1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2024-12-22 17:21:34 +00:00
Commit graph

117 commits

Author SHA1 Message Date
Yannick Bungers
a191448b3d
Added Types revision.ts
Signed-off-by: Yannick Bungers <git@innay.de>
Signed-off-by: David Mehren <dmehren1@gmail.com>
2020-04-25 16:04:09 +02:00
Philip Molares
d0b693d3e7
updated types in note.ts
Signed-off-by: Philip Molares <philip.molares@udo.edu>
Signed-off-by: David Mehren <dmehren1@gmail.com>
2020-04-25 16:04:06 +02:00
Philip Molares
a7aaded6dd
created history.ts
- fixed imports
- added HistoryObject type
- made parseNoteInfo in note.ts static

Signed-off-by: Philip Molares <philip.molares@udo.edu>
Signed-off-by: David Mehren <dmehren1@gmail.com>
2020-04-25 16:04:06 +02:00
Yannick Bungers
536c54ff0d
moved response.js to response.ts and readded missing return statements
Signed-off-by: Yannick Bungers <git@innay.de>
Signed-off-by: David Mehren <dmehren1@gmail.com>
2020-04-25 16:04:06 +02:00
David Mehren
e641681483
ESLint fixes in models
Signed-off-by: David Mehren <dmehren1@gmail.com>
2020-04-25 16:04:05 +02:00
David Mehren
9f284b752b
Use import syntax for logger and config
Signed-off-by: David Mehren <dmehren1@gmail.com>
2020-04-25 16:04:05 +02:00
Yannick Bungers
bb8297dca3
Added Types to actions.js and reformat
Signed-off-by: Yannick Bungers <git@innay.de>
Signed-off-by: David Mehren <dmehren1@gmail.com>
2020-04-25 16:04:04 +02:00
David Mehren
7cdcf627db
note.ts: ESLint fixes, add types for diff-match-patch
Signed-off-by: David Mehren <dmehren1@gmail.com>
2020-04-25 16:04:04 +02:00
Yannick Bungers
de09524658
Added Types and reformating code
Signed-off-by: Yannick Bungers <git@innay.de>
Signed-off-by: David Mehren <dmehren1@gmail.com>
2020-04-25 16:04:04 +02:00
Yannick Bungers
84e021a0b0
Added types
Signed-off-by: Yannick Bungers <git@innay.de>
Signed-off-by: David Mehren <dmehren1@gmail.com>
2020-04-25 16:04:03 +02:00
Yannick Bungers
c6655d767a
changed for loop to foreach
Signed-off-by: Yannick Bungers <git@innay.de>
Signed-off-by: David Mehren <dmehren1@gmail.com>
2020-04-25 16:04:03 +02:00
Philip Molares
4eb71d6cad
reworked user.ts
- fixed imports
- removed complicated ternary operators
- simplified parseProfile
- added enum ProviderEnum
- added type Profile
- added type PhotoProfile

Signed-off-by: Philip Molares <philip.molares@udo.edu>
Signed-off-by: David Mehren <dmehren1@gmail.com>
2020-04-25 16:04:03 +02:00
Philip Molares
22683451bd
changed imports to new ./modules import style
Signed-off-by: Philip Molares <philip.molares@udo.edu>
Signed-off-by: David Mehren <dmehren1@gmail.com>
2020-04-25 16:04:03 +02:00
Philip Molares
d278a106e8
added model exports in index.ts
Signed-off-by: Philip Molares <philip.molares@udo.edu>
Signed-off-by: David Mehren <dmehren1@gmail.com>
2020-04-25 16:04:02 +02:00
David Mehren
0ad30a0029
revision.ts: Formatting, use Utils instead of global Sequelize object
Signed-off-by: David Mehren <dmehren1@gmail.com>
2020-04-25 16:04:02 +02:00
David Mehren
477a37b48c
note.ts: Formatting, use Utils instead of global Sequelize object
Signed-off-by: David Mehren <dmehren1@gmail.com>
2020-04-25 16:04:02 +02:00
David Mehren
8c662a1f41
Move stripNullByte and processData from models/index.ts to utils.ts
Signed-off-by: David Mehren <dmehren1@gmail.com>
2020-04-25 16:04:02 +02:00
David Mehren
4e02f46cee
More static methods in revision.ts
Signed-off-by: David Mehren <dmehren1@gmail.com>
2020-04-25 16:04:01 +02:00
David Mehren
0c078f5266
Fix types for foreign keys
Signed-off-by: David Mehren <dmehren1@gmail.com>
2020-04-25 16:04:01 +02:00
David Mehren
1d4107fe90
Migrate models to TypeScript
Co-authored-by: David Mehren <dmehren1@gmail.com>
Co-authored-by: Yannick Bungers <git@innay.de>
Co-authored-by: Philipp Hochkamp <me@phochkamp.de>
Co-authored-by: nzbr <mail@nzbr.de>

