libretic/etherpad-lite
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
5554 commits 2 branches 0 tags 24 MiB
Commit graph

5554 commits

This branch
This branch
All branches
Author SHA1 Message Date
John McLear
93180c287b
tests: in Travis, also run the backend tests 
This change introduces automatic execution of the backend tests in Travis.

Implements #2351.
 2020-04-03 03:27:05 +02:00
John McLear
c2ea2b3a6d webaccess: do not resave session 
Before this change, the database was spammed with session values.
Modern express-session has this baked in.
See https://www.npmjs.com/package/express-session#resave for docs.
 2020-04-03 02:55:33 +02:00
John McLear
1f0058dd6f interesting discovery RE 3612 and 2802 2020-04-03 02:40:59 +02:00
muxator
3a46e010ce dependencies: bump ueberdb2 0.4.3 -> 0.4.5 
Original message from John McLear (PR #3817):
  We now include BINARY in the MySQL WHERE select clause.
  Test coverage might be desirable?

Fixes #2877
 2020-04-03 01:27:49 +02:00
Viljami Kuosmanen
ccf406708e openapi: support standard http error codes 
API errors are now handled at the end of the request heap by
throwing exceptions from the handler
 2020-04-03 01:03:11 +02:00
Viljami Kuosmanen
3742fdfb04 openapi: disable cors headers for /api/** paths 
Still enabled for /rest/** and **/openapi.json
 2020-04-03 01:03:11 +02:00
Viljami Kuosmanen
6aa30f213a openapi: add jsonp support + test 2020-04-03 01:03:11 +02:00
Viljami Kuosmanen
e821bbcad8 openapi: add documentation, small optimisation 2020-04-03 01:03:11 +02:00
Viljami Kuosmanen
c2cca39c7d openapi: minor improvements 2020-04-03 01:03:11 +02:00
Viljami Kuosmanen
172da1483e openapi: add commented out version of response processors 
For some weird reason, these seem to be part of the original swagger
implementation but tests assume they're turned off.

Perhaps a difference between /rest and /api?
 2020-04-03 01:03:11 +02:00
Viljami Kuosmanen
5792f7224a openapi: add response objects 2020-04-03 01:03:11 +02:00
Viljami Kuosmanen
03d8964a7a openapi: upgrade to openapi-backend 2.4.0 2020-04-03 01:03:11 +02:00
Viljami Kuosmanen
f9d24f5a39 openapi: remove swagger-node-express 2020-04-03 01:03:11 +02:00
Viljami Kuosmanen
25e081ac89 openapi: implement API handler with openapi-backend 
- Tests pass 
- Added openapi-backend hook
- Generating OpenAPI v3 definitions for each API version
- Definitions served /api/openapi.json /api/{version}/openapi.json
 2020-04-03 01:03:11 +02:00
John McLear
dbab4ad13a dont pass empty author info to edit 2020-04-02 23:29:03 +01:00
muxator
3e3b0dec97 package-lock: restore baseline package-lock.json after 4db91cb2ed 
This amends the previous commit, ans should have been part of 4db91cb2ed.
 2020-04-02 22:58:38 +02:00
John McLear
0a606de44a bump package lock for ueber 2020-04-01 15:24:24 +00:00
John McLear
4db91cb2ed
Bump Ueber to 0.4.3 2020-04-01 11:49:41 +01:00
muxator
b7ac0f7991 Settings: allow the existence of "password" and "hash" attributes for users. 
This brings back compatibility with ep_hash_auth, which was inadvertently broken
with 28a3bba4c1.
Based on work by John McLear.

Fixes #3681.
 2020-04-01 04:13:21 +02:00
John McLear
53f126082a SessionStore: replace password with PASSWORD_HIDDEN when storing in db 
Fixes #3421.
 2020-04-01 03:39:05 +02:00
Daniel Krol
3e8b426847 ui: initialize color picker with the user's color 
Initialize the color picker with user's current color.
Was previously initialized with grey in Farbtastic library.

Fixes #3617
 2020-04-01 02:34:56 +02:00
Daniel Krol
ac9d7f80cc tests: add tests showing that the color chooser is not initialized with the user's color 
When opening the color chooser after a page load, the selected color is always
gray, and not the user's color.
 2020-04-01 02:34:56 +02:00
John McLear
b74a4819ae
beta.etherpad.org been down a while 
Sorry about the direct commit 🍡
 2020-03-31 19:54:46 +01:00
muxator
4ee5ddb496 caching_midleware: also run when nodejs does not have crypto module 
According to the nodejs docs [0] the `crypto` module might be unavailable on
some platforms:

> It is possible for Node.js to be built without including support for the
> crypto module. In such cases, calling require('crypto') will result in an
> error being thrown

A description of such scenarios can be found here [1].

