John McLear
5dfae625b9
Package Lock update
2020-09-09 18:15:47 +01:00
John McLear
c8361a211a
bump ueber
2020-09-09 14:41:03 +01:00
Stefan Mueller
e64a269a65
Update version to 1.8.5
2020-09-08 22:09:56 +02:00
John McLear
7258d75cc5
bumping ueber
2020-09-08 16:03:15 +01:00
Richard Hansen
6c2a361935
import: Use the correct author ID when using sessions
...
There are two different ways an author ID becomes associated with a
user: either bound to a token or bound to a session ID. (The token and
session ID come from the `token` and `sessionID` cookies, or, in the
case of socket.io messages, from the `token` and `sessionID` message
properties.) When `settings.requireSession` is true or the user is
accessing a group pad, the session ID should be used. Otherwise the
token should be used.
Before this change, the `/p/:pad/import` handler was always using the
token, even when `settings.requireSession` was true. This caused the
following error because a different author ID was bound to the token
versus the session ID:
> Unable to import file into ${pad}. Author ${authorID} exists but he
> never contributed to this pad
This bug was reported in issue #4006 . PR #4012 worked around the
problem by binding the same author ID to the token as well as the
session ID.
This change does the following:
* Modifies the import handler to use the session ID to obtain the
author ID (when appropriate).
* Expands the documentation for the SecurityManager checkAccess
function.
* Removes the workaround from PR #4012 .
* Cleans up the `bin/createUserSession.js` test script.
2020-09-08 15:04:17 +01:00
Richard Hansen
db0bcb524e
SecurityManager: Use constants for returned rejections
...
This reduces the chances of a typo-induced bug.
2020-09-08 14:53:28 +01:00
Sebastian Castro
818194da90
editor/performance: Fix performance for large pads ( #4267 )
...
* Fix line numbers top padding
This old rule was conflicting with new css rules introduced in 1.8.4
* Fixes #4228 Performance degradation for long pads
Due to layout trashing when calculating new heights
2020-09-08 14:52:26 +01:00
Richard Hansen
da459888dc
plugins: Move plugin definitions to avoid monkey patching
...
Also document the plugin data structures.
2020-09-08 00:50:24 +01:00
Richard Hansen
dcbf876d03
hooks: New mechanism to deprecate hooks
...
I plan on splitting authFailure into authnFailure and authzFailure so
that separate authentication and authentication plugins can coexist
peacefully. This change will make it possible to mark the authFailure
hook as deprecated (which simply logs a warning).
2020-09-08 00:49:10 +01:00
Richard Hansen
8cf2bcaeb4
plugins: Fix type typo
...
`exports.parts` is a topologically sorted array, but the intermediate
collection of parts assembled in `plugins.update()` is associative.
2020-09-08 00:47:32 +01:00
Richard Hansen
c3b2e68dad
Revert "Delete redundant token2author DB save"
...
Something's weird here; this change shouldn't have any effect. I'll
have to squint at the code some more.
This reverts commit 2bf076043f
.
Fixes #4262
2020-09-08 00:46:01 +01:00
webzwo0i
49a6b1dac2
GroupManager: typo during session deletion
2020-09-08 00:45:39 +01:00
translatewiki.net
efa4ba3cf1
Localisation updates from https://translatewiki.net .
2020-09-07 16:40:05 +02:00
Richard Hansen
68be78ace0
SecurityManager: Simplify checkAccess
2020-09-07 08:34:15 +01:00
Richard Hansen
17096919e0
PadMessageHandler: Delete redundant check
...
This check is already made very early in `handleMessage`.
2020-09-05 22:49:07 +01:00
Richard Hansen
d4162341e7
webaccess: Always sleep for 1s before returning HTTP 401
...
Not all authentication plugins require the Authorization header, so it
might not be present in subsequent attempts. (In particular, a reverse
proxy might strip it.)
2020-09-05 22:45:46 +01:00
Richard Hansen
442fe1e86f
pluginfw: Always include the function name in hook_fn_name
...
Plugin authors are allowed to omit the function name in the `ep.json`
parts definition. For example:
```
{
"parts": [
{
"name": "ep_example",
"hooks": {
"authenticate": "ep_example",
"authFailure": "ep_example"
}
}
]
}
```
If omitted, the function name is assumed to be the same as the hook
name. Before this change, `hook_fn_name` for the example hooks would
both be `/opt/etherpad-lite/node_modules/ep_example`. Now they are
suffixed with `:authenticate` and `:authFailure`. This improves
logging, and it makes it possible to use `hook_fn_name` to uniquely
identify a particular hook function.