Signed-off-by: David Mehren <dmehren1@gmail.com>
2020-04-25 16:04:01 +02:00
Erik Michelson
c976217c12
Remove mattermost integration
Signed-off-by: Erik Michelson <erik@liltv.de>
2020-02-25 14:33:30 +01:00
David Mehren
f0b1d85ae9
Fix typo in Author model
Signed-off-by: David Mehren <dmehren1@gmail.com>
2020-02-24 15:08:27 +01:00
David Mehren
f6eec0ce90
Convert first files to TypeScript
Signed-off-by: David Mehren <dmehren1@gmail.com>
2020-02-24 15:08:23 +01:00
Erik Michelson
2881f8211a
Added customizable og-metadata to notes
Signed-off-by: Erik Michelson <erik@liltv.de>
2019-10-04 19:49:45 +02:00
BoHong Li
63c96e7359
fix: upgrade sequelize to latest version to fix CVE
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-06-11 00:41:50 +02:00
Sheogorath
b5fc6db75d
Rework debug logging
We have various places with overly simple if statements that could be
handled by our logging library. Also a lot of those logs are not marked
as debug logs but as info logs, which can cause confusion during
debugging.

This patch removed unneeded if clauses around debug logging statements,
reworks debug log messages towards ECMA templates and add some new
logging statements which might be helpful in order to debug things like
image uploads.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-06-08 21:27:29 +02:00
Sheogorath
4da68597f7
Fix eslint warnings
Since we are about to release it's time to finally fix our linting. This
patch basically runs eslint --fix and does some further manual fixes.
Also it sets up eslint to fail on every warning on order to make
warnings visable in the CI process.

There should no functional change be introduced.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-05-31 00:30:29 +02:00
Sheogorath
0dff8796ac
Fix missing pictures for OpenID
Currently a problem appears when using OpenID for authentication as
there is no method to add a profile picture right now.

This patch makes sure that all undefined login methods get a profile
picture.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-05-26 03:53:59 +02:00
Claudius
4833f300c5 polyfilling scrypt for node 8.5+
Signed-off-by: Claudius <opensource@amenthes.de>
2019-05-13 19:37:21 +02:00
Claudius
1d403e183d asyncified setting and verifying the password
Signed-off-by: Claudius <opensource@amenthes.de>
2019-05-13 19:37:21 +02:00
Claudius
df666dd214 getting password hashing into a hook where it could be async
Signed-off-by: Claudius <opensource@amenthes.de>
2019-05-13 14:37:08 +02:00
Sheogorath
cee2aa92f9
Switch scrypt library to a successor
Since our previous scrypt library is unmaintained since 3 years, it's
time to look for an alternative.

A refactoring towards another password algorithm was worked on and this
is probably still the way to go. But for now the successor of our
previous library should already be enough.

https://www.npmjs.com/package/scrypt (old library)
https://github.com/ml1nk/node-scrypt (new library)
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-21 01:33:34 +01:00
Claudius Coenen
858a59529e switching to eslint for code checking
most rules degraded to WARN, so we don't go insane. This will
change over time. The aim is to conform to a common style

Signed-off-by: Claudius Coenen <opensource@amenthes.de>
2018-11-14 23:15:36 +01:00
WilliButz
bd2f7cef49
lib/models/revision.js: make independent of exec-path
Previously calling `app.js` from another directory than
the base directory of CodiMD would result in an error being
thrown because `lib/workers/dmpWorker.js` could not be found.