> * running non-standard node in a resource- or security-constrained
>   environment
> * running in emulated environment (browserify, webpack etc.)
> * building node from source and omitting openssl/crypto for random reason

TypeScript guys dealt with this same issue and they resolved it in an elegant
way in [2].

We copy that approach here: if importing crypto fails at runtime, we replace
sha256 with djb2 [3], which is weaker, but works for our case.

The djb2 story is fun: see this Stack Overflow post [4], and the original
mailing list post from 1991 [5] by Daniel J. Bernstein [6].

He was 20 at the time!

[0] https://nodejs.org/docs/latest-v10.x/api/crypto.html#crypto_determining_if_crypto_support_is_unavailable
[1] https://github.com/microsoft/TypeScript/issues/19100#issuecomment-335871998
[2] 9677b0641c
[3] http://www.cse.yorku.ca/~oz/hash.html#djb2
[4] https://stackoverflow.com/questions/1579721/why-are-5381-and-33-so-important-in-the-djb2-algorithm
[5] https://groups.google.com/forum/#!msg/comp.lang.c/lSKWXiuNOAk/zstZ3SRhCjgJ
[6] https://en.wikipedia.org/wiki/Daniel_J._Bernstein
 2020-03-31 04:09:49 +02:00
Tom Hudson
fc754c9a1d Switches cacheKey from base64 of path to sha256 of path; fixes #3502 2020-03-31 02:42:58 +02:00
John McLear
6c12a7fb1f tests: backend tests for utf8 & emojis support 2020-03-31 02:11:25 +02:00
John McLear
352b432ed1 tests: in backend tests, use POST instead of GET for setText() and setHTML() 
This is allowed starting from fc661ee13a ("core: allow URL parameters and POST
bodies to co-exist"), which landed in Etherpad 1.8.0. For the discussion, see
issue #3568.
 2020-03-31 02:11:25 +02:00
muxator
b2dc446740 tests: typo in a comment in the backend tests 2020-03-31 02:11:25 +02:00
John McLear
25bf460ac6 chat: in addMessage(), be tolerant when userId is missing 
For whatever reason (a bug, a database corruption, ...) the userId field in
"msg" can sometimes be missing.

In this case, let's be defensive, use "unknown" as userId and issue a warning
in the console, instead of crashing the client.

Fixes #3731 (really a patch, the underlying issue is still present)
 2020-03-30 22:15:51 +02:00
John McLear
fa3e4b146a settings: document the possibility of using Unix sockets 
We have been supporting Unix sockets by ages, because express.listen()
(http://expressjs.com/en/4x/api.html#app.listen_path_callback) re-exposes
net.server.listen() (https://nodejs.org/api/net.html#net_server_listen), which
in turn supports Unix sockets.

The only remaining thing to do was documenting it.

Fixes #3312
 2020-03-30 03:36:55 +02:00
John McLear
85217b55e0 contentcollector: pasting an OL in Chrome inserted an additional line break. Fixed. 
This comments out some code that was probably a quirk from ie6 era.
See PR: https://github.com/ether/etherpad-lite/issues/2412

Fixes #2412.
 2020-03-30 02:28:08 +02:00
John McLear
8b2fe75867 toolbar: don't show the "saved revision" button in timeslider 
The saved revision "star" button appeared in the timeslider toolbar too.

This change introduces a second flag "page" in toolbar.menu(), which controls
whether the toolbar is being drawn for a pad or in the timeslider page.

Fixes #3767.
 2020-03-30 01:59:49 +02:00
John McLear
0d2854571d toolbar: show the "save revision" button only on the right toolbar. 
Revision b480416375 fixed a bug, but introduced a regression, and the "save
revision" "star" button started to appear both on the left and the right
toolbar.

