public-offering
/
pad.pub0.org
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
5,762 Commits
190 Branches
71 Tags
55 MiB
Commit Graph

5762 Commits (b5cf3cf7188c8151d7846ce34137e89696e20525)

Author SHA1 Message Date
Viljami Kuosmanen 3edd727a94 customError: rewrite the module using class syntax 
The previous syntax caused a deprecation warning on Node 10.
However, due to the very old version of log4js Etherpad is currently using,
customError objects are going to be displayed as { inspect: [Function: inspect] }.

This needs to be addressed later, updating log4js.

Fixes #3834.
 2020-04-07 02:03:17 +02:00
muxator e6251687bf api: test coverage for getStats() 2020-04-04 22:03:46 +02:00
muxator 4ef59bbda0 api: in getStats(), directly rewrote activePads as an expression 
Instead of creating an empty Set and then mutate it.
 2020-04-04 22:03:46 +02:00
Chocobozzz 82b919fc65 api: add getStats() function 2020-04-04 22:03:46 +02:00
John McLear eb45934788 remove noise 2020-04-03 11:32:14 +01:00
John McLear 4e212d12b2 patch fix for 3825 2020-04-03 11:32:14 +01:00
Chocobozzz 0889a1313d referer: do not send referrer when opening a link 
This change augments what was already done in 54e0f2de5b (PR with discussion
at #3636).

For documentation about the meaning of "noopener, noreferrer", see:
https://developer.mozilla.org/en-US/docs/Web/API/Window/open#Window_functionality_features
 2020-03-31 10:02:46 +02:00
John McLear cdf5b63f26 use a deletePad approach that works when server is running and works with MySQL 2020-04-03 03:31:18 +02:00
John McLear 93180c287b
tests: in Travis, also run the backend tests 
This change introduces automatic execution of the backend tests in Travis.

Implements #2351.
 2020-04-03 03:27:05 +02:00
John McLear c2ea2b3a6d webaccess: do not resave session 
Before this change, the database was spammed with session values.
Modern express-session has this baked in.
See https://www.npmjs.com/package/express-session#resave for docs.
 2020-04-03 02:55:33 +02:00
John McLear 1f0058dd6f interesting discovery RE 3612 and 2802 2020-04-03 02:40:59 +02:00
muxator 3a46e010ce dependencies: bump ueberdb2 0.4.3 -> 0.4.5 
Original message from John McLear (PR #3817):
  We now include BINARY in the MySQL WHERE select clause.
  Test coverage might be desirable?

Fixes #2877
 2020-04-03 01:27:49 +02:00
Viljami Kuosmanen ccf406708e openapi: support standard http error codes 
API errors are now handled at the end of the request heap by
throwing exceptions from the handler
 2020-04-03 01:03:11 +02:00
Viljami Kuosmanen 3742fdfb04 openapi: disable cors headers for /api/** paths 
Still enabled for /rest/** and **/openapi.json
 2020-04-03 01:03:11 +02:00
Viljami Kuosmanen 6aa30f213a openapi: add jsonp support + test 2020-04-03 01:03:11 +02:00
Viljami Kuosmanen e821bbcad8 openapi: add documentation, small optimisation 2020-04-03 01:03:11 +02:00
Viljami Kuosmanen c2cca39c7d openapi: minor improvements 2020-04-03 01:03:11 +02:00
Viljami Kuosmanen 172da1483e openapi: add commented out version of response processors 
For some weird reason, these seem to be part of the original swagger
implementation but tests assume they're turned off.

Perhaps a difference between /rest and /api?
 2020-04-03 01:03:11 +02:00
Viljami Kuosmanen 5792f7224a openapi: add response objects 2020-04-03 01:03:11 +02:00
Viljami Kuosmanen 03d8964a7a openapi: upgrade to openapi-backend 2.4.0 2020-04-03 01:03:11 +02:00
Viljami Kuosmanen f9d24f5a39 openapi: remove swagger-node-express 2020-04-03 01:03:11 +02:00
Viljami Kuosmanen 25e081ac89 openapi: implement API handler with openapi-backend 
- Tests pass 
- Added openapi-backend hook
- Generating OpenAPI v3 definitions for each API version
- Definitions served /api/openapi.json /api/{version}/openapi.json
 2020-04-03 01:03:11 +02:00
John McLear dbab4ad13a dont pass empty author info to edit 2020-04-02 23:29:03 +01:00
muxator 3e3b0dec97 package-lock: restore baseline package-lock.json after 4db91cb2ed 
This amends the previous commit, ans should have been part of 4db91cb2ed.
 2020-04-02 22:58:38 +02:00
John McLear 0a606de44a bump package lock for ueber 2020-04-01 15:24:24 +00:00
John McLear 4db91cb2ed
Bump Ueber to 0.4.3 2020-04-01 11:49:41 +01:00
muxator b7ac0f7991 Settings: allow the existence of "password" and "hash" attributes for users. 
This brings back compatibility with ep_hash_auth, which was inadvertently broken
with 28a3bba4c1.
Based on work by John McLear.

