Commit Graph

6420 Commits (lint-changeset-files)

Author SHA1 Message Date
Richard Hansen cc8dbb07fd docs: Wrap long lines
Also add blank lines around section headings and code blocks.
2020-11-13 20:30:27 +00:00
Richard Hansen 6a8563eeab import/export: Simplify exportEtherpadAdditionalContent processing
Also:
  * Improve parallelization
  * Refine the documentation
2020-11-10 23:02:43 +00:00
Richard Hansen 8c55a38582 HTML export: Add missing `)`
This bug was introduced in 68a91f5e24.
2020-11-10 02:51:55 -05:00
Richard Hansen 1ad9b1efbb Update `CHANGELOG.md`
Add new entries and refine wording/formatting of existing entries.
2020-11-10 07:22:22 +00:00
Richard Hansen 68a91f5e24 HTML export: Move `padId` to context object property 2020-11-10 07:13:26 +00:00
webzwo0i f6aed0c9cb
Fix truncation in travis (#4479)
* log to travis every five seconds
* travis: kill etherpad process after tests
2020-11-10 06:59:50 +01:00
John McLear f0da3a0c4c
Update README.md 2020-11-09 08:32:18 +00:00
John McLear 5e7d54a4aa
Update README.md 2020-11-09 08:27:53 +00:00
John McLear 89667f1d4f
update changelog for release (#4475) 2020-11-08 10:03:22 +00:00
John McLear 881d8b8d95
pluginfw: Hook to include additional body in HTML exports (#4469)
* hook, needs docs

* docs
2020-11-06 13:48:59 +00:00
John McLear 3fa58efede
pluginfw: Export .etherpad hooks (#4466)
* export support

* proper prefix

* just a basic example, needs working on still

* docs

* comments shouldnt be hard coded
2020-11-06 13:48:25 +00:00
ilmar d5c5ca224b Fix missing arg handling in html10n.js 2020-11-05 10:38:22 +00:00
Richard Hansen 405e3e3e19 Settings: Don't filter out users based on `password` or `hash`
Some authentication plugins use the users defined in the `users`
object but ignore the `password` and `hash` properties.

This change deletes all of the filtering logic, including the logic
that filters out users that have both `password` and `hash` properties
defined. I could have kept that check, but decided to remove it
because:
  * There's no harm in defining both `hash` and `password`.
  * Allowing both makes it easier to transition from one scheme to
    another.
  * It's fewer lines of code to maintain.
2020-11-04 18:06:08 +00:00
Richard Hansen 6408d2313c webaccess: Be extra paranoid about nullish password
If `settings.json` contains a user without a `password` property then
nobody should be able to log in as that user using the built-in HTTP
basic authentication. This is true both with and without this change,
but before this change it wasn't immediately obvious that a malicious
user couldn't use an empty or null password to log in as such a user.
This commit adds an explicit nullish check and some unit tests to
ensure that an empty or null password will not work if the `password`
property is null or undefined.
2020-11-04 18:06:08 +00:00
Richard Hansen 98de2b0899 Use `contentEditable` for all browsers
This makes it possible to disable `contentEditable` for certain
elements in some circumstances (e.g., on links so that users can click
on them normally).
2020-11-03 19:02:01 +00:00
Richard Hansen 5e2a27a182 Replace `setClassPresence(x, ...)` with `x.classList.toggle(...)` 2020-11-03 19:02:01 +00:00
Richard Hansen 4594608c04 Delete commented-out code 2020-11-03 19:02:01 +00:00
Richard Hansen 91268e14b7 PadMessageHandler: Rename `client` to `socket`
The `client` variable is actually a socket.io Socket object. Rename it
to reduce confusion.
2020-11-02 20:39:08 +00:00
John McLear cfc7e47db0
plugins: Various checkPlugins.js and associated file fixes. (#4439)
This PR makes checkPlugins some what more useful for developers.  

