BookStack

mirror of https://github.com/BookStackApp/BookStack.git synced 2025-06-01 22:39:13 +08:00

Author	SHA1	Message	Date
Dan Brown	8ae35f645a	Fixed faulty baseUrl rewrites Fixes #1452 May help #1377	2019-05-19 16:25:05 +01:00
Dan Brown	896f88174a	Updated page navigation logic to ignore empty headers Fixes #1429	2019-05-15 21:02:11 +01:00
Dan Brown	97ffbaa740	Fixed issue where books titles could be leaked via shelf home view - Also added test to cover Fixes #1425	2019-05-07 22:42:48 +01:00
Dan Brown	ad542f0407	Prevented potential inline JS event usage - Removes 'on*' attributes from elements. - Also updated script logic to remove scripts instead of escaping. - All JS injection removal now uses DomDocument + xpath parsing.	2019-05-05 13:53:37 +01:00
Dan Brown	8c190324ac	Updated existing image tests to reflect changes - Also added some new tests	2019-05-04 18:11:19 +01:00
Dan Brown	aeb1fc4d49	Started rewriting back-end image managment	2019-04-21 15:52:29 +01:00
Dan Brown	4e49d06182	Merge branch 'fix/registraion-form-validation' of git://github.com/cw1998/BookStack into cw1998-fix/registraion-form-validation	2019-04-21 12:24:39 +01:00
Dan Brown	2bb06463d5	Added deeper content id de-duplication Closes #1393	2019-04-21 12:22:41 +01:00
Dan Brown	0bc5ccba32	Add revision restore confirm and changed http method Closes #1321	2019-04-20 13:25:16 +01:00
Dan Brown	6c66a8935a	Added test to check page HTML id de-duplication Relates to #1393	2019-04-20 13:01:56 +01:00
Dan Brown	c24764018a	Updated ldap server option parsing to work with protocol and port - Aligns with PHP behaviour where ports is ignore for full LDAP URI. - Added tests to check format being passed to LDAP is as expected. - May be related to #1220 - Related to #1386 and #1278	2019-04-16 22:47:53 +01:00
Christopher Wilkinson	c8cf6731e2	Add min length validation on name on register form & add sign up link	2019-04-16 12:18:51 +01:00
Dan Brown	c380c10d54	Prevented bad duplicate IDs causing major exception Related to #1393	2019-04-15 21:20:32 +01:00
Dan Brown	7f3f6e65b9	Aligned item creation wording and updated shelf-book-add logic	2019-04-15 20:45:04 +01:00
Christopher Wilkinson	50a9c71de0	Add tests for creating a book and adding directly to a shelf	2019-04-15 09:27:17 +01:00
Christopher Wilkinson	faa3a8b842	Add button to add a book directly from a shelf view	2019-04-15 09:27:17 +01:00
Dan Brown	9406b4d4c9	Updated view toggle to store date Also added test for user list order preferences	2019-04-14 13:01:51 +01:00
Dan Brown	b12ae6d11b	Added bookshelves to breadcrumbs - Updated breadcrumb dropdown switchers and back-end sibling code to handle new breadcrumbs. - Added breadcrumb view composer and EntityContext system to mangage tracking if in the context of a bookshelf.	2019-04-07 18:28:11 +01:00
Dan Brown	7cda9b026e	Updated tests to suit layout changes, Updated 404 page - Also replaced 'or' usage in templates with null coalescing operator	2019-04-06 18:36:17 +01:00
Dan Brown	193e2ffebe	Prevent dbl exts. on img upload, Randomized attachment upload names	2019-03-24 19:08:21 +00:00
Dan Brown	f5fe524e6c	Added extension whitelist for image uploads - A continuation of the security issues addressed in v0.25.3	2019-03-21 19:43:15 +00:00
Dan Brown	37b91b6b0e	Hardened image file validation by removing custom validation - Added test to check PHP files cannot be uploaded as an image.	2019-03-20 23:59:55 +00:00
Dan Brown	44c537de1a	Performed some LDAP service/test cleanup	2019-03-10 10:54:19 +00:00
Dan Brown	6bccf0e64a	Merge branch 'feature-ldap-attributes' of git://github.com/dfanara/BookStack into dfanara-feature-ldap-attributes	2019-03-10 10:31:09 +00:00
Dan Brown	042a6f9760	Updated shelf menu item to show on custom permission - Extended new 'userCanOnAny' helper to take a entity class for filtering. Closes #1201	2019-03-09 21:15:45 +00:00
Dan Brown	5c9b528517	Abstracted userCanCreatePage helper to work for any permisison - Added test to cover scenario where someone with create-own permission would want to copy a viewable item into a container entity that they own.	2019-03-09 16:50:22 +00:00
