BookStack Code Mirror - bookstack/blobdiff

# BookStack

-A platform to create documentation/wiki content. General information about BookStack can be found at https://www.bookstackapp.com/

+[![GitHub release](https://img.shields.io/github/release/BookStackApp/BookStack.svg)](https://github.com/BookStackApp/BookStack/releases/latest)

+[![license](https://img.shields.io/badge/License-MIT-yellow.svg)](https://github.com/BookStackApp/BookStack/blob/master/LICENSE)

+[![Crowdin](https://badges.crowdin.net/bookstack/localized.svg)](https://crowdin.com/project/bookstack)

+[![Build Status](https://github.com/BookStackApp/BookStack/workflows/phpunit/badge.svg)](https://github.com/BookStackApp/BookStack/actions)

+[![Discord](https://img.shields.io/static/v1?label=Chat&message=Discord&color=738adb&logo=discord)](https://discord.gg/ztkBqR2)

-1. [Requirements](#requirements)

-2. [Installation](#installation)

- - [Server Rewrite Rules](#url-rewrite-rules)

-3. [Updating](#updating-bookstack)

-4. [Social Authentication](#social-authentication)

- - [Google](#google)

- - [GitHub](#github)

-5. [LDAP Authentication](#ldap-authentication)

-6. [Testing](#testing)

-7. [License](#license)

-8. [Attribution](#attribution)

+A platform for storing and organising information and documentation. Details for BookStack can be found on the official website at https://www.bookstackapp.com/.

+* [Installation Instructions](https://www.bookstackapp.com/docs/admin/installation)

+* [Documentation](https://www.bookstackapp.com/docs)

+* [Demo Instance](https://demo.bookstackapp.com)

+ * [Admin Login](https://demo.bookstackapp.com/[email protected]&password=password)

+* [BookStack Blog](https://www.bookstackapp.com/blog)

+* [Issue List](https://github.com/BookStackApp/BookStack/issues)

+* [Discord Chat](https://discord.gg/ztkBqR2)

-## Requirements

+## 📚 Project Definition

-BookStack has similar requirements to Laravel:

+BookStack is an opinionated wiki system that provides a pleasant and simple out of the box experience. New users to an instance should find the experience intuitive and only basic word-processing skills should be required to get involved in creating content on BookStack. The platform should provide advanced power features to those that desire it but they should not interfere with the core simple user experience.

-* PHP >= 5.5.9, Will need to be usable from the command line.

-* PHP Extensions: `OpenSSL`, `PDO`, `MBstring`, `Tokenizer`, `GD`

-* MySQL >= 5.6

-* Git (Not strictly required but helps manage updates)

-* [Composer](https://getcomposer.org/)

+BookStack is not designed as an extensible platform to be used for purposes that differ to the statement above.

-## Installation

+In regards to development philosophy, BookStack has a relaxed, open & positive approach. At the end of the day this is free software developed and maintained by people donating their own free time.

-Ensure the above requirements are met before installing. Currently BookStack requires its own domain/subdomain and will not work in a site subdirectory.

+## 🛣️ Road Map

-This project currently uses the `release` branch of this repository as a stable channel for providing updates.

+Below is a high-level road map view for BookStack to provide a sense of direction of where the project is going. This can change at any point and does not reflect many features and improvements that will also be included as part of the journey along this road map. For more granular detail of what will be included in upcoming releases you can review the project milestones as defined in the "Release Process" section below.

-The installation is currently somewhat complicated and will be made simpler in future releases. Some PHP/Laravel experience will currently benefit.

+- **Platform REST API** *(Base Implemented, In review and roll-out)*

+ - *A REST API covering, at minimum, control of core content models (Books, Chapters, Pages) for automation and platform extension.*

+- **Editor Alignment & Review**

+ - *Review the page editors with goal of achieving increased interoperability & feature parity while also considering collaborative editing potential.*

+- **Permission System Review**

+ - *Improvement in how permissions are applied and a review of the efficiency of the permission & roles system.*

+- **Installation & Deployment Process Revamp**

+ - *Creation of a streamlined & secure process for users to deploy & update BookStack with reduced development requirements (No git or composer requirement).*

-1. Clone the release branch of this repository into a folder.