This change makes the function call independent of the path CodiMD
is started from.

Signed-off-by: WilliButz <wbutz@cyberfnord.de>
2018-09-26 16:56:36 +02:00
Sheogorath
db5b86df4c
Further improvement of error handling for LZString
This does some more in depth check on the error message and minimizes
the log noise that is caused by LZString.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-07-27 15:42:58 +02:00
Sheogorath
4b060c7dba
Rebrand HackMD to CodiMD
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-24 13:24:12 +02:00
Sheogorath
318b2d378f
Allow to disable gravatar
Since Gravatar is an external image source and not perfect from a
privacy perspective, forbidding it allows to improve privacy.

This commit also simplifies and optimizes the avatar code.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-23 23:40:55 +02:00
Christoph (Sheogorath) Kern
56d78a7d6c
Merge pull request from SISheogorath/feature/GDPR
GDPR compliant part 1
2018-06-17 23:33:57 +02:00
Christoph (Sheogorath) Kern
551840ad57
Merge pull request from pferreir/add-oauth2-support
Add "generic" OAuth2 support
2018-06-04 15:54:47 +02:00
Sheogorath
70df29790a
Add token based security feature
In the current setup users could be tricked into deleting their data by
providing a malicious link like `[click me](/me/delete)`. This commit
prevents such an easy attack and need the user's deleteToken to get his
data deleted. In case someone requests his deletion by email you can
also ask him for this token.

We can add a GUI that shows it later on.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-25 18:26:06 +02:00
Sheogorath
e31d204d74
Fix requests for deleted users
When users are requested from the authorship which no longer exist, they
shouldn't cause a 500.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-25 16:15:18 +02:00
Sheogorath
408ab7ae1d
Use cascaded deletes
When we delete a user we should delete all the notes that belong to this
user including the revisions of these notes.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-25 14:55:18 +02:00
Sheogorath
8aa5c03213
Use hard delete instead of soft delete
Right now we only flag notes as deleted. This is no longer allowed under
GDPR. Make sure you do regular backups!

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-25 14:50:37 +02:00
Christoph (Sheogorath) Kern
763479bea8
Merge pull request from SISheogorath/fix/letterAvatarCSP
Move letter-avatars into own request
2018-04-17 22:29:37 +02:00
Sheogorath
69aed93282
Move letter-avatars into own request
To prevent further weakening of our CSP policies, moving the Avatars
into a non-inline version is the way to go.

This implementation probably needs some beautification. But already fixes
the bug.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-04-17 19:06:59 +02:00
Sheogorath
735b806d5d
Add check for noteId length
As we know the length of an UUID we can check if the base64 string
of the provided UUID is long enough for a legacy base64 encoded nodeId
and stop processing it in legacy mode, if it's not the case.

This should make the ugly warning way less common.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-04-10 16:10:34 +02:00
Pedro Ferreira
34df7ccce8 Use TEXT instead of STRING for tokens
Signed-off-by: Pedro Ferreira <pedro.ferreira@cern.ch>
2018-03-26 15:55:39 +02:00
Sheogorath
2411dffa2c
Change config to camel case with backwards compatibility
This refactors the configs a bit to now use camel case everywhere.
This change should help to clean up the config interface and make it
better understandable.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-03-25 19:08:14 +02:00
Max Wu
5e975cbe69 Fix to log instead of throwing error on parse note id
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2018-03-11 02:52:24 +08:00
Max Wu
c7657ae81e Fix parseNoteId order to fix some edge case
that LZString note url could be parsed by base64url note url and thus return wrong note id

Signed-off-by: Max Wu <jackymaxj@gmail.com>
2018-03-10 16:52:24 +08:00