Commit graph

3187 commits

Author SHA1 Message Date
Dan Brown
056d7c119f
Updated php packages 2021-11-15 18:39:38 +00:00
Dan Brown
226f296c9c
Removed extra border around markdown editor box 2021-11-15 11:37:17 +00:00
Dan Brown
b546098b36
Fixed page editor back button sometimes going nowhere
Updated the back button to be a proper link instead of a reference to
the last viewed URL since it could break if the last page was the
current one (On validation for example).

Includes test to cover.
Also applied some styleCI changes.

Fixes #2834
2021-11-15 11:19:03 +00:00
Dan Brown
88e6f93abf
Prevented auto-login from direct email confirmation actions
Was done for convenience but could potentially be exploited by an
attacker using signing up via one of these routes, then forwarding
an email confirmation to another user so they unknowingly utilise
an account someone else controls.

Tweaks the flow of confirming email, and the user invite flow.

For #3050
2021-11-15 10:50:28 +00:00
Dan Brown
e29d03ae76
Updated page includes to be top-level for code blocks
This change means that code blocks are now included still wrapped in
their pre tags, as we do for tables and lists.
Previously the <code> inner content would be included which would lead
to a generally bad/broken presentation.

Hopefully should not be a breaking change as section include tags for
code was tricky to get to, and it was in a semi-broken state.

For #2406
2021-11-15 00:48:05 +00:00
Dan Brown
85154fff69
Added an env configurable file upload size limit
Replaces the old suggestion of setting JS head 'window.uploadLimit'
variable. This new env option will be used by back-end validation and
front-end libs/logic too.

Limits already likely exist within prod environments at a PHP and
webserver level but this allows an app-level limit and centralises the
option on the BookStack side into the .env

Closes #3033
2021-11-14 22:03:22 +00:00
Dan Brown
f910738a80
Changed logout routes to POST instead of GET
As per #3047.

Also made some SAML specific fixes:
- IDP initiated login was broken due to forced default session value.
  Double checked against OneLogin lib docs that this reverted logic was fine.
- Changed how the saml login flow works to use 'withoutMiddleware' on
  the route instead of hacking out the session driver. This was due to
  the array driver (previously used for the hack) no longer being
  considered non-persistent.
2021-11-14 21:13:24 +00:00
Dan Brown
fceb4ecc07
Fixed sponsor image logo paths
Broke due to website branch name change
2021-11-14 16:53:01 +00:00
Dan Brown
6f1bdbf771
Added API search endpoint
Is a little awkward, emulates a 'list' API endpoint but has unstable
paging and does not support filters/sort. This is detailed on the
endpoint though.

Made some updates to the docs system to better support parameters
and examples on GET requests.

Includes tests to cover.

For #909
2021-11-14 16:28:01 +00:00
Dan Brown
2051189921
Added /api => /api/docs redirect for convenience. 2021-11-14 15:20:04 +00:00
Dan Brown
7025cb38df
Removed prefix route groups, applyed styleci changes
Removing prefix route groups out of visual preference.
Those don't really save much and I prefer seeing the complete
paths when going down the list to better guage where I am.
2021-11-14 15:16:18 +00:00
Dan Brown
2e49b16177
Prevented created/update_by filters be wiped in search
Updating filters via sidebar would wipe the created_by/update_by filters
since these were not part of the sidebar filter form.
This adds them, if existing, as hidden inputs.
Includes tests to cover.

Closes #2736
2021-11-14 15:07:13 +00:00
Dan Brown
8e71cd9bac
Fixed issue where markdown drafts showed as HTML
Markdown content was not being stored, only the sent
HTML representation, causing the draft to show as HTML upon next edit.
Added test to cover.

Fixes #3054
2021-11-14 12:17:22 +00:00
Dan Brown
89f7f8e259
Hid skip-to-content for print media
Fixes #3051
2021-11-14 11:50:13 +00:00
Dan Brown
f2ee95ca03
Merge pull request #3043 from BookStackApp/search_improvements_a
Search Engine Improvement
2021-11-13 15:13:29 +00:00
Dan Brown
fc7bd57dc8
Fixed occurances of altered titles in search results 2021-11-13 15:04:04 +00:00
Dan Brown
21d3620ef0
Attempted to make test a bit less flaky 2021-11-13 14:51:59 +00:00
Dan Brown
755dc99c72
Made further tweaks to search results formatting
- Updated page names to not be limited to a certain length.
- Added better start/end fill logic.
- Prevented <strong> tags from being counted towards the target content
  length desired from the formatter.
2021-11-13 14:37:40 +00:00
Dan Brown
221458ccfd
Fixed failing tests due to search highlighting changes 2021-11-13 13:43:41 +00:00
Dan Brown
2633b94deb
Applied StyleCI changes 2021-11-13 13:28:17 +00:00
Dan Brown
63d8d72d7e
Added testing to cover search result highlighting 2021-11-13 13:26:11 +00:00
Dan Brown
339518e2a6
Added tag highlighting in search
Using basic match of name or value containing a general term.
2021-11-13 13:02:32 +00:00
Dan Brown
ab4e99bb18
Added name highlighting in search results 2021-11-13 12:44:27 +00:00
Dan Brown
f30b937bb0
Added search result preview text highlighting
Created a new class to manage formatting of content for search results.
Turned out to be quite a complex task. This only does the preview text
so far, not titles or tags.

