Commit graph

137 commits

Author SHA1 Message Date
David Mehren
a607128b78 fix(media-service): correct type in chooseBackendType
Signed-off-by: David Mehren <git@herrmehren.de>
2023-12-07 18:46:39 +01:00
Philip Molares
723f3f611c feat(realtime): add disconnect reason
The frontend now doesn't try to reconnect, when the disconnection happened because of a lack of permissions

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-10-23 22:39:21 +02:00
David Mehren
85e17bee79 fix: support dots in semver prerelease identifier
Signed-off-by: David Mehren <git@herrmehren.de>
2023-10-08 22:01:47 +02:00
Yannick Bungers
ece2bc2880 Update Tests for HD_SHOW_LOG_TIMESTAMP
Signed-off-by: Yannick Bungers <git@innay.de>
2023-10-08 20:42:37 +02:00
Yannick Bungers
44a7bfdd9c Add config option for Disabling timestamp in log
Signed-off-by: Yannick Bungers <git@innay.de>
2023-10-08 20:42:37 +02:00
David Mehren
10776de54f fix(migrations): use migration file extension according to runtime
We need to use .ts only if we run inside ts-node
or other tools that use it. In all other cases, we need to
refer to the .js migration files.

Signed-off-by: David Mehren <git@herrmehren.de>
2023-10-08 17:58:32 +02:00
David Mehren
f8f198f9c9 feat: add initial database migration
Signed-off-by: David Mehren <git@herrmehren.de>
2023-10-08 17:58:32 +02:00
Yannick Bungers
fbd5fa8b07 Remove not needed TODOs
Signed-off-by: Yannick Bungers <git@innay.de>
2023-10-08 16:00:42 +02:00
Yannick Bungers
8879b51344 Adding issues for TODOs
Signed-off-by: Yannick Bungers <git@innay.de>
2023-10-08 16:00:42 +02:00
Yannick Bungers
7e1123e8a4 Move monitoring TODO
Signed-off-by: Yannick Bungers <git@innay.de>
2023-10-08 16:00:42 +02:00
Yannick Bungers
944c67e7f1 Remove TODO for tlsOptions in ldap config
Signed-off-by: Yannick Bungers <git@innay.de>
2023-10-08 16:00:42 +02:00
Yannick Bungers
b145f652e3 Add example noteId
Signed-off-by: Yannick Bungers <git@innay.de>

Signed-off-by: Yannick Bungers <git@innay.de>
2023-10-08 16:00:42 +02:00
Yannick Bungers
7a41cce94f Remove gitlab api version option
Signed-off-by: Yannick Bungers <git@innay.de>
2023-10-08 16:00:42 +02:00
Yannick Bungers
c34176ef85 More context for database todo
Signed-off-by: Yannick Bungers <git@innay.de>
2023-10-08 16:00:42 +02:00
Yannick Bungers
0aff06637c Remove history entry todos
Signed-off-by: Yannick Bungers <git@innay.de>
2023-10-08 16:00:42 +02:00
Yannick Bungers
18116f4e64 Remove user creation todo
Signed-off-by: Yannick Bungers <git@innay.de>
2023-10-08 16:00:42 +02:00
David Mehren
56e2270736 fix(session-service): properly handle session store results
Previously, an undefined result in fetchUsernameForSessionId
was handled the same way as an error, rejecting the promise.

This fixes the behavior, only rejecting the promise if an error
is returned from the session store and properly returning
undefined if the session store returns that.

Signed-off-by: David Mehren <git@herrmehren.de>
2023-10-07 19:01:57 +02:00
Philip Molares
a73e539a20 fix: check if auth names contain duplicates
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-10-07 16:05:59 +02:00
Erik Michelson
5d396eb99c fix: change property name in backend DTO
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2023-10-07 15:51:32 +02:00
Philip Molares
5335c48df7 feat(config): warn user about not yet supported config
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-10-07 14:33:21 +02:00
Philip Molares
d43da06ec1 refactor: remove dropbox, facebook & twitter login
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-10-07 13:28:37 +02:00
David Mehren
170977baa9 fix: ensure successful startup is logged
The default log level is 'warning', so we log the final
startup message as warning to ensure it is visible by default.

Signed-off-by: David Mehren <git@herrmehren.de>
2023-10-07 11:11:45 +02:00
David Mehren
0693812e8b refactor: remove HstsConfig
This config object was originally ported from the HD1 config,
but is not required anymore.

HD2 does not support handling TLS anymore, so it does not make
sense for it to set TLS-related headers.
The reverse proxy terminating TLS can easily set HSTS headers.

Signed-off-by: David Mehren <git@herrmehren.de>
2023-10-07 11:10:37 +02:00
Tilman Vatteroth
dccd58f0c1 fix: remove subpath support for HD_BASE_URL
With this commit we drop the subpath support which results in the constraint that HedgeDoc must always run on the root of a domain. This makes a lot of things in testing, rendering and security much easier.

Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-08-13 20:38:53 +02:00
Philip Molares
d185e2e694 refactor: rename HD_AUTH_LDAPS to HD_AUTH_LDAP_SERVERS
This was done as LDAPS us both the plural of LDAP and the common abbreviation for secure LDAP connections.