+## 🚀 Release Versioning & Process

-```

-git clone https://github.com/ssddanbrown/BookStack.git --branch release --single-branch

-```

+BookStack releases are each assigned a version number, such as "v0.25.2", in the format `v<phase>.<feature>.<patch>`. A change only in the `patch` number indicates a fairly minor release that mainly contains fixes and therefore is very unlikely to cause breakages upon update. A change in the `feature` number indicates a release which will generally bring new features in addition to fixes and enhancements. These releases have a small chance of introducing breaking changes upon update so it's worth checking for any notes in the [update guide](https://www.bookstackapp.com/docs/admin/updates/). A change in the `phase` indicates a much large change in BookStack that will likely incur breakages requiring manual intervention.

-2. `cd` into the application folder and run `composer install`.

-3. Copy the `.env.example` file to `.env` and fill with your own database and mail details.

-4. Ensure the `storage`, `bootstrap/cache` & `public/uploads` folders are writable by the web server.

-5. In the application root, Run `php artisan key:generate` to generate a unique application key.

-6. If not using apache or if `.htaccess` files are disabled you will have to create some URL rewrite rules as shown below.

-7. Run `php artisan migrate` to update the database.

-8. Done! You can now login using the default admin details `[email protected]` with a password of `password`. It is recommended to change these details directly after first logging in.

+Each BookStack release will have a [milestone](https://github.com/BookStackApp/BookStack/milestones) created with issues & pull requests assigned to it to define what will be in that release. Milestones are built up then worked through until complete at which point, after some testing and documentation updates, the release will be deployed.

-#### URL Rewrite rules

+For feature releases, and some patch releases, the release will be accompanied by a post on the [BookStack blog](https://www.bookstackapp.com/blog/) which will provide additional detail on features, changes & updates otherwise the [GitHub release page](https://github.com/BookStackApp/BookStack/releases) will show a list of changes. You can sign up to be alerted to new BookStack blogs posts (once per week maximum) [at this link](http://eepurl.com/cmmq5j).

-**Apache**

-```

-Options +FollowSymLinks

-RewriteEngine On

+## 🛠️ Development & Testing

-RewriteCond %{REQUEST_FILENAME} !-d

-RewriteCond %{REQUEST_FILENAME} !-f

-RewriteRule ^ index.php [L]

-```

+All development on BookStack is currently done on the master branch. When it's time for a release the master branch is merged into release with built & minified CSS & JS then tagged at its version. Here are the current development requirements:

-**Nginx**

-```

-location / {

- try_files $uri $uri/ /index.php?$query_string;

-}

-```

-## Updating BookStack

+* [Node.js](https://nodejs.org/en/) v10.0+

+

+This project uses SASS for CSS development and this is built, along with the JavaScript, using a range of npm scripts. The below npm commands can be used to install the dependencies & run the build tasks:

-To update BookStack you can run the following command in the root directory of the application:

+``` bash

+# Install NPM Dependencies

+npm install

+

+# Build assets for development

+npm run build

+

+# Build and minify assets for production

+npm run production

+

+# Build for dev (With sourcemaps) and watch for changes

+npm run dev

```

-git pull origin release && composer install && php artisan migrate

+

+BookStack has many integration tests that use Laravel's built-in testing capabilities which makes use of PHPUnit. There is a `mysql_testing` database defined within the app config which is what is used by PHPUnit. This database is set with the database name, user name and password all defined as `bookstack-test`. You will have to create that database and that set of credentials before testing.

+

+The testing database will also need migrating and seeding beforehand. This can be done with the following commands:

+

+``` bash

+php artisan migrate --database=mysql_testing

+php artisan db:seed --class=DummyContentSeeder --database=mysql_testing

```

-This command will update the repository that was created in the installation, install the PHP dependencies using `composer` then run the database migrations.

-## Social Authentication

+Once done you can run `php vendor/bin/phpunit` in the application root directory to run all tests.

-BookStack currently supports login via both Google and GitHub. Once enabled options for these services will show up in the login, registration and user profile pages. By default these services are disabled. To enable them you will have to create an application on the external services to obtain the require application id's and secrets. Here are instructions to do this for the current supported services:

+### 📜 Code Standards

-### Google

+PHP code within BookStack is generally to [PSR-2](http://www.php-fig.org/psr/psr-2/) standards. From the BookStack root folder you can run `./vendor/bin/phpcs` to check code is formatted correctly and `./vendor/bin/phpcbf` to auto-fix non-PSR-2 code. Please don't auto-fix code unless it's related to changes you've made otherwise you'll likely cause git conflicts.

-1. Open the [Google Developers Console](https://console.developers.google.com/).

-2. Create a new project (May have to wait a short while for it to be created).

-3. Select 'Enable and manage APIs'.

-4. Enable the 'Google+ API'.

-5. In 'Credentials' choose the 'OAuth consent screen' tab and enter a product name ('BookStack' or your custom set name).

-6. Back in the 'Credentials' tab click 'New credentials' > 'OAuth client ID'.

-7. Choose an application type of 'Web application' and enter the following urls under 'Authorized redirect URIs', changing `https://example.com` to your own domain where BookStack is hosted:

- - `https://example.com/login/service/google/callback`

- - `https://example.com/register/service/google/callback`

-8. Click 'Create' and your app_id and secret will be displayed. Replace the false value on both the `GOOGLE_APP_ID` & `GOOGLE_APP_SECRET` variables in the '.env' file in the BookStack root directory with your own app_id and secret.

-9. Set the 'APP_URL' environment variable to be the same domain as you entered in step 7. So, in this example, it will be `https://example.com`.

-10. All done! Users should now be able to link to their social accounts in their account profile pages and also register/login using their Google accounts.

+### 🐋 Development using Docker

-### Github

+This repository ships with a Docker Compose configuration intended for development purposes. It'll build a PHP image with all needed extensions installed and start up a MySQL server and a Node image watching the UI assets.

-1. While logged in, open up your [GitHub developer applications](https://github.com/settings/developers).

-2. Click 'Register new application'.

-3. Enter an application name ('BookStack' or your custom set name), A link to your app instance under 'Homepage URL' and an 'Authorization callback URL' of the url that your BookStack instance is hosted on then click 'Register application'.

-4. A 'Client ID' and a 'Client Secret' value will be shown. Add these two values to the to the `GITHUB_APP_ID` and `GITHUB_APP_SECRET` variables, replacing the default false value, in the '.env' file found in the BookStack root folder.

-5. Set the 'APP_URL' environment variable to be the same domain as you entered in step 3.

-6. All done! Users should now be able to link to their social accounts in their account profile pages and also register/login using their Github account.

+To get started, make sure you meet the following requirements:

-## LDAP Authentication

+- Docker and Docker Compose are installed

+- Your user is part of the `docker` group

-BookStack can be configured to allow LDAP based user login. While LDAP login is enabled you cannot log in with the standard user/password login and new user registration is disabled. BookStack will only use the LDAP server for getting user details and for authentication. Data on the LDAP server is not currently editable through BookStack.

+If all the conditions are met, you can proceed with the following steps:

-When a LDAP user logs into BookStack for the first time their BookStack profile will be created and they will be given the default role set under the 'Default user role after registration' option in the application settings.

+1. **Copy `.env.example` to `.env`**, change `APP_KEY` to a random 32 char string and set `APP_ENV` to `local`.

+2. Make sure **port 8080 is unused** *or else* change `DEV_PORT` to a free port on your host.

+3. **Run `chgrp -R docker storage`**. The development container will chown the `storage` directory to the `www-data` user inside the container so BookStack can write to it. You need to change the group to your host's `docker` group here to not lose access to the `storage` directory.

+4. **Run `docker-compose up`** and wait until the image is built and all database migrations have been done.

+5. You can now login with `[email protected]` and `password` as password on `localhost:8080` (or another port if specified).