This change introduces a flag "whichMenu" in toolbar.menu(), that controls
whether the left, the right or the timeslider toolbar is being drawn.
 2020-03-30 01:59:49 +02:00
muxator
463d7fb163 timeslider: always pass the "isReadOnly" parameter to toolbar.menu() 
This argument was missing since since b662d5c618 ("dont show editing buttons
in R/O view"), 2015-05-19.
 2020-03-30 01:59:49 +02:00
muxator
2360c33629 toolbar: formatting, no functional changes. 
In preparation for the next commits by John.
 2020-03-30 01:59:49 +02:00
muxator
4a17443a2e tests: future proof travis/runner.sh and make it more robust 
This change only slightly modifies the bahaviour of travis/runner.sh, but:

1. speeds up the tests, because it does not install dependencies before running
   them. Dependencies are already installed by .travis.yml in its "install"
   section;
2. if for some reason Etherpad does not start, there is a sudden failure,
   instead of launching the front end tests anyway, and then having to wait 10
   minutes for them to time out;
3. it is compatible with a different way of installing etherpad dependencies
   ("npm ci" instead of "npm install"), whereas the previous one broke. This
   will probably be introduced in a while, so this change future-proofs for it
   (see #3778).
4. it is more robust, because it detects more reliably the paths, and changes
   between them correctly;

Please note that the script now requires bash instead of a generic posix shell.
This may break on platforms which default to a different shell (FreeBSD, MacOS?)
 2020-03-29 23:59:28 +02:00
muxator
2b753f13ea package-lock.json: resync. This should have been part of 06d961f2b6 ("Checks MySQL for charset") 
When changing something in package.json, it is necessary to also commit an
associated package-lock.json generated from a clean install.
 2020-03-29 01:35:30 +01:00
muxator
a181ea8fbe bin: replace double backticks (``) with $() 
This has been the recommended way of launching subshells for ages, and is easier
to type and on the eye.

For a quick reference, see:
https://unix.stackexchange.com/questions/5778/whats-the-difference-between-stuff-and-stuff#5782
 2020-03-29 00:53:17 +01:00
John McLear
1ad6e9c288 Settings: when restarting via UI, tell the admins to ignore a warning about sessionKey 
Fixes #3770.
 2020-03-28 19:09:22 +01:00
Neil Oosten
7a999ee398 hooks: allow to set the duration of the gritter notification when a new chat message arrives 
This is done adding a new "duration" parameter to the chatNewMessage() client
side hook.
 2020-03-27 02:39:29 +01:00
muxator
8a01a5e437 doc: fix numbering in chatNewMessage() client hook parameters 
This was originally introduced in bcb92f25a6 ("Refactor chat notifications and
the chatNewMessage hook") from 2013-03-19.
 2020-03-27 02:39:29 +01:00
John McLear
14ae2ee950 checkPadDeltas: version by JohnMcLear 
From https://github.com/ether/etherpad-lite/pull/3717#issuecomment-602179127

> Afaik I used async / await that's pretty much all, I think I had to do some
> polish because something was broken, remember stuff like pad.getPadAuthors was
> b0rked in 1.7 or so
 2020-03-27 01:50:56 +01:00
Marcel Klehr
90f9b8a3bd checkPadDeltas: original version from marcelklehr (2014-05-14) 
Committed by muxator on 2020-03-22, taking the raw version from:
c65b496402/checkPadDeltas.js
 2020-03-27 01:50:56 +01:00
John McLear
06d961f2b6 Checks MySQL for charset 
Helps fix 3733
 2020-03-27 01:31:23 +01:00
John McLear
8f2ad7a0e8 tests: use latest Safari in Saucelab front end tests 
I verified that, as of today, "latest" Safari version works on Saucelabs.
 2020-03-26 23:26:25 +01:00
John McLear
6fd2bf4472 hooks: introduce goToRevisionEvent(), a new client-side hook 
This hook gets fired both on timeslider load (as timeslider shows a new
revision) and when the new revision is showed to a user.
 2020-03-24 23:46:17 +01:00
muxator
39f271bfed DB.js: remove else clause, since we are already exiting early 
No functional changes.
 2020-03-24 23:26:19 +01:00
John McLear
3c78ada8da tests: disable a scroll test that needs to be looked at 2020-03-24 23:24:38 +01:00
John McLear
ee47bac7b0 tests: increase timeout 2020-03-24 23:24:38 +01:00
John McLear
7cf911c330 tests: don't run specific tests in Edge that simulate enter keypress 
Because I can't get enter keypress to simulate properly despite trying various
approaches.
 2020-03-24 23:24:38 +01:00