Fixes #3681.
 2020-04-01 04:13:21 +02:00
John McLear 53f126082a SessionStore: replace password with PASSWORD_HIDDEN when storing in db 
Fixes #3421.
 2020-04-01 03:39:05 +02:00
Daniel Krol 3e8b426847 ui: initialize color picker with the user's color 
Initialize the color picker with user's current color.
Was previously initialized with grey in Farbtastic library.

Fixes #3617
 2020-04-01 02:34:56 +02:00
Daniel Krol ac9d7f80cc tests: add tests showing that the color chooser is not initialized with the user's color 
When opening the color chooser after a page load, the selected color is always
gray, and not the user's color.
 2020-04-01 02:34:56 +02:00
John McLear b74a4819ae
beta.etherpad.org been down a while 
Sorry about the direct commit 🍡
 2020-03-31 19:54:46 +01:00
muxator 4ee5ddb496 caching_midleware: also run when nodejs does not have crypto module 
According to the nodejs docs [0] the `crypto` module might be unavailable on
some platforms:

> It is possible for Node.js to be built without including support for the
> crypto module. In such cases, calling require('crypto') will result in an
> error being thrown

A description of such scenarios can be found here [1].

> * running non-standard node in a resource- or security-constrained
>   environment
> * running in emulated environment (browserify, webpack etc.)
> * building node from source and omitting openssl/crypto for random reason

TypeScript guys dealt with this same issue and they resolved it in an elegant
way in [2].

We copy that approach here: if importing crypto fails at runtime, we replace
sha256 with djb2 [3], which is weaker, but works for our case.

The djb2 story is fun: see this Stack Overflow post [4], and the original
mailing list post from 1991 [5] by Daniel J. Bernstein [6].

He was 20 at the time!

[0] https://nodejs.org/docs/latest-v10.x/api/crypto.html#crypto_determining_if_crypto_support_is_unavailable
[1] https://github.com/microsoft/TypeScript/issues/19100#issuecomment-335871998
[2] 9677b0641c
[3] http://www.cse.yorku.ca/~oz/hash.html#djb2
[4] https://stackoverflow.com/questions/1579721/why-are-5381-and-33-so-important-in-the-djb2-algorithm
[5] https://groups.google.com/forum/#!msg/comp.lang.c/lSKWXiuNOAk/zstZ3SRhCjgJ
[6] https://en.wikipedia.org/wiki/Daniel_J._Bernstein
 2020-03-31 04:09:49 +02:00
Tom Hudson fc754c9a1d Switches cacheKey from base64 of path to sha256 of path; fixes #3502 2020-03-31 02:42:58 +02:00
John McLear 6c12a7fb1f tests: backend tests for utf8 & emojis support 2020-03-31 02:11:25 +02:00
John McLear 352b432ed1 tests: in backend tests, use POST instead of GET for setText() and setHTML() 
This is allowed starting from fc661ee13a ("core: allow URL parameters and POST
bodies to co-exist"), which landed in Etherpad 1.8.0. For the discussion, see
issue #3568.
 2020-03-31 02:11:25 +02:00
muxator b2dc446740 tests: typo in a comment in the backend tests 2020-03-31 02:11:25 +02:00
John McLear 25bf460ac6 chat: in addMessage(), be tolerant when userId is missing 
For whatever reason (a bug, a database corruption, ...) the userId field in
"msg" can sometimes be missing.

In this case, let's be defensive, use "unknown" as userId and issue a warning
in the console, instead of crashing the client.

