Commit Graph

7747 Commits (66ce2b50a932ff983c0d63df7aa5872c89f722c1)

Author SHA1 Message Date
Richard Hansen 66ce2b50a9 openapi: Convert `Promise.catch()` to `catch` block 2022-01-02 19:17:20 -05:00
Richard Hansen fa8bdb0348 promises: Add a comment explaining a subtlety in `Gate` 2022-01-02 18:57:44 -05:00
Richard Hansen a115c475ad promises: Expose `reject` in `Gate` 2022-01-02 18:57:44 -05:00
Richard Hansen b72db7ebd6 promises: Return a `Promise` from `Gate.then()`
It doesn't make sense to return a `Gate` from `Gate.then()`, and this
eliminates the semantically confusing constructor parameter.
2022-01-02 18:57:44 -05:00
Richard Hansen 78a67801f3 promises: Move Gate from `server.js` (to enable reuse) 2022-01-02 18:57:44 -05:00
Richard Hansen c8d45586c1 server: Fix stop Gate creation and check 2022-01-02 18:57:44 -05:00
Richard Hansen 10c55a2328 Changeset: Explain why number of removals doesn't matter 2021-12-31 22:53:59 -05:00
Richard Hansen 6495b1e6f4 tests: Disable deprecation warnings when testing deprecated functions 2021-12-31 22:15:03 -05:00
Richard Hansen c0471dd238 tests: Avoid deprecated `Changeset.opIterator` 2021-12-31 22:14:07 -05:00
webzwo0i 0af728ffee textLinesMutator: coverage for changed attributes in multiline keeps 2021-12-30 18:44:29 -05:00
webzwo0i 93447b7493 easysync tests: cover more string operation scenarios 2021-12-30 18:44:29 -05:00
webzwo0i 395cbc01bb Changeset.js: refine comments 2021-12-30 18:44:29 -05:00
webzwo0i 55c47efd4c easysync tests: add some more smartOpAssembler tests 2021-12-30 18:44:29 -05:00
webzwo0i 12ebca897d easysync: add clear method to stringAssembler 2021-12-30 18:44:29 -05:00
Chocobozzz 0cc15df9b9 Prevent pad translation and crash
Prevent "TypeError: Cannot read properties of null (reading 'sheet')"
exception because google chrome can translate `<style type="text/css" title="dynamicsyntax"></style>` title attribute
2021-12-22 17:46:32 +01:00
Richard Hansen cb257de8f9 Bump version to v1.9.0 for plugin `peerDependencies`
This allows plugins to depend on the not-yet-released API by bumping
their `peerDependencies` to `>=1.9.0`.

IMPORTANT: v1.9.0 IS NOT RELEASED YET. I tried to bump the version to
1.9.0-alpha.0 instead, but unfortunately that doesn't satisfy
`>=1.8.6` which would break just about every plugin.
2021-12-21 17:23:56 -05:00
Richard Hansen 02a56dc58c PadMessageHandler: Allow `handleMessageSecurity` to grant one-time write access 2021-12-21 17:23:56 -05:00
Richard Hansen 31b025bd9d PadMessageHandler: Pass session info to `handleMessageSecurity` hook 2021-12-21 17:23:56 -05:00
Richard Hansen 1b52c9f0c4 PadMessageHandler: Deprecate `client` context property 2021-12-21 17:23:56 -05:00
Richard Hansen 8539a66439 docs: Improve `handleMessageSecurity` documentation 2021-12-21 17:23:56 -05:00
Richard Hansen f1856cf95a Docker: Use new `/health` endpoint for HEALTHCHECK 2021-12-21 17:19:56 -05:00
Richard Hansen 11de525508 Docker: Install and use link for `etherpad` binary 2021-12-21 17:19:56 -05:00
Richard Hansen 83f2898723 package.json: Define `etherpad` binary 2021-12-21 17:19:56 -05:00
Richard Hansen 696f9c3367 specialpages: New `/health` endpoint for health checking
This endpoint is intended to conform with:
https://www.ietf.org/archive/id/draft-inadarei-api-health-check-06.html
2021-12-21 17:19:56 -05:00
Dirk Jagdmann 2e4c546c7f Pad: Add new `.spliceText()` method
Co-authored-by: Richard Hansen <rhansen@rhansen.org>
2021-12-21 17:00:18 -05:00
Richard Hansen 30544b564e express: Skip express-session middleware if pre-authorized 2021-12-20 20:08:19 -05:00
Richard Hansen 649fbdccf5 express: Move static handlers to `expressPreSession`
This avoids the need to exempt the paths from authentication checks,
and it eliminates unnecessary express-session state.
2021-12-20 20:08:19 -05:00
Richard Hansen 72f4ae444d express: New `expressPreSession` server-side hook 2021-12-20 20:08:19 -05:00
Richard Hansen 0b1ec20c5c express: Move `preAuthorize` middleware before express-session 2021-12-20 20:08:19 -05:00
Richard Hansen bf35dcfc50 webaccess: Move `preAuthorize` to its own middleware 2021-12-20 20:08:19 -05:00
Richard Hansen 7f3d0e71f7 express: Check access before `expressConfigure` middleware
There are no guarantees about the order of execution of hook
functions, which means that a plugin's `expressConfigure` hook
function could theoretically register a handler/middleware before the
access check middleware is registered. If that happens, the plugin's
handler would run before the access check, which would be bad. Avoid
the problem by explicitly installing the `webaccess.checkAccess`
middleware before running the `expressConfigure` hook.
2021-12-20 20:08:18 -05:00
Richard Hansen 472eddc821 webaccess: Skip checks if `next` is called in `preAuthenticate` 2021-12-20 20:08:18 -05:00
Richard Hansen fc498f0ae6 tests: Delete test pad before attempting import 2021-12-20 20:08:18 -05:00
Richard Hansen c4b25388ae docs: Server-side hook documentation improvements 2021-12-20 20:08:18 -05:00
Richard Hansen 02d1b90d30 tests: Factor out USER_CHANGES/ACCEPT_COMMIT helpers
This will make it possible for other tests to reuse the code.
2021-12-19 16:53:24 -05:00
snyk-bot 674a0ccedc fix: upgrade openapi-backend from 5.0.0 to 5.0.1
Snyk has created this PR to upgrade openapi-backend from 5.0.0 to 5.0.1.

