The old upload path was 'public/uploads'. As there is no public anymore, we should at least keep uploads.
So basically this is a typo fix
Signed-off-by: Philip Molares <philip.molares@udo.edu>
Using nest-router for this purpose as it is a rather easy addition to our structure. As we don't add the Router to any e2e tests we don't need to change them.
fixes#523
Signed-off-by: Philip Molares <philip.molares@udo.edu>
Remove uploaded files after media e2e tests ran
Remove /uploads/ folder after all media e2e tests ran
This way the uploads folder doesn't grow while working on other e2e tests
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This explains how the configuration code works and give some hints on what do look out for while working on the configuration code.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
Our custom logger supports providing the name of the function that
calls the logger, this commit adds this context string where it
was previously missing.
Signed-off-by: David Mehren <git@herrmehren.de>
For a better structure of the autogenerated apidoc website tags are used. Each Controller get it's own tag and will be put in a separate section.
See https://docs.nestjs.com/openapi/operations#tags
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This makes it possible to create the user before the mock auth guard does it's magic. This is necessary for some test, where we need the user object before the api is called.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
Add history service to allow for CRUD operations.
Use history service in controllers to:
1. Allow manipulating of history entries
2. Guaranty the correct existence of history entries
Signed-off-by: Philip Molares <philip.molares@udo.edu>
With this the backend now can hold a history entry.
Also included in this commit are some minor changes to tests and services so they can still work.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
Replace the old docs index page with a hint where the (for now) 'real'
docs can be found and that HedgeDoc 2.0 is still in development.
Signed-off-by: David Mehren <git@herrmehren.de>
Currently renovatebot only cares about the default branch, which is
currently develop. In order to keep everything up-to-date we should
configure it, to also make sure that the master branch for 1.x will be
updated.
Therefore this patch adds the `baseBranches` config option, which allows
to define an array of branches to update.
Reference:
https://docs.renovatebot.com/configuration-options/#basebranches
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
To further reduce confusion between the `develop` and `master` branches,
this commit adds more information about them in the README
and the contribution docs.
Signed-off-by: David Mehren <git@herrmehren.de>
To ensure maintainability,
commit guidelines are added to our contribution documentation.
They include notes on commit structure and the commit message,
which evolved from issues that were encountered while developing.
Signed-off-by: David Mehren <git@herrmehren.de>
DTO should only be used for sending information to and from user.
Services now have methods which return normal internal objects and
methods which convert them to DTOs. This conversion is done in the
controlers
Signed-off-by: Yannick Bungers <git@innay.de>
Move conversion of Errors from AuthService to TokenStrategy.
This is necessary to correctly test the validateToken method.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
The former length of 64 bytes (512-bit) is transformed into base64url (a 6-bit code) ~86 characters long. This is too long for bcrypt as it ignores any characters beyond the 72th.
This fix therefore reduces the amount of generated bytes to 54 (as 72*6/8 = 54) characters. This ensures that removing one character from the token the hash won't be the same anymore.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
Catch all NotInDbErrors and TokenNotValidError and transform them to UnauthorizedException with the correct message.
This prevents nest from telling the api user that an internal server error has happened and instead display the correct http error code 401.
Signed-off-by: Philip Molares <philip.molares@udo.edu>