Daniel Fanara	6d20bdc1fb	Preserve original display_name_attribute configuration values.	2019-03-09 01:13:30 -05:00
Daniel Fanara	502ea608bf	Issue #1306 - Unit Tests for LdapService Changes	2019-03-09 01:08:49 -05:00
Dan Brown	0e0a17cc30	Prevented page text content includes Avoids possible permission issues where included content shown in search or preview where the user would not normally have permission to view the included content. Closes #1178	2019-01-05 17:18:40 +00:00
Dan Brown	50e5527483	Added test to cover "users" header link in correct permission conditions	2019-01-05 15:22:47 +00:00
Dan Brown	70ad707c3c	Tweaked profile page anchor links and swapped register/login links Also added test for login/register links on non-auth app view Relates to #1146	2019-01-05 15:01:16 +00:00
Dan Brown	a2087fe3ff	Made delete permissions a requirement for move operations Closes #1200	2019-01-05 14:39:40 +00:00
Dan Brown	2317bf2350	Added check for last admin on role change Will show error message if last admin and admin role is removed. Closes #1124 Also cleaned up user controller a little.	2018-12-30 16:11:58 +00:00
Dan Brown	68017e2553	Added testing for avatar fetching systems & config Abstracts imageservice http interaction. Closes #1193	2018-12-23 15:34:38 +00:00
Dan Brown	f4ea5f1f55	Updated page exports to use absolute time format For #1065	2018-12-22 16:35:04 +00:00
Dan Brown	26ec1cc3dc	Added proper escaping to LDAP filter operations To cover #1163	2018-12-20 20:04:09 +00:00
Dan Brown	651ae2f3be	Fixed failing language test after addition of formatter	2018-12-16 15:46:02 +00:00
Dan Brown	323bff7d6d	Extended translations system for arrays & extension Extended the base Laravel translation system to allow a locale to be based upon another. Also adds functionality to take base & fallback locales into account when fetching an array of translations. Related to work done in #1159	2018-12-12 20:46:27 +00:00
Dan Brown	178b5af83a	Added google select_account test Also cleaned the function naming a little to be more descriptive of the work they do.	2018-11-10 14:52:43 +00:00
Dan Brown	ffc1aa873e	Merge branch 'v0.24-dev'	2018-11-04 15:36:40 +00:00
Dan Brown	19b7093438	Fixed redirect issue when custom app url in use Fixes #956 & #1048 Also added tests to cover this url logic. Also removed debugbar during tests to maybe improve test speed.	2018-11-04 15:18:27 +00:00
Dan Brown	85f330c79a	Extracted many page-specific repo methods into page-specific repo	2018-10-13 11:27:55 +01:00
Dan Brown	919660678b	Re-structured the app code to be feature based rather than code type based	2018-09-25 12:30:50 +01:00
Dan Brown	9243c635f2	Made search test a little more consistent	2018-09-23 15:15:44 +01:00
Dan Brown	7b32aa163f	Added Bookshelves to search system. Also cleaned up and made search indexing system a little more efficient. Closes #1023	2018-09-23 12:34:30 +01:00
Dan Brown	da58c41ab6	Prevented attachDefaultRole from trying to re-attach if already existing Fixes #1003 Added test to cover	2018-09-22 22:09:34 +01:00
Dan Brown	3f58800ed1	Added ability to configure revision limit	2018-09-22 17:30:42 +01:00
Dan Brown	1cb6ae39c8	Added base RTL support For #939 - Adds way to check if current language is RTL via config system. - Made TinyMCE default direction be based on current language text direction. - Fixed bullet points to be RTL compatible. - Set page content body to have direction based on content.	2018-09-22 13:18:26 +01:00
Dan Brown	e3e484e561	Added custom head content to exports Closes #981 Also fixed incorrect download tests.	2018-09-22 11:53:40 +01:00
Dan Brown	e60d11ee04	Altered social auto-reg to be configurable per service - Added {$service}_AUTO_REGISTER and {$service}_AUTO_CONFIRM_EMAIL env options for each social auth system. - Auto-register will allow registration from login, even if registration is disabled. - Auto-confirm-email indicates trust and will mark new registrants as 'email_confirmed' and skip 'confirmation email' flow. - Also added covering tests.	2018-09-21 18:05:06 +01:00

1 2 3 4 5

230 Commits