molares
29dbf0b657
PrivateAPI: Add history controller
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-03 15:25:11 +01:00
Philip Molares
b872694158
HistoryService: Add deleteHistory method
This method deletes all history entries of a user.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-03 15:23:45 +01:00
Philip Molares
6e29ffba65
MediaService: Remove allowedMimeType application/pdf
Uploading PDFs does not work with imgur and therefore HedgeDoc should not offer that.

See #533

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-15 22:41:40 +01:00
Yannick Bungers
f47d85b301
Add GET /me/media
Returns all media files uploaded by the authenticated user.

Signed-off-by: Yannick Bungers <git@innay.de>
2021-03-14 17:47:16 +01:00
Philip Molares
7a7b3d3a50
AppConfig: Fix bug in the schema of forbiddenNoteIds
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-14 17:54:50 +01:00
Philip Molares
82ef4a10cb
PublicAPI: Add /me/history/:note
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-05 12:01:43 +01:00
Philip Molares
521ddc36c6
HistoryService: Add unit test for getEntryByNoteIdOrAlias
Also add extra test to deleteHistoryEntry

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-05 12:01:04 +01:00
Philip Molares
6ed686e657
HistoryService: Add JSDocs for all methods
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-05 11:59:07 +01:00
Philip Molares
54d0aa2197
NotesService: Add unit tests for forbidden note alias
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-20 22:23:52 +01:00
Philip Molares
c82f317ef0
NotesService: Check if note alias is forbidden
If the note alias is forbidden return a BadRequest.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-20 22:21:31 +01:00
Philip Molares
dbbee13913
Errors: Add ForbiddenIdError
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-20 22:16:50 +01:00
Philip Molares
966f5ee2fe
Config: Add forbiddenNoteIds to AppConfig
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-20 22:15:04 +01:00
Philip Molares
b2008ae734
AppModule: Add reminder to remove synchronize
This auto creates schema on startup and is not intended for production use
See https://typeorm.io/#/connection-options/common-connection-options

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-27 22:58:34 +01:00
Philip Molares
d6e8d9a592
S3Backend: Add S3 MediaBackend
Add minio dependency

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-23 16:14:14 +01:00
Philip Molares
d2bce6e091
MediaConfig: Change s3 config
remove region as this is specified by endPoint now
add bucket in schema and actual assignment

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-23 16:13:33 +01:00
Philip Molares
5195955eb8
MediaConfig: Fix Joi schema alternatives
'...use' tries to go up one level and grab the value of 'use' there and not the same level 'use' as we want here

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-23 15:45:59 +01:00
Philip Molares
1942df0da0
AzureBackend: Add Azure MediaBackend
Add @azure/storage-blob dependency
This is the relevant part of the official azure sdk.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-22 22:33:56 +01:00
Philip Molares
95b3c628ce
DBSchema: Add fileUrl to media_upload table
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-27 11:24:41 +01:00
Philip Molares
a00a093a14
ImgurBackend: Add Imgur MediaBackend
Add node-fetch dependency.
This was chosen as other libs we use already use node-fetch.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-26 16:16:00 +01:00
Philip Molares
c64ca9c012
MediaUploadEntity: Add fileUrl
Save the fileUrl, returned to the user on creation, in the DB.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-26 16:12:14 +01:00
David Mehren
3dd4bf1582
Refactor server version object into own interface
This makes the type of getServerVersionFromPackageJson() way easier
to read.

Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-27 21:21:41 +01:00
David Mehren
5987e2ed7e
Refactor config utils to use functions instead of consts
Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-27 17:45:44 +01:00
David Mehren
b128efebff
Enforce explicit function return types
This re-enables the `@typescript-eslint/explicit-module-boundary-types`
check and also enables the
`@typescript-eslint/explicit-function-return-type` check.

Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-27 17:41:32 +01:00
David Mehren
05926c08d6
FilesystemBackend: Fix ESLint errors
Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-26 12:24:35 +01:00
David Mehren
56d28188e7
NotesController: Fix ESLint errors
Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-24 22:33:47 +01:00
David Mehren
dd424cbcee
MeController: Fix ESLint errors
Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-24 22:33:29 +01:00
David Mehren
0344a8294e
ConsoleLoggerService: Fix ESLint errors
We now use @types/cli-color to provide type information

Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-24 20:39:25 +01:00
David Mehren
f79492fe63
NoteEntity: Fix ESLint errors
We now use @types/shortid to provide type information

Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-24 21:10:24 +01:00
David Mehren
71e2f06bbb
Fix ESLint errors in main.ts
Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-24 21:08:08 +01:00
David Mehren
cc1ca69bc1
Fix various ESLint errors in services
Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-24 22:35:06 +01:00
David Mehren
21403ba606
Fix various ESLint errors in unit tests
Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-24 20:20:04 +01:00
David Mehren
208ff1d039
Fix various ESLint errors in configs
Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-24 20:29:39 +01:00
David Mehren
616f963b8e
HistoryService: toHistoryEntryDto does not need to be async
Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-24 21:19:48 +01:00
David Mehren
bfa5f0dfc6
NotesService: toNotePermissionsDto does not need to be async
Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-24 21:17:05 +01:00
David Mehren
def4ef145e
AuthService: randomString does not need to by async
Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-23 22:16:27 +01:00
David Mehren
fed3a12779
Add explicit Request type
Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-23 21:48:37 +01:00
David Mehren
a5d922b5f8
Use Req decorator instead of Request
This avoids a clash with the Request type from express

Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-23 21:20:01 +01:00
David Mehren
e4ba59f154
Don't await non-Promises
Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-23 21:14:39 +01:00
David Mehren
e83f1e206b
ESLint: Enable @typescript-eslint/naming-convention rule
This check enforces consistent variable naming.

Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-20 21:15:45 +01:00
David Mehren
9485597e6f
ESLint: Enable @typescript-eslint/return-await rule
This ensures stack traces are helpful at the cost of a slightly
lower performance (one more tick in the event loop).

Fixes #838

Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-20 20:14:36 +01:00
David Mehren
2ba824d9e2
ESLint: Re-enable @typescript-eslint/no-explicit-any rule
Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-24 21:59:28 +01:00
Philip Molares
0e4b65ca9d
MediaBackendInterface: Correct JSDoc of deleteFile
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-27 12:24:02 +01:00
Philip Molares
2c6af85f14
FilesystemBackend: Remove getFileURL
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-27 11:38:50 +01:00
Philip Molares
4ef3fd029d
MediaBackendInterface: Remove getFileURL
closes #957

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-26 16:15:46 +01:00
Philip Molares
3aeda955d9
MediaController: Handle MediaBackendErrors
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-25 13:59:32 +01:00
Philip Molares
8e7be737fa
FilesystemBackend: Throw MediaBackendError where appropriate
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-25 13:52:50 +01:00
Philip Molares
8515d824b7
MediaService: Add MediaBackendError
This get's thrown when the backend can't perform the required action.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-25 13:51:54 +01:00
Philip Molares
df1ae4d512
ConsoleLogger: Add typing to localeStringOptions
This is necessary as typescript is unable to determine that `year` in this object is of type "numeric" and not string.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-24 10:30:20 +01:00
Philip Molares
0c30f3f0cc
PermissionsModule: Remove unused imports
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-23 19:13:41 +01:00
Yannick Bungers
8b75867664
Rename getNoteContentByNote to getNoteContent
Signed-off-by: Yannick Bungers <git@innay.de>
2021-02-22 22:34:18 +01:00
Yannick Bungers
8ec756afb4
Remove unused getNoteContentByIdOrAlias
Signed-off-by: Yannick Bungers <git@innay.de>
2021-02-22 22:31:02 +01:00
Yannick Bungers
8873ac316a
Rename viewcount to viewCount for compliance
Signed-off-by: Yannick Bungers <git@innay.de>
2021-02-22 23:36:44 +01:00
Philip Molares
4d89ffd474
NotesService: Replace noteByIdOrAlias with note as parameter
As the NotesController has the note already, because it checked with it if the user has the permission to perform the action, it's not necessary to get the note from the DB again, instead we should just provide the note to the functions directly.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-20 16:50:11 +01:00
Philip Molares
e538056252
NotesController: Handle new errors
Handle the AlreadyInDB and PermissionsUpdateInconsistent errors and correctly show them to the api user as BadRequest errors.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-20 16:11:51 +01:00
Philip Molares
bafe379cc3
NotesService: Add unit tests
Fixed toUserDto method of UsersService: If a user has no email an empty string should be returned (like with the photoUrl) instead of null.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-20 16:09:22 +01:00
Philip Molares
128d861512
NotesService: Finished hardcoded functions
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-20 16:09:02 +01:00
Philip Molares
ff61fea96f
Errors: Add AlreadyInDB and PermissionsUpdateInconsistent error
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-20 16:07:09 +01:00
Philip Molares
b1683a5c64
GroupsService: Create new GroupsService
This service is necessary as we plan to have functions to create and manipulate groups in the future.
The GroupInfoDto was moved from the file note-permissions.dto.ts to mimic the UserInfoDto.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-20 11:41:15 +01:00
Philip Molares
292944ed78
NotePermissions: Remove default constructors
As discussed in #835 we don't want to have default constructors and prefer .create methods.
Because the created NoteGroupPermission and NoteUserPermission are not saved to the DB by themselves, but are saved via a change to the Note using a Pick<Class, attributes>-style return type is not helpful here as every single time the .create functions are called a full object is required.
The mock calls in the PermissionService test are not needed and break the .create calls so they got removed.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-20 11:38:50 +01:00
Philip Molares
195aeed5eb
NotesService: Add JsDoc strings to all functions
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-20 11:28:19 +01:00
Philip Molares
aa97a87316
NotesService: Rename getCurrentContent to getNoteContentByNote
The new name should better explain what this functions does.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-19 13:36:01 +01:00
Philip Molares
3953f6893b
NotesController: Catch NotInDBErrors from permission checks
The permission check also tries to get the note and a non existing note needs to be handled there too.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-17 13:15:26 +01:00
Yannick Bungers
9ac4134198
Add test for permission service
Many tests are generated and not static like in other files.

Signed-off-by: Yannick Bungers <git@innay.de>
2021-02-13 14:04:16 +01:00
Yannick Bungers
606d271296
Add guest permission mock and checking
mocked by attribute of permission service

Signed-off-by: Yannick Bungers <git@innay.de>
2021-02-13 14:00:29 +01:00
Yannick Bungers
48dedfead8
Add permission checks for notes routes
Signed-off-by: Yannick Bungers <git@innay.de>
2021-02-16 09:33:42 +01:00
Yannick Bungers
838b95b8c2
Add permissions Service
Checks if the given user has sufficient rights on the given resource.

