Commit graph

5452 commits

Author SHA1 Message Date
Ray Bellis
29e9f86cad db/DB.js: add Promise-only API methods
Promisified methods:
  - get()
  - set()
  - findKeys()
  - getSub()
  - setSub()
  - remove()
  - doShutdown()
2019-01-23 18:08:47 +00:00
Ray Bellis
583ea92aaf db/SessionStore.js: do not migrate to Promises. Make optional all(), clear() and length()
1. This module was not migrated to Promises, because it is only used via
   express-session, which can't actually use promises anyway.

2. all(), clear() and length() depend on the presence of the `db.forEach()`
   function, which in ueberdb2 doesn't even exist.

   Fortunately those three methods are optional, so I made their existence
   conditional on the presence of `db.forEach`.

3. in SessionStore.clear(), replaced a call to db.db.remove() with db.remove()
2019-01-23 16:58:43 +00:00
muxator
630af9af7d db/SessionStore.js: call nextTick() only if there is something to do
Changed two occurrences of:

  process.nextTick(function() {
     if (fn) fn();
  });

with

  if (fn) {
    process.nextTick(fn);
  }

i.e. such that no function even gets added to the `nextTick` queue unless
there's actually a function to be called.

Extracted from Ray's work.
2019-02-09 00:14:53 +01:00
Ray Bellis
96d875b4d1 padurlsanitize.js: rewritten to consume promises 2019-01-23 16:36:28 +00:00
muxator
b699621e5a padurlsanitize.js: invert a condition prior to refactoring
Extracted from Ray's work.
2019-02-09 00:05:21 +01:00
Ray Bellis
d5d28717c4 access controls: promisification
`getPadAccess()` (src/node/padaccess.js) is now "promise only", resolving to
`true` or `false` as appropriate, and throwing an exception if there's an
error.

The two call sites (padreadonly.js and importexport.js) updated to match.
2019-01-23 16:29:36 +00:00
Ray Bellis
34fdaa4e8c db/SecurityManager.js: convert checkAccess() to thenify 2019-01-23 16:25:29 +00:00
Ray Bellis
23a3a079a6 tests.js: remove use of async.js
Use real `async` instead of async.js where applicable.
The `getPluginTests()` function was never truly async anyway because it only
contains calls to synchronous `fs` modules.
2019-01-23 16:21:40 +00:00
Ray Bellis
0c2d662541 plugins download and search: converted to Promises
Also fixed a bug where the system would make a request to the central server for
the plugin list for every search even if the list was already cached.
2019-01-23 12:24:53 +00:00
Ray Bellis
c8e5d87268 api: simplify version table
This commit vastly shortens (and simplifies) the version table within
handler/APIHandler.js by building each version's entry incrementally based off
the previous version.

The resulting table has been validated by comparing the "before" and "after"
output of the following loop on both versions of the code (albeit with an
intermediate "sort" step to account for the different insertion order)

  for (let v in version) {
    let m = version[v];
    for (let [k, a] of Object.entries(m)) {
      console.log(v, k, a);
    }
  }

The patch also fixes a few typos, and removes a duplicate definition of
getChatHistory which in each applicable version was defined with two different
parameter lists, but where only the second would be used.
2019-01-22 22:51:22 +01:00
Joseph C Wang
ae49409593 fix for python3 2019-01-22 22:23:18 +01:00
Ray Bellis
5ef4a2d1d5 more thenify in node/utils/* 2019-01-22 17:30:33 +00:00
Ray Bellis
584e481430 PadMessageHandler.js: migrate to thenify 2019-01-22 15:48:29 +00:00
Ray Bellis
5d7162ac9a utils/ImportHtml.js: migrate to thenify 2019-01-22 14:58:25 +00:00
Ray Bellis
c4f1f83747 APIHandler.js: use promises 2019-01-22 13:30:28 +00:00
Ray Bellis
ec5baa2ab3 PadMessageHandler.js: convert two remaining API calls to thenify 2019-01-22 12:58:26 +00:00
Ray Bellis
17fe32ec0c start using "thenify" to support callback and promises
PadManager.sanitizePadId() can't use thenify: single arg callback
2019-01-21 16:28:05 +00:00
muxator
40c45077ef db/GroupManager.js: factored out a variable
Extracted from Ray's work.
2019-02-09 01:15:50 +01:00
Ray Bellis
4877ec319a server.js: rewritten to use Promises 2019-01-18 16:10:25 +00:00
Ray Bellis
a579dfc285 pluginfw/installer.js: use Promise version of hooks.aCallAll() in install(), uninstall()
We cannot use arrow functions in this file, because code in /src/static can end
up being loaded in browsers, and we still support IE11.
2019-01-18 16:10:48 +00:00
Ray Bellis
80b3019154 pluginfw/plugins.js: converted to Promise API 2019-01-18 13:52:37 +00:00
Ray Bellis
8d85ae582e pluginfw/hooks.js: allow returning a Promise in aCallFirst(), aCallAll()
Since this code can end up loaded in browsers when using client side plugins,
avoid use of ES6 syntax features such as arrow functions until MSIE support is
finally dropped.
2019-01-18 13:49:17 +00:00
Ray Bellis
3802073695 db/DB.js: allow a Promise return instead of callbacks in init() 2019-01-18 13:48:46 +00:00
muxator
b0846ded14 db/SessionManager.js: "authorMangager" -> "authorManager"
Extracted from Ray's work.
2019-02-09 02:19:14 +01:00
muxator
98993fe156 db/SessionManager.js: "groupMangager" -> "groupManager"
Extracted from Ray's work.
2019-02-09 02:18:36 +01:00
muxator
11453d544c prepare to async: stricter checks
This change is in preparation of the future async refactoring by Ray. It tries
to extract as many changes in boolean conditions as possible, in order to make
more evident identifying eventual logic bugs in the future work.

