Tilman Vatteroth
a72f695124
fix(s3-backend): correct endpoint
...
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-04-16 18:41:03 +02:00
Philip Molares
2fc89a7de5
feat: don't let read-only users send their cursors or selections
...
This was done as it may be used to distract or annoy other users either intentionally or unintentionally.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-04-06 22:54:50 +02:00
Philip Molares
c2f41118b6
feat: check permissions in realtime code and frontend
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-04-06 22:54:50 +02:00
Tilman Vatteroth
6fb58d56c2
fix: add missing tests for realtime-user-status-adapter
...
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-04-04 18:29:20 +02:00
Tilman Vatteroth
2a2d3756ad
refactor: test code of realtime
...
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-04-04 18:29:20 +02:00
Tilman Vatteroth
15374acb93
fix(backend): throw error if key in param decorator is not defined
...
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-03-31 15:43:28 +02:00
Tilman Vatteroth
598fc8ee11
feat(realtime): synchronize and show realtime activity state
...
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-03-29 01:16:43 +02:00
Tilman Vatteroth
8fc59aad82
refactor: make permission service less complex
...
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-03-26 20:21:13 +02:00
Tilman Vatteroth
0f8effd318
fix: use correct body parameter for permission controller
...
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-03-26 20:21:13 +02:00
David Mehren
f7f052fca1
refactor: use separate env vars for frontend/backend port
...
As we moved to a combined .env file for simplicity, frontend and backend need to be configured with separate variables.
Signed-off-by: David Mehren <git@herrmehren.de>
2023-03-26 15:53:49 +02:00
Erik Michelson
ca9836d691
enhancement(auth): better error message handling
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2023-03-26 15:43:39 +02:00
Tilman Vatteroth
24b7514e25
feat: submit own style index on realtime user state set
...
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-03-25 13:11:40 +01:00
David Mehren
382e70bf7b
fix: replace Equals constructor
...
TypeORMs Equals constructor is still broken, so this commit removes all remaining usages.
See https://github.com/hedgedoc/hedgedoc/issues/2467
Signed-off-by: David Mehren <git@herrmehren.de>
2023-03-25 12:43:27 +01:00
Tilman Vatteroth
088f2905a5
fix(backend): Fix type errors in query builder mock
...
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-03-25 12:43:27 +01:00
David Mehren
162a8e8816
docs: Move 'User Profiles & Authentication' to design docs
...
Signed-off-by: David Mehren <git@herrmehren.de>
2023-03-24 20:06:11 +01:00
Philip Molares
e01628cfb0
fix(backend): fix permission routes in NotesController
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-03-24 18:47:23 +01:00
Tilman Vatteroth
a826677225
refactor: save ydoc state in the database, so it can be restored easier
...
By storing the ydoc state in the database we can reconnect lost clients easier
and enable offline editing because we continue using the crdt data that has been
used by the client before the connection loss.
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-03-24 16:03:55 +01:00
Tilman Vatteroth
3a06f84af1
refactor: reimplement realtime-communication
...
This commit refactors a lot of things that are not easy to separate.
It replaces the binary protocol of y-protocols with json.
It introduces event based message processing.
It implements our own code mirror plugins for synchronisation of content and remote cursors
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-03-24 14:06:03 +01:00
Tilman Vatteroth
229d4a4a1d
fix: change sessionstate type to prevent unset values
...
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-03-19 22:45:44 +01:00
David Mehren
7233f862f2
test(auth-service): add mock for find
...
Signed-off-by: David Mehren <git@herrmehren.de>
2023-02-19 20:56:18 +01:00
David Mehren
ebb8b10804
fix(public/notes-controller): extract canEdit parameter from body
...
Signed-off-by: David Mehren <git@herrmehren.de>
2023-02-19 20:56:18 +01:00
David Mehren
068517a73b
fix(public/notes-controller): bind setUserPermission to an URL
...
Signed-off-by: David Mehren <git@herrmehren.de>
2023-02-19 20:56:18 +01:00
David Mehren
ada90ed30b
fix: map PermissionError to HTTP Forbidden
...
Signed-off-by: David Mehren <git@herrmehren.de>
2023-02-19 20:56:18 +01:00
David Mehren
921cffb76f
fix(auth-service): typeorm query in getTokensbyUser
...
TypeORM does not support WHERE queries for relation-colums directly.
This replaces the Equal() constructor with a manual comparison of the IDs.
