Commit graph

4273 commits

Author SHA1 Message Date
Renovate Bot
9dba346b50
chore(deps): update dependency prettier to v2.5.1
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-12-04 15:05:10 +00:00
renovate[bot]
902fc64a1d
fix(deps): update nestjs packages (#1866)
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-12-04 13:02:24 +00:00
renovate[bot]
0aced17e7b
fix(deps): update dependency minio to v7.0.23 (#1865)
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-12-04 10:11:24 +00:00
renovate[bot]
810fc576d8
fix(deps): update dependency joi to v17.4.3 (#1864)
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-12-04 05:49:23 +00:00
renovate[bot]
6fd25eb726
chore(deps): update dependency @types/node to v16.11.11 (#1862)
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-12-04 03:38:06 +00:00
Yannick Bungers
87cb90abda
Merge pull request #1853 from hedgedoc/feat/getNoteInterceptor 2021-12-02 22:02:09 +01:00
Philip Molares
6fddeebc56 feat: replace GetNotePipe with GetNoteInterceptor and RequestNote
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-12-02 21:57:51 +01:00
Yannick Bungers
85aa3324f4
Merge pull request #1844 from hedgedoc/feat/permissionsGuard 2021-12-02 21:13:43 +01:00
Philip Molares
9e2a138a14 feat: add request note decorator
This extracts the note inserted with the get note interceptor into the request to be used by the controller service.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-12-02 20:41:45 +01:00
Philip Molares
ea0588f02e feat: refactor get note pipe to interceptor
This is necessary, because of the order of operations in nestjs, the validation pipe is not able to get the note as the noteIdOrAlias will be transformed by the get note pipe after the validation did run.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-12-02 20:41:45 +01:00
Philip Molares
16cd42f197 test: fix note e2e test 'fails with non-existing alias'
Because the rejection now happens automatically in the permissions guard it does not get to the controller method and does not report the Content-Type to text/markdown

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-12-02 20:41:14 +01:00
Philip Molares
40e8acb6bb test: fix note e2e test 'fails, when user can't read note'
Because the rejection now happens automatically in the permissions guard it now returns a 403 instead of 401

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-12-02 20:41:14 +01:00
Philip Molares
d27c531d9a refactor: move permissions service calls into permissions guard
This commit removes all previous calls to the permissions service at the beginning of the controller methods to the permissions guard. This should make the code a bit cleaner and remove boilerplate code.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-12-02 20:41:14 +01:00
Philip Molares
f6ae0d30a1 feat: create permissions guard
This guard protects resources and let's users only access them if they hold the correct permission

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-12-02 20:41:12 +01:00
Philip Molares
6f7cfced39 feat: create permission decorator
This gathers the permission a user needs to hold to access a resource for the PermissionsGuard.

See https://docs.nestjs.com/guards#setting-roles-per-handler

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-11-30 19:48:47 +01:00
Philip Molares
c30a06d90b feat: create permission enum
This enum makes it possible which permissions a user needs to hold to access a specific resource

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-11-30 19:48:47 +01:00
Philip Molares
dbf467fea5 chore: extract getNote code from GetNotePipe.transform
This was done so the same code could be used in the PermissionsGuard

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-11-30 19:48:47 +01:00
Philip Molares
4b3c726101 chore: move get-note-pipe to api utils
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-11-30 19:48:47 +01:00
David Mehren
b4ce0dc889
Merge pull request #1851 from hedgedoc/fix-permissions-types 2021-11-29 22:54:26 +01:00
Yannick Bungers
15e2e177fb Add missing null in type in permissions service
The parameters of the permission checking methods were missing a null value for not set user. This is the case if user is not logged in and operating as guest.

