libretic/etherpad-lite
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
6107 commits 2 branches 0 tags 24 MiB
Commit graph

3359 commits

Author SHA1 Message Date
John McLear
5dfae625b9 Package Lock update 2020-09-09 18:15:47 +01:00
John McLear
c8361a211a bump ueber 2020-09-09 14:41:03 +01:00
Stefan Mueller
e64a269a65 Update version to 1.8.5 2020-09-08 22:09:56 +02:00
John McLear
7258d75cc5 bumping ueber 2020-09-08 16:03:15 +01:00
Richard Hansen
6c2a361935 import: Use the correct author ID when using sessions 
There are two different ways an author ID becomes associated with a
user: either bound to a token or bound to a session ID. (The token and
session ID come from the `token` and `sessionID` cookies, or, in the
case of socket.io messages, from the `token` and `sessionID` message
properties.) When `settings.requireSession` is true or the user is
accessing a group pad, the session ID should be used. Otherwise the
token should be used.

Before this change, the `/p/:pad/import` handler was always using the
token, even when `settings.requireSession` was true. This caused the
following error because a different author ID was bound to the token
versus the session ID:

> Unable to import file into ${pad}. Author ${authorID} exists but he
> never contributed to this pad

This bug was reported in issue #4006. PR #4012 worked around the
problem by binding the same author ID to the token as well as the
session ID.

This change does the following:
  * Modifies the import handler to use the session ID to obtain the
    author ID (when appropriate).
  * Expands the documentation for the SecurityManager checkAccess
    function.
  * Removes the workaround from PR #4012.
  * Cleans up the `bin/createUserSession.js` test script.
 2020-09-08 15:04:17 +01:00
Richard Hansen
db0bcb524e SecurityManager: Use constants for returned rejections 
This reduces the chances of a typo-induced bug.
 2020-09-08 14:53:28 +01:00
Sebastian Castro
818194da90
editor/performance: Fix performance for large pads (#4267) 
* Fix line numbers top padding

This old rule was conflicting with new css rules introduced in 1.8.4

* Fixes #4228 Performance degradation for long pads 

Due to layout trashing when calculating new heights
 2020-09-08 14:52:26 +01:00
Richard Hansen
da459888dc plugins: Move plugin definitions to avoid monkey patching 
Also document the plugin data structures.
 2020-09-08 00:50:24 +01:00
Richard Hansen
dcbf876d03 hooks: New mechanism to deprecate hooks 
I plan on splitting authFailure into authnFailure and authzFailure so
that separate authentication and authentication plugins can coexist
peacefully. This change will make it possible to mark the authFailure
hook as deprecated (which simply logs a warning).
 2020-09-08 00:49:10 +01:00
Richard Hansen
8cf2bcaeb4 plugins: Fix type typo 
`exports.parts` is a topologically sorted array, but the intermediate
collection of parts assembled in `plugins.update()` is associative.
 2020-09-08 00:47:32 +01:00
Richard Hansen
c3b2e68dad Revert "Delete redundant token2author DB save" 
Something's weird here; this change shouldn't have any effect. I'll
have to squint at the code some more.

This reverts commit 2bf076043f.

Fixes #4262
 2020-09-08 00:46:01 +01:00
webzwo0i
49a6b1dac2 GroupManager: typo during session deletion 2020-09-08 00:45:39 +01:00
translatewiki.net
efa4ba3cf1 Localisation updates from https://translatewiki.net. 2020-09-07 16:40:05 +02:00
Richard Hansen
68be78ace0 SecurityManager: Simplify checkAccess 2020-09-07 08:34:15 +01:00
Richard Hansen
17096919e0 PadMessageHandler: Delete redundant check 
This check is already made very early in `handleMessage`.
 2020-09-05 22:49:07 +01:00
Richard Hansen
d4162341e7 webaccess: Always sleep for 1s before returning HTTP 401 
Not all authentication plugins require the Authorization header, so it
might not be present in subsequent attempts. (In particular, a reverse
proxy might strip it.)
 2020-09-05 22:45:46 +01:00
Richard Hansen
442fe1e86f pluginfw: Always include the function name in hook_fn_name 
Plugin authors are allowed to omit the function name in the `ep.json`
parts definition. For example:

```
{
  "parts": [
    {
      "name": "ep_example",
      "hooks": {
        "authenticate": "ep_example",
        "authFailure": "ep_example"
      }
    }
  ]
}
```