See https://github.com/typeorm/typeorm/issues/2707
Signed-off-by: David Mehren <git@herrmehren.de>
2023-02-19 20:56:18 +01:00
David Mehren
7012f807b8
test: fix URLs in mock config
...
Signed-off-by: David Mehren <git@herrmehren.de>
2023-02-19 20:56:18 +01:00
David Mehren
9e78776412
refactor(notes-service): use default-access-level & cleanup createNote
...
Signed-off-by: David Mehren <git@herrmehren.de>
2023-02-12 20:42:10 +01:00
David Mehren
cdc9ebd352
refactor(default-access-level): rename from default-access-permission
...
Signed-off-by: David Mehren <git@herrmehren.de>
2023-02-12 20:42:10 +01:00
Tilman Vatteroth
caa53e3556
feat: add patch to add generic types to eventemitter2
...
EventEmitter2 has types, but they're very basic and not very type safe.
I created this patch, because my improved types haven't been merged into the official package.
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-02-09 21:58:41 +01:00
Tilman Vatteroth
11c2f57e4b
fix(commons): extract name of markdown content yjs channel into the commons package
...
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-02-09 15:43:59 +01:00
Yannick Bungers
7f8371fec2
Remove redundant password strength check
...
Signed-off-by: Yannick Bungers <git@innay.de>
2023-02-06 08:46:56 +01:00
Tilman Vatteroth
5e1fdbe81d
fix(config): Replace HD_DOMAIN and HD_EDITOR_BASE_URL with HD_BASE_URL
...
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-02-05 22:32:31 +01:00
Tilman Vatteroth
7b2d541cac
fix(backend): Use regex to parse version
...
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-02-05 21:21:08 +01:00
Tilman Vatteroth
74178b6edf
fix(backend): Remove redundant test
...
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-02-05 18:38:32 +01:00
Tilman Vatteroth
38bcb9affd
fix(backend): Fix open handles in backend test
...
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-02-05 18:38:32 +01:00
Tilman Vatteroth
d76714f2a2
fix(commons): Move "wait for other promises to finish" util to commons
...
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-02-05 18:38:32 +01:00
Erik Michelson
2225057ebe
misc(apidocs): move URL route of API docs
...
This makes the Swagger UI route more consistent to the real API routes.
Especially, the "private" prefix of the private API docs was irritating.
Additionally, this commit adds a rule to the Caddyfile for proxying the API docs to the backend.
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2023-01-15 18:20:25 +01:00
Erik Michelson
d52fc55ef3
feat(apidocs): use real version number
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2023-01-15 18:20:25 +01:00
Philip Molares
47d1765b12
refactor(backend): don't create local user if password is too weak
...
This prevents the previous problem that the backend created a user that was then not correctly removed again
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-01-15 18:15:28 +01:00
Philip Molares
c39a9430a2
feat(backend): add RegistrationDisabledError
...
This error is thrown by RegistrationEnabledGuard instead of directly throwing an http error.
The new RegistrationDisabledError is mapped to the Forbidden HTTP code 403, since this better represents the actual error.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-01-15 18:14:01 +01:00
Erik Michelson
69d625188c
fix(tests): syntax for loop in console-logger service
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-01-09 20:09:56 +01:00
Tamotsu Takahashi
396050c6cf
Set the session cookie after registering
...
Fix https://github.com/hedgedoc/react-client/issues/2524
Signed-off-by: Tamotsu Takahashi <ttakah+github@gmail.com>
2023-01-08 14:31:34 +01:00
David Mehren
b311265762
fix(media-controller): throw if no file was uploaded
...
Signed-off-by: David Mehren <git@herrmehren.de>
2022-12-30 11:02:56 +01:00
Tilman Vatteroth
298b6bc205
fix(backend): migrate code to use the commons workspace
...
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2022-12-11 23:09:10 +01:00
Tilman Vatteroth
a97f7e8fd1
fix(realtime): Allow connections for guest users
...
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2022-12-11 22:21:51 +01:00
Philip Molares
d3249c6635
test: fix "creates a new revision" test
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2022-11-27 21:29:23 +01:00
Philip Molares
231a3fd6bd
feat: add note specific filename for unidiff format in revision patch
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2022-11-27 21:29:23 +01:00
Tilman Vatteroth
bf30cbcf48
fix(repository): Move backend code into subdirectory
...
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2022-10-30 22:46:42 +01:00