Fixes #4460

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-07-22 11:37:17 +02:00
Tilman Vatteroth
34bf8f16b1 fix: format code
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-07-19 12:36:32 +02:00
Tilman Vatteroth
4d70ccafbc fix: code formatting
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-07-16 10:51:51 +02:00
David Mehren
a5d8c9cc33 refactor(backend): fix nestjs-typed linting errors
Signed-off-by: David Mehren <git@herrmehren.de>
2023-07-09 21:12:56 +02:00
Yannick Bungers
f362d27d3f Move session entity to sessions folder
Signed-off-by: Yannick Bungers <git@innay.de>
2023-07-06 12:07:44 +02:00
Tilman Vatteroth
eeef0ea025 test: add mocked message transporter
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-07-06 12:07:03 +02:00
Tilman Vatteroth
25ee20c15d refactor: rename ready function to match its intent
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-07-06 12:07:03 +02:00
Tilman Vatteroth
f4a1999a8b fix(communication): send ready event when both sides are ready
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-06-28 21:50:48 +02:00
Tilman Vatteroth
bb54746ccf fix(backend): prevent realtime connections getting prepared for closed websocket
The setAdapter function checks if the websocket is closed.
If this is the case then an error is thrown and the whole process will be canceled. If the adapter isn't set before the realtime connection object is prepared then the connection will subscribe to all the events and THEN the process will be canceled. Because the MessageTransporter has no adapter (and won't get one), the connection will never get a disconnect event and clean up.

This causes the flood of "cant send message over closed websocket" messages.

Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-06-27 15:19:49 +02:00
David Mehren
4d50f2ec33 fix(backend): immediately use our custom logger
While the DI and database initialization is running, NestJSs default logger is normally used. Our custom logger was only being initialized after DI setup is complete.
Errors encountered during DI setup were buffered and only printed after DI init was complete, or the app exited on error.
This led to the app not printing anything for a minute in certain cases.

This commit replaces the initial logger with our ConsoleLoggerService that logs everything.
After DI init is complete, that logger is replaced with a normal instance of ConsoleLoggerService that uses the real config from DI.

Fixes https://github.com/hedgedoc/hedgedoc/issues/4306

Signed-off-by: David Mehren <git@herrmehren.de>
2023-06-25 21:49:01 +02:00
Tilman Vatteroth
cf02c35b49 fix: save created revision on realtime note destroy
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-06-21 14:17:25 +02:00
Avinash
b3eb6e4339 feat: increased test coverage for authService
Signed-off-by: Avinash <avinash.kumar.cs92@gmail.com>
2023-06-21 14:07:00 +02:00
Avinash
239e21f4cb refactor: removed unused userServices
Signed-off-by: Avinash <avinash.kumar.cs92@gmail.com>
2023-06-21 14:07:00 +02:00
Tilman Vatteroth
c25c0fac92 fix: don't save revisions on creation
sometimes we create revisions for notes that don't exist yet. If we try to persist a revision that is referring to a non-existing note the whole attempt crashes.

Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-06-20 11:44:38 +02:00
Tilman Vatteroth
bb355feddc fix: improve and adjust tests
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-06-20 11:44:38 +02:00
Tilman Vatteroth
eb986b1504 test: improve select query mock builder
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-06-20 11:44:38 +02:00
Tilman Vatteroth
f95f5406be fix: make other services use the revision create method
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-06-20 11:44:38 +02:00
Tilman Vatteroth
7161ffd5f2 fix: adjust seeding to new revision create signature
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-06-20 11:44:38 +02:00
Tilman Vatteroth
e84096b5dc feat: generate metadata from content on revision creation
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-06-20 11:44:38 +02:00
Tilman Vatteroth
90df9a4e32 feat: move title and description to revision entity
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-06-20 11:44:38 +02:00
Tilman Vatteroth
ac825edbe3 fix: replace RouterModule from nest-router with @nestjs/core
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-06-16 23:00:06 +02:00
Philip Molares
0a8945d934 feat(backend): handle username always in lowercase
This should make all usernames of new users into lowercase. Usernames are also searched in the DB as lowercase.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-06-04 21:55:19 +02:00
Tilman Vatteroth
753c6e593f refactor: remove isomorphic-ws
The package caused some issues while working on other features.
Mostly because bundlers have been unable to determine the correct
websocket constructor.
So I replaced it with a more object-oriented approach.

Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-06-02 17:40:25 +02:00
Tilman Vatteroth
d1ce1cb3e4 refactor: turn random word list source from json to ts
This prevents future import issues

Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-05-30 09:17:05 +02:00
Tilman Vatteroth
11ccd678de test: add test for permissions guard
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-05-19 19:10:45 +02:00
Tilman Vatteroth
a852c79947 refactor: replace permission check methods with ordered permission enum
This commit replaces the "mayWrite", "mayRead" and "checkPermissionOnNote"
functions with one that returns a sortable permission value.
This is done because many places in the code need to do actions based on the fact if
the user has no, read or write access. If done with the may-functions then the permission
data need to be looked through multiple times.

Also, the whole check code is split into more functions that are tested separately and make it easier
to understand the process.

Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-05-19 19:10:45 +02:00