Commit Graph

114 Commits

Author SHA1 Message Date
a0c605faae Docker: Fix PHP tests
This creates another mysql_testing database during db service setup

Replace server with env tags in phpunit.xml in order to force
override certain parameters when tests are run. See:
https://github.com/sebastianbergmann/phpunit/issues/2353 for more
information.

Rename primary developer Docker database from bookstack-test to
bookstack-dev. bookstack-test is used as the mysql_testing database
2021-01-31 18:54:24 +05:30
e53e4f85c7 Aligned norwegian lang with others and used correct locale 2021-01-02 15:58:23 +00:00
a04a800258 Merge branch 'master' of git://github.com/Swoy/BookStack into Swoy-master 2021-01-02 15:45:18 +00:00
92922288dd Added iframe CSP, improved session cookie security
Added iframe CSP headers with configuration via .env.
Updated session cookies to be lax by default, dynamically changing to
none when iframes configured to allow third-party control.
Updated cookie security to be auto-secure if a https APP_URL is set.

Related to #2427 and #2207.
2021-01-02 02:43:50 +00:00
65b2c90522 Merge branch 'v0.30.x' 2020-12-06 21:32:01 +00:00
884664bfe9 Ensured base64 images are read from image upload folder
Also removed unused storage systems and updated testing.
2020-12-06 15:34:18 +00:00
66917520cb Service provider and other cleanup
- Removed old 'exposeTranslations' system to instead use new component
 option system.
- Extracted validation rules into their own service provider.
- Cleaned up some formatting/comments in the repos.
2020-11-21 17:52:49 +00:00
20f9a50cee LDAP: Added TLS support 2020-11-18 01:05:29 +01:00
ec3aeb3315 Added recycle bin auto-clear lifetime functionality 2020-11-07 13:58:23 +00:00
4c5566755f updated config to also include Norwegian 2020-10-19 12:35:05 +02:00
b714652e10 Import thumbnail photos when LDAP users are created. 2020-10-12 12:33:55 -04:00
1f202f6dbc Updated locale lists for Bulgarian 2020-09-19 15:36:17 +01:00
e5377d5f46 Updated saml2 slo config so url is used if no repsonse url
Updated config to change empty string to null since the empty string was
hitting an isset check which caused an empty string to be used instead
of the slo url as a backup option.

Closes #2002
2020-09-05 19:26:47 +01:00
69a47319d5 Default OpenID display name set to standard value 2020-08-05 13:14:46 +02:00
2ed0317129 Updated functionality for logging failed access
- Added testing to cover.
- Linked logging into Laravel's monolog logging system and made log
channel configurable.
- Updated env var names to be specific to login access.
- Added extra locations as to where failed logins would be captured.

Related to #1881 and #728
2020-07-28 12:59:43 +01:00
2f6ff07347 Merge branch 'auth' of git://github.com/benrubson/BookStack into benrubson-auth 2020-07-28 10:46:40 +01:00
13d0260cc9 Configurable OpenID Connect services 2020-07-09 16:27:45 +02:00
07a6d7655f First basic OpenID Connect implementation 2020-07-01 23:27:50 +02:00
19bfc8ad37 Prevented entity "Not Found" events from being logged
- Added testing to cover, which was more hassle than thought
  since Laravel did not have built in log test helpers, so:
- Added Log testing helper.