It adds auto npm publish support and various travis improvements among other goodies.
2020-11-02 16:13:24 +00:00
Richard Hansen 35f4c00dfb .travis.yml: Install ep_readonly_guest 2020-11-02 16:10:07 +00:00
Richard Hansen ed5a635f4c Add `req` to EJS render args when possible
This makes it possible for EJS templates and `eejsBlock_*` hook
functions to access the user's express-session state.
2020-11-02 16:05:01 +00:00
Richard Hansen cf43156390 Remove `src/static/js/jquery.js` from `.gitignore`
That file is checked in so there's no reason to ignore it.
2020-11-02 16:03:58 +00:00
translatewiki.net 127923eb54 Localisation updates from https://translatewiki.net. 2020-11-02 12:40:50 +01:00
Gabriel Medeiros Coelho ce77c48475 remove unnecessary conditional
if animationState evaluates to -1 or 0, it would end up in a conditional that assign its value to itself. Since this is redundant, it is better to remove this conditional, to avoid an extra check
2020-11-01 01:41:09 -05:00
Richard Hansen a95145d12c Merge branch 'master' into develop 2020-11-01 01:34:59 -05:00
Richard Hansen 2c8769a6fd Fix typo in session check (sesion -> session)
(cherry picked from commit 4332affba6)
2020-11-01 01:33:00 -05:00
Richard Hansen 2249b9ae19 SessionManager: Fix session expiration check
This bug was introduced in 8b0baa9679.

(cherry picked from commit 3886e95c83)
2020-11-01 01:33:00 -05:00
webzwo0i b67c9cc136
tests: Speed up and fix travis (#4453)
Various test runner fixes.
2020-10-30 10:40:11 +00:00
Richard Hansen b41d9762fa tests: Clear auth hooks before running import/export unit tests
Also fix some ESLint complaints.
2020-10-29 19:06:24 -04:00
Richard Hansen 03d8882383 tests: Clear auth hooks before running socket.io unit tests 2020-10-29 18:53:10 -04:00
Richard Hansen 4829bb8962 tests: Delete unnecessary `describe()` wrapper 2020-10-29 18:53:10 -04:00
Richard Hansen dbe9151d89 tests: Clear hooks before running webaccess tests
Also factor out common test setup code.
2020-10-29 15:33:05 -04:00
Richard Hansen 6961e0e05b .travis.yml: Factor out common plugin install command 2020-10-29 15:32:32 -04:00
Richard Hansen f6516d62ef .travis.yml: Don't install ep_comments_page
The tests need work.
2020-10-29 15:32:32 -04:00
Richard Hansen 8969b6ba7f .travis.yml: Sort plugins 2020-10-29 15:32:32 -04:00
Richard Hansen ef60a4234d .travis.yml: Wrap long plugin install lines 2020-10-29 15:32:32 -04:00
John McLear d21afba45a
security: lockfile lint check (#4446) 2020-10-29 14:07:36 -04:00
John McLear 99d5c7c943
docs: Migrate from Travis-ci.org to .com 2020-10-28 11:05:33 +00:00
webzwo0i 66a3647579 remove broken async inclusion in tar.json 2020-10-27 20:33:09 +00:00
Richard Hansen 2f65987ba2 webaccess: Remove user's password from session info
This prevents the password from being logged or stored in the
database.
2020-10-27 20:30:01 +00:00
chandi 30b1273853 docs: fix key in padUpdate context 2020-10-26 23:43:09 +00:00
translatewiki.net 50c22f0ae4 Localisation updates from https://translatewiki.net. 2020-10-26 15:56:46 +01:00
Viljami Kuosmanen c502ca3259 Use isHttpError utility provided by http-errors
This new utility method was introduced in http-errors v1.8.0. Let's use
that instead of instanceof. This also upgrades the http-errors dependency
2020-10-25 10:45:58 +00:00
Viljami Kuosmanen aef4cce0c9 Use correct constructor for 404,501 error handlers
Fixes error message mentioned in #4378.
2020-10-25 10:45:58 +00:00
Sebastian Castro 5a1110d0d6 Display outline when toolbar button focused 2020-10-25 10:34:51 +00:00
Richard Hansen 193028702d pad: Don't paste when middle-clicking on a link 2020-10-25 07:06:29 +00:00
Andrew Dassonville bee1ae06d8 utils: Fix commit checking on detached HEAD 2020-10-24 16:22:01 -04:00
John McLear cb5fcbb74e
editor: allow paste into links (#3802) 2020-10-24 16:59:03 +01:00
Richard Hansen 36aceb3aba hooks: Rewrite `callAll` and `aCallAll` for consistency
Rewrite the `callAll` and `aCallAll` functions to support all
reasonable hook behaviors and to report errors for unreasonable
behaviors (e.g., calling the callback twice).

Now a hook function like the following works as expected when invoked
by `aCallAll`:

```
exports.myHookFn = (hookName, context, cb) => {
  cb('some value');
  return;
};
```
2020-10-24 16:08:50 +01:00
Richard Hansen 79119baf58 hooks: Call the callback when done
If a hook function neither calls the callback nor returns a
(non-undefined) value then there's no way for the hook system to know
if/when the hook function has finished.
2020-10-24 16:08:50 +01:00