Minor capitalisation fix for Estonian

New Crowdin updates (#3005)

* New translations settings.php (Spanish, Argentina)

* New translations settings.php (Polish)

* New translations settings.php (Estonian)

* New translations errors.php (Spanish, Argentina)

* New translations settings.php (Japanese)

* New translations activities.php (German Informal)

* New translations auth.php (German Informal)

* New translations settings.php (French)

* New translations settings.php (Spanish)

* New translations settings.php (Arabic)

* New translations settings.php (Bulgarian)

* New translations settings.php (Catalan)

* New translations settings.php (Norwegian Bokmal)

* New translations settings.php (German Informal)

* New translations settings.php (Bosnian)

* New translations settings.php (Czech)

* New translations settings.php (Slovak)

* New translations settings.php (Danish)

* New translations settings.php (German)

* New translations settings.php (Hebrew)

* New translations settings.php (Hungarian)

* New translations settings.php (Italian)

* New translations settings.php (Korean)

* New translations settings.php (Lithuanian)

* New translations settings.php (Dutch)

* New translations settings.php (Portuguese)

* New translations settings.php (Russian)

* New translations settings.php (Slovenian)

* New translations settings.php (Latvian)

* New translations settings.php (Swedish)

* New translations settings.php (Turkish)

* New translations settings.php (Ukrainian)

* New translations settings.php (Chinese Simplified)

* New translations settings.php (Chinese Traditional)

* New translations settings.php (Vietnamese)

* New translations settings.php (Portuguese, Brazilian)

* New translations settings.php (Indonesian)

* New translations settings.php (Persian)

* New translations settings.php (Croatian)

* New translations validation.php (German Informal)

Updated translators before v21.10 release

Added estonian to language logic

New Crowdin updates (#2983)

* New translations auth.php (Polish)

* New translations common.php (Polish)

* New translations entities.php (Polish)

* New translations auth.php (Polish)

* New translations common.php (Polish)

* New translations settings.php (Polish)

* New translations validation.php (Polish)

* New translations activities.php (Estonian)

* New translations auth.php (Estonian)

* New translations common.php (Estonian)

* New translations components.php (Estonian)

* New translations entities.php (Estonian)

* New translations errors.php (Estonian)

* New translations pagination.php (Estonian)

* New translations passwords.php (Estonian)

* New translations settings.php (Estonian)

* New translations validation.php (Estonian)

* New translations activities.php (Estonian)

* New translations activities.php (Estonian)

* New translations auth.php (Estonian)

* New translations common.php (Estonian)

* New translations components.php (Estonian)

* New translations entities.php (Estonian)

* New translations pagination.php (Estonian)

* New translations passwords.php (Estonian)

* New translations entities.php (Estonian)

* New translations errors.php (Estonian)

* New translations validation.php (Estonian)

* New translations settings.php (Estonian)

* New translations auth.php (Estonian)

* New translations entities.php (Estonian)

* New translations passwords.php (Estonian)

* New translations settings.php (Estonian)

* New translations auth.php (Estonian)

* New translations entities.php (Estonian)

* New translations errors.php (Estonian)

* New translations settings.php (Estonian)

* New translations settings.php (Estonian)

* New translations errors.php (German)

* New translations errors.php (Portuguese, Brazilian)

* New translations errors.php (Swedish)

* New translations errors.php (Turkish)

* New translations errors.php (Ukrainian)

* New translations errors.php (Chinese Simplified)

* New translations errors.php (Chinese Traditional)

* New translations errors.php (Vietnamese)

* New translations errors.php (Indonesian)

* New translations errors.php (Slovak)

* New translations errors.php (Persian)

* New translations errors.php (Spanish, Argentina)

* New translations errors.php (Croatian)

* New translations errors.php (Latvian)

* New translations errors.php (Bosnian)

* New translations errors.php (Norwegian Bokmal)

* New translations errors.php (Slovenian)

* New translations errors.php (Russian)

* New translations errors.php (Estonian)

* New translations errors.php (Danish)

* New translations errors.php (French)

* New translations errors.php (Spanish)

* New translations errors.php (Arabic)

* New translations errors.php (Bulgarian)

* New translations errors.php (Catalan)

* New translations errors.php (Czech)

* New translations errors.php (Hebrew)

* New translations errors.php (Portuguese)

* New translations errors.php (Hungarian)

* New translations errors.php (Italian)

* New translations errors.php (Japanese)

* New translations errors.php (Korean)

* New translations errors.php (Lithuanian)

* New translations errors.php (Dutch)

* New translations errors.php (Polish)

* New translations errors.php (German Informal)

* New translations errors.php (Spanish)

* New translations auth.php (Estonian)

* New translations entities.php (Estonian)

* New translations errors.php (Estonian)

* New translations activities.php (Japanese)

* New translations activities.php (Japanese)

* New translations auth.php (Japanese)

* New translations components.php (Japanese)

* New translations passwords.php (Japanese)

* New translations errors.php (Estonian)

* New translations settings.php (Estonian)

* New translations validation.php (Estonian)

* New translations errors.php (French)

* New translations activities.php (Japanese)

* New translations settings.php (Japanese)

* New translations entities.php (Japanese)

* New translations settings.php (Japanese)

* New translations common.php (Japanese)

* New translations settings.php (Japanese)

* New translations settings.php (Japanese)

* New translations entities.php (Japanese)

* New translations settings.php (Japanese)

* New translations settings.php (Japanese)

* New translations entities.php (Japanese)

* New translations settings.php (Japanese)

* New translations common.php (Japanese)

* New translations errors.php (Polish)

* New translations auth.php (Estonian)

* New translations components.php (Estonian)

* New translations entities.php (Estonian)

* New translations validation.php (Estonian)

* New translations errors.php (Estonian)

* New translations settings.php (Estonian)

* New translations errors.php (Chinese Simplified)

* New translations auth.php (Japanese)

* New translations auth.php (Japanese)

* New translations common.php (Japanese)

* New translations entities.php (Japanese)

* New translations errors.php (Italian)

* New translations common.php (Japanese)

* New translations auth.php (Italian)

* New translations entities.php (Italian)

* New translations entities.php (Japanese)

* New translations settings.php (Japanese)

* New translations common.php (Japanese)

* New translations entities.php (Japanese)

* New translations entities.php (Estonian)

* New translations settings.php (Estonian)

* New translations validation.php (Japanese)

* New translations errors.php (Japanese)

* New translations validation.php (Japanese)

* New translations auth.php (Japanese)

* New translations settings.php (Japanese)

* New translations activities.php (Indonesian)

* New translations auth.php (Indonesian)

* New translations validation.php (Estonian)

* New translations settings.php (Estonian)

Tweaked sidepart list item padding, Review of #3000

- Scoped padding change to just entity-list-items within the sidebar
  side reduction of right-hand-padding to zero was causing other
  entity-list-items, such as those in the homepage listing, would then
  have no padding.
- Updated styles to use css logical properties to retain support for RTL
  languages such as Arabic, where the whole interface flips around.
  Related: https://css-tricks.com/css-logical-properties-and-values/

Merge branch 'fix_sidebar_css' of https://github.com/ffranchina/BookStack into ffranchina-fix_sidebar_css

Reviewed SAML SLS changes for ADFS, #2902

- Migrated env usages to config.
- Removed potentially unneeded config options or auto-set signed options
  based upon provision of certificate.
- Aligned SP certificate env option naming with similar IDP option.

Tested via AFDS on windows server 2019. To test on other providers.

