Commit graph

34 commits

Author SHA1 Message Date
Dan Brown
41438adbd1
Continued review of #2169
- Removed uneeded custom refresh or logout actions for OIDC.
- Restructured how the services and guards are setup for external auth
  systems. SAML2 and OIDC now directly share a lot more logic.
- Renamed any OpenId references to OIDC or OpenIdConnect
- Removed non-required CSRF excemption for OIDC

Not tested, Come to roadblock due to lack of PHP8 support in upstream
dependancies. Certificate was deemed to be non-valid on every test
attempt due to changes in PHP8.
2021-10-06 23:05:26 +01:00
Dan Brown
193d7fb3fe
Merge branch 'openid' of https://github.com/jasperweyne/BookStack into jasperweyne-openid 2021-10-06 13:18:21 +01:00
Dan Brown
7be7d7d1e7
Updated not-found image path handling to have better ux
Added test to cover.
Started refactoring some of the app error handling in
the process of this.

Fixes #2696
2021-05-08 18:49:58 +01:00
Dan Brown
d41452f39c
Finished breakdown of attachment vue into components 2020-07-04 16:53:02 +01:00
Jasper Weyne
07a6d7655f First basic OpenID Connect implementation 2020-07-01 23:27:50 +02:00
Dan Brown
7f6cbead33
Performed review of "public intended" functionality provided in #1817
- Updated logic to take url from referrer rather than pass as a query parameter.
- Added tests to cover functionality.
- Updated 404 page with login action button if not signed in.
- Updated 404 page with text to indicate permissions may be affecting visibility.

Related to #1817 and #1706
2020-03-14 18:29:31 +00:00
Dan Brown
49386b42da
Updated email test send to show error on failure
- Added test to cover
- Closes #1874
2020-02-15 14:13:15 +00:00
Dan Brown
3991fbe726
Checked over and aligned registration option behavior across all auth options
- Added tests to cover
2020-02-02 17:31:00 +00:00
Dan Brown
3cacda6762
Added expiry checking to API token auth
- Added test to cover to ensure its checked going forward
2019-12-30 19:51:41 +00:00
Dan Brown
3de55ee645
Linked new API token system into middleware
Base logic in place but needs review and refactor to see if can better
fit into Laravel using 'Guard' system. Currently has issues due to
cookies in use from active session on API.
2019-12-30 02:16:07 +00:00
Dan Brown
3a17ba2cb9
Started using OneLogin SAML lib directly
- Aligned and formatted config options.
- Provided way to override onelogin lib options if required.
- Added endpoints in core bookstack routes.
- Provided way to debug details provided by idp and formatted by
bookstack.
- Started on test work
- Handled case of email address already in use.
2019-11-17 13:26:43 +00:00
Dan Brown
8169c725d5
Started review of SAML implementation
- Updated PHPdoc of SAML service to use type hinting instead.
- Updated groups to only sync if enabled.
- Updated names of some config props.
- Removed a couple of unused config props.
- Added exception to handle no email on SAML response.
2019-11-16 14:42:51 +00:00
Dan Brown
bb1f43cbd8
Merge branch 'feature/saml' of git://github.com/Xiphoseer/BookStack into Xiphoseer-feature/saml 2019-11-16 12:42:45 +00:00
Dan Brown
42d8548960
Finished new user invite flow 2019-08-18 13:11:30 +01:00
Dan Brown
44330bdd24
Start user invite system 2019-08-17 15:52:33 +01:00
Daniel Seiler
8e723f10dc Add error messages, fix LDAP error 2019-08-07 15:31:10 +02:00
Dan Brown
2317bf2350
Added check for last admin on role change
Will show error message if last admin and admin role is removed.
Closes #1124
Also cleaned up user controller a little.
2018-12-30 16:11:58 +00:00
Dan Brown
5fe630b8d2
Merge branch 'master' into dropzone-timeout 2018-12-22 15:08:54 +00:00
Dan Brown
2753629dbe
Cleaned up script and formatted remaining EN files 2018-12-16 13:12:13 +00:00
Abijeet
d3d3e2ad3e Added a default timeout of 60 seconds to dropzone.
Fixes #876
2018-11-18 00:22:08 +05:30
Dan Brown
b59e5942c8
Added testing coverage for Bookshelves
Created modified TestResponse so we can use DOM operations in new
Testcases as we move away from the BrowserKit tests.
2018-09-21 15:15:16 +01:00
Abijeet
d859be3a12 Fixes a number of issues with the image uploader. Read below,
- Added a remove link to remove files that have an error.
- Error will appear below the progress bar.
- Hovering on dz-image or dz-details will display the error message. Otherwise error message was covering the remove link as well.
- Removed styling around the file size.
- Removed gradient effect in accordance with BookStack styling.
- Dropzone filenae will not overflow the container element. Also done for page attachments
- Added a 'uploaded' error message. this error was being thrown when the file size exceeded the server configured file size. (https://stackoverflow.com/a/42934387/903324)

Towards #741

Signed-off-by: Abijeet <abijeetpatro@gmail.com>
2018-03-18 18:44:11 +05:30
Dan Brown
548dcd4db1
Fixed error when accessing non-authed attachment
Also updated attachment tests to use standard test-case.
Fixes #681
2018-02-11 12:37:02 +00:00
Dan Brown
88d09a2a3b
Added drawing endpoint tests
Also refactored ImageTests away from BrowserKit
Also added image upload type validation.
2018-01-28 13:18:28 +00:00
Dan Brown
90bf13c1ab
Updated okta config keys, made SVG fully vector
Also added some additional error handling to login.
2017-12-09 13:32:45 +00:00
Dan Brown
db51cee2d8
Prevented custom homepage being deleted
Fixes #546
2017-10-15 19:14:46 +01:00
Abijeet
ac07cb41b6 Fixed formatting and added error messages. 2017-08-21 02:21:31 +05:30
Abijeet
38fe756725 #47 - Fixes a couple of issues found during testing - delete not updating the UI, delete none not working properly. 2017-06-07 23:45:29 +05:30
Abijeet
5bd9da6054 #47 - Adds various translations in English, and a few code improvements. 2017-06-06 01:46:59 +05:30
Dan Brown
c9700e38e2
Created solution for JS translations
Also tidied up existing components and JS
2016-12-31 14:27:40 +00:00
Dan Brown
573357a08c
Extracted text from logic files 2016-12-04 16:51:39 +00:00
Dan Brown
066adf3cea
Moved text for errors and form views.
Updated 404 page with additional links
2016-12-03 13:31:54 +00:00
Dan Brown
a14b5c33fd Added missing permission checkboxes and improved image AJAX permission responses 2016-02-27 20:52:46 +00:00
Dan Brown
ae95d0a239 Added permission system 2015-08-29 15:03:42 +01:00