Signed-off-by: Yannick Bungers <git@innay.de>
2021-02-16 09:32:58 +01:00
Yannick Bungers
68cbb5a9c2
Add relation between User and Group
This represents the users which are members of this group

Signed-off-by: Yannick Bungers <git@innay.de>
2021-01-27 22:58:55 +01:00
Philip Molares
ba553f28da
Tests: Rewrote AuthService unit test
The unit test now uses per test mocking of the necessary functions instead of one mock in the beforeEach call.
Also some tests got expanded to cover more error cases.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-06 13:14:26 +01:00
Philip Molares
ea4ccc76e4
StaticServe: Fix serving images under uploads/
This did not work until now, because path and prefix were swapped.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-15 07:39:52 +01:00
Philip Molares
698dd1a634
PublicApi: Add correct prefix
Using nest-router for this purpose as it is a rather easy addition to our structure. As we don't add the Router to any e2e tests we don't need to change them.

fixes #523

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-15 10:26:12 +01:00
Philip Molares
3ebea8ed77
MediaService: Add unit tests
The file test.zip is used to fail the saveFile test with 'MIME Type not supported'

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-13 22:12:19 +01:00
Philip Molares
c4289c9693
MediaService: Add JS-Docs to media service
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-13 22:06:33 +01:00
David Mehren
99ddee7815
Add missing logging context at various places
Our custom logger supports providing the name of the function that
calls the logger, this commit adds this context string where it
was previously missing.

Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-05 22:30:22 +01:00
Philip Molares
0dbcc9a653
Docs: Add api tags to group controller
For a better structure of the autogenerated apidoc website tags are used. Each Controller get it's own tag and will be put in a separate section.

See https://docs.nestjs.com/openapi/operations#tags

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-04 13:44:08 +01:00
Philip Molares
d457729ab7
Tests: Fix Mock Auth
This makes it possible to create the user before the mock auth guard does it's magic. This is necessary for some test, where we need the user object before the api is called.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-03 21:49:39 +01:00
Philip Molares
36f041f0e0
History: Add unit and e2e test
Add unit tests for history service
Adapt relevant me e2e tests to work

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-03 21:46:36 +01:00
Philip Molares
e55e62c2cd
History: Add history service and usage
Add history service to allow for CRUD operations.
Use history service in controllers to:
  1. Allow manipulating of history entries
  2. Guaranty the correct existence of history entries

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-03 21:22:55 +01:00
Philip Molares
300b464efd
History: Add HistoryEntry
With this the backend now can hold a history entry.
Also included in this commit are some minor changes to tests and services so they can still work.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-03 21:15:39 +01:00
Yannick Bungers
22aaa956a7
Reformat code by yarn format
Signed-off-by: Yannick Bungers <git@innay.de>
2021-01-30 18:09:00 +01:00
Philip Molares
5920a1c72f
tests: Fix tests as part of the DTO Refactor
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-30 12:47:31 +01:00
Yannick Bungers
0d5b9dea00
Refactoring of controllers and service interfaces
DTO should only be used for sending information to and from user.
Services now have methods which return normal internal objects and
methods which convert them to DTOs. This conversion is done in the
controlers

Signed-off-by: Yannick Bungers <git@innay.de>
2021-01-30 00:06:38 +01:00
Philip Molares
08ba52293c
auth: Fix undefined secret error
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-29 22:24:19 +01:00
Philip Molares
aa10e10412
auth: Fix UnauthorizedException throwing
Move conversion of Errors from AuthService to TokenStrategy.
This is necessary to correctly test the validateToken method.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-29 22:00:47 +01:00
Philip Molares
46b5cdfb47
auth: Fix secret length
The former length of 64 bytes (512-bit) is transformed into base64url (a 6-bit code) ~86 characters long. This is too long for bcrypt as it ignores any characters beyond the 72th.
This fix therefore reduces the amount of generated bytes to 54 (as 72*6/8 = 54) characters. This ensures that removing one character from the token the hash won't be the same anymore.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-28 12:18:20 +01:00
Philip Molares
8b27f6f393
auth: Fix handling of internal server errors
Catch all NotInDbErrors and TokenNotValidError and transform them to UnauthorizedException with the correct message.
This prevents nest from telling the api user that an internal server error has happened and instead display the correct http error code 401.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-27 21:55:30 +01:00
Philip Molares
8d815cf2c5
config: Fix inconsistent env vars
This should make the translation from env var name to config name and vice versa more consistent.

Fixes #751

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-28 23:28:16 +01:00
David Mehren
1883db4c93
Swagger: Split public and private API
Fixes #759

Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-25 23:11:56 +01:00
Philip Molares
62a5215242
auth: Encode secret in base64url
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-26 10:19:12 +01:00
Philip Molares
1791cb7c82
auth: Fix base64url transformation
The problem was that replace only replaces the first occurrence of a string and not all as is needed for this function.
tsconfig.json needed lib to be set to esnext or the replaceAll function won't be available…

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-26 10:18:52 +01:00
David Mehren
af35cd1bb2
HistoryEntryDto: Add doc comments
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-25 22:45:52 +01:00
David Mehren
c38019b0f2
HistoryEntryUpdateDto: Add doc comments
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-25 22:45:43 +01:00
David Mehren
6a21665c3e
NoteDto: Add doc comments
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-25 22:45:34 +01:00
David Mehren
7688b7c21f
NoteAuthorshipDto: Add doc comments
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-25 22:44:47 +01:00
David Mehren
6c7bd0ed26
RevisionMetadataDto: Add doc comments
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-25 22:44:20 +01:00
David Mehren
09cf25d111
RevisionDto: Add doc comments
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-25 22:44:11 +01:00
David Mehren
3233b5c958
NoteMetadata DTOs: Add doc comments
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-25 22:23:09 +01:00
David Mehren
eb2544bc2b
NotePermission DTOs: Add doc comments
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-25 22:22:52 +01:00
David Mehren
1a825ed199
UserInfoDto: Add doc comments
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-25 22:22:01 +01:00
Philip Molares
c8da989f25
auth: Run removeInvalidTokens 5s after startup
This should prevent problem with the AuthToken purge on Sundays, as the service is either running on sunday or will be restarted there after.