Fixes padding issues of the sidebar's items

Merge branch 'master' of https://github.com/theodor-franke/BookStack into theodor-franke-master

Applied styleci changes

Merge pull request #2996 from BookStackApp/saml2_acs_session

Updated SAML ACS post to retain user session

Updated SAML ACS post to retain user session

Session was being lost due to the callback POST request cookies
not being provided due to samesite=lax. This instead adds an additional
hop in the flow to route the request via a GET request so the session is
retained. SAML POST data is stored encrypted in cache via a unique ID
then pulled out straight afterwards, and restored into POST for the SAML
toolkit to validate.

Updated testing to cover.

Applied latest changes from styleCI

Merge pull request #2986 from BookStackApp/attachments_api

Attachments API

Adjusted API docs table

Added attachment API examples during manual testing

Added TestCase for attachments API methods

Fixed bug report yaml formatting

Update support_request.yml

Converted issues templates to forms

Added support request template

Update language_request.yml

Delete language_request.md

Create language_request.yml

Build out core attachments API controller

Related to #2942

Added phpseclib to readme

Added base64 image extraction to markdown page content

- Included tests to cover.
- Manually tested via API update and interface page update.

Closes #2898

Applied latest styles changes from style CI

Merge branch 'oidc'

Updated readme with latest version info

Also updated version file to be current

New Crowdin updates (#2980)

* New translations entities.php (Spanish, Argentina)

* New translations activities.php (Spanish, Argentina)

* New translations auth.php (Spanish, Argentina)

* New translations settings.php (Spanish, Argentina)

* New translations validation.php (Spanish, Argentina)

* New translations auth.php (Spanish, Argentina)

Applied latest styleci changes

Updated php dependancies

Fixed guest user email showing in TOTP setup url

- Occured during enforced MFA setup upon login.
- Added test to cover.

Fixes #2971

Merge pull request #2977 from BookStackApp/custom_debug_view

Added custom whoops-based debug view

Added testing to cover debug view

Added custom whoops-based debug view

Provides a simple bookstack focused view that does not rely on JavaScript.
Contains links to BookStack specific resources in addition to commonly
desired debug details.

Fixed lack of oidc discovery filtering during testing

Tested oidc system on okta, Keycloak & Auth0

Fleshed out testing for OIDC system

Renamed OIDC files to all be aligned

Added OIDC basic autodiscovery support

Added further OIDC core class testing

Added positive test case for OIDC implementation

- To continue coverage and spec cases next.

Got OIDC custom solution to a functional state

- Validation of all key/token elements now in place.
- Signing key system updated to work with jwk-style array or with
  file:// path to pem key.

Added token and key handling elements for oidc jwt

- Got basic signing support and structure checking done.
- Need to run through actual claim checking before providing details
  back to app.

Merge pull request #2965 from Haxatron/master

Update DOMPDF chroot directory

Started on a custom oidc oauth provider

Update dompdf.php

base_path => public_path

Added throttling to password reset requests

Updated translator attribution before release v21.08.5

Applied changes from styleci

New Crowdin updates (#2953)

* New translations settings.php (Chinese Simplified)

* New translations entities.php (Slovak)

* New translations entities.php (Portuguese, Brazilian)

* New translations entities.php (Slovenian)

* New translations entities.php (Swedish)

* New translations entities.php (Turkish)

* New translations entities.php (Ukrainian)

* New translations entities.php (Chinese Simplified)

* New translations entities.php (Chinese Traditional)

* New translations entities.php (Indonesian)

* New translations entities.php (Portuguese)

* New translations entities.php (Persian)

* New translations entities.php (Spanish, Argentina)

* New translations entities.php (Croatian)

* New translations entities.php (Latvian)

* New translations entities.php (Bosnian)

* New translations entities.php (Norwegian Bokmal)

* New translations entities.php (Russian)

* New translations entities.php (Polish)

* New translations entities.php (Vietnamese)

* New translations entities.php (Danish)

* New translations entities.php (French)

* New translations entities.php (Spanish)

* New translations entities.php (Arabic)

* New translations entities.php (Bulgarian)

* New translations entities.php (Catalan)

* New translations entities.php (Czech)

* New translations entities.php (German)

* New translations entities.php (Dutch)