Not yet tested.
2021-11-12 22:57:50 +00:00
Dan Brown
7d0724e288
Added auto-conversion of search terms to exact values
Will occur when a search term contains a character that's used to split
content into search terms.
Added testing to cover.
2021-11-12 18:03:44 +00:00
Dan Brown
99587a0be6
Added tag values as part of the indexed search terms
This allows finding content via tag name/values when just searching
using normal seach terms.
Added testing to cover.

Related to #1577
2021-11-12 17:06:01 +00:00
Dan Brown
f28daa01d9
Added page content parsing to up-rank header text in search
This adds parsing of page content so that headers apply a boost to
scores in the search term index.
Additionally, this merges title and content terms to reduce the amount
of stored terms a little.
Includes testing to cover.
2021-11-12 13:47:23 +00:00
Dan Brown
820be162f5
Updated regen-search command to show some level of progress 2021-11-11 14:10:11 +00:00
Dan Brown
9f32613982
Refactored search indexer, Increase title/name score boost
- Title score boost changed from 5 to 40 (8x increase).
- Extracted entity parsing to its own function
2021-11-11 13:36:49 +00:00
Dan Brown
0ddd052818
Added missing comments or types
Checked over latest changes for potential SQL injection, all variable
usages are either (from trusted sourced AND case) or using
parameters/bindings to ensure it's handled at driver/lib level.
2021-11-09 15:13:15 +00:00
Dan Brown
da17004c3e
Added test to cover search frquency rank changes 2021-11-09 15:05:02 +00:00
Dan Brown
bc472ca2d7
Improved relation loading during search
Relations now loaded during back-end query phase instead of being lazy
loaded one-by-one within views.

Reduced queries in testing from ~60 to ~20.

Need to check other areas list-item.php's "showPath" option is used to
ensure relations are properly loaded for those listings.
2021-11-08 15:24:49 +00:00
Dan Brown
b3e1c7da73
Applied styleci fixes and pluck improvement as per larastan 2021-11-08 15:00:47 +00:00
Dan Brown
7405613f8d
Added search term score popularity adjustment
Adds adjustment of search term 'score' (Using in result ranking) so that
a relative 0.3 to 1.3 mulitplier is applied based upon relative
popularity within the whole database. At this point the term popularity
is still done via a prefix match against the search term.

Uses a SUM(IF(cond, a, IF(cond, a, ...))) chain to produce the scoring
result in the select query.
2021-11-08 14:23:48 +00:00
Dan Brown
b0b6f466c1
Reduced data retreived from database on page search 2021-11-08 11:41:14 +00:00
Dan Brown
9e0164f4f4
Further search system refactorings
- Moved search term querying to its own method.
- Updated Large content seeder to be more performant
2021-11-08 11:29:25 +00:00
Dan Brown
e1b8fe45b0
Refactored search runner a little to be neater 2021-11-08 11:04:27 +00:00
Dan Brown
f2b1d2e1e7
Applied latest StyleCI changes 2021-11-06 22:00:33 +00:00
Dan Brown
921e25e7e1
Merge pull request #3042 from BookStackApp/tags_view
Tag view
2021-11-06 21:59:34 +00:00
Dan Brown
899349c4b4
Added testing coverage for tag index
Also:
- Extracted out index table row to its own view.
- Added empty state.
- Ensured query params are set on pagination links.
2021-11-06 21:54:02 +00:00
Dan Brown
f8f9e74992
Added links to tag page
- Added from books/shelves listings and within the tag-edit view for all
  entities.
2021-11-06 20:21:11 +00:00
Dan Brown
929c8312bd
Started build of tag view
- Created listing
- Allows drilldown to tag name
- Shows totals

Not yet covered via testing
2021-11-06 16:30:20 +00:00
Dan Brown
8d7c8ac8bf
Done a round of phpstan fixes 2021-11-06 00:32:01 +00:00
Dan Brown
5c6a6b50a0
Applied StyleCI changes, added php/larastan to attribution 2021-11-05 16:27:59 +00:00
Dan Brown
bc291bee78
Added inital phpstan/larastan setup 2021-11-05 16:18:06 +00:00
Dan Brown
d0aa10a8c3
Applied styleci changes 2021-11-05 00:28:41 +00:00
Dan Brown
06b5009842
Standardised laravel validation to be array based
Converted from string-only-based validation.
Array based validation works nicer once you have validation classess or
advanced validation options.
2021-11-05 00:26:55 +00:00
Dan Brown
0ba8541370
Updated npm deps 2021-11-04 23:07:36 +00:00
Dan Brown
22024df508
Merge branch 'master' of github.com:BookStackApp/BookStack 2021-11-04 22:58:15 +00:00
Dan Brown
de5322288c
Applied latest styleci changes 2021-11-04 22:57:49 +00:00