Also move base64url comment to right function

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 16:29:09 +01:00
Philip Molares
ad0ab648bc
auth: Add maximum token lifetime of 2 years.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 12:14:26 +01:00
Philip Molares
6686fa58c5
auth: Run removeInvalidTokens 5s after startup
This should prevent problem with the AuthToken purge on Sundays, as the service is either running on sunday or will be restarted there after.

Also move base64url comment to right function

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 18:16:08 +01:00
Philip Molares
af993407b3
auth: Add token limit of 200
This is a very high ceiling unlikely to hinder legitimate usage, but should prevent possible attack vectors

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 12:05:25 +01:00
Philip Molares
39d9fb5dec
tokens: Add token creation
Fix token deletion
Update plantuml docs
Add token validUntil and lastUsed fields

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-21 19:37:43 +01:00
Philip Molares
b84d0f7cab
auth: fixes unit and e2e tests
adds MockAuthGuard which always return user 'hardcoded'

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-16 19:33:09 +01:00
Philip Molares
8f008c7cc5
auth: Add cron to clean old tokens
Rename AuthToken.identifier to label

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-24 20:37:04 +01:00
Philip Molares
14a4872f49
auth: Remove userName parameter of removeToken function
As suggested by @innaytool

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-23 22:24:59 +01:00
Philip Molares
a8b46923fd
auth: Integrate suggestions by @davidmehren
Add number type alias TimestampMillis
Remove solved ToDos
Change AuthToken and AuthTokenDto to use Date
Rename authService unit tests

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-23 21:24:11 +01:00
Philip Molares
e6dc8c7678
auth: Split randomBase64UrlString in two functions
add test for BufferToBase64Url and toAuthTokenDto

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-23 19:04:00 +01:00
Philip Molares
508ad26771
auth: Add tests for AuthService
Move AuthTokens to auth folder

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-22 15:29:10 +01:00
Philip Molares
c9751404f7
tokens: Add token creation
Fix token deletion
Update plantuml docs
Add token validUntil and lastUsed fields

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-21 19:37:43 +01:00
Philip Molares
cce1626c48
auth: fixes unit and e2e tests
adds MockAuthGuard which always return user 'hardcoded'

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-16 19:33:09 +01:00
Philip Molares
33d9c455b8
openapi: adds auth to all public api routes
See:
https://docs.nestjs.com/openapi/security
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-16 17:45:14 +01:00
Philip Molares
2ab950c5c3
auth: adds token-auth to public api
adds auth service
adds auth module
adds token-auth strategy
adds token-auth to all public api calls

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-15 18:53:09 +01:00
Philip Molares
4784a1aea2
private: Add until to token creation
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-21 12:33:45 +01:00
Philip Molares
324ba71d24
private: removes collision check for tokens
this seems very unnecessary as the chance of this is 1 / 2^512

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-17 20:35:43 +01:00
Philip Molares
97f7128355
private: fixed token generation bugs
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-17 19:52:08 +01:00
Philip Molares
822c01f2c7
private: save token hashed
Auth tokens are now saved in hashed form.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-17 14:45:16 +01:00
Philip Molares
e5545043be
auth: hash auth token
Since the auth token will be stored in hashed form in the db, we need to hash each provided auth token in order to search in the db for them.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-17 14:38:05 +01:00
Philip Molares
667cf7e915
auth: add hash function
the hash function uses bcrypt with 2^16 iterations.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-17 14:32:17 +01:00
Philip Molares
b589dedd2a
private: adds tokens controller
adds private api
adds AuthTokenDto and AuthTokenWithSecretDto
adds necessary methods in the users service
adds RandomnessError

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-16 23:53:46 +01:00
Philip Molares
e04fcb9ee9
auth: hash auth token
Since the auth token will be stored in hashed form in the db, we need to hash each provided auth token in order to search in the db for them.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-17 15:27:13 +01:00
Philip Molares
80c7ae2fa9
private: adds tokens controller
adds private api
adds AuthTokenDto and AuthTokenWithSecretDto
adds necessary methods in the users service
adds RandomnessError

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-16 23:53:46 +01:00
Yannick Bungers
5246f0c05d
Removed special table name in Note object
and changed table names in plantuml file

Signed-off-by: Yannick Bungers <git@innay.de>
2021-01-23 00:41:49 +01:00
Philip Molares
bc525633fc
config: Improve error messages
Add labels to most Joi objects
Convert all auth variable insert names to upper case to prevent inconsistent naming of the variables
Rewrite auth errors to correctly point out the problematic variable
Add tests for the config utils functions

