John McLear
176eae6834
update changelog for release
2020-11-08 10:02:11 +00:00
John McLear
881d8b8d95
pluginfw: Hook to include additional body in HTML exports ( #4469 )
...
* hook, needs docs
* docs
2020-11-06 13:48:59 +00:00
John McLear
3fa58efede
pluginfw: Export .etherpad hooks ( #4466 )
...
* export support
* proper prefix
* just a basic example, needs working on still
* docs
* comments shouldnt be hard coded
2020-11-06 13:48:25 +00:00
ilmar
d5c5ca224b
Fix missing arg handling in html10n.js
2020-11-05 10:38:22 +00:00
Richard Hansen
405e3e3e19
Settings: Don't filter out users based on `password` or `hash`
...
Some authentication plugins use the users defined in the `users`
object but ignore the `password` and `hash` properties.
This change deletes all of the filtering logic, including the logic
that filters out users that have both `password` and `hash` properties
defined. I could have kept that check, but decided to remove it
because:
* There's no harm in defining both `hash` and `password`.
* Allowing both makes it easier to transition from one scheme to
another.
* It's fewer lines of code to maintain.
2020-11-04 18:06:08 +00:00
Richard Hansen
6408d2313c
webaccess: Be extra paranoid about nullish password
...
If `settings.json` contains a user without a `password` property then
nobody should be able to log in as that user using the built-in HTTP
basic authentication. This is true both with and without this change,
but before this change it wasn't immediately obvious that a malicious
user couldn't use an empty or null password to log in as such a user.
This commit adds an explicit nullish check and some unit tests to
ensure that an empty or null password will not work if the `password`
property is null or undefined.
2020-11-04 18:06:08 +00:00
Richard Hansen
98de2b0899
Use `contentEditable` for all browsers
...
This makes it possible to disable `contentEditable` for certain
elements in some circumstances (e.g., on links so that users can click
on them normally).
2020-11-03 19:02:01 +00:00
Richard Hansen
5e2a27a182
Replace `setClassPresence(x, ...)` with `x.classList.toggle(...)`
2020-11-03 19:02:01 +00:00
Richard Hansen
4594608c04
Delete commented-out code
2020-11-03 19:02:01 +00:00
Richard Hansen
91268e14b7
PadMessageHandler: Rename `client` to `socket`
...
The `client` variable is actually a socket.io Socket object. Rename it
to reduce confusion.
2020-11-02 20:39:08 +00:00
John McLear
cfc7e47db0
plugins: Various checkPlugins.js and associated file fixes. ( #4439 )
...
This PR makes checkPlugins some what more useful for developers.
It adds auto npm publish support and various travis improvements among other goodies.
2020-11-02 16:13:24 +00:00
Richard Hansen
35f4c00dfb
.travis.yml: Install ep_readonly_guest
2020-11-02 16:10:07 +00:00
Richard Hansen
ed5a635f4c
Add `req` to EJS render args when possible
...
This makes it possible for EJS templates and `eejsBlock_*` hook
functions to access the user's express-session state.
2020-11-02 16:05:01 +00:00
Richard Hansen
cf43156390
Remove `src/static/js/jquery.js` from `.gitignore`
...
That file is checked in so there's no reason to ignore it.
2020-11-02 16:03:58 +00:00
translatewiki.net
127923eb54
Localisation updates from https://translatewiki.net .
2020-11-02 12:40:50 +01:00
Gabriel Medeiros Coelho
ce77c48475
remove unnecessary conditional
...
if animationState evaluates to -1 or 0, it would end up in a conditional that assign its value to itself. Since this is redundant, it is better to remove this conditional, to avoid an extra check
2020-11-01 01:41:09 -05:00
Richard Hansen
a95145d12c
Merge branch 'master' into develop
2020-11-01 01:34:59 -05:00
Richard Hansen
2c8769a6fd
Fix typo in session check (sesion -> session)
...
(cherry picked from commit 4332affba6
)
2020-11-01 01:33:00 -05:00
Richard Hansen
2249b9ae19
SessionManager: Fix session expiration check
...
This bug was introduced in 8b0baa9679
.
(cherry picked from commit 3886e95c83
)
2020-11-01 01:33:00 -05:00
webzwo0i
b67c9cc136
tests: Speed up and fix travis ( #4453 )
...
Various test runner fixes.
2020-10-30 10:40:11 +00:00
Richard Hansen
b41d9762fa
tests: Clear auth hooks before running import/export unit tests
...
Also fix some ESLint complaints.
