public-offering
/
pad.pub0.org
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
6,262 Commits
190 Branches
71 Tags
55 MiB
Commit Graph

6262 Commits (89667f1d4f8b50458adf2cb1e1e1ee26e5138a5d)

Author SHA1 Message Date
John McLear 89667f1d4f
update changelog for release (#4475) 2020-11-08 10:03:22 +00:00
John McLear 881d8b8d95
pluginfw: Hook to include additional body in HTML exports (#4469) 
* hook, needs docs

* docs
 2020-11-06 13:48:59 +00:00
John McLear 3fa58efede
pluginfw: Export .etherpad hooks (#4466) 
* export support

* proper prefix

* just a basic example, needs working on still

* docs

* comments shouldnt be hard coded
 2020-11-06 13:48:25 +00:00
ilmar d5c5ca224b Fix missing arg handling in html10n.js 2020-11-05 10:38:22 +00:00
Richard Hansen 405e3e3e19 Settings: Don't filter out users based on `password` or `hash` 
Some authentication plugins use the users defined in the `users`
object but ignore the `password` and `hash` properties.

This change deletes all of the filtering logic, including the logic
that filters out users that have both `password` and `hash` properties
defined. I could have kept that check, but decided to remove it
because:
  * There's no harm in defining both `hash` and `password`.
  * Allowing both makes it easier to transition from one scheme to
    another.
  * It's fewer lines of code to maintain.
 2020-11-04 18:06:08 +00:00
Richard Hansen 6408d2313c webaccess: Be extra paranoid about nullish password 
If `settings.json` contains a user without a `password` property then
nobody should be able to log in as that user using the built-in HTTP
basic authentication. This is true both with and without this change,
but before this change it wasn't immediately obvious that a malicious
user couldn't use an empty or null password to log in as such a user.
This commit adds an explicit nullish check and some unit tests to
ensure that an empty or null password will not work if the `password`
property is null or undefined.
 2020-11-04 18:06:08 +00:00
Richard Hansen 98de2b0899 Use `contentEditable` for all browsers 
This makes it possible to disable `contentEditable` for certain
elements in some circumstances (e.g., on links so that users can click
on them normally).
 2020-11-03 19:02:01 +00:00
Richard Hansen 5e2a27a182 Replace `setClassPresence(x, ...)` with `x.classList.toggle(...)` 2020-11-03 19:02:01 +00:00
Richard Hansen 4594608c04 Delete commented-out code 2020-11-03 19:02:01 +00:00
Richard Hansen 91268e14b7 PadMessageHandler: Rename `client` to `socket` 
The `client` variable is actually a socket.io Socket object. Rename it
to reduce confusion.
 2020-11-02 20:39:08 +00:00
John McLear cfc7e47db0
plugins: Various checkPlugins.js and associated file fixes. (#4439) 
This PR makes checkPlugins some what more useful for developers.  

It adds auto npm publish support and various travis improvements among other goodies.
 2020-11-02 16:13:24 +00:00
Richard Hansen 35f4c00dfb .travis.yml: Install ep_readonly_guest 2020-11-02 16:10:07 +00:00
Richard Hansen ed5a635f4c Add `req` to EJS render args when possible 
This makes it possible for EJS templates and `eejsBlock_*` hook
functions to access the user's express-session state.
 2020-11-02 16:05:01 +00:00
Richard Hansen cf43156390 Remove `src/static/js/jquery.js` from `.gitignore` 
That file is checked in so there's no reason to ignore it.
 2020-11-02 16:03:58 +00:00
translatewiki.net 127923eb54 Localisation updates from https://translatewiki.net. 2020-11-02 12:40:50 +01:00
Gabriel Medeiros Coelho ce77c48475 remove unnecessary conditional 
if animationState evaluates to -1 or 0, it would end up in a conditional that assign its value to itself. Since this is redundant, it is better to remove this conditional, to avoid an extra check
 2020-11-01 01:41:09 -05:00
Richard Hansen a95145d12c Merge branch 'master' into develop 2020-11-01 01:34:59 -05:00
Richard Hansen 2c8769a6fd Fix typo in session check (sesion -> session) 
(cherry picked from commit 4332affba6)
 2020-11-01 01:33:00 -05:00
Richard Hansen 2249b9ae19 SessionManager: Fix session expiration check 
This bug was introduced in 8b0baa9679.

(cherry picked from commit 3886e95c83)
 2020-11-01 01:33:00 -05:00
webzwo0i b67c9cc136
tests: Speed up and fix travis (#4453) 
Various test runner fixes.
 2020-10-30 10:40:11 +00:00
Richard Hansen b41d9762fa tests: Clear auth hooks before running import/export unit tests 
Also fix some ESLint complaints.
 2020-10-29 19:06:24 -04:00
Richard Hansen 03d8882383 tests: Clear auth hooks before running socket.io unit tests 2020-10-29 18:53:10 -04:00
Richard Hansen 4829bb8962 tests: Delete unnecessary `describe()` wrapper 2020-10-29 18:53:10 -04:00
Richard Hansen dbe9151d89 tests: Clear hooks before running webaccess tests 
Also factor out common test setup code.
 2020-10-29 15:33:05 -04:00
Richard Hansen 6961e0e05b .travis.yml: Factor out common plugin install command 2020-10-29 15:32:32 -04:00
Richard Hansen f6516d62ef .travis.yml: Don't install ep_comments_page 
The tests need work.
 2020-10-29 15:32:32 -04:00
Richard Hansen 8969b6ba7f .travis.yml: Sort plugins 2020-10-29 15:32:32 -04:00
Richard Hansen ef60a4234d .travis.yml: Wrap long plugin install lines 2020-10-29 15:32:32 -04:00
John McLear d21afba45a
security: lockfile lint check (#4446) 2020-10-29 14:07:36 -04:00
John McLear 99d5c7c943
docs: Migrate from Travis-ci.org to .com 2020-10-28 11:05:33 +00:00
webzwo0i 66a3647579 remove broken async inclusion in tar.json 2020-10-27 20:33:09 +00:00
Richard Hansen 2f65987ba2 webaccess: Remove user's password from session info 
This prevents the password from being logged or stored in the
database.
 2020-10-27 20:30:01 +00:00
chandi 30b1273853 docs: fix key in padUpdate context 2020-10-26 23:43:09 +00:00
translatewiki.net 50c22f0ae4 Localisation updates from https://translatewiki.net. 2020-10-26 15:56:46 +01:00
Viljami Kuosmanen c502ca3259 Use isHttpError utility provided by http-errors 
This new utility method was introduced in http-errors v1.8.0. Let's use
that instead of instanceof. This also upgrades the http-errors dependency
 2020-10-25 10:45:58 +00:00
Viljami Kuosmanen aef4cce0c9 Use correct constructor for 404,501 error handlers 
Fixes error message mentioned in #4378.
 2020-10-25 10:45:58 +00:00
Sebastian Castro 5a1110d0d6 Display outline when toolbar button focused 2020-10-25 10:34:51 +00:00
Richard Hansen 193028702d pad: Don't paste when middle-clicking on a link 2020-10-25 07:06:29 +00:00
Andrew Dassonville bee1ae06d8 utils: Fix commit checking on detached HEAD 2020-10-24 16:22:01 -04:00
John McLear cb5fcbb74e
editor: allow paste into links (#3802) 2020-10-24 16:59:03 +01:00
Richard Hansen 36aceb3aba hooks: Rewrite `callAll` and `aCallAll` for consistency 
Rewrite the `callAll` and `aCallAll` functions to support all
reasonable hook behaviors and to report errors for unreasonable
behaviors (e.g., calling the callback twice).

Now a hook function like the following works as expected when invoked
by `aCallAll`:

```
exports.myHookFn = (hookName, context, cb) => {
  cb('some value');
  return;
};
```
 2020-10-24 16:08:50 +01:00
Richard Hansen 79119baf58 hooks: Call the callback when done 
If a hook function neither calls the callback nor returns a
(non-undefined) value then there's no way for the hook system to know
if/when the hook function has finished.
 2020-10-24 16:08:50 +01:00
Richard Hansen 55939a0d7e hooks: Delete unused `flatten` function 2020-10-24 16:08:50 +01:00
John McLear b5c759cbac
tests: remove ep_webrtc for now until it's stable 2020-10-24 15:14:30 +01:00
Wouter bd2343f131 Added nl translations for adminpage 2020-10-23 16:18:57 -04:00
John McLear 9f5fb022b9
Create FUNDING.yml 2020-10-23 20:31:17 +01:00
webzwo0i 069e9997dd
tests: 10 sec maximum wait time for timeslider (#4430) 2020-10-23 12:43:38 +01:00
Wouter b3b3040204
docs: Discord channel link in README (#4429) 2020-10-22 16:39:03 +01:00
webzwo0i 047dfcdee9
tests: relaxed constraint on the number of interval triggers (#4427) 2020-10-22 16:01:51 +01:00
translatewiki.net 73dd3ffdf4 Localisation updates from https://translatewiki.net. 2020-10-22 12:58:59 +02:00