See this package in npm:
https://www.npmjs.com/package/openapi-backend

See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=referral&page=upgrade-pr
2021-12-19 00:54:20 -05:00
webzwo0i 8b73f2ee70 padurlsanitize: Don't crash if `sanitizePadId()` throws
Let Express send a 500 status code to the user instead.

Co-authored-by: Richard Hansen <rhansen@rhansen.org>
2021-12-18 18:47:01 -05:00
Richard Hansen 4733c7d8d3 SessionStore: Promisify to the extent permitted by express-session 2021-12-18 18:29:04 -05:00
webzwo0i 694d3f630e SessionStore: Propagate database errors to express-session
Send a 500 HTTP status code to the client if the session entry could
not be fetched from the database. This is useful in case the database
is busy and can't respond to the query in time. In this case we want
to abort the client connection as soon as possible.

Co-authored-by: Richard Hansen <rhansen@rhansen.org>
2021-12-18 18:29:04 -05:00
Richard Hansen 7572040836 Pad: Simplify `Pad.copy()` logic 2021-12-18 18:28:58 -05:00
webzwo0i 0040f5984e db: await more database operations
Co-authored-by: Richard Hansen <rhansen@rhansen.org>
2021-12-18 18:23:27 -05:00
translatewiki.net e64462323b Localisation updates from https://translatewiki.net. 2021-12-16 13:03:26 +01:00
Richard Hansen 748d661495 Changeset: Fix off-by-one bug in `makeSplice` 2021-12-16 00:48:07 -05:00
Richard Hansen 30d68df396 Changeset: Add range checks to `makeSplice` 2021-12-16 00:48:07 -05:00
Richard Hansen fdf1fdbc23 Changeset: Improve readability of `makeSplice()` 2021-12-16 00:48:07 -05:00
Richard Hansen b1d0848701 Pad: Improve readability of `appendText` 2021-12-16 00:48:07 -05:00
Richard Hansen a6bf7816ce Pad: Simplify `setText` 2021-12-16 00:48:07 -05:00
Robert Geislinger 10e2b09b96 Update http_api.md
The current version is 1.2.15 or bigger if you look at e.g. copyPadWithoutHistory
2021-12-14 01:16:38 -05:00
snyk-bot 3693a0574f fix: upgrade jsdom from 18.1.0 to 18.1.1
Snyk has created this PR to upgrade jsdom from 18.1.0 to 18.1.1.

See this package in npm:
https://www.npmjs.com/package/jsdom

See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=referral&page=upgrade-pr
2021-12-14 01:05:47 -05:00
Richard Hansen d94f380141 API: Fix race conditions in `setText`, `appendText`, `restoreRevision` 2021-12-14 01:02:00 -05:00