Commit graph

447 commits

Author SHA1 Message Date
David Mehren
7ef380241d
fix(seed): fix create method usage
Signed-off-by: David Mehren <git@herrmehren.de>
2021-11-14 21:49:31 +01:00
David Mehren
b9d3c95d2d
fix(note): fix type for owner param
To make the create method easier to use in conjunction
with the authentication framework, this commit changes the type of
the `owner` parameter from `User | undefined` to `User | null`.

Signed-off-by: David Mehren <git@herrmehren.de>
2021-11-14 21:44:59 +01:00
David Mehren
c675dd0e9e
fix(alias): remove default for primary
To make the create method more consistent with the
guidelines,
this commit removes the default value from the `primary` parameter.

Signed-off-by: David Mehren <git@herrmehren.de>
2021-11-14 21:22:22 +01:00
David Mehren
04412826a7
fix(media-upload): remove backendData parameter
`Create` methods should only contain optional properties

Signed-off-by: David Mehren <git@herrmehren.de>
2021-11-14 21:14:03 +01:00
David Mehren
3fe1bb0edf
fix(identity): remove default for syncSource
To make the create method more consistent with the
guidelines,
this commit removes the default value from the `syncSource` parameter.

An Identity will be created as sync source,
when the associated account is created using an external provider.

Signed-off-by: David Mehren <git@herrmehren.de>
2021-11-14 20:56:17 +01:00
David Mehren
178513a3a0
fix(group): add special flag to create method
To make the create method more consistent with the
guidelines, this commit adds the `special` flag to
the parameters.
As this function will only be used to create the two hard-coded groups
and to handle API requests at one or two places, adding the parameter
should not be too problematic.

Signed-off-by: David Mehren <git@herrmehren.de>
2021-11-14 20:53:45 +01:00
Philip Molares
62037acc97
fix(media-upload): rework create and media services saveFile
This was done to make the create method more concise.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-11-11 22:06:30 +01:00
Philip Molares
b1d4696895
fix: the tests use the new typing from create methods
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-25 11:55:35 +02:00
Philip Molares
8cda5f99fb
fix: services use the new typings from create methods
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-25 11:52:42 +02:00
Philip Molares
d0b8e4cd36
feat: consolidate entities create
This was done to give better typings to the function signatures of entities `create` methods.
It also ensures that each field that should be set to `null` is set to `null` and doesn't leave that up to the typeorm handlers.

See: #1641
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-25 11:50:28 +02:00
David Mehren
d4b806bbf8
test(mockconfig): generate unique upload paths
This stops multiple concurrently running tests disturbing each other.

Signed-off-by: David Mehren <git@herrmehren.de>
2021-11-16 18:25:00 +01:00
Philip Molares
c9be26235c
docs: fix createUser and test docs
this ports the fixes applied to createGroup to this method as well

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-11-06 11:49:26 +01:00
Philip Molares
0470497ccb
feat: setupSpecialGroups in bootstrap
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-10-31 00:06:55 +02:00
Philip Molares
bcf35c61a5
fix: permissions service use new SpecialGroup enum
instead of random strings the permissions service now uses the SpecialGroup enum

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-10-31 00:05:59 +02:00
Philip Molares
5fd9750d68
feat: add createGroup function
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-10-31 00:04:12 +02:00
Philip Molares
9a8f4c0b8c
feat: add SpecialGroup enum
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-10-30 23:58:17 +02:00
David Mehren
c02f845ecb
AuthController: Return 409 Conflict when user already exists
The previously used HTTP error 400 'Bad Request' is not really
applicable here, as the client did not send a malformed message.

Signed-off-by: David Mehren <git@herrmehren.de>
2021-10-27 19:39:18 +02:00
Yannick Bungers
24d79a9493
Add API doc for private media API
Signed-off-by: Yannick Bungers <git@innay.de>
2021-10-18 20:20:14 +02:00
Yannick Bungers
85dc2cd02d
Remove unnecessary exception handling in private notes.controller.ts
and change noteIdOrAlias to Note as parameter

Signed-off-by: Yannick Bungers <git@innay.de>
2021-10-18 21:12:33 +02:00
Alexandru Văleanu
32929c1e77
Add delete media in private API (#1736)
Adds the missing API route of deleting media in the private API.
2021-10-18 19:00:28 +01:00
Yannick Bungers
f4799c5ebe
Change createTokenForUser signature
user is now used instead of username

Signed-off-by: Yannick Bungers <git@innay.de>
2021-10-13 22:59:51 +02:00
Yannick Bungers
40103cb397
fix username spelling from userName
Signed-off-by: Yannick Bungers <git@innay.de>
2021-10-13 22:28:10 +02:00
Yannick Bungers
be27686610
change getTokensByUsername to getTokensByUser
Signed-off-by: Yannick Bungers <git@innay.de>
2021-10-13 22:22:08 +02:00
David Mehren
0da7d01dec
Add dev-proxy to frontend dev server
This adds a reverse proxy to the backend, that automatically
redirects requests that are not handled by the backend to the React
dev server running on port 3001.