If omitted, the function name is assumed to be the same as the hook
name. Before this change, `hook_fn_name` for the example hooks would
both be `/opt/etherpad-lite/node_modules/ep_example`. Now they are
suffixed with `:authenticate` and `:authFailure`. This improves
logging, and it makes it possible to use `hook_fn_name` to uniquely
identify a particular hook function.
 2020-09-05 22:43:17 +01:00
Richard Hansen
6f3e7d14f6 hooks: Always return a list from aCallFirst and callFirst 
Every existing caller of `aCallFirst` expects a list and will throw an
exception if given `undefined`. (Nobody calls `callFirst`, except
maybe plugins.)
 2020-09-05 20:35:19 +01:00
Richard Hansen
2bf076043f Delete redundant token2author DB save 
See:
https://github.com/ether/etherpad-lite/pull/4012#issuecomment-686005563
https://github.com/ether/etherpad-lite/issues/4006
 2020-09-05 12:40:16 +01:00
Richard Hansen
9962be2450 User list: Use flexbox for #myuser div 
This makes it easier for an eejsBlock_userlist plugin to add something
to that row.
 2020-09-05 12:38:12 +01:00
Richard Hansen
e0d6d17bf0 webaccess: Restructure for readability and future changes 
* Improve the comment describing how the access check works.
  * Move the `authenticate` logic to where it is used so that people
    don't have to keep jumping back and forth to understand how the
    access check works.
  * Break up the three steps to reduce the number of indentation
    levels and improve readability. This should also make it easier to
    implement and review planned future changes.
 2020-09-05 12:37:23 +01:00
Richard Hansen
b044351f0a webaccess: Rename basicAuth to checkAccess 
Thanks to hooks, the function can do much more than just basic
authentication.
 2020-09-05 12:37:23 +01:00
Richard Hansen
2830aaebf1 webaccess: Use === instead of == for comparison 2020-09-05 12:37:23 +01:00
Richard Hansen
f0e5bff84f webaccess: Simplify object construction 2020-09-05 12:37:23 +01:00
Richard Hansen
0a8569d0ad webaccess: Use const or let instead of var 2020-09-05 12:37:23 +01:00
Richard Hansen
a7be5278a3 webaccess: Use arrow functions instead of function keyword 2020-09-05 12:37:23 +01:00
Richard Hansen
726101d6a8 webaccess: Use single quotes everywhere 2020-09-05 12:37:23 +01:00
Richard Hansen
9011207a37 webaccess: Add semicolons after statements 2020-09-05 12:37:23 +01:00
Richard Hansen
e82a3055e6 webaccess: Whitespace fixes 2020-09-05 12:37:23 +01:00
Richard Hansen
f0b7dc7c53
pluginfw: PadMessageHandler: Pass socket.io Socket object to clientVars hook (#4245) 
Also revise the clientVars hook documentation.
 2020-09-05 10:51:39 +01:00
Richard Hansen
b364d12d9b
CSS: User list: Add missing semicolon to CSS property (#4244) 2020-09-04 18:51:42 +01:00
translatewiki.net
3139dd2037 Localisation updates from https://translatewiki.net. 2020-08-31 16:06:56 +02:00
John McLear
12c05c20b2
bugfix/import: doc import bugfix (#4235) 2020-08-30 14:11:12 +01:00
translatewiki.net
431aadf143 Localisation updates from https://translatewiki.net. 2020-08-24 15:23:25 +02:00
translatewiki.net
4eda214ee9 Localisation updates from https://translatewiki.net. 2020-08-17 19:16:56 +02:00
translatewiki.net
5c3f8cd4e1 Localisation updates from https://translatewiki.net. 2020-08-13 19:15:16 +02:00
translatewiki.net
13c5bdf75f Localisation updates from https://translatewiki.net. 2020-08-07 09:39:00 +02:00
translatewiki.net
d3e45e3890 Localisation updates from https://translatewiki.net. 2020-08-03 19:40:25 +02:00
translatewiki.net
451b82536a Localisation updates from https://translatewiki.net. 2020-07-30 15:27:14 +02:00
webzwo0i
d25cd891ae
remove json2, all supported browsers have JSON now (#4198) 
cf. https://developer.mozilla.org/de/docs/Web/JavaScript/Reference/Global_Objects/JSON
 2020-07-28 00:52:25 +01:00
translatewiki.net
f64310d700 Localisation updates from https://translatewiki.net. 2020-07-27 18:21:36 +02:00
Joas Souza
0835bfeabb
Bugfix: wait promise finish on hooks (#4194) 
This commit fixes the error of not waiting the async code to finish.
As the forEach did not wait until the async code finish we may get a
hook set up incorrectly. To fix it, we use an "Array.map" to iterate and
wait the promises to be resolved and then returned
 2020-07-23 20:47:59 +01:00
translatewiki.net
ae1b6442d8 Localisation updates from https://translatewiki.net. 2020-07-20 19:45:28 +02:00
John McLear
1e5680a870
tests / bugfix: Timeslider Chrome 55 Further scroll fix (#4186) 2020-07-20 14:14:02 +01:00
John McLear
3d89eed31a
tests: Further scroll fix for bug in Chrome 55-59 with scrollTo not working (#4185) 2020-07-20 09:49:40 +01:00
John McLear
c394b65e75
tests: Further scroll frontend test fix- use var instead of let (#4184) 2020-07-20 09:08:40 +01:00
John McLear
bf24063234
Feature: Timeslider follow (#4133) 
When new edits come in changes are followed in the time slider.
 2020-07-19 23:46:58 +01:00
John McLear
40014d8230
Rate limit Socket IO communication - WIP (#4036) 
Includes settings
    Includes i18n
    Includes a nice notification
    Disconnects on rate limit
    Includes feeding into metrics/stats
    Include console warn to server console.
 2020-07-19 22:44:24 +01:00
John McLear
4f5cf2dc63
tests and bugfix: test coverage and fix for 4165 - bad HTML export of list items (#4180) 
Also fix for test max value for ratelimiter
 2020-07-19 16:31:13 +01:00
John McLear
3ddce87ee4
bugfix / timeslider: only update timeslider on correct message type -- resolves #4100 2020-07-17 16:40:24 +01:00
John McLear
d1330a1e1c
Bugfix: Async bump part 2 
Sorry, not sure what happened but having kids jump all over the keyboard while I do this probably didn't help... :|
 2020-07-17 10:08:40 +01:00
webzwo0i
b3680058ff
getChangesetInfo: print error message (#4172) 2020-07-16 23:54:15 +01:00
John McLear
410d20417d
Bumping async (#4171) 
Resolves #3940
 2020-07-16 17:37:42 +01:00
John McLear
78c97d811c
Script to create session and store token <> author more throughly (dont create ghosts) (#4012) 2020-07-16 10:51:02 +01:00
John McLear
9bf1b9f2a2
bugfix / testing: Ie11 warning for not having Promises (#4167) 
Makes IE11 work again but may cause an issue for plugin testing in IE11.  IE plugin tests in IE11 will probably fail as the plugin code will not execute.
 2020-07-16 09:31:35 +01:00
John McLear
e24ef6969e
Bugfix / tests: Specs list type (#4169) 
* remove cruft..  ugh