-To set up LDAP-based authentication add or modify the following variables in your `.env` file:

+If needed, You'll be able to run any artisan commands via docker-compose like so:

+ ```shell script

+docker-compose run app php artisan list

```

-# General auth

-AUTH_METHOD=ldap

-# The LDAP host, Adding a port is optional

-LDAP_SERVER=ldap://example.com:389

+The docker-compose setup runs an instance of [MailHog](https://github.com/mailhog/MailHog) and sets environment variables to redirect any BookStack-sent emails to MailHog. You can view this mail via the MailHog web interface on `localhost:8025`. You can change the port MailHog is accessible on by setting a `DEV_MAIL_PORT` environment variable.

-# The base DN from where users will be searched within.

-LDAP_BASE_DN=ou=People,dc=example,dc=com

+## 🌎 Translations

-# The full DN and password of the user used to search the server

-# Can both be left as false to bind anonymously

-LDAP_DN=false

-LDAP_PASS=false

+Translations for text within BookStack is managed through the [BookStack project on Crowdin](https://crowdin.com/project/bookstack). Some strings have colon-prefixed variables in such as `:userName`. Leave these values as they are as they will be replaced at run-time. Crowdin is the preferred way to provide translations, otherwise the raw translations files can be found within the `resources/lang` path.

-# A filter to use when searching for users

-# The user-provided user-name used to replace any occurrences of '${user}'

-LDAP_USER_FILTER=(&(uid=${user}))

+If you'd like a new language to be added to Crowdin, for you to be able to provide translations for, please [open a new issue here](https://github.com/BookStackApp/BookStack/issues/new?template=language_request.md).

-# Set the LDAP version to use when connecting to the server.

-LDAP_VERSION=false

-```

+Please note, translations in BookStack are provided to the "Crowdin Global Translation Memory" which helps BookStack and other projects with finding translations. If you are not happy with contributing to this then providing translations to BookStack, even manually via GitHub, is not advised.

-You will also need to have the php-ldap extension installed on your system. It's recommended to change your `APP_DEBUG` variable to `true` while setting up LDAP to make any errors visible. Remember to change this back after LDAP is functioning.

+## 🎁 Contributing, Issues & Pull Requests

-A user in BookStack will be linked to a LDAP user via a 'uid'. If a LDAP user uid changes it can be updated in BookStack by an admin by changing the 'External Authentication ID' field on the user's profile.

+Feel free to create issues to request new features or to report bugs & problems. Just please follow the template given when creating the issue.

-You may find that you cannot log in with your initial Admin account after changing the `AUTH_METHOD` to `ldap`. To get around this set the `AUTH_METHOD` to `standard`, login with your admin account then change it back to `ldap`. You get then edit your profile and add your LDAP uid under the 'External Authentication ID' field. You will then be able to login in with that ID.

+Pull requests are welcome. Unless a small tweak or language update, It may be best to open the pull request early or create an issue for your intended change to discuss how it will fit in to the project and plan out the merge. Just because a feature request exists, or is tagged, does not mean that feature would be accepted into the core project.

-## Development & Testing

+Pull requests should be created from the `master` branch since they will be merged back into `master` once done. Please do not build from or request a merge into the `release` branch as this is only for publishing releases. If you are looking to alter CSS or JavaScript content please edit the source files found in `resources/assets`. Any CSS or JS files within `public` are built from these source files and therefore should not be edited directly.

-All development on BookStack is currently done on the master branch. When it's time for a release the master branch is merged into release with built & minified CSS & JS then tagged at it's version. Here are the current development requirements:

+The project's code of conduct [can be found here](https://github.com/BookStackApp/BookStack/blob/master/.github/CODE_OF_CONDUCT.md).

-* [Node.js](https://nodejs.org/en/) **Development Only**

-* [Gulp](http://gulpjs.com/) **Development Only**

+## 🔒 Security

-SASS is used to help the CSS development and the JavaScript is run through browserify/babel to allow for writing ES6 code. Both of these are done using gulp.