The reverse proxy is only enabled when NODE_ENV is set to
'development'.

Signed-off-by: David Mehren <git@herrmehren.de>
2021-09-23 22:36:13 +02:00
Yannick Bungers
ad190fcf22
Get user from Session instead of hardcoded value
Signed-off-by: Yannick Bungers <git@innay.de>
2021-09-23 22:44:34 +02:00
David Mehren
39eb5ff116
Log errors in ValidationPipe
Previously, when an error was encountered while validating
the request, only an HTTP 400 status code was returned to the client.
This adds logging of the error message,
so invalid requests can be debugged.

Signed-off-by: David Mehren <git@herrmehren.de>
2021-09-23 22:05:57 +02:00
David Mehren
1f2067288a
Explicitly import URL
With Yarn PnP, URL is seems to not automatically be
part of the global scope.

Signed-off-by: David Mehren <git@herrmehren.de>
2021-09-06 16:32:24 +02:00
Philip Molares
9383eeb53a
fix: the seed command handles the new aliases
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-06-06 17:56:12 +02:00
Philip Molares
90b64c73b3
test: fix service tests to handle the new aliases
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-06-06 17:53:07 +02:00
Philip Molares
b135333a51
feat: add alias controller to private and public api
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-08-07 21:28:59 +02:00
Philip Molares
2b76d33a23
feat: add aliases to service files
This commit makes it possible to identifier notes via any alias in the note and history service.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-06-06 17:47:38 +02:00
Philip Molares
babd5ce393
chore: create getIdentifier utility function
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-16 23:53:29 +02:00
Philip Molares
8c214820e1
chore: create getPrimaryAlias utility function
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-08-07 21:51:47 +02:00
Philip Molares
d1b7c2a2db
feat: add alias service
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-08-07 21:53:54 +02:00
Philip Molares
17c55195c3
feat: add list of aliases to note entity
One of the aliases can be primary for each note, but all can be used to get information from the apis.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-06-06 17:46:32 +02:00
Philip Molares
86d060706f
chore: add PrimaryAliasDeletionForbiddenError
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-08-07 21:52:00 +02:00
Philip Molares
1fd15cc376
chore: add alias dtos
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-08-07 21:54:42 +02:00
Philip Molares
366057fb8b
feat: add auth controller with internal login, registration, password change and logout
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-08-08 22:00:14 +02:00
Philip Molares
cd4ee84ec3
feat: add LoginEnabledGuard and RegistrationEnabledGuard
These guards check if the login or registration are enabled in the config. If so the guarded method is executed, if not the client will get the HTTP Error 400 Forbidden as an answer

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-04 18:31:01 +02:00
Philip Molares
46d03571c1
fix: update seed.ts
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-08-31 13:39:51 +02:00
Philip Molares
5a91662865
feat: add session handling
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-08-31 13:36:13 +02:00
Philip Molares
1c52ad69a6
feat: add identity module
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-08-08 21:59:23 +02:00
Philip Molares
df10ed92e3
feat: add local auth strategy
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-08-08 21:59:12 +02:00
Philip Molares
b9cec8aeca
feat: add identity service
This service handles all the authentication of the private api.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-08-08 21:58:54 +02:00
Philip Molares
3cc321f353
feat: add getFirstIdentityFromUser helper function
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-08-08 21:57:46 +02:00
Philip Molares
e7eb6694a6
feat: change email auth config to local
This was done to use the same term. Also email was the old term from HedgeDoc 1 and wildly inaccurate. As we never checked any mail addresses, in fact it was more of a username than anything else.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-04 19:24:32 +02:00
Philip Molares
43242cccc9
feat: add session to AuthConfig
this handles the settings for the cookie session. The secret and the lifeTime of the cookie can be configured.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-04 17:46:58 +02:00
Philip Molares
0ef0d1e111
feat: add local auth dtos
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-08-08 21:54:05 +02:00
Philip Molares
5e4eb574c5
chore: add user relation enum
this enum is used to specify which relation of the user object should be populated.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-08-31 13:39:36 +02:00
Philip Molares
337854c86a
feat: lazy load identities of user object
This makes it possible that we can get identities from any user object even if we didn't specify that while getting them from the orm

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-04 22:13:16 +02:00