Related to #2110
2020-05-23 11:28:59 +01:00
8f1f73defa Properly use env/config functions 2020-05-23 12:06:37 +02:00
00c77e494b Updated ci with php7.4, update locale array 2020-04-28 12:28:19 +01:00
a17b82bdde Fixed api query total not taking filters into account 2020-04-25 21:37:52 +01:00
034478409e Add support Windows Authentication via SAML 2020-04-03 14:05:07 +02:00
64942268b8 Added Slovenian to available language options
Related to #1946
2020-03-14 22:24:27 +00:00
b94b945fb0 Merge branch 'master' of git://github.com/Binternet/BookStack into Binternet-master 2020-03-04 22:22:08 +00:00
34616ac195 Updated lanauge lists to match latest translations 2020-03-04 22:14:25 +00:00
29cc35a304 Added dump_user_details option to LDAP and added binary attribute decode option
Related to #1872
2020-02-15 20:31:23 +00:00
e6c6de0848 Simplified guard names and rolled out guard route checks
- Included tests to cover for LDAP and SAML
- Updated wording for external auth id option.
- Updated 'assertPermissionError' test case to be usable in BrowserKitTests
2020-02-02 13:10:21 +00:00
5d08ec3cef Fixed failing tests caused by auth changes 2020-02-02 12:00:41 +00:00
e743cd3f60 Added files missed in previous commit 2020-02-02 10:59:03 +00:00
575b85021d Started alignment of auth services
- Removed LDAP specific logic from login controller, placed in Guard.
- Created safer base user provider for ldap login, to be used for SAML
soon.
- Moved LDAP auth work from user provider to guard.
2020-02-01 11:42:22 +00:00
5ff89a1abb Added danish to language arrays 2020-01-18 16:10:16 +00:00
be554b9c79 Added configurable API throttling, Handled API errors standardly 2020-01-18 15:03:28 +00:00
349b4629be Extracted API auth into guard
Also implemented more elegant solution to allowing session auth for API
routes; A new 'StartSessionIfCookieExists' middleware, which wraps the
default 'StartSession' middleware will run for API routes which only
sets up the session if a session cookie is found on the request. Also
decrypts only the session cookie.

Also cleaned some TokenController codeclimate warnings.
2019-12-30 14:51:28 +00:00
23ad8024ec resolved conflict 2019-12-29 23:03:10 +02:00
da03e34c67 added he locale to configuration 2019-12-29 23:01:45 +02:00
04137e7c98 Started core API route work 2019-12-28 14:58:07 +00:00
f9fa6904b9 Made LDAP auth ID attribute configurable
- Allows the field that gets stored as the "External Authentication ID"
to be configurable. Defined as LDAP_ID_ATTRIBUTE=uid in .env.
- Added test to cover usage.
- Also now auto-lowercases when searching for attributes in LDAP
response since PHP always provides them as lower case.

Closes #592.
2019-12-16 12:40:21 +00:00
615a050856 Merge branch 'settings-color-selector' of git://github.com/james-geiger/BookStack into james-geiger-settings-color-selector 2019-12-07 20:36:39 +00:00
488325f459 Added the ability to auto-load config from metadata url 2019-11-17 14:44:26 +00:00
3a17ba2cb9 Started using OneLogin SAML lib directly
- Aligned and formatted config options.
- Provided way to override onelogin lib options if required.
- Added endpoints in core bookstack routes.
- Provided way to debug details provided by idp and formatted by
bookstack.
- Started on test work
- Handled case of email address already in use.
2019-11-17 13:26:43 +00:00
8169c725d5 Started review of SAML implementation
- Updated PHPdoc of SAML service to use type hinting instead.
- Updated groups to only sync if enabled.
- Updated names of some config props.
- Removed a couple of unused config props.
- Added exception to handle no email on SAML response.
2019-11-16 14:42:51 +00:00
bb1f43cbd8 Merge branch 'feature/saml' of git://github.com/Xiphoseer/BookStack into Xiphoseer-feature/saml 2019-11-16 12:42:45 +00:00
4763b899b6 Made it possible to override translations via theme system 2019-10-26 18:07:14 +01:00
f37131a5bf Removed old Translation Service + Provider
Was no longer needed due to only being there to perform
language extension for de_informal but now this is done by crowdin
instead so it's redundant. Same goes for checking and formatting
scripts.

Also removed comment advising deletion form settings.php language list
since this is now auto-copied to languages anyway.

Related to #1261
2019-10-19 00:04:49 +01:00
f1d7699df5 Updated Korean to be correct country code 2019-10-18 14:27:41 +01:00
e6fe299c4f added additional color settings into UI
Adds new options in the customization section of the settings to change the shelf, book, chapter, page, and draft colors.
2019-10-17 13:46:18 -05:00
df98deb59d Added Turkish to locale system 2019-10-17 14:01:19 +01:00
8b550991a4 Refactored some core entity actions
- Created BookChild class to share some page/chapter logic.
- Gave entities the power to generate their own permissions and slugs.
- Moved bits out of BaseController constructor since it was overly
sticky.
- Moved slug generation logic into its own class.
- Created a facade for permissions due to high use.
- Fixed failing test issues from last commits
2019-09-20 00:18:28 +01:00
be08dc1588 Ran phpcbf and updated helpers typehinting 2019-09-15 18:29:51 +01:00