* New translations entities.php (Hebrew)

* New translations entities.php (Hungarian)

* New translations entities.php (Italian)

* New translations entities.php (Japanese)

* New translations entities.php (Korean)

* New translations entities.php (Lithuanian)

* New translations entities.php (German Informal)

* New translations entities.php (French)

* New translations entities.php (Spanish)

* New translations settings.php (Czech)

* New translations entities.php (Czech)

* New translations activities.php (Czech)

* New translations auth.php (Czech)

* New translations common.php (Czech)

* New translations validation.php (Czech)

* New translations entities.php (Portuguese)

* New translations settings.php (Portuguese)

* New translations entities.php (Portuguese)

* New translations activities.php (Portuguese)

* New translations auth.php (Portuguese)

* New translations common.php (Portuguese)

* New translations validation.php (Portuguese)

* New translations entities.php (Chinese Simplified)

* New translations entities.php (Chinese Simplified)

* New translations activities.php (Ukrainian)

* New translations activities.php (Ukrainian)

Added testing to cover work done in last commit

Relevant to comments in 7224fbcc89f00f2b71644e36bb1b1d96addd1d5a.
Added test cases. Ensured they failed pre-commit.
Also tested a range of the altered endpoints manually on both local and
s3-like filesystems.

Added protections against path traversal in file system operations

- Files within the storage/ path could be accessed via path traversal
  references in content, accessed upon HTML export.
- This addresses this via two layers:
  - Scoped local flysystem filesystems down to the specific image &
    file folders since flysystem has built-in checking against the
    escaping of the root folder.
  - Added path normalization before enforcement of uploads/{images,file}
    prefix to prevent traversal at a path level.

Thanks to @Haxatron via huntr.dev for discovery and reporting.
Ref: https://huntr.dev/bounties/ac268a17-72b5-446f-a09a-9945ef58607a/

Fixed search query issues when table prefixes are used

- Old raw select query was causing bad select clause in query
  when table prefixes were active.

Forced response cache revalidation on logged-in responses

- Prevents authenticated responses being visible when back button
  pressed in browser.
- Previously, 'no-cache, private' was added by default by Symfony which
  would have prevents proxy cache issues but this adds no-store and a
  max-age option to also invalidate all caching.

Thanks to @haxatron via huntr.dev
Ref: https://huntr.dev/bounties/6cda9df9-4987-4e1c-b48f-855b6901ef53/

Continued review of #2169

- Removed uneeded custom refresh or logout actions for OIDC.
- Restructured how the services and guards are setup for external auth
  systems. SAML2 and OIDC now directly share a lot more logic.
- Renamed any OpenId references to OIDC or OpenIdConnect
- Removed non-required CSRF excemption for OIDC

Not tested, Come to roadblock due to lack of PHP8 support in upstream
dependancies. Certificate was deemed to be non-valid on every test
attempt due to changes in PHP8.

Started refactor for merge of OIDC

- Made oidc config more generic to not be overly reliant on the library
  based upon learnings from saml2 auth.
- Removed any settings that are redundant or not deemed required for
  initial implementation.
- Reduced some methods down where not needed.
- Renamed OpenID to OIDC
- Updated .env.example.complete to align with all options and their
  defaults

Related to #2169

Merge branch 'openid' of https://github.com/jasperweyne/BookStack into jasperweyne-openid

Merge pull request #2957 from BookStackApp/dependabot/composer/composer/composer-2.1.9

Bump composer/composer from 2.1.8 to 2.1.9

Bump composer/composer from 2.1.8 to 2.1.9

Bumps [composer/composer](https://github.com/composer/composer) from 2.1.8 to 2.1.9.
- [Release notes](https://github.com/composer/composer/releases)
- [Changelog](https://github.com/composer/composer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/composer/composer/compare/2.1.8...2.1.9)

---
updated-dependencies:
- dependency-name: composer/composer
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <redacted>

Reviewed and refactored additional editor draft save warnings

- Added testing to cover warning cases.
- Refactored logic to be simpler and move much of the business out of
  the controller.
- Added new message that's more suitable to the case this was handling.
- For detecting an outdated draft, checked the draft created_at time
  instead of updated_at to better fit the scenario being checked.
- Updated some method types to align with those potentially being used
  in the logic of the code.
- Added a cache of shown messages on the front-end to prevent them
  re-showing on every save during the session, even if dismissed.

Merge branch 'conflict_warnings' of https://github.com/MatthieuParis/BookStack into MatthieuParis-conflict_warnings

Updated translator attribution before release v21.08.4

New Crowdin updates (#2926)

* New translations settings.php (French)

* New translations auth.php (French)

* New translations settings.php (French)

* New translations entities.php (French)

* New translations activities.php (French)

* New translations common.php (French)

* New translations entities.php (French)

* New translations common.php (French)

* New translations components.php (French)

* New translations settings.php (French)

* New translations auth.php (French)

* New translations settings.php (Russian)

* New translations validation.php (Russian)

* New translations settings.php (Russian)

* New translations auth.php (Russian)

* New translations settings.php (Russian)

* New translations auth.php (Russian)

* New translations entities.php (French)

* New translations auth.php (French)

* New translations entities.php (French)

* New translations auth.php (French)

* New translations settings.php (French)

* New translations validation.php (French)

* New translations settings.php (French)

* New translations entities.php (French)

* New translations errors.php (French)

* New translations passwords.php (French)

* New translations settings.php (French)

* New translations entities.php (French)

* New translations settings.php (French)

* New translations entities.php (German)

* New translations settings.php (German)

* New translations entities.php (German Informal)

* New translations settings.php (German Informal)

* New translations settings.php (German)

* New translations settings.php (German Informal)

* New translations settings.php (French)

* New translations settings.php (Vietnamese)

* New translations settings.php (Slovenian)

* New translations settings.php (Swedish)

* New translations settings.php (Turkish)

* New translations settings.php (Ukrainian)

* New translations settings.php (Chinese Simplified)

* New translations settings.php (Chinese Traditional)

* New translations settings.php (Portuguese, Brazilian)

* New translations settings.php (Portuguese)

* New translations settings.php (Indonesian)

* New translations settings.php (Persian)

* New translations settings.php (Spanish, Argentina)

* New translations settings.php (Croatian)

* New translations settings.php (Latvian)

* New translations settings.php (Bosnian)

* New translations settings.php (Slovak)

* New translations settings.php (Polish)

* New translations settings.php (Russian)

* New translations settings.php (Czech)

* New translations settings.php (German)

* New translations settings.php (German Informal)

* New translations settings.php (Spanish)

* New translations settings.php (Arabic)

* New translations settings.php (Bulgarian)

* New translations settings.php (Catalan)

* New translations settings.php (Danish)

* New translations settings.php (Dutch)

* New translations settings.php (Hebrew)

* New translations settings.php (Hungarian)

* New translations settings.php (Italian)

* New translations settings.php (Japanese)

* New translations settings.php (Korean)

* New translations settings.php (Lithuanian)

* New translations settings.php (Norwegian Bokmal)

* New translations settings.php (Spanish)

* New translations activities.php (Slovak)

* New translations errors.php (Slovak)

* New translations settings.php (Slovak)

* New translations auth.php (Slovak)

* New translations common.php (Slovak)

* New translations entities.php (Slovak)

* New translations settings.php (Slovak)

* New translations activities.php (Slovak)

* New translations settings.php (French)

* New translations settings.php (Russian)

* New translations settings.php (German)

* New translations settings.php (Polish)

* New translations validation.php (Polish)

* New translations auth.php (Vietnamese)

* New translations auth.php (Vietnamese)

* New translations activities.php (Vietnamese)

* New translations common.php (Vietnamese)

* New translations entities.php (Vietnamese)

* New translations settings.php (Chinese Simplified)

* New translations settings.php (Italian)

* New translations auth.php (Italian)

* New translations common.php (Italian)

* New translations common.php (German)

* New translations common.php (German Informal)

* New translations settings.php (German)

* New translations common.php (German)

* New translations common.php (German Informal)

* New translations errors.php (German)

Allowed page includes on custom home

For #2279
Old hold-over for when include content permissions were handled less
delicately.

Applied StyleCI changes

Reviewed addition to db table prefix

Review of #2935

- Removed from .env files and added warnings for use if found in config
  file.
- Updated permission service to use whereColumn queries to auto-handle
  use of prefixes.

Merge branch 'floviolleau-db-prefixes' of https://github.com/floviolleau/BookStack into floviolleau-floviolleau-db-prefixes

Reviewed adding IP recording to activity & audit log

Review of #2936

- Added testing to cover
- Added APP_PROXIES to .env.example.complete with details.
- Renamed migration to better align the name and to set the migration
  date to fit with production deploy order.
- Removed index from IP column in migration since an index does not yet
  provide any value.
- Updated table header text label.
- Prevented IP recording when in demo mode.

Merge branch 'log-ip-address' of https://github.com/johnroyer/BookStack into johnroyer-log-ip-address

Applied style ci changes again

Applied styleci changes

Caught old string helper function usage

Found by Laravel Shift Workbench

Standardised facade usage to use via their FQCN

Done via Laravel Shift Workbench

Fix coding style

Update translation file

Add user IP into audit table

Save user IP to audit log

Add IP column

Allow to use DB tables prefix

Allow to use DB tables prefix

Allow to use DB tables prefix

Allow to use DB tables prefix

Fixed dodgy test helper signature causing tests to fail

Just needed some argument defaults to make them optional for existing
uses.

Merge pull request #2928 from BookStackApp/browserkit_removal

Convert old BrowserKit tests

Applied styleci style changes

Removed browserkit testing from project

Converted last bits of the roles tests and removed dependancies.
Updated other PHP dependancies at the same time.

Started updating RolesTest away from Browserkit

Converted AuthTest away from BrowserKit

Moved some user managment tests out to more relevant classess along the
way.
Found some tweaks to make for email confirmation routing as part of
this.

Rewrote entity permissions tests to be non-browser-kit

Finished moving EntityTests out to new TestCase files

Moved more tests out of EntityTest

Fixed social auth login audit log messages

Was logging the whole social account instance instead of just the
method.
Updated tests to cover.

Fixes #2930

Moved/Updated old Activity tracking tests, started on entity tests

Started moving old EntityTests into more appropriate places within
non-browserkit-test classes. Still many more to do.

Removed browserkit from a couple of classess

Done a little reorganisation while there of misplaced tests.
Moved MarkdownTest to a new PageEditorTest to avoid confusion with
other markdown elements and to align with other page tests.

Added border to generated TOTP QR code

To fix QR code not being scannable when in dark mode due to
lack of border matching background of QR code.

Fixes #2925

Updated translators for v21.08.3

New Crowdin updates (#2915)

* New translations auth.php (Spanish)

* New translations activities.php (Italian)

* New translations settings.php (Italian)

* New translations entities.php (Italian)

* New translations validation.php (Italian)

* New translations activities.php (Danish)

* New translations auth.php (Danish)

* New translations common.php (Danish)

* New translations settings.php (Danish)

* New translations entities.php (Danish)

* New translations auth.php (Danish)

* New translations common.php (Danish)

* New translations errors.php (Danish)

* New translations validation.php (Danish)

* New translations activities.php (Russian)

* New translations auth.php (French)

* New translations auth.php (French)

* New translations settings.php (French)

* New translations entities.php (French)

* New translations auth.php (French)

Altered the parsing of custom head to prevent htmlentities on content

Was causing things like emjoi within script content to be somewhat
mangled. Instead we force UTF8 only parsing via XML declaration.

Added test to cover.

For #2923