This proved already useful in at least one case.

BEWARE: this commit exposes an incoherency in the DB API, in which, depending
on the driver used, some functions can return null or undefined. This condition
will be externally fixed by the final commit in this series ("db/DB.js: prevent
DB layer from returning undefined"). Until that commit, the code base may have
some bugs.
2019-03-01 09:43:41 +01:00
muxator
e841798314 prepare to async: typos in error messages
This change extracts the grammar correction performed on the async branch,
anticipating them in a single commit. It cannot be folded with the previous
one, as it is not purely cosmetic.
2019-02-15 22:52:53 +01:00
muxator
9497ee734f prepare to async: trivial reformatting
This change is only cosmetic. Its aim is do make it easier to understand the
async changes that are going to be merged later on. It was extracted from the
original work from Ray Bellis.

To verify that nothing has changed, you can run the following command on each
file touched by this commit:
  npm install uglify-es
  diff --unified <(uglify-js --beautify bracketize <BEFORE.js>) <(uglify-js --beautify bracketize <AFTER.js>)



This is a complete script that does the same automatically (works from a
mercurial clone):

```bash
#!/usr/bin/env bash

set -eu

REVISION=<THIS_REVISION>

PARENT_REV=$(hg identify --rev "${REVISION}" --template '{p1rev}')
FILE_LIST=$(hg status --no-status --change ${REVISION})
UGLIFYJS="node_modules/uglify-es/bin/uglifyjs"

for FILE_NAME in ${FILE_LIST[@]}; do
  echo "Checking ${FILE_NAME}"
  diff --unified \
    <("${UGLIFYJS}" --beautify bracketize <(hg cat --rev "${PARENT_REV}" "${FILE_NAME}")) \
    <("${UGLIFYJS}" --beautify bracketize <(hg cat --rev "${REVISION}"   "${FILE_NAME}"))
done
```
2019-02-08 23:20:57 +01:00
translatewiki.net
bd48497ce3 Localisation updates from https://translatewiki.net. 2019-01-17 10:50:43 +01:00
HairyFotr
fce55df2b7 Fix typos 2019-01-16 11:14:04 +01:00
translatewiki.net
02b3d42771 Localisation updates from https://translatewiki.net. 2018-12-27 10:48:05 +01:00
Luiza Pagliari
59cae81152
[chore] Allow debug mode on node versions >= 6.3 (#3527)
I've tried to install `node-inspector` using Node 8 and it looks like it is not supported. 

According to the [documentation of that tool](https://www.npmjs.com/package/node-inspector):

> Since version 6.3, Node.js provides a built-in DevTools-based debugger which mostly deprecates Node Inspector (...). The built-in debugger (...) provides certain advanced features (...) that are too difficult to implement in Node Inspector.

As [we require nodejs >= 6.9.0](https://github.com/ether/etherpad-lite#requirements), and as [`node-inspector` only works on Chrome and Opera](https://www.npmjs.com/package/node-inspector#debug), it looks like a good approach to remove the dependency of that tool and use Chrome DevTools directly. Besides, [there are other tools available](https://nodejs.org/en/docs/guides/debugging-getting-started/#inspector-clients) for debugging, if Chrome is not an option.