2020-09-05 22:43:17 +01:00
Richard Hansen
6f3e7d14f6
hooks: Always return a list from aCallFirst
and callFirst
...
Every existing caller of `aCallFirst` expects a list and will throw an
exception if given `undefined`. (Nobody calls `callFirst`, except
maybe plugins.)
2020-09-05 20:35:19 +01:00
Richard Hansen
2bf076043f
Delete redundant token2author DB save
...
See:
https://github.com/ether/etherpad-lite/pull/4012#issuecomment-686005563
https://github.com/ether/etherpad-lite/issues/4006
2020-09-05 12:40:16 +01:00
Richard Hansen
9962be2450
User list: Use flexbox for #myuser div
...
This makes it easier for an eejsBlock_userlist plugin to add something
to that row.
2020-09-05 12:38:12 +01:00
Richard Hansen
e0d6d17bf0
webaccess: Restructure for readability and future changes
...
* Improve the comment describing how the access check works.
* Move the `authenticate` logic to where it is used so that people
don't have to keep jumping back and forth to understand how the
access check works.
* Break up the three steps to reduce the number of indentation
levels and improve readability. This should also make it easier to
implement and review planned future changes.
2020-09-05 12:37:23 +01:00
Richard Hansen
b044351f0a
webaccess: Rename basicAuth
to checkAccess
...
Thanks to hooks, the function can do much more than just basic
authentication.
2020-09-05 12:37:23 +01:00
Richard Hansen
2830aaebf1
webaccess: Use ===
instead of ==
for comparison
2020-09-05 12:37:23 +01:00
Richard Hansen
f0e5bff84f
webaccess: Simplify object construction
2020-09-05 12:37:23 +01:00
Richard Hansen
0a8569d0ad
webaccess: Use const
or let
instead of var
2020-09-05 12:37:23 +01:00
Richard Hansen
a7be5278a3
webaccess: Use arrow functions instead of function
keyword
2020-09-05 12:37:23 +01:00
Richard Hansen
726101d6a8
webaccess: Use single quotes everywhere
2020-09-05 12:37:23 +01:00
Richard Hansen
9011207a37
webaccess: Add semicolons after statements
2020-09-05 12:37:23 +01:00
Richard Hansen
e82a3055e6
webaccess: Whitespace fixes
2020-09-05 12:37:23 +01:00
Richard Hansen
f0b7dc7c53
pluginfw: PadMessageHandler: Pass socket.io Socket object to clientVars hook ( #4245 )
...
Also revise the clientVars hook documentation.
2020-09-05 10:51:39 +01:00
Richard Hansen
b364d12d9b
CSS: User list: Add missing semicolon to CSS property ( #4244 )
2020-09-04 18:51:42 +01:00
translatewiki.net
3139dd2037
Localisation updates from https://translatewiki.net .
2020-08-31 16:06:56 +02:00
John McLear
12c05c20b2
bugfix/import: doc import bugfix ( #4235 )
2020-08-30 14:11:12 +01:00
translatewiki.net
431aadf143
Localisation updates from https://translatewiki.net .
2020-08-24 15:23:25 +02:00
translatewiki.net
4eda214ee9
Localisation updates from https://translatewiki.net .
2020-08-17 19:16:56 +02:00
translatewiki.net
5c3f8cd4e1
Localisation updates from https://translatewiki.net .
2020-08-13 19:15:16 +02:00
translatewiki.net
13c5bdf75f
Localisation updates from https://translatewiki.net .
2020-08-07 09:39:00 +02:00
translatewiki.net
d3e45e3890
Localisation updates from https://translatewiki.net .
2020-08-03 19:40:25 +02:00
translatewiki.net
451b82536a
Localisation updates from https://translatewiki.net .
2020-07-30 15:27:14 +02:00
webzwo0i
d25cd891ae
remove json2, all supported browsers have JSON now ( #4198 )
...
cf. https://developer.mozilla.org/de/docs/Web/JavaScript/Reference/Global_Objects/JSON
2020-07-28 00:52:25 +01:00
translatewiki.net
f64310d700
Localisation updates from https://translatewiki.net .
2020-07-27 18:21:36 +02:00
Joas Souza
0835bfeabb
Bugfix: wait promise finish on hooks ( #4194 )
...
This commit fixes the error of not waiting the async code to finish.
As the forEach did not wait until the async code finish we may get a
hook set up incorrectly. To fix it, we use an "Array.map" to iterate and
wait the promises to be resolved and then returned
2020-07-23 20:47:59 +01:00
translatewiki.net
ae1b6442d8
Localisation updates from https://translatewiki.net .