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-19 15:47:05 +01:00
Philip Molares
4372106ef0
tests: Removed unnecessary import of appConfigMock
As suggested by an review of David Mehren

Co-authored by: David Mehren <git@herrmehren.de>

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-19 12:45:36 +01:00
Philip Molares
072ef223e0
config: splits config in multiple files
splits the big appConfig in multiple configs
adds media.config.mock.ts

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-15 16:57:04 +01:00
Philip Molares
d59ccaba54
config: removes unnecessary options
removes options that we don't need from the config
removes linkify-header-style.enum.ts

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-15 16:23:56 +01:00
David Mehren
22e14fb706
NotesService: updateNoteByIdOrAlias should return the new note
Fixes #702

Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-10 20:30:45 +01:00
David Mehren
a14056dbc9
Move note permission route under metadata
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-10 20:25:28 +01:00
Philip Molares
286575315e
Extend config with various options from 1.x
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2020-12-31 22:37:37 +01:00
David Mehren
18c6694bcb
Add config to tests in various places
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-08 12:56:25 +01:00
David Mehren
e8e82076d0
FilesystemBackend: Use scoped appConfig
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-08 12:53:16 +01:00
David Mehren
67c7c4b8d1
MediaService: Get media backend from configuration
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-08 13:06:44 +01:00
David Mehren
cd37eef45e
Get port and upload path from config
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-30 22:35:57 +01:00
David Mehren
99dfa2d1fb
Load config to global scope
Otherwise every module would have to parse the config again

Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-08 12:52:30 +01:00
David Mehren
7d9e606b7d
Add proof of concept config system
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-30 22:35:12 +01:00
David Mehren
88c0794724
NotesService: Get note creation time from database
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-10 18:22:30 +01:00
David Mehren
b7cb3181c4
NotesService: rename getLastRevision to getLatestRevision
This fixes an inconsistency with `RevisionsService`

Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-10 18:20:28 +01:00
David Mehren
9b9f101577
MarkdownBody: Register swagger metadata
As explained in https://github.com/nestjs/swagger/issues/32#issuecomment-716169471, it's possible to register swagger metadata in custom decorators by providing an array of `enhancers`.
We now add metadata with the `MarkdownBody` decorator: The request needs a `body` with content-type `text/markdown`.

Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-10 19:21:00 +01:00
David Mehren
a523eadec2
NotesController: Do not crash on nonexistent notes
This commit adds proper error handling and returns 404 when a note does not exist.
Previously, we leaked the `NotInDBError` and sent a 500 status code.

Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-09 22:38:10 +01:00
David Mehren
3801b1b042
Format with Prettier 2
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-06 23:48:53 +01:00
Tilman Vatteroth
7aeaf488c4
Change year in copyright to 2021
Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>
2021-01-06 21:36:07 +01:00
David Mehren
890e9c942b
Fix prettier errors
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-05 23:11:31 +01:00
Philip Molares
dc63c76f43
added reuse information
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-05 22:12:38 +01:00
David Mehren
c95c68541c
Fix tests
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-24 21:11:16 +02:00
David Mehren
c0527c0942
Remove PUT /notes/{note}/metadata and corresponding service code
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-24 21:11:06 +02:00
David Mehren
520046f8d4
Remove NoteUtils class, as the planned parsing logic is not needed anymore
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-03 17:36:01 +02:00
David Mehren
a04d5b29f9
Add missing TagRepository provider in unit tests
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-03 17:24:42 +02:00
David Mehren
67cd8cb0f6
NotesController: Add PUT :noteIdOrAlias/metadata route
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-03 15:53:30 +02:00
David Mehren
08fd070bcb
NotesService: Implement updateNoteMetadata
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-03 15:52:49 +02:00
David Mehren
6541cfda4e
NoteEntity: Enable eager loading and cascades for tags
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-03 15:37:57 +02:00
David Mehren
99ab9f04c2
NotesService: Get metadata from database
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-03 11:27:15 +02:00
David Mehren
7d5dddaaaf
Add note metadata properties and Tag entity.
These were planned to be parsed at runtime from the note-content in the database, but having to run a markdown parser in the backend was found to be a bad idea. Now the frontend (that already implements the parsing logic) has to set title, description and tags.

Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-03 11:17:07 +02:00
David Mehren
ad676ce6ff
NoteMetadataDto: Rename permission to permissions
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-03 14:45:04 +02:00
David Mehren
713e2ada31
Update NotePermissionsUpdate DTOs to be aware of groups
The NotePermissionsUpdateDto was not updated when group permissions were introduced.

Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-10-03 12:42:14 +02:00
David Mehren
ff0651e659
FilesystemBackend: Ensure uploads directory exists
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-24 12:28:52 +02:00
David Mehren
ac2646a74a
AppModule: Remove unused imports
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-24 11:49:19 +02:00
David Mehren
2b23dcc5a9
MediaService: Simplify saveFile signature
As the `saveFile` method only really uses the files `Buffer`, this commit changes the signature so it directly gets a `Buffer` instead of a complicated `MulterFile` object. This also simplifies testing.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-24 11:49:01 +02:00
David Mehren
53fbe82b6a
UserEntity: Fix column types for create/update dates
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-24 11:34:49 +02:00
David Mehren
558addf83e
UsersService: Improve logging in getNoteByIdOrAlias
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-24 11:34:16 +02:00
David Mehren
15db6a9b2a
Use useStaticAssets instead of @nestjs/serve-static
`serve-static` does not work with `createTestingModule` and is not recommended when "just" serving a few images.

