github/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2024-11-04 09:00:35 -05:00
Code Issues Projects Releases Packages Wiki Activity
6259 commits 40 branches 47 tags 106 MiB
Commit graph

6259 commits

This branch
This branch
All branches
Author SHA1 Message Date
David Mehren
d6ea4d29fe feat(api/private/me): include authProvider in UserInfo 
This information is supposed to be used by the frontend
to identify the login method that was used.

The used login method is saved as a string into the session data
and extracted via a new SessionAuthProvider decorator.

Signed-off-by: David Mehren <git@herrmehren.de>
 2022-03-07 13:54:43 +01:00
David Mehren
3f8e3b0589 refactor(api/public/media): return MediaUpload object instead of url 
This ensures the POST /media API behaves in the same way as /me/media

Signed-off-by: David Mehren <git@herrmehren.de>
 2022-03-07 13:54:43 +01:00
David Mehren
8e31f3a393 refactor(api/private/media): return MediaUpload object instead of url 
This ensures the private POST /media API behaves in the same way as /me/media

Signed-off-by: David Mehren <git@herrmehren.de>
 2022-03-07 13:54:43 +01:00
David Mehren
4f10e17d40 fix(frontend-config): iframe origins should be non-optional 
Signed-off-by: David Mehren <git@herrmehren.de>
 2022-03-07 13:54:43 +01:00
renovate[bot]
142194fe0a
Lock file maintenance (#1900) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2022-03-07 13:42:51 +01:00
Renovate Bot
67743b7cf5 chore(deps): lock file maintenance 
Signed-off-by: Renovate Bot <bot@renovateapp.com>
 2022-03-07 03:38:57 +00:00
Renovate Bot
13a44727c7 fix(deps): pin dependencies 
Signed-off-by: Renovate Bot <bot@renovateapp.com>
 2022-03-06 22:41:11 +01:00
David Mehren
268b39154d ci: move node version into a variable 
Signed-off-by: David Mehren <git@herrmehren.de>
 2022-03-06 22:24:21 +01:00
David Mehren
d73c9b8e86 ci: add config for e2e tests with multiple DBs 
Signed-off-by: David Mehren <git@herrmehren.de>
 2022-03-06 22:24:21 +01:00
David Mehren
513d64493e test: add and use a mocked DatabaseConfig 
Signed-off-by: David Mehren <git@herrmehren.de>
 2022-03-06 22:24:21 +01:00
David Mehren
89297e748f fix: TypeError in HistoryEntryImportDto 
For reasons, during testing, reflect-metadata might not be imported.
This causes the `@Type` annotation to crash the test with a TypeError.

Signed-off-by: David Mehren <git@herrmehren.de>
 2022-03-06 22:24:21 +01:00
David Mehren
f9448bb801 fix(session): limit subqueries for mariadb 
MariaDB does not support `connect-typeorm`s subqueries,
so they need to be disabled if this dialect is used.

Signed-off-by: David Mehren <git@herrmehren.de>
 2022-03-06 22:24:21 +01:00
David Mehren
9c6d3d9dab test: test don't need to set up sessions by themselves 
The setup is handled inside TestSetupBuilder.

Signed-off-by: David Mehren <git@herrmehren.de>
 2022-03-06 22:24:21 +01:00
David Mehren
9030488025 test: make tests order-independent 
MariaDB seems to order the returned media objects in a different way,
making our tests fail.

This refactors the tests to be independent of the order of returned data.

Signed-off-by: David Mehren <git@herrmehren.de>
 2022-03-06 22:24:21 +01:00
David Mehren
c7e77d25a0 test: support running e2e tests with mariadb 
Signed-off-by: David Mehren <git@herrmehren.de>
 2022-03-06 22:24:21 +01:00
David Mehren
552cb05d92 refactor(api/private/tokens): validate POST data with DTO 
This adds a `AuthTokenCreateDto` which allows
to fully validate incoming JSON data.

Signed-off-by: David Mehren <git@herrmehren.de>
 2022-03-06 22:24:21 +01:00
David Mehren
fd3fde9cc8 refactor(api/private/history): validate POST data with DTO 
This adds a `HistoryEntryImportListDto` which allows
to fully validate incoming JSON data.