2020-07-20 19:45:28 +02:00
John McLear
1e5680a870
tests / bugfix: Timeslider Chrome 55 Further scroll fix ( #4186 )
2020-07-20 14:14:02 +01:00
John McLear
3d89eed31a
tests: Further scroll fix for bug in Chrome 55-59 with scrollTo not working ( #4185 )
2020-07-20 09:49:40 +01:00
John McLear
c394b65e75
tests: Further scroll frontend test fix- use var instead of let ( #4184 )
2020-07-20 09:08:40 +01:00
John McLear
bf24063234
Feature: Timeslider follow ( #4133 )
...
When new edits come in changes are followed in the time slider.
2020-07-19 23:46:58 +01:00
John McLear
40014d8230
Rate limit Socket IO communication - WIP ( #4036 )
...
Includes settings
Includes i18n
Includes a nice notification
Disconnects on rate limit
Includes feeding into metrics/stats
Include console warn to server console.
2020-07-19 22:44:24 +01:00
John McLear
4f5cf2dc63
tests and bugfix: test coverage and fix for 4165 - bad HTML export of list items ( #4180 )
...
Also fix for test max value for ratelimiter
2020-07-19 16:31:13 +01:00
John McLear
3ddce87ee4
bugfix / timeslider: only update timeslider on correct message type -- resolves #4100
2020-07-17 16:40:24 +01:00
John McLear
d1330a1e1c
Bugfix: Async bump part 2
...
Sorry, not sure what happened but having kids jump all over the keyboard while I do this probably didn't help... :|
2020-07-17 10:08:40 +01:00
webzwo0i
b3680058ff
getChangesetInfo: print error message ( #4172 )
2020-07-16 23:54:15 +01:00
John McLear
410d20417d
Bumping async ( #4171 )
...
Resolves #3940
2020-07-16 17:37:42 +01:00
John McLear
78c97d811c
Script to create session and store token <> author more throughly (dont create ghosts) ( #4012 )
2020-07-16 10:51:02 +01:00
John McLear
9bf1b9f2a2
bugfix / testing: Ie11 warning for not having Promises ( #4167 )
...
Makes IE11 work again but may cause an issue for plugin testing in IE11. IE plugin tests in IE11 will probably fail as the plugin code will not execute.
2020-07-16 09:31:35 +01:00
John McLear
e24ef6969e
Bugfix / tests: Specs list type ( #4169 )
...
* remove cruft.. ugh
* housekeeping: close stale issues
* fix issue #3945
2020-07-15 17:37:03 +01:00
John McLear
ab8320d15b
WIP - Test Coverage: Import & Export include LibreOffice Test Coverage ( #4163 )
...
Runs on Travis
Will only run locally is ``allowAnyoneToImport`` and ``soffice`` or ``abiword`` is set.
2020-07-14 18:44:53 +01:00
translatewiki.net
9d69caa8dc
Localisation updates from https://translatewiki.net .
2020-07-14 10:15:56 +02:00
Florian Rittmeier
c7581ba6f3
fixes jQuery.Deferred exception as reported in #4132 ( #4158 )
2020-07-10 15:28:32 +01:00
translatewiki.net
908ce78e70
Localisation updates from https://translatewiki.net .
2020-07-10 11:30:55 +02:00
John McLear
b15154cc23
Same site cookie fix - Ready for testing / merge ( #3990 )
...
* initial fix for httpprefs
* token
* express_sid fix
2020-07-10 08:43:20 +01:00
b_b
3ea8d571e7
Fix PDF import with libreoffice ( #4156 )
...
Fix #4151
2020-07-09 23:50:45 +01:00
b_b
358af5fea1
Fix typo in comment ( #4154 )
2020-07-09 12:32:54 +01:00
John McLear
a3386e3e55
Dont use jquery in import handler ( #4153 )
...
I think jQ3 update broke imports a bit, so this removes jQuery and also ensures only .etherpad does reload of page.
2020-07-08 14:50:48 +01:00
translatewiki.net
2f7e097711
Localisation updates from https://translatewiki.net .
2020-07-06 18:44:49 +02:00
John McLear
313bba09d6
Update ueberdb big update ( #4149 )
2020-07-05 11:05:32 +01:00
translatewiki.net
4b721785e0
Localisation updates from https://translatewiki.net .
2020-07-02 17:44:57 +02:00
translatewiki.net
18494dd657
Localisation updates from https://translatewiki.net .