See https://github.com/nestjs/serve-static/issues/240

Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-24 11:32:23 +02:00
David Mehren
490e4cac69
MediaController: Add DELETE /{filename} route
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 21:54:44 +02:00
David Mehren
eeb3f6f5a7
MediaService: Implement delete feature
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 21:54:08 +02:00
David Mehren
5262a58639
FilesystemBackend: ESLint fixes
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 21:53:34 +02:00
David Mehren
16dfbdd42d
UsersService: Wait for the DB to find a user
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 21:52:59 +02:00
David Mehren
f4c73a8f96
Use POST /media for file upload
The old `/media/upload` subpath does not follow the convention of REST APIs.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 20:58:10 +02:00
David Mehren
c2c51f1eef
MediaService: Only allow upload of common image formats and PDFs
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 20:50:20 +02:00
David Mehren
d41b68b41a
Add various missing imports and provider ovverides in unit tests
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 20:21:22 +02:00
David Mehren
5a07abfd43
MediaController: Handle errors when trying to save file
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 18:51:29 +02:00
David Mehren
0cc9c6b347
MediaService: Improve error handling and logging
Add debug logging to `saveFile` method and throw the proper errors when problems with the mime type are encountered

Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 18:50:53 +02:00
David Mehren
219a3bcb5f
UsersService: Add methods to find, create and delete users
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-12 21:46:53 +02:00
David Mehren
1f22f47327
NotesService: Throw NotInDBError when the note wasn't found
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 18:47:10 +02:00
David Mehren
273d9b2d19
MediaController: Get parent note from HedgeDoc-Note header
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 16:44:00 +02:00
David Mehren
a877f57875
FilesystemBackend: Implement deleteFile and getFileURL.
We use `fs.unlink` instead of `fs.rm`, as the latter is only available in the fsPromises API since Node 14.14

Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-17 16:24:30 +02:00
David Mehren
9b3345fa13
Use serve-static to serve uploaded files.
Add `@nestjs/serve-static` to serve uploaded media from the upload directory on the local filesystem.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-16 22:38:31 +02:00
David Mehren
e2b5acaf84
MediaController: Use MediaService to store media
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-16 22:37:20 +02:00
David Mehren
c0cbcc863a
Add MediaService
This service is responsible for operations regarding uploaded media. It should perform save, get and delete operations with the configured backend.
The service also checks, if the mime type of the uploaded media is allowed.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-16 22:35:53 +02:00
David Mehren
23ba2026cc
Do not save file extension as a separate field.
It turned out that saving the file extension in a separate field is not necessary. Instead, the extension is saved in the complete filename in the `id` field.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-16 22:32:58 +02:00
David Mehren
dc49bfcccb
Implement filesystem media backend
This backend stores uploaded media into files on the local filesystem.
This commit also adds a `BackendType` enum, which can be used to distinguish different media backends.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-16 22:30:57 +02:00
David Mehren
db15afcb88
Define a MediaBackend interface
This interface defines the functionality that all media backends (like S3 or Azure) must implement.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-16 22:29:13 +02:00
David Mehren
617f46f32f
Add MediaUpload entity & Media module
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-13 10:33:54 +02:00
Jonas Zohren
139e1156da
Source version from package.json
Signed-off-by: Jonas Zohren <jonas.zohren@adesso.de>
2020-10-05 20:39:35 +02:00
David Mehren
108c5e670c
NestConsoleLoggerService: Propagate trace parameter to consoleLoggerService
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-03 15:52:07 +02:00
Yannick Bungers
11faa24468
Added markdownbody-decorator
which puts the markdown text directly to a variable in the route function.
Content-type of the http request is checked to be text/markdown because we dealing with markdown. Technically by now there can be any content which can be encoded. There could be features in the software which do not work properly if the text can't be parsed as markdown.

Signed-off-by: Yannick Bungers <git@innay.de>
2020-09-27 16:16:07 +02:00
David Mehren
e37722a56a
Switch to using the new custom logger
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-27 21:48:42 +02:00
David Mehren
b256fc8b36
Add logger module and custom logger implementation
ConsoleLoggerService is based on the default Nest LoggerService, but adds the ability to give context about the function that is logging something. It also removes the `[Nest]` string and the PID at the beginning of each log line.

NestConsoleLoggerService is a wrapper around ConsoleLoggerService and makes it possible to use our implementation as a default Nest LoggerService

Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-27 21:41:02 +02:00
David Mehren
776c230877
NotesService: Add TODO that createNote still needs to calculate a proper patch
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-26 16:01:01 +02:00
David Mehren
ab4ecf6a8f
UsersService: Merge if-statements and add null to return type in toUserDto
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-26 16:00:17 +02:00
David Mehren
5bd1259949
RevisionsService: Asynchronously inject NotesService to resolve circular dependency while testing
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-25 20:42:35 +02:00
David Mehren
b9b5af8b7f
Add various missing imports and provider overrides to fix unit tests.
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-22 21:59:09 +02:00
David Mehren
4cf31c1bcb
NotesService: Implement getNoteContent and getNoteMetdata
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-22 21:45:20 +02:00
David Mehren
bc1c8448df
NotesService: Let createNote create an actual Note and introduce createNoteDto to create & convert in one step.
It might be handy to have access to the original `Note` after creating one, so the creation and conversion to a `NoteDto` is now split.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-22 21:44:53 +02:00
David Mehren
446d6dec06
RevisionsService: Get note revision from database
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-22 21:42:17 +02:00
David Mehren
05a62b31ee
RevisionService: Implement getNoteRevisionMetadatas
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-22 21:09:14 +02:00
David Mehren
3d4e9a9b92
NotesController: revisionId is a number
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-22 21:08:14 +02:00
David Mehren
2140faab07
RevisionMetadataDto: Rename attribute updatedAt to createdAt
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-22 21:04:55 +02:00
David Mehren
cf88cde551
NotesService: Use the database for delete and update actions.
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-22 20:07:36 +02:00
David Mehren
05f25b92aa
NotesController: Get text from request body when updating and deleting a note.
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-22 20:06:56 +02:00
David Mehren
d462a571d8
RevisionEntity: Change primary key type from UUID to number
The precision of sqlites datetime() timestamp is only one second (see https://www.sqlite.org/lang_datefunc.html). Therefore we could not order revisions of one note that were created in the same second. To remedy this, the primary key was changed to a monotonically increasing number, which solves the ordering problem.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-22 20:06:16 +02:00
David Mehren
1abb472621
NotesController: Get text from request body when creating a named note.
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-22 18:31:20 +02:00
David Mehren
5d1cc6c339
NotesService: Find note by ID or alias in database
This commit also introduces the `getNoteDtoByIdOrAlias` method, that converts a `Note` entity to a `NoteDto`

Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-22 17:34:33 +02:00
David Mehren
21f4cda27c
NoteEntity: Lazy-load revisions relation
Using a `Promise` type in a TypeORM entity automatically enables lazy-loading of that relation.
See https://typeorm.io/#/eager-and-lazy-relations/lazy-relations

Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-22 17:32:35 +02:00
David Mehren
b1cb8025a5
RevisionsService: Implement getLatestRevision and createRevision methods
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-22 17:29:59 +02:00
David Mehren
615bd6496b
UsersService: Add null check to toUserDto() converter
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-22 17:28:57 +02:00
David Mehren
9cae7e34dc
NotesService: Get more note metadata from the database
Some previously hardcoded metadata-values are now retrieved from the database.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-19 17:40:50 +02:00
David Mehren
30a0b25094
UsersService: Add toUserDto() converter
This conversion function makes sure that a photo URL exists.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-19 17:33:29 +02:00
David Mehren
eee8668317
NoteUtils: Add methods to parse note metadata
These methods are intended to parse metadata details from YAML tags, but not implemented for now.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-19 17:32:08 +02:00
David Mehren
243fcabcaf
NoteEntity: Always initialize arrays
The `create()` function did not initialize all arrays, which caused them to be `undefined` instead of empty.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-19 17:30:58 +02:00
David Mehren
58e2932c1a
RevisionEntity: Add create() method
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-19 16:04:30 +02:00
David Mehren
32a6396a50
NotesService: createNote() now saves new notes to the database
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-19 16:01:32 +02:00
David Mehren
2261b81139
NoteEntity: Move constructor-code to create() method
TypeORM does not like having application code in the constructor (https://github.com/typeorm/typeorm/issues/1772#issuecomment-514787854), therefore that is moved into a new `create() static method. Additionally, the constructor is now `private`, which enforces the use of the new method.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-19 16:00:29 +02:00
David Mehren
bb9e60d5f6
NoteEntity: Formatting fixes
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-19 15:57:57 +02:00
David Mehren
85fa30b27c
NoteEntity: Enable CASCADE for revision column
This makes creating new Notes easier, as the first Revision is automatically created in the database.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-19 15:57:34 +02:00
David Mehren
56817c3f91
NoteController: Do not use text/markdown as response content-type for createNote
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-19 15:50:58 +02:00
David Mehren
c6787ef233
NoteDto: Rename attribute metdata to metadata
Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-19 14:54:08 +02:00
David Mehren
93cf9c2c56
NotesController: Use custom logic to access raw markdown
NestJS does not support content-types other than application/json.
Therefore we need to directly access the request object to get the raw body content.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-09-19 14:51:12 +02:00
David Mehren
f007b8539c
NotesController: Add missing mock repositories for testing
Signed-off-by: David Mehren <git@herrmehren.de>
2020-08-20 19:57:56 +02:00
David Mehren
7f81a57634
MeController: Add missing mock repositories for testing
Signed-off-by: David Mehren <git@herrmehren.de>
2020-08-20 19:57:47 +02:00
David Mehren
2654f1fa36
Implement User entity.
This commit implements the User entity according to the database schema and adds the Identity and AuthToken entities.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-08-13 20:26:47 +02:00
David Mehren
6bee3b16cf
Add Session entity
This entity implements the Session interface from connect-typeorm, which we will later use to store session data from express-session.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-08-13 20:25:43 +02:00
David Mehren
ef92ab73f9
Update Note entity
We now use the new permissions split in users and groups. Also the note now knows the colors of its authors.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-08-13 20:24:45 +02:00
David Mehren
ba9d7a6572
Add AuthorColor entity
Signed-off-by: David Mehren <git@herrmehren.de>
2020-08-13 20:22:30 +02:00
David Mehren
40034a4a84
Initialize TypeORM for Group entity
Signed-off-by: David Mehren <git@herrmehren.de>
2020-08-13 20:22:04 +02:00
David Mehren
68a0852691
Update revision entity according to the current database scheme.
Signed-off-by: David Mehren <git@herrmehren.de>
2020-08-12 20:52:26 +02:00
David Mehren
0a33d8ef8d
Add authorship entity.
It stores which parts of a revision were edited by a particular user.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-08-12 20:51:49 +02:00
David Mehren
637b16abda
Add PermissionModule and GroupsModule
Both currently contain only the database entities, taken from the schema.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-08-12 20:24:43 +02:00
David Mehren
97cc2085af
Update NotesService and HistoryService to use the new permission model.
We now have separate sharedTo attributes for users and groups.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-08-12 20:23:48 +02:00
David Mehren
a5ffbb6e7f
Add 'special' property to GroupInfoDto and rename 'id' to 'name'
Signed-off-by: David Mehren <git@herrmehren.de>
2020-07-27 22:38:46 +02:00
David Mehren
d1bd35007e
Adapt permission DTOs for group permissions
Signed-off-by: David Mehren <git@herrmehren.de>
2020-07-26 22:34:04 +02:00
David Mehren
34d0578c0d
Implement routes in MonitoringController
Signed-off-by: David Mehren <git@herrmehren.de>
2020-07-26 21:36:54 +02:00
David Mehren
6617977a7e
Add monitoring module
Signed-off-by: David Mehren <git@herrmehren.de>
2020-07-26 21:36:28 +02:00
David Mehren
99614f8f3a
Add media upload route to MediaController
Signed-off-by: David Mehren <git@herrmehren.de>
2020-07-26 21:20:49 +02:00
David Mehren
4851e2c31c
RevisionsService: Add hardcoded-data warnings.
Signed-off-by: David Mehren <git@herrmehren.de>
2020-07-26 21:02:15 +02:00
David Mehren
387e4c3b99
NotesService: Add hardcoded-data warnings.
Signed-off-by: David Mehren <git@herrmehren.de>
2020-07-26 21:01:30 +02:00
David Mehren
82f03152a8
Implement /notes API routes
This adds all currently specified routes under /notes.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-07-26 21:00:18 +02:00
David Mehren
4cd574306e
Add more features to NotesService
Signed-off-by: David Mehren <git@herrmehren.de>
2020-07-26 20:59:12 +02:00
David Mehren
0d4c489aa5
Add update-DTOs for note permissions and permission entries.
Signed-off-by: David Mehren <git@herrmehren.de>
2020-07-26 20:58:40 +02:00
David Mehren
11f6358516
Add DTOs for notes and note authorship
Signed-off-by: David Mehren <git@herrmehren.de>
2020-07-26 20:57:51 +02:00
David Mehren
735980da7c
Add RevisionsService
Signed-off-by: David Mehren <git@herrmehren.de>
2020-07-26 20:57:28 +02:00
David Mehren
b8af7301a1
Add DTOs for revision and revision metadata
Signed-off-by: David Mehren <git@herrmehren.de>
2020-07-26 20:57:11 +02:00
David Mehren
b429326b9d
Update Revision database schema
Still uses the old schema, should probably be changed