Fixes #3731 (really a patch, the underlying issue is still present)
 2020-03-30 22:15:51 +02:00
John McLear fa3e4b146a settings: document the possibility of using Unix sockets 
We have been supporting Unix sockets by ages, because express.listen()
(http://expressjs.com/en/4x/api.html#app.listen_path_callback) re-exposes
net.server.listen() (https://nodejs.org/api/net.html#net_server_listen), which
in turn supports Unix sockets.

The only remaining thing to do was documenting it.

Fixes #3312
 2020-03-30 03:36:55 +02:00
John McLear 85217b55e0 contentcollector: pasting an OL in Chrome inserted an additional line break. Fixed. 
This comments out some code that was probably a quirk from ie6 era.
See PR: https://github.com/ether/etherpad-lite/issues/2412

Fixes #2412.
 2020-03-30 02:28:08 +02:00
John McLear 8b2fe75867 toolbar: don't show the "saved revision" button in timeslider 
The saved revision "star" button appeared in the timeslider toolbar too.

This change introduces a second flag "page" in toolbar.menu(), which controls
whether the toolbar is being drawn for a pad or in the timeslider page.

Fixes #3767.
 2020-03-30 01:59:49 +02:00
John McLear 0d2854571d toolbar: show the "save revision" button only on the right toolbar. 
Revision b480416375 fixed a bug, but introduced a regression, and the "save
revision" "star" button started to appear both on the left and the right
toolbar.

This change introduces a flag "whichMenu" in toolbar.menu(), that controls
whether the left, the right or the timeslider toolbar is being drawn.
 2020-03-30 01:59:49 +02:00
muxator 463d7fb163 timeslider: always pass the "isReadOnly" parameter to toolbar.menu() 
This argument was missing since since b662d5c618 ("dont show editing buttons
in R/O view"), 2015-05-19.
 2020-03-30 01:59:49 +02:00
muxator 2360c33629 toolbar: formatting, no functional changes. 
In preparation for the next commits by John.
 2020-03-30 01:59:49 +02:00
muxator 4a17443a2e tests: future proof travis/runner.sh and make it more robust 
This change only slightly modifies the bahaviour of travis/runner.sh, but:

1. speeds up the tests, because it does not install dependencies before running
   them. Dependencies are already installed by .travis.yml in its "install"
   section;
2. if for some reason Etherpad does not start, there is a sudden failure,
   instead of launching the front end tests anyway, and then having to wait 10
   minutes for them to time out;
3. it is compatible with a different way of installing etherpad dependencies
   ("npm ci" instead of "npm install"), whereas the previous one broke. This
   will probably be introduced in a while, so this change future-proofs for it
   (see #3778).
4. it is more robust, because it detects more reliably the paths, and changes
   between them correctly;

Please note that the script now requires bash instead of a generic posix shell.
This may break on platforms which default to a different shell (FreeBSD, MacOS?)
 2020-03-29 23:59:28 +02:00
muxator 2b753f13ea package-lock.json: resync. This should have been part of 06d961f2b6 ("Checks MySQL for charset") 
When changing something in package.json, it is necessary to also commit an
associated package-lock.json generated from a clean install.
 2020-03-29 01:35:30 +01:00
muxator a181ea8fbe bin: replace double backticks (``) with $() 
This has been the recommended way of launching subshells for ages, and is easier
to type and on the eye.

For a quick reference, see:
https://unix.stackexchange.com/questions/5778/whats-the-difference-between-stuff-and-stuff#5782
 2020-03-29 00:53:17 +01:00
John McLear 1ad6e9c288 Settings: when restarting via UI, tell the admins to ignore a warning about sessionKey 
Fixes #3770.
 2020-03-28 19:09:22 +01:00
Neil Oosten 7a999ee398 hooks: allow to set the duration of the gritter notification when a new chat message arrives 
This is done adding a new "duration" parameter to the chatNewMessage() client
side hook.
 2020-03-27 02:39:29 +01:00
muxator 8a01a5e437 doc: fix numbering in chatNewMessage() client hook parameters 
This was originally introduced in bcb92f25a6 ("Refactor chat notifications and
the chatNewMessage hook") from 2013-03-19.
 2020-03-27 02:39:29 +01:00
John McLear 14ae2ee950 checkPadDeltas: version by JohnMcLear 
From https://github.com/ether/etherpad-lite/pull/3717#issuecomment-602179127

> Afaik I used async / await that's pretty much all, I think I had to do some
> polish because something was broken, remember stuff like pad.getPadAuthors was
> b0rked in 1.7 or so
 2020-03-27 01:50:56 +01:00