2020-06-29 16:18:59 +02:00
webzwo0i
2814ebfe65
i18n: include about and poweredBy in locales ( #4140 )
2020-06-27 20:12:37 +01:00
webzwo0i
b7dff552f0
cruft: Remove unecessary consolelogs ( #4141 )
2020-06-27 20:12:06 +01:00
John McLear
168737b6d8
pluginfw: Move Timeslider eejs block to correct location ( #4139 )
2020-06-27 09:52:53 +01:00
axlevxa
0e2749831a
UX: Add prefers-reduced-motion query for Colibris skin #4136 ( #4137 )
2020-06-27 09:49:37 +01:00
John McLear
8a13bde535
bugfix: #4067 openapi incorrect syntax ( #4138 )
...
https://github.com/ether/etherpad-lite/issues/4067#issuecomment-650423412
Thanks to @tom-chase
2020-06-27 09:47:16 +01:00
translatewiki.net
75ecb3f49b
Localisation updates from https://translatewiki.net .
2020-06-22 17:19:38 +02:00
translatewiki.net
774a075cfc
Localisation updates from https://translatewiki.net .
2020-06-18 21:14:49 +02:00
John McLear
beccf677a4
bugfix: Fix #4120 where an author might not be populated on restart - if this is the case don't push the author to the array.
2020-06-17 10:54:10 +01:00
translatewiki.net
d19937fa06
Localisation updates from https://translatewiki.net .
2020-06-15 22:11:47 +02:00
Stefan
9a22144a83
staleCode: Remove unnecessary robots.txt entry ( #4113 )
2020-06-14 20:49:13 +01:00
John McLear
045ac70db8
pluginfw: Make the NEW_CHANGES payload include the message in handleClientMessage
2020-06-12 12:26:33 +01:00
translatewiki.net
85383a316d
Localisation updates from https://translatewiki.net .
2020-06-11 19:23:22 +02:00
John McLear
93829b9e33
pluginfw/performance: Dont cache if max age is 0 ( #4098 )
2020-06-08 17:21:55 +01:00
translatewiki.net
497704eb03
Localisation updates from https://translatewiki.net .
2020-06-08 17:03:38 +02:00
John McLear
f1e3aff72f
stale code: use terser instead of uglify
2020-06-07 20:09:10 +00:00
John McLear
166e1371da
socket.io bump to 2.3.0
2020-06-07 19:12:11 +00:00
John McLear
512a51149d
Revert "Merge branch 'develop' of github.com:ether/etherpad-lite into develop"
...
This reverts commit 6fad0210f8
, reversing
changes made to 128f3e15eb
.
2020-06-07 18:46:41 +00:00
John McLear
564e8fee07
forcing back to last known stable before parent merge
2020-06-07 18:44:01 +00:00
John McLear
49cd270592
including terser, again
2020-06-07 17:09:48 +00:00
John McLear
0ab9e1e8c3
ffs npm how you get so broke
2020-06-07 16:53:49 +00:00
John McLear
4b37034f0c
ugh attempt to overwrite package files due to weirdness
2020-06-07 16:38:50 +00:00
John McLear
b1ce372035
bump package lock
2020-06-07 13:57:58 +00:00
John McLear
009e1d01f7
staleCode: Async update
2020-06-07 14:56:45 +01:00
John McLear
0669280af0
Revert "socketio230"
...
This reverts commit fbb7b5123b
.
2020-06-07 13:46:53 +00:00
John McLear
fbb7b5123b
socketio230
2020-06-07 12:57:28 +00:00
John McLear
6fad0210f8
Merge branch 'develop' of github.com:ether/etherpad-lite into develop
2020-06-07 12:56:20 +00:00
John McLear
128f3e15eb
stalecode: jQuery 3 ( #3903 )
2020-06-07 12:01:14 +01:00
John McLear
ea9a9cd883
Revert "Revert "stale: Terser instead of uglify ( #4075 )""
...
This reverts commit 423be7f081
.
2020-06-07 10:08:11 +00:00
John McLear
c5584fb5b4
editor: outdent on ol removal ( #4088 )
2020-06-07 09:51:12 +01:00
John McLear
2cd3dccc4d
Revert "Revert "Revert "editor: ul/ol/li - outdent on ol and ul button press"""
...
This reverts commit fd3980133d
.
2020-06-06 20:51:17 +00:00
John McLear
fd3980133d
Revert "Revert "editor: ul/ol/li - outdent on ol and ul button press""
...
This reverts commit 82fb6ddc99
.
2020-06-06 20:38:08 +00:00
John McLear
82fb6ddc99
Revert "editor: ul/ol/li - outdent on ol and ul button press"
...
This reverts commit fc88f12bba
.
2020-06-06 18:34:51 +00:00