Dan Brown [Sat, 21 Aug 2021 14:14:24 +0000 (15:14 +0100)]
Improved login redirect and setup experience
- Updated auth system for mfa to not update intended URL so that the
user is not redirected to mfa setup after eventual login.
- Added notification for users setting up MFA, after setup when
redirected back to login screen to advise that MFA setup was complete
but they need to login again.
- Updated some bits of wording to display better.
Dan Brown [Wed, 4 Aug 2021 19:48:23 +0000 (20:48 +0100)]
Fixed audit log user dropdown usability issue
User search input blur would trigger the submission of the search
filters which would cause strange thing where you'd click on a search
filtered user which would blur the input hence submit, but the user
would think they've clicked the user and the page would reload but the
input had not updated at that point.
Dan Brown [Mon, 2 Aug 2021 21:02:25 +0000 (22:02 +0100)]
Worked on MFA setup required flow
- Restructured some of the route naming to be a little more consistent.
- Moved the routes about to be more logically in one place.
- Created a new middleware to handle the auth of people that should be
allowed access to mfa setup routes, since these could be used by
existing logged in users or by people needing to setup MFA on access.
- Added testing to cover MFA setup required flow.
- Added TTL and method tracking to session last-login tracking system.
Dan Brown [Sun, 18 Jul 2021 15:52:31 +0000 (16:52 +0100)]
Added login redirect system to confirm/mfa
Also continued a bit on the MFA verification system.
Moved some MFA routes to public space using updated login service to get
the current user that is either logged in or last attempted login (With
correct creds).
Dan Brown [Fri, 16 Jul 2021 22:23:36 +0000 (23:23 +0100)]
Started on some MFA access-time checks
Discovered some difficult edge cases:
- User image loading in header bar when using local_secure storage
- 404s showing user-specific visible content due to content listing on
404 page since user is in semi-logged in state. Maybe need to go
through and change up how logins are handled to centralise and
provide us better control at login time to prevent any auth level.
Dan Brown [Sat, 3 Jul 2021 12:34:48 +0000 (13:34 +0100)]
Added role based MFA control
- Added new DB column for control and role updated create/update actions.
- Created new middleware as a start to actual enforcement logic.
- Added indicator to role list of whether MFA is enforced.
Dan Brown [Sat, 3 Jul 2021 10:53:46 +0000 (11:53 +0100)]
Fixed issue with translation loading without theme
System was using the empty state return from theme_path,
when no theme was configured, for loading in languages
which would result in the root path being looked up upon.
This changes the theme_path helper to return null in cases a theme
is not configured instead of empty string to help prevent assumed
return path will be legitimate, and to help enforce error case
handling.
Dan Brown [Sat, 26 Jun 2021 15:40:29 +0000 (16:40 +0100)]
Swapped PHPCS for StyleCI
Trying out StyleCI as an automated easy way to ensure code style is
consistent across the PHP codebase.
PHPCS+PHPCBF was good but I wouldn't run it enough then I'd get paranoid
about running it with pending PRs. Better to let the robots stay on top
of things.
Dan Brown [Wed, 23 Jun 2021 19:42:48 +0000 (20:42 +0100)]
Reviewed #2393, Removed image guessing and added testing
For review of meta tag additions as per PR #2393.
This commit removes any image guesswork and only uses images that have
been set by the author for the specific content.
This also adds tests to cover the expected OG tags.
Dan Brown [Tue, 22 Jun 2021 20:02:18 +0000 (21:02 +0100)]
Updated markdown export implementation
- Removed ZIP system for now, until the idea can be fleshed out.
- Added testing to cover.
- Upgraded used library.
- Added custom handling for BookStack callouts.
- Added HTML cleanup to better produce output for things like code
blocks.
Dan Brown [Sat, 5 Jun 2021 23:51:06 +0000 (00:51 +0100)]
Added back-end attachments-in-browser support
A query string will cause attachments to be provided inline
with an appropriate mime type.
Remaining actions:
- Tests
- Front-end functionality
- Config option?
Dan Brown [Wed, 2 Jun 2021 20:34:34 +0000 (21:34 +0100)]
Reviewed base64 image upload support
- Added test cases to cover.
- Altered parsing logic to be a little less reliant on regex.
- Added new iamge repo method for creating from data.
- Added extension validation and additional type support.
- Done some cleanup of common operations within PageContent.
- Added message to API docs/method to mention image usage.
Dan Brown [Sat, 29 May 2021 11:39:41 +0000 (12:39 +0100)]
Reviewed and refactored next/previous navigation button implementation
- Updated styling to include item name.
- Extracted used text to translations.
- Updated the design to better suit the surrounding blocks.
- Removed newly added model/repo methods.
- Moved core logic out of controller and instead into a "NextPreviousContentLocator"
helper with re-uses the output from the book-tree generation.
- Also added the system to chapters.
Dan Brown [Wed, 26 May 2021 16:09:56 +0000 (17:09 +0100)]
Added app logo to outgoing emails
Required changing the header bar of the email to be solid color to match
the configuration of the main app header since otherwise colors may not
work together.
Dan Brown [Wed, 26 May 2021 14:19:26 +0000 (15:19 +0100)]
Made users header interface more adaptable
Search input was stacking on create button on default desktop view
due when viewing in russian due to combined width exceeding container.
Made into normal flexbox instead.
Dan Brown [Mon, 24 May 2021 17:45:08 +0000 (18:45 +0100)]
Reviewed PR to add import user avatars va LDAP
- Reduced options to single new configuration paramter instead of two.
- Moved more logic into UserAvatars class.
- Updated LDAP avatar import to also run on login when no image is
currently set.
- Added thumbnail fetching to search requests.
- Added testing to cover.
Dan Brown [Mon, 24 May 2021 15:12:09 +0000 (16:12 +0100)]
Reviewed tag in seach work
- Refactored some tag code bits while reviewing.
- Updated tag design in search listing to be more subtle.
- Moved tags out of entity-list-item-basic template and instead moved
them into entity-list-item, below the existing content.
- Tweaked existing tag colors a little.
- Changed tag icon to be more tag-like.
- Added tag-on-search test case.
projects / bookstack / log