2020-10-29 19:06:24 -04:00
Richard Hansen
03d8882383
tests: Clear auth hooks before running socket.io unit tests
2020-10-29 18:53:10 -04:00
Richard Hansen
4829bb8962
tests: Delete unnecessary `describe()` wrapper
2020-10-29 18:53:10 -04:00
Richard Hansen
dbe9151d89
tests: Clear hooks before running webaccess tests
...
Also factor out common test setup code.
2020-10-29 15:33:05 -04:00
Richard Hansen
6961e0e05b
.travis.yml: Factor out common plugin install command
2020-10-29 15:32:32 -04:00
Richard Hansen
f6516d62ef
.travis.yml: Don't install ep_comments_page
...
The tests need work.
2020-10-29 15:32:32 -04:00
Richard Hansen
8969b6ba7f
.travis.yml: Sort plugins
2020-10-29 15:32:32 -04:00
Richard Hansen
ef60a4234d
.travis.yml: Wrap long plugin install lines
2020-10-29 15:32:32 -04:00
John McLear
d21afba45a
security: lockfile lint check ( #4446 )
2020-10-29 14:07:36 -04:00
John McLear
99d5c7c943
docs: Migrate from Travis-ci.org to .com
2020-10-28 11:05:33 +00:00
webzwo0i
66a3647579
remove broken async inclusion in tar.json
2020-10-27 20:33:09 +00:00
Richard Hansen
2f65987ba2
webaccess: Remove user's password from session info
...
This prevents the password from being logged or stored in the
database.
2020-10-27 20:30:01 +00:00
chandi
30b1273853
docs: fix key in padUpdate context
2020-10-26 23:43:09 +00:00
translatewiki.net
50c22f0ae4
Localisation updates from https://translatewiki.net .
2020-10-26 15:56:46 +01:00
Viljami Kuosmanen
c502ca3259
Use isHttpError utility provided by http-errors
...
This new utility method was introduced in http-errors v1.8.0. Let's use
that instead of instanceof. This also upgrades the http-errors dependency
2020-10-25 10:45:58 +00:00
Viljami Kuosmanen
aef4cce0c9
Use correct constructor for 404,501 error handlers
...
Fixes error message mentioned in #4378 .
2020-10-25 10:45:58 +00:00
Sebastian Castro
5a1110d0d6
Display outline when toolbar button focused
2020-10-25 10:34:51 +00:00
Richard Hansen
193028702d
pad: Don't paste when middle-clicking on a link
2020-10-25 07:06:29 +00:00
Andrew Dassonville
bee1ae06d8
utils: Fix commit checking on detached HEAD
2020-10-24 16:22:01 -04:00
John McLear
cb5fcbb74e
editor: allow paste into links ( #3802 )
2020-10-24 16:59:03 +01:00
Richard Hansen
36aceb3aba
hooks: Rewrite `callAll` and `aCallAll` for consistency
...
Rewrite the `callAll` and `aCallAll` functions to support all
reasonable hook behaviors and to report errors for unreasonable
behaviors (e.g., calling the callback twice).
Now a hook function like the following works as expected when invoked
by `aCallAll`:
```
exports.myHookFn = (hookName, context, cb) => {
cb('some value');
return;
};
```
2020-10-24 16:08:50 +01:00
Richard Hansen
79119baf58
hooks: Call the callback when done
...
If a hook function neither calls the callback nor returns a
(non-undefined) value then there's no way for the hook system to know
if/when the hook function has finished.
2020-10-24 16:08:50 +01:00
Richard Hansen
55939a0d7e
hooks: Delete unused `flatten` function
2020-10-24 16:08:50 +01:00
John McLear
b5c759cbac
tests: remove ep_webrtc for now until it's stable
2020-10-24 15:14:30 +01:00
Wouter
bd2343f131
Added nl translations for adminpage
2020-10-23 16:18:57 -04:00
John McLear
9f5fb022b9
Create FUNDING.yml
2020-10-23 20:31:17 +01:00
webzwo0i
069e9997dd
tests: 10 sec maximum wait time for timeslider ( #4430 )
2020-10-23 12:43:38 +01:00
Wouter
b3b3040204
docs: Discord channel link in README ( #4429 )
2020-10-22 16:39:03 +01:00
webzwo0i
047dfcdee9
tests: relaxed constraint on the number of interval triggers ( #4427 )
2020-10-22 16:01:51 +01:00
translatewiki.net
73dd3ffdf4
Localisation updates from https://translatewiki.net .
2020-10-22 12:58:59 +02:00