+Security information for administering a BookStack instance can be found on the [documentation site here](https://www.bookstackapp.com/docs/admin/security/).

-BookStack has many integration tests that use Laravel's built-in testing capabilities which makes use of PHPUnit. To use you will need PHPUnit installed and accessible via command line. There is a `mysql_testing` database defined within the app config which is what is used by PHPUnit. This database is set with the following database name, user name and password defined as `bookstack-test`. You will have to create that database and credentials before testing.

+If you'd like to be notified of new potential security concerns you can [sign-up to the BookStack security mailing list](http://eepurl.com/glIh8z).

-The testing database will also need migrating and seeding beforehand. This can be done with the following commands:

+If you would like to report a security concern in a more confidential manner than via a GitHub issue, You can directly email the lead maintainer [ssddanbrown](https://github.com/ssddanbrown). You will need to login to be able to see the email address on the [GitHub profile page](https://github.com/ssddanbrown). Alternatively you can send a DM via twitter to [@ssddanbrown](https://twitter.com/ssddanbrown).

-```

-php artisan migrate --database=mysql_testing

-php artisan db:seed --class=DummyContentSeeder --database=mysql_testing

-```

+## ♿ Accessibility

+

+We want BookStack to remain accessible to as many people as possible. We aim for at least WCAG 2.1 Level A standards where possible although we do not strictly test this upon each release. If you come across any accessibility issues please feel free to open an issue.

+

+## 🖥️ Website, Docs & Blog

+

+The website which contains the project docs & Blog can be found in the [BookStackApp/website](https://github.com/BookStackApp/website) repo.

+

+## ⚖️ License

-Once done you can run `phpunit` (or `./vendor/bin/phpunit` if `phpunit` is not found) in the application root directory to run all tests.

+The BookStack source is provided under the MIT License. The libraries used by, and included with, BookStack are provided under their own licenses.

-## License

+## 👪 Attribution

-BookStack is provided under the MIT License.

+The great people that have worked to build and improve BookStack can [be seen here](https://github.com/BookStackApp/BookStack/graphs/contributors).

-## Attribution

+The wonderful people that have provided translations, either through GitHub or via Crowdin [can be seen here](https://github.com/BookStackApp/BookStack/blob/master/.github/translators.txt).

-These are the great projects used to help build BookStack:

+These are the great open-source projects used to help build BookStack:

* [Laravel](http://laravel.com/)

-* [AngularJS](https://angularjs.org/)

-* [jQuery](https://jquery.com/)

* [TinyMCE](https://www.tinymce.com/)

-* [highlight.js](https://highlightjs.org/)

-* [jQuery Sortable](https://johnny.github.io/jquery-sortable/)

-* [Material Design Iconic Font](http://zavoloklom.github.io/material-design-iconic-font/icons.html)

+* [CodeMirror](https://codemirror.net)

+* [Sortable](https://github.com/SortableJS/Sortable)

+* [Google Material Icons](https://material.io/icons/)

* [Dropzone.js](http://www.dropzonejs.com/)

-* [ZeroClipboard](http://zeroclipboard.org/)

+* [clipboard.js](https://clipboardjs.com/)

+* [markdown-it](https://github.com/markdown-it/markdown-it) and [markdown-it-task-lists](https://github.com/revin/markdown-it-task-lists)

+* [BarryVD](https://github.com/barryvdh)

+ * [Debugbar](https://github.com/barryvdh/laravel-debugbar)

+ * [Dompdf](https://github.com/barryvdh/laravel-dompdf)

+ * [Snappy (WKHTML2PDF)](https://github.com/barryvdh/laravel-snappy)

+ * [Laravel IDE helper](https://github.com/barryvdh/laravel-ide-helper)

+* [WKHTMLtoPDF](http://wkhtmltopdf.org/index.html)

+* [diagrams.net](https://github.com/jgraph/drawio)

+* [Laravel Stats](https://github.com/stefanzweifel/laravel-stats)

+* [OneLogin's SAML PHP Toolkit](https://github.com/onelogin/php-saml)