* housekeeping: close stale issues

* fix issue #3945
 2020-07-15 17:37:03 +01:00
John McLear
ab8320d15b
WIP - Test Coverage: Import & Export include LibreOffice Test Coverage (#4163) 
Runs on Travis
Will only run locally is ``allowAnyoneToImport`` and ``soffice`` or ``abiword`` is set.
 2020-07-14 18:44:53 +01:00
translatewiki.net
9d69caa8dc Localisation updates from https://translatewiki.net. 2020-07-14 10:15:56 +02:00
Florian Rittmeier
c7581ba6f3
fixes jQuery.Deferred exception as reported in #4132 (#4158) 2020-07-10 15:28:32 +01:00
translatewiki.net
908ce78e70 Localisation updates from https://translatewiki.net. 2020-07-10 11:30:55 +02:00
John McLear
b15154cc23
Same site cookie fix - Ready for testing / merge (#3990) 
* initial fix for httpprefs

* token

* express_sid fix
 2020-07-10 08:43:20 +01:00
b_b
3ea8d571e7
Fix PDF import with libreoffice (#4156) 
Fix #4151
 2020-07-09 23:50:45 +01:00
b_b
358af5fea1
Fix typo in comment (#4154) 2020-07-09 12:32:54 +01:00
John McLear
a3386e3e55
Dont use jquery in import handler (#4153) 
I think jQ3 update broke imports a bit, so this removes jQuery and also ensures only .etherpad does reload of page.
 2020-07-08 14:50:48 +01:00
translatewiki.net
2f7e097711 Localisation updates from https://translatewiki.net. 2020-07-06 18:44:49 +02:00
John McLear
313bba09d6
Update ueberdb big update (#4149) 2020-07-05 11:05:32 +01:00
translatewiki.net
4b721785e0 Localisation updates from https://translatewiki.net. 2020-07-02 17:44:57 +02:00
translatewiki.net
18494dd657 Localisation updates from https://translatewiki.net. 2020-06-29 16:18:59 +02:00
webzwo0i
2814ebfe65
i18n: include about and poweredBy in locales (#4140) 2020-06-27 20:12:37 +01:00
webzwo0i
b7dff552f0
cruft: Remove unecessary consolelogs (#4141) 2020-06-27 20:12:06 +01:00
John McLear
168737b6d8
pluginfw: Move Timeslider eejs block to correct location (#4139) 2020-06-27 09:52:53 +01:00
axlevxa
0e2749831a
UX: Add prefers-reduced-motion query for Colibris skin #4136 (#4137) 2020-06-27 09:49:37 +01:00
John McLear
8a13bde535
bugfix: #4067 openapi incorrect syntax (#4138) 
https://github.com/ether/etherpad-lite/issues/4067#issuecomment-650423412 

