Commit Graph

19 Commits

Author SHA1 Message Date
5e01c30882 Aligned constructors across controller classes
Since they no longer needed to run the parent contructor
since the parent constructor was no longer needed.
2020-11-21 17:08:37 +00:00
349162ea13 Prevented possible XSS via link attachments
This filters out potentially malicious javascript: or data: uri's coming
through to be attached to attachments.
Added tests to cover.

Thanks to Yassine ABOUKIR (@yassineaboukir on twitter) for reporting this
vulnerability.
2020-10-31 15:01:52 +00:00
d41452f39c Finished breakdown of attachment vue into components 2020-07-04 16:53:02 +01:00
14b6cd1091 Started migration of attachment manager from vue
- Created new dropzone component.
- Added standard component event system using custom DOM events.
- Added tabs component.
- Added ajax-delete-row component.
2020-06-30 22:12:45 +01:00
31f5786e01 Entity Repo & Controller Refactor (#1690)
* Started mass-refactoring of the current entity repos

* Rewrote book tree logic

- Now does two simple queries instead of one really complex one.
- Extracted logic into its own class.
- Remove model-level akward union field listing.
- Logic now more readable than being large separate query and
compilation functions.

* Extracted and split book sort logic

* Finished up Book controller/repo organisation

* Refactored bookshelves controllers and repo parts

* Fixed issues found via phpunit

* Refactored Chapter controller

* Updated Chapter export controller

* Started Page controller/repo refactor

* Refactored another chunk of PageController

* Completed initial pagecontroller refactor pass

* Fixed tests and continued reduction of old repos

* Removed old page remove and further reduced entity repo

* Removed old entity repo, split out page controller

* Ran phpcbf and split out some page content methods

* Tidied up some EntityProvider elements

* Fixed issued caused by viewservice change
2019-10-05 12:55:01 +01:00
3281925375 Standardised how request is injected into controller methods
Puts it in-line with how Laravel recommend.
2019-09-15 18:53:30 +01:00
85f330c79a Extracted many page-specific repo methods into page-specific repo 2018-10-13 11:27:55 +01:00
257a5a23ec Fleshed out entity provided and optimized imports 2018-09-25 16:58:03 +01:00
919660678b Re-structured the app code to be feature based rather than code type based 2018-09-25 12:30:50 +01:00
5c2e3f4e56 Extracted download response logic into controller method
Fixes incorrect 'Content-Disposition' header value.
Fixes #581
2018-09-22 11:34:09 +01:00
a1ecdcacba Fixed attachment error handling, Allowed all link types
Related to #812
2018-05-20 11:06:10 +01:00
548dcd4db1 Fixed error when accessing non-authed attachment
Also updated attachment tests to use standard test-case.
Fixes #681
2018-02-11 12:37:02 +00:00
8453191dfb Finished refactor of entity repos
Removed entity-specific repos and standardised
the majority of repo calls to be applicable to
all entity types
2017-01-02 11:07:27 +00:00
7f9de2c8ab Started refactor to merge entity repos 2017-01-01 16:05:44 +00:00
c9700e38e2 Created solution for JS translations
Also tidied up existing components and JS
2016-12-31 14:27:40 +00:00
05316c90ba converted image picker to blade-based component
Also updated some other JS translations
2016-12-24 15:21:19 +00:00
573357a08c Extracted text from logic files 2016-12-04 16:51:39 +00:00
d3c7aada89 Fixed attachments on draft pages 2016-11-12 14:21:54 +00:00
e639600ba5 Renamed files to attachments 2016-11-12 14:12:26 +00:00