This pipe transforms a note ID or alias to a Note object
by loading it from the database.
It also performs error handling
Signed-off-by: David Mehren <git@herrmehren.de>
This introduces the `RequestUser` decorator
to extract the `User` from a request.
It reduces code duplication across the public API
and allows us to drop the override of the `Request` type from express.
Signed-off-by: David Mehren <git@herrmehren.de>
After Authorship was renamed to Edit, the DTO should follow.
The file is also moved to the revisions folder, where the entity
already is.
Signed-off-by: David Mehren <git@herrmehren.de>
As we now have a separate Author entity, which holds information
about an author (the color), the Authorship name became confusing.
Edit seems to be a better name, as the entity saves information
about a change in a note.
Signed-off-by: David Mehren <git@herrmehren.de>
This reimplements logic to get all Users that ever edited a note
and fixes the empty `editedBy` property of `toNoteMetadataDto`
introduced in 81cc092e.
Signed-off-by: David Mehren <git@herrmehren.de>
This commit replaces the user property with a author property,
in accordance with the DB schema updated in 0d6c3002.
It also adjusts the NoteService accordingly.
Signed-off-by: David Mehren <git@herrmehren.de>
The DB schema was updated in 0d6c3002,
this adds the new author property to
the Session and User entities.
Signed-off-by: David Mehren <git@herrmehren.de>
Before this commit, `Note.create()` did not return a complete object,
as the `publicId` property was missing.
This adds the generation of the property to the `create` method and
moves the actual generation code from the `NotesService`
to a utility method.
Signed-off-by: David Mehren <git@herrmehren.de>
This field is a randomly generated 128-bit value encoded with base32-encode using the crockford variant and converted to lowercase.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This was done because it was only a wrapper for a nodejs function to check if the given parameter is a positive number.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This is a 1.x relict and isn't used anymore in 2.x. All 1.x shortids will be converted to aliases on migration of 1.x to 2.x.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
As all tokens are valid for a maximum of 2 years, the
validUntil attribute is always populated.
This updates the database schema and the DTO to reflect that.
Fixes#1256
Signed-off-by: David Mehren <git@herrmehren.de>
TokenAuthGuard ensures that req.user is always
defined, but thanks to strict mode we have to check again.
In the future, we may add a custom Request type and
a custom param decorator to centralize the check.
Signed-off-by: David Mehren <git@herrmehren.de>
TypeORM columns with `nullable: true` can be `null` at runtime.
This commit ensures that the types of the corresponding properties reflect that.
Signed-off-by: David Mehren <git@herrmehren.de>
TokenAuthGuard ensures that req.user is always
defined, but thanks to strict mode we have to check again.
In the future, we may add a custom Request type and
a custom param decorator to centralize the check.
Signed-off-by: David Mehren <git@herrmehren.de>
TokenAuthGuard ensures that req.user is always
defined, but thanks to strict mode we have to check again.
In the future, we may add a custom Request type and
a custom param decorator to centralize the check.
Signed-off-by: David Mehren <git@herrmehren.de>
This adds error handling to getEntryByNote, so it throws a
NotInDBError instead of (illegally, according to the type) returning
null.
Signed-off-by: David Mehren <git@herrmehren.de>
Some properties already have a IsOptional decorator,
this makes the properties themselves also optional
Signed-off-by: David Mehren <git@herrmehren.de>
A string with a negative length is invalid, so we should throw here
instead of complicating the type with a possible null return value.
Signed-off-by: David Mehren <git@herrmehren.de>
validUntil and lastUsed already have a IsOptional decorator,
this makes the properties themselves also optional
Signed-off-by: David Mehren <git@herrmehren.de>
This adds error handling to various getters, so they throw a
NotInDBError instead of (illegally, according to the type) returning
null.
Signed-off-by: David Mehren <git@herrmehren.de>
This is the transactional reimplementation of the business logic of the history controllers setHistory method (of the private api). This should prevent the problem that the history gets deleted, but a later error in the handling of the list of HistoryEntryImportDto let's the call fail.
See also: https://docs.nestjs.com/techniques/database#transactions
Signed-off-by: Philip Molares <philip.molares@udo.edu>
As the function is now only called with a user and a note and the previous extra parameters are now added into the transactional setHistory method, this is no longer necessary.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
To reuse this functionality in the history services setHistory method, it was extracted into its own exported function.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This script invokes src/seed.ts to create a sqlite DB. The DB already contains some objects to manual test with. This ensures that devs easily can spin up a test instance of HedgeDoc and don't need to fumble around with the DB file.
See https://github.com/typeorm/typeorm#creating-a-connection-to-the-database
Signed-off-by: Philip Molares <philip.molares@udo.edu>
As we only use rendererOrigin in the frontend config service, where domain will be used if it is not defined, it makes more sense to move this default behavior to the app config directly. That makes it easier to understand what this variable contains and that it defaults to domain.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
NestJS adds the headers "Last Modified" and "ETag" to asset serving responses.
Therefore all the information we need for the banner are already given by the
file content or the file meta data.
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
This adds a body to the route DELETE /notes/{note} of the public api to specify if the associated media uploads of the note should be kept or deleted.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This adds a body to the route DELETE /notes/{note} of the private api to specify if the associated media uploads of the note should be kept or deleted.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
As it is possible to delete a note without also deleting the associated media uploads this needs to changed in the media upload entity, too.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This commit adds a few missing `functionContext` parameters in calls to
`this.logger` and fixes a copy-paste error in `ensureDirectory`
Signed-off-by: David Mehren <git@herrmehren.de>
Until now the app config mock used ts-loader's LogLevel instead of our own Loglevel, which is obviously wrong.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
To better handle deletion of entities, all necessary other entities got the option onDelete CASCADE set. So everything that does not make any sense if something else is deleted will be deleted along side of it.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
The former deleteFile was moved to the public apis media controller and the actual deletion functionality was moved in a separate function to be called on user deletion.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
Add test to createUser method to ensure an already used username triggers a AlreadyInDBError.
Add debug entry if user is deleted.
Add changeDisplayName method.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This makes it possible to create permissions by setting them in the note entity and delete them when either the user or note is deleted.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This functions makes it possible to make a partial order of the Loglevel enum. This simplifies the if statements in ConsoleLogger.
This is done, because the Loglevel enum already has a string backing for easy conversion from the config environmental variables and therefore can't also have a ordinal number assigned…
Signed-off-by: Philip Molares <philip.molares@udo.edu>
