Compare commits

..

1 Commits

Author SHA1 Message Date
Dan Brown
c01217827c MFA: Started exploring hardware key support 2026-06-01 13:08:58 +01:00
49 changed files with 1439 additions and 320 deletions

View File

@@ -22,7 +22,7 @@ jobs:
uses: https://github.com/shivammathur/setup-php@v2
with:
php-version: 8.5
extensions: gd, mbstring, json, curl, xml, dom, mysql, ldap
extensions: gd, mbstring, json, curl, xml, mysql, ldap
- name: Get Composer Cache Directory
id: composer-cache

View File

@@ -23,14 +23,6 @@ jobs:
services:
mysql:
image: docker.io/library/mariadb:12.2.2-noble
options: --tmpfs /var/lib/mysql:rw
cmd:
- --innodb-flush-log-at-trx-commit=0
- --innodb-flush-method=O_DIRECT
- --innodb-doublewrite=0
- --innodb-buffer-pool-size=256M
- --skip-log-bin
- --sync-binlog=0
env:
MARIADB_USER: bookstack-test
MARIADB_PASSWORD: bookstack-test
@@ -43,7 +35,7 @@ jobs:
uses: https://github.com/shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php }}
extensions: gd, mbstring, json, curl, xml, dom, mysql, ldap
extensions: gd, mbstring, json, curl, xml, mysql, ldap
- name: Get Composer Cache Directory
id: composer-cache

View File

@@ -21,7 +21,7 @@ jobs:
matrix:
php: ['8.2', '8.3', '8.4', '8.5']
env:
phpextensions: gd, mbstring, json, curl, xml, dom, mysql, ldap, gmp
phpextensions: gd, mbstring, json, curl, xml, mysql, ldap, gmp
phpextensioncachekey: cache-v1
steps:
- uses: https://code.forgejo.org/actions/checkout@v6

View File

@@ -1,33 +0,0 @@
name: update-snyk
on:
workflow_dispatch:
push:
paths:
- 'composer*'
- 'package*'
branches:
- 'development'
- 'release'
jobs:
update:
runs-on: docker
container:
image: docker.io/library/node:24-trixie
steps:
- uses: https://code.forgejo.org/actions/checkout@v6
- name: Update Snyk for monitoring - Composer
uses: https://github.com/snyk/actions/node@master
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
args: snyk monitor --file=composer.lock --project-name=bookstack-${{forgejo.ref_name}}-composer
- name: Update Snyk for monitoring - NPM
uses: https://github.com/snyk/actions/node@master
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
args: snyk monitor --file=package-lock.json --project-name=bookstack-${{forgejo.ref_name}}-npm

View File

@@ -544,5 +544,3 @@ FelixFrizzy :: German
Pedro de Mattia (pdmtt) :: Portuguese, Brazilian
lonestan :: Russian
Paul Kernstock (kernstock) :: German
brtbr :: German; German Informal
Ricardo Covelo (covelo12) :: Portuguese

View File

@@ -0,0 +1,133 @@
<?php
namespace BookStack\Access\Controllers;
use BookStack\Access\LoginService;
use BookStack\Access\Mfa\BackupCodeService;
use BookStack\Access\Mfa\MfaSession;
use BookStack\Access\Mfa\MfaValue;
use BookStack\Access\Mfa\MfaVerificationLimiter;
use BookStack\Activity\ActivityType;
use BookStack\Exceptions\NotFoundException;
use BookStack\Http\Controller;
use Cose\Algorithms;
use Exception;
use Illuminate\Http\Request;
use Illuminate\Validation\ValidationException;
use Symfony\Component\Serializer\Encoder\JsonEncode;
use Symfony\Component\Serializer\Normalizer\AbstractObjectNormalizer;
use Webauthn\AttestationStatement\AttestationStatementSupportManager;
use Webauthn\AttestationStatement\NoneAttestationStatementSupport;
use Webauthn\AuthenticatorSelectionCriteria;
use Webauthn\Denormalizer\WebauthnSerializerFactory;
use Webauthn\PublicKeyCredentialCreationOptions;
use Webauthn\PublicKeyCredentialOptions;
use Webauthn\PublicKeyCredentialParameters;
use Webauthn\PublicKeyCredentialRpEntity;
use Webauthn\PublicKeyCredentialUserEntity;
class MfaHardwareKeyController extends Controller
{
use HandlesPartialLogins;
protected const SETUP_SECRET_SESSION_KEY = 'mfa-setup-hardware-key-secret';
public function __construct(
protected MfaVerificationLimiter $limiter,
) {
}
/**
* Show a view that allows configuration of a hardware key.
*/
public function generate(BackupCodeService $codeService)
{
$domain = