Commit Graph

6389 Commits (996a2d86ddea37c27b9ae11aa87c7fd6f8941b97)

Author SHA1 Message Date
Richard Hansen 867fdbd3f9 webaccess: Asyncify `checkAccess` 2020-11-19 09:05:38 +00:00
Richard Hansen a803f570e0 webaccess: Don't export `checkAccess`
Nobody uses it outside of this module.
2020-11-19 09:05:38 +00:00
Richard Hansen 5d585a12d6 webaccess: Fix some ESLint errors 2020-11-19 09:05:38 +00:00
Richard Hansen 4587c0fb4d webaccess: Use a non-capturing regex group 2020-11-19 09:05:38 +00:00
Richard Hansen a05e8198c9
bugfix: Fix bad paren placement in `/javascript` handler (#4496)
* Fix bad paren placement in `/javascript` handler

This fixes a bug introduced in commit
ed5a635f4c.

* add regression test for #4495

* Move `/javascript` test to `specialpages.js`

Co-authored-by: webzwo0i <webzwo0i@c3d2.de>
2020-11-19 08:19:13 +00:00
Richard Hansen 07bcbbd404 pad: Include the stack in the data sent to `/jserror` 2020-11-17 08:02:27 +00:00
Richard Hansen c845d985e0 pad: Pop up an error message on unhandled Promise rejection 2020-11-17 08:02:27 +00:00
Richard Hansen 93c335b3b8 pad: Use a relative URL to simplify
Also avoid creating an unnecessary variable.
2020-11-17 08:02:27 +00:00
translatewiki.net 41d02db023 Localisation updates from https://translatewiki.net. 2020-11-16 15:15:14 +01:00
webzwo0i 1d8e8d3484 terser was not called because mime type did not match 2020-11-15 19:46:48 +00:00
Richard Hansen cedd27e4fe plugins: Default the module name to the plugin name 2020-11-13 20:30:27 +00:00
Richard Hansen afb025030c plugins: Use a log4js logger for npm messages 2020-11-13 20:30:27 +00:00
Richard Hansen 8a918fbc46 plugins: `async`ify more functions 2020-11-13 20:30:27 +00:00
Richard Hansen 9f575ebc84 plugins: Delete unused `ensure` function 2020-11-13 20:30:27 +00:00
Richard Hansen ac5614dadd plugins: Don't export `callInit`
It's unused outside of this module.

Also use an arrow function.
2020-11-13 20:30:27 +00:00
Richard Hansen ba4794cf8a plugins: Call `require('./hooks')` at top level 2020-11-13 20:30:27 +00:00
Richard Hansen 14a9479e69 plugins: Use functions from `fs.promises` 2020-11-13 20:30:27 +00:00
Richard Hansen d624aa936e plugins: Fix plugin name in error messages 2020-11-13 20:30:27 +00:00
Richard Hansen 6c07229d38 docs: Revise plugin documentation 2020-11-13 20:30:27 +00:00
Richard Hansen cc8dbb07fd docs: Wrap long lines
Also add blank lines around section headings and code blocks.
2020-11-13 20:30:27 +00:00
Richard Hansen 6a8563eeab import/export: Simplify exportEtherpadAdditionalContent processing
Also:
  * Improve parallelization
  * Refine the documentation
2020-11-10 23:02:43 +00:00
Richard Hansen 8c55a38582 HTML export: Add missing `)`
This bug was introduced in 68a91f5e24.
2020-11-10 02:51:55 -05:00
Richard Hansen 1ad9b1efbb Update `CHANGELOG.md`
Add new entries and refine wording/formatting of existing entries.
2020-11-10 07:22:22 +00:00
Richard Hansen 68a91f5e24 HTML export: Move `padId` to context object property 2020-11-10 07:13:26 +00:00
webzwo0i f6aed0c9cb
Fix truncation in travis (#4479)
* log to travis every five seconds
* travis: kill etherpad process after tests
2020-11-10 06:59:50 +01:00
John McLear f0da3a0c4c
Update README.md 2020-11-09 08:32:18 +00:00
John McLear 5e7d54a4aa
Update README.md 2020-11-09 08:27:53 +00:00
John McLear 89667f1d4f
update changelog for release (#4475) 2020-11-08 10:03:22 +00:00
John McLear 881d8b8d95
pluginfw: Hook to include additional body in HTML exports (#4469)
* hook, needs docs

* docs
2020-11-06 13:48:59 +00:00
John McLear 3fa58efede
pluginfw: Export .etherpad hooks (#4466)
* export support

* proper prefix

* just a basic example, needs working on still

* docs

* comments shouldnt be hard coded
2020-11-06 13:48:25 +00:00
ilmar d5c5ca224b Fix missing arg handling in html10n.js 2020-11-05 10:38:22 +00:00
Richard Hansen 405e3e3e19 Settings: Don't filter out users based on `password` or `hash`
Some authentication plugins use the users defined in the `users`
object but ignore the `password` and `hash` properties.

This change deletes all of the filtering logic, including the logic
that filters out users that have both `password` and `hash` properties
defined. I could have kept that check, but decided to remove it
because:
  * There's no harm in defining both `hash` and `password`.
  * Allowing both makes it easier to transition from one scheme to
    another.
  * It's fewer lines of code to maintain.
2020-11-04 18:06:08 +00:00
Richard Hansen 6408d2313c webaccess: Be extra paranoid about nullish password
If `settings.json` contains a user without a `password` property then
nobody should be able to log in as that user using the built-in HTTP
basic authentication. This is true both with and without this change,
but before this change it wasn't immediately obvious that a malicious
user couldn't use an empty or null password to log in as such a user.
This commit adds an explicit nullish check and some unit tests to
ensure that an empty or null password will not work if the `password`
property is null or undefined.
2020-11-04 18:06:08 +00:00
Richard Hansen 98de2b0899 Use `contentEditable` for all browsers
This makes it possible to disable `contentEditable` for certain
elements in some circumstances (e.g., on links so that users can click
on them normally).
2020-11-03 19:02:01 +00:00
Richard Hansen 5e2a27a182 Replace `setClassPresence(x, ...)` with `x.classList.toggle(...)` 2020-11-03 19:02:01 +00:00
Richard Hansen 4594608c04 Delete commented-out code 2020-11-03 19:02:01 +00:00
Richard Hansen 91268e14b7 PadMessageHandler: Rename `client` to `socket`
The `client` variable is actually a socket.io Socket object. Rename it
to reduce confusion.
2020-11-02 20:39:08 +00:00
John McLear cfc7e47db0
plugins: Various checkPlugins.js and associated file fixes. (#4439)
This PR makes checkPlugins some what more useful for developers.  

It adds auto npm publish support and various travis improvements among other goodies.
2020-11-02 16:13:24 +00:00
Richard Hansen 35f4c00dfb .travis.yml: Install ep_readonly_guest 2020-11-02 16:10:07 +00:00
Richard Hansen ed5a635f4c Add `req` to EJS render args when possible
This makes it possible for EJS templates and `eejsBlock_*` hook
functions to access the user's express-session state.
2020-11-02 16:05:01 +00:00
Richard Hansen cf43156390 Remove `src/static/js/jquery.js` from `.gitignore`
That file is checked in so there's no reason to ignore it.
2020-11-02 16:03:58 +00:00
translatewiki.net 127923eb54 Localisation updates from https://translatewiki.net. 2020-11-02 12:40:50 +01:00
Gabriel Medeiros Coelho ce77c48475 remove unnecessary conditional
if animationState evaluates to -1 or 0, it would end up in a conditional that assign its value to itself. Since this is redundant, it is better to remove this conditional, to avoid an extra check
2020-11-01 01:41:09 -05:00
Richard Hansen a95145d12c Merge branch 'master' into develop 2020-11-01 01:34:59 -05:00
Richard Hansen 2c8769a6fd Fix typo in session check (sesion -> session)
(cherry picked from commit 4332affba6)
2020-11-01 01:33:00 -05:00
Richard Hansen 2249b9ae19 SessionManager: Fix session expiration check
This bug was introduced in 8b0baa9679.

(cherry picked from commit 3886e95c83)
2020-11-01 01:33:00 -05:00
webzwo0i b67c9cc136
tests: Speed up and fix travis (#4453)
Various test runner fixes.
2020-10-30 10:40:11 +00:00
Richard Hansen b41d9762fa tests: Clear auth hooks before running import/export unit tests
Also fix some ESLint complaints.
2020-10-29 19:06:24 -04:00
Richard Hansen 03d8882383 tests: Clear auth hooks before running socket.io unit tests 2020-10-29 18:53:10 -04:00
Richard Hansen 4829bb8962 tests: Delete unnecessary `describe()` wrapper 2020-10-29 18:53:10 -04:00