Signed-off-by: David Mehren <git@herrmehren.de>
 2022-03-06 22:24:21 +01:00
David Mehren
a32d9e8305 fix(api/private/auth): wait for error 
Previously, the `logout` method immediately returned and did not wait
for the possible error callback.

This wraps the call to `session.destroy` into a promise,
so the error can be properly handled.

Signed-off-by: David Mehren <git@herrmehren.de>
 2022-03-06 22:24:21 +01:00
David Mehren
72c354d5f6 refactor(history-service): use NoteService to get note 
Signed-off-by: David Mehren <git@herrmehren.de>
 2022-03-06 22:24:21 +01:00
David Mehren
5b7026758a test: enable validationPipe in TestSetup 
Signed-off-by: David Mehren <git@herrmehren.de>
 2022-03-06 22:24:21 +01:00
David Mehren
5eab4f42d6 refactor: merge AuthTokenDTOs into one file 
Signed-off-by: David Mehren <git@herrmehren.de>
 2022-03-06 22:24:21 +01:00
David Mehren
de952fe3b2 feat(auth-service): accept undefined validUntil param 
The `validUntil` parameter for `createTokenForUser` may be undefined
in some usages.
As it is easy to add handling for that here, this commit implements it.

Signed-off-by: David Mehren <git@herrmehren.de>
 2022-03-06 22:24:21 +01:00
David Mehren
a6734cc58f test: ensure testSetup.cleanup is called 
Signed-off-by: David Mehren <git@herrmehren.de>
 2022-03-06 22:24:21 +01:00
David Mehren
f0e6f6150d test: allow running e2e tests with different DBs 
This commits adds infrastructure for running the E2E tests
with databases other than sqlite.

Initially, support for Postgres is added.

Signed-off-by: David Mehren <git@herrmehren.de>
 2022-03-06 22:24:21 +01:00
Philip Molares
35075bdb0b test: add unit test for noteConfig 
Signed-off-by: Philip Molares <philip.molares@udo.edu>
 2022-03-06 21:42:19 +01:00
Philip Molares
96747b6d68 fix: use joi positive and integer validators on HD_MAX_DOCUMENT_LENGTH 
validate HD_MAX_DOCUMENT_LENGTH with the positive and integer validators of Joi.

See also:
- https://joi.dev/api/#numberpositive
- https://joi.dev/api/#numberinteger

Signed-off-by: Philip Molares <philip.molares@udo.edu>
 2022-03-06 21:42:19 +01:00
Philip Molares
de8bad13cf test: add unit test for appConfig 
Signed-off-by: Philip Molares <philip.molares@udo.edu>
 2022-03-06 21:35:58 +01:00
Philip Molares
029881f380 chore: add mocked-env dev dependency 
This will be used to create unit test for the different config objects.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
 2022-03-06 21:35:58 +01:00
Philip Molares
45df0e6edb fix: rename parseOptionalInt to parseOptionalNumber 
This allows us to handle the possible errors due to non-integer numbers with joi and return more precise error messages.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
 2022-03-06 21:35:58 +01:00
Philip Molares
151e12a8a7 fix: use joi positive, integer and max validators on PORT 
validate PORT with the positive, integer and max validators of Joi.

See also:
- https://joi.dev/api/#numberpositive
- https://joi.dev/api/#numberinteger
- https://joi.dev/api/#numbermax

Signed-off-by: Philip Molares <philip.molares@udo.edu>
 2022-03-06 21:35:58 +01:00
Philip Molares
0a778d8a64 fix: use joi uri validator in appConfig 
validate HD_DOMAIN and HD_RENDERER_ORIGIN with the uri validator of Joi. This should prevent the problem described in #2150.

Fixes #2150

See also: https://joi.dev/api/#stringurioptions

Signed-off-by: Philip Molares <philip.molares@udo.edu>
 2022-03-06 21:35:58 +01:00
David Mehren
7e8716ec95 fix: ensure dates are properly transformed 
To correctly transform Date objects from ISO-strings in JSON
to instances, class-transformer requires the `@Type` annotation.