Thanks to @tom-chase
 2020-06-27 09:47:16 +01:00
translatewiki.net
75ecb3f49b Localisation updates from https://translatewiki.net. 2020-06-22 17:19:38 +02:00
translatewiki.net
774a075cfc Localisation updates from https://translatewiki.net. 2020-06-18 21:14:49 +02:00
John McLear
beccf677a4
bugfix: Fix #4120 where an author might not be populated on restart - if this is the case don't push the author to the array. 2020-06-17 10:54:10 +01:00
translatewiki.net
d19937fa06 Localisation updates from https://translatewiki.net. 2020-06-15 22:11:47 +02:00
Stefan
9a22144a83
staleCode: Remove unnecessary robots.txt entry (#4113) 2020-06-14 20:49:13 +01:00
John McLear
045ac70db8
pluginfw: Make the NEW_CHANGES payload include the message in handleClientMessage 2020-06-12 12:26:33 +01:00
translatewiki.net
85383a316d Localisation updates from https://translatewiki.net. 2020-06-11 19:23:22 +02:00
John McLear
93829b9e33
pluginfw/performance: Dont cache if max age is 0 (#4098) 2020-06-08 17:21:55 +01:00
translatewiki.net
497704eb03 Localisation updates from https://translatewiki.net. 2020-06-08 17:03:38 +02:00
John McLear
f1e3aff72f stale code: use terser instead of uglify 2020-06-07 20:09:10 +00:00
John McLear
166e1371da socket.io bump to 2.3.0 2020-06-07 19:12:11 +00:00
John McLear
512a51149d Revert "Merge branch 'develop' of github.com:ether/etherpad-lite into develop" 
This reverts commit 6fad0210f8, reversing
changes made to 128f3e15eb.
 2020-06-07 18:46:41 +00:00
John McLear
564e8fee07 forcing back to last known stable before parent merge 2020-06-07 18:44:01 +00:00
John McLear
49cd270592 including terser, again 2020-06-07 17:09:48 +00:00
John McLear
0ab9e1e8c3 ffs npm how you get so broke 2020-06-07 16:53:49 +00:00
John McLear
4b37034f0c ugh attempt to overwrite package files due to weirdness 2020-06-07 16:38:50 +00:00
John McLear
b1ce372035 bump package lock 2020-06-07 13:57:58 +00:00
John McLear
009e1d01f7
staleCode: Async update 2020-06-07 14:56:45 +01:00
John McLear
0669280af0 Revert "socketio230" 
This reverts commit fbb7b5123b.
 2020-06-07 13:46:53 +00:00
John McLear
fbb7b5123b socketio230 2020-06-07 12:57:28 +00:00
John McLear
6fad0210f8 Merge branch 'develop' of github.com:ether/etherpad-lite into develop 2020-06-07 12:56:20 +00:00
John McLear
128f3e15eb
stalecode: jQuery 3 (#3903) 2020-06-07 12:01:14 +01:00
John McLear
ea9a9cd883 Revert "Revert "stale: Terser instead of uglify (#4075)"" 
This reverts commit 423be7f081.
 2020-06-07 10:08:11 +00:00
John McLear
c5584fb5b4
editor: outdent on ol removal (#4088) 2020-06-07 09:51:12 +01:00
John McLear
2cd3dccc4d Revert "Revert "Revert "editor: ul/ol/li - outdent on ol and ul button press""" 
This reverts commit fd3980133d.
 2020-06-06 20:51:17 +00:00
John McLear
fd3980133d Revert "Revert "editor: ul/ol/li - outdent on ol and ul button press"" 
This reverts commit 82fb6ddc99.
 2020-06-06 20:38:08 +00:00
John McLear
82fb6ddc99 Revert "editor: ul/ol/li - outdent on ol and ul button press" 
This reverts commit fc88f12bba.
 2020-06-06 18:34:51 +00:00