Signed-off-by: Yannick Bungers <git@innay.de>
2021-11-29 22:42:31 +01:00
David Mehren
0881d5f041
Merge pull request #1677 from hedgedoc/renovate/develop-passport-0.x 2021-11-29 21:41:43 +01:00
David Mehren
64867127d8
Merge pull request #1843 from hedgedoc/renovate/develop-linters 2021-11-29 21:41:24 +01:00
David Mehren
178704c79f
Merge pull request #1841 from hedgedoc/renovate/develop-class-transformer-0.x 2021-11-29 21:38:40 +01:00
David Mehren
9a5126f335
Merge pull request #1838 from hedgedoc/renovate/develop-tsconfig-paths-3.x 2021-11-29 21:37:26 +01:00
Renovate Bot
da38d0f166
chore(deps): update linters
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-11-23 07:50:47 +00:00
Renovate Bot
e5d98654c9
fix(deps): update dependency class-transformer to v0.5.1
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-11-22 19:53:40 +00:00
Renovate Bot
eac3ca4647
fix(deps): update dependency passport to v0.5.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-11-21 23:20:49 +00:00
Renovate Bot
d6637f9226
chore(deps): update dependency tsconfig-paths to v3.12.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-11-21 23:20:22 +00:00
David Mehren
7e84b0f135
Merge pull request #1845 from hedgedoc/fix/testName 2021-11-21 22:19:09 +01:00
Philip Molares
d716873af2 test: fix test name in alias.e2e-spec.ts
This seems to be a copy/paste bug

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-11-21 18:06:41 +01:00
renovate[bot]
965eae95a4
fix(deps): update dependency minio to v7.0.20 (#1842)
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-21 01:15:29 +00:00
David Mehren
3fa774d855
Merge pull request #1837 from hedgedoc/renovate/develop-typescript-4.x 2021-11-20 18:46:26 +01:00
Renovate Bot
ebb0e25f17
chore(deps): update dependency typescript to v4.5.2
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-11-20 15:08:40 +00:00
renovate[bot]
37a5c2ad10
fix(deps): update dependency class-validator to v0.13.2 (#1839)
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-20 15:05:49 +00:00
renovate[bot]
b1f1a2caee
fix(deps): update dependency typeorm to v0.2.41 (#1836)
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-20 12:20:22 +00:00
renovate[bot]
13884e7850
chore(deps): update nestjs packages (#1835)
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-20 10:40:44 +00:00
renovate[bot]
0854033dc9
chore(deps): update dependency source-map-support to v0.5.21 (#1834)
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-20 08:38:19 +00:00
renovate[bot]
c97ff0c278
chore(deps): update dependency @types/node to v16.11.9 (#1833)
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-20 04:10:49 +00:00
renovate[bot]
f387c556d7
chore(deps): update dependency @types/jest to v27.0.3 (#1832)
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-20 02:13:10 +00:00
David Mehren
5713c0b7bd
Merge pull request #1822 from hedgedoc/renovate/develop-linters 2021-11-17 18:12:01 +01:00
Renovate Bot
0e927e6f72
chore(deps): update linters to v5.4.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-11-17 08:34:13 +00:00
David Mehren
3ac396002b
Merge pull request #1825 from hedgedoc/chore/renovate-config 2021-11-17 09:31:47 +01:00
renovate[bot]
517bb08d2c
fix(deps): update dependency raw-body to v2.4.2 (#1828)
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-17 05:38:10 +00:00
David Mehren
bcd38e14c0
Merge pull request #1680 from hedgedoc/fix/createMethods 2021-11-16 19:07:00 +01:00
David Mehren
1601f4b3a8
Merge pull request #1826 from hedgedoc/enhancement/concurrent_e2e_tests 2021-11-16 18:45:46 +01:00
David Mehren
d094570a8c
test(jest): run e2e tests concurrently
Fixes #1644

Signed-off-by: David Mehren <git@herrmehren.de>
2021-11-16 18:26:34 +01:00
David Mehren
3a47e962ea
test(mockconfig): generate unique upload paths
This stops multiple concurrently running tests disturbing each other.

Signed-off-by: David Mehren <git@herrmehren.de>
2021-11-16 18:26:34 +01:00
David Mehren
0f08a1153d
ci(renovate): separate major updates
Signed-off-by: David Mehren <git@herrmehren.de>
2021-11-16 18:01:48 +01:00
David Mehren
6bb14c5446
ci(renovate): run only on weekends
Signed-off-by: David Mehren <git@herrmehren.de>
2021-11-16 17:59:02 +01:00
David Mehren
2acaa9f0ea
ci(renovate): remove explicit dependencyDashboard
The `config:base` preset now includes this option

Signed-off-by: David Mehren <git@herrmehren.de>
2021-11-16 17:55:15 +01:00