This PR also allow external connections to the inspector, so Etherpad instances running on containers can also be debugged. [There are obviously some risks to leave that opened on public IPs](https://nodejs.org/en/docs/guides/debugging-getting-started/#exposing-the-debug-port-publicly-is-unsafe), but I assumed no instance would run on debug mode for the final user.
2018-12-22 10:28:50 -02:00
translatewiki.net
7275cdc915 Localisation updates from https://translatewiki.net. 2018-12-17 08:51:24 +01:00
translatewiki.net
db27582622 Localisation updates from https://translatewiki.net. 2018-12-10 08:08:01 +01:00
muxator
aca8fae682 easysync-full-description: regenerate the pdf document
The .tex source was updated to fix some typos, but the corresponding pdf was not
regenerated.

Command used to generate the pdf:
  pdflatex easysync-full-description.tex

The incorporated changes are:
- 49114d2b7a (2014-06-01)
- c7548450c0 (2017-09-14)
2018-12-09 15:56:17 +01:00
muxator
49449453c9 README: a lot of packages mentioned in the readme are not really needed, simplify
libssl-dev, gzip, python, gcc have never been really needed for Etherpad itself.
They were probably needed back in the day to manually compile nodejs.
2018-12-01 14:16:39 +01:00
muxator
1f927f3e28 README: minor rewording 2018-12-01 14:15:40 +01:00
muxator
76007fe7cb README: removed trailing spaces 2018-12-01 14:11:01 +01:00
muxator
0ad8291ae7 hooks: restore Internet Explorer 11 compatibility.
Compatibility with IE11 regressed in 23eab79946 while working for #3488.
That commit made use of modern js syntax, not supported by IE11.

- Removed arrow functions, replaced with normal functions.
- Removed the spread operator (<...iterable>) and the "new Set()" construct,
  replaced with _.uniq()

At some point IE11 compatibility will be dropped.
Ditching it now, for such a small gain, is not wise.

Fixes #3500.
2018-11-28 20:03:39 +01:00
muxator
fe20ffa202 dependencies: update wd, 1.10.3 -> 1.11.1
This is just a dev dependency, so no real risks, but it's better not to scare
users.

Reported vulnerability before this change:

$ npm audit
                       === npm audit security report ===

# Run  npm update cryptiles --depth 4  to resolve 1 vulnerability
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High          │ Insufficient Entropy                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ cryptiles                                                    │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ wd [dev]                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ wd > request > hawk > cryptiles                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://nodesecurity.io/advisories/720                       │
└───────────────┴──────────────────────────────────────────────────────────────┘
2018-11-28 18:49:12 +01:00
muxator
194697a960
Merge pull request #3496 from seballot/develop
This commit merges the initial implementation for "colibris", a new skin
optionally shipped with Etherpad on top of the default one.

Resolves #3441
2018-11-28 18:16:16 +01:00
Sebastian Castro
fc629e49d9 skins:colibris fixes #3514 hide sidediv and "show line number" option on mobile 2018-11-28 15:01:12 +01:00
Stefan More
799319882c migrateDirtyDBtoRealDB: disabled write buffer, #2214 2018-11-27 21:18:40 +01:00
Stefan More
b8fa179622 migrateDirtyDBtoRealDB: added hint regarding memory, #2214 2018-11-27 21:18:40 +01:00
drebs
39fbc37dd8 index.html: generate unique pad names
Etherpad-lite relies on the user's browser to generate a random pad
name, but the current solution is not safe against collisions. In order
to generate unique pad names, the following modifications are made:

* use a PRNG instead of Math.random() and ensure uniform distribution
  when selecting chars.

* choose the pad name length to achieve a specific number of bits of
  security.

Closes: #3516
2018-11-26 23:07:34 +01:00
translatewiki.net
7df26840cb Localisation updates from https://translatewiki.net. 2018-11-22 07:26:44 +01:00
translatewiki.net
c17f5e5f04 Localisation updates from https://translatewiki.net. 2018-11-19 08:38:11 +01:00
Sebastian Castro
2ce195747b skins: Fixes #3510 show/hide line numbers 2018-11-15 11:34:32 +01:00
muxator
d4b15c01d5
Merge pull request #3513 from muxator/seballot-1
colibris: preparatory changes

This series consists of the preparatory changes done by @seballot on the Etherpad core code in order to prepare it for the introduction of the colibris skin (proposed in #3441).

They were extracted from #3496, isolating the modifications performed outside of skins/colibris.

The expected effects on Etherpad (and its default skin) should be none: any major deviation from the original behavior is to be considered a bug.

A followup series will merge the colibris skin itself.
2018-11-12 22:24:14 +01:00
translatewiki.net
b0210c1b55 Localisation updates from https://translatewiki.net. 2018-11-12 08:37:52 +01:00