References:
https://github.com/typestack/class-transformer#%D1%81onverting-date-strings-into-date-objects
Signed-off-by: David Mehren <git@herrmehren.de>
 2022-03-06 20:54:46 +01:00
David Mehren
59a235ebc4 fix: ensure nested objects are properly validated & transformed 
To validate nested objects, class-transformer requires
the `@ValidateNested` annotation.
For arrays, class-transfomer requires
setting `each: true`.

To correctly transform nested objects from JSON to instances,
class-transformer requires the `@Type` annotation.

References:
https://github.com/typestack/class-validator#validating-nested-objects
https://github.com/typestack/class-validator#validating-arrays
https://github.com/typestack/class-transformer#working-with-nested-objects
Signed-off-by: David Mehren <git@herrmehren.de>
 2022-03-06 20:54:46 +01:00
David Mehren
324536bc2d feat(validation): send error message to client 
Signed-off-by: David Mehren <git@herrmehren.de>
 2022-03-06 20:52:52 +01:00
Renovate Bot
a31e4f4dfc chore(deps): update dependency ts-node to v10.7.0 
Signed-off-by: Renovate Bot <bot@renovateapp.com>
 2022-03-06 17:37:40 +01:00
Renovate Bot
d5c70b0302 chore(deps): update dependency mkdocs-material to v8.2.5 
Signed-off-by: Renovate Bot <bot@renovateapp.com>
 2022-03-06 17:30:01 +01:00
Renovate Bot
aa3d7c0c97 Update dependency sharp to v0.30.2 
Signed-off-by: Renovate Bot <bot@renovateapp.com>
 2022-03-06 10:02:57 +01:00
Renovate Bot
66bde48f94 Update bobheadxi/deployments action to v1.1.0 
Signed-off-by: Renovate Bot <bot@renovateapp.com>
 2022-03-05 23:11:41 +01:00
Renovate Bot
ec843083b4 Update definitely typed 
Signed-off-by: Renovate Bot <bot@renovateapp.com>
 2022-03-05 20:55:55 +01:00
renovate[bot]
df2e82024e
Update dependency ts-node to v10.6.0 (#1895) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2022-03-05 20:46:38 +01:00
renovate[bot]
e9df9b6672
Update linters (#1897) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Tilman Vatteroth <git@tilmanvatteroth.de>
 2022-03-05 20:40:00 +01:00
renovate[bot]
6b84cf6b59
Update dependency reveal.js to v4.3.0 [SECURITY] (#1887) 
* Update dependency reveal.js to v4.3.0 [SECURITY]

Signed-off-by: Renovate Bot <bot@renovateapp.com>

* Extend types

Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Tilman Vatteroth <git@tilmanvatteroth.de>
 2022-03-05 17:31:03 +00:00
Renovate Bot
aa6a594513 Update actions/checkout action to v3 
Signed-off-by: Renovate Bot <bot@renovateapp.com>
 2022-03-05 18:00:19 +01:00
Renovate Bot
25ff196f65 Update dependency i18next to v21.6.13 
Signed-off-by: Renovate Bot <bot@renovateapp.com>
 2022-03-05 17:47:39 +01:00
Renovate Bot
dd0dc292bf Update dependency cypress to v9.5.1 
Signed-off-by: Renovate Bot <bot@renovateapp.com>
 2022-03-05 17:47:15 +01:00
Renovate Bot
042ac1bbaf Update dependency netlify-cli to v9.12.3 
Signed-off-by: Renovate Bot <bot@renovateapp.com>
 2022-03-05 17:46:28 +01:00
Renovate Bot
080bf6239b Update dependency ts-loader to v9.2.7 
Signed-off-by: Renovate Bot <bot@renovateapp.com>
 2022-03-05 16:19:36 +01:00
Renovate Bot
7d8f047389 Update dependency typescript to v4.6.2 
Signed-off-by: Renovate Bot <bot@renovateapp.com>
 2022-03-05 16:18:24 +01:00
Renovate Bot
4817431166 chore(deps): update linters 
Signed-off-by: Renovate Bot <bot@renovateapp.com>
 2022-03-05 10:47:14 +01:00
Renovate Bot
8aee78c78e chore(deps): update actions/checkout action to v3 
Signed-off-by: Renovate Bot <bot@renovateapp.com>
 2022-03-05 10:40:33 +01:00