Signed-off-by: David Mehren <git@herrmehren.de>
2020-07-26 20:55:34 +02:00
David Mehren
02de7c7d54
Add /me/notes route to MeController
Signed-off-by: David Mehren <git@herrmehren.de>
2020-07-26 17:29:20 +02:00
David Mehren
b05022945c
Add NotesService
Signed-off-by: David Mehren <git@herrmehren.de>
2020-07-26 17:28:58 +02:00
David Mehren
643adb7f9f
Log warnings when using hardcoded data.
Signed-off-by: David Mehren <git@herrmehren.de>
2020-07-26 17:28:32 +02:00
David Mehren
1906f44e74
Enable automatic OpenAPI spec generation.
NestJS can automatically generate an OpenAPI spec by analyzing controllers and used DTOs.
This commit enables this feature. The API docs are served under /apidoc.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-07-26 16:53:43 +02:00
David Mehren
74208468c4
Fix formatting in main.ts
Signed-off-by: David Mehren <git@herrmehren.de>
2020-07-25 20:26:10 +02:00
David Mehren
6e7d98502d
Import new modules into AppModule
Signed-off-by: David Mehren <git@herrmehren.de>
2020-07-25 20:26:00 +02:00
David Mehren
69afdd3b05
Add NoteModule
This contains the module, a model which was adapted from the old code and two DTOs.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-07-25 20:24:59 +02:00
David Mehren
35674e80c4
Add RevisionsModule
This contains the module and a model which still needs many properties.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-07-25 20:16:13 +02:00
David Mehren
4799f65aff
Add PublicAPIModule
This adds all controllers needed in the public API (at least as currently specified) and implements some routes under `/me`

Signed-off-by: David Mehren <git@herrmehren.de>
2020-07-25 20:13:06 +02:00
David Mehren
80e018692b
Add AuthorsModule
This contains the module and a model which still needs many properties.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-07-25 20:11:08 +02:00
David Mehren
9d4e3a54d7
Add HistoryModule
This contains the module, a service (which only returns mock data), a model and two DTOs for history entries.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-07-25 20:07:39 +02:00
David Mehren
27126bcde1
Add UsersModule
This contains the module, a service (which only returns mock data), a model and the UserInfo DTO.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-07-25 20:06:22 +02:00
David Mehren
e53a8648b4
Add empty NestJS application
Signed-off-by: David Mehren <git@herrmehren.de>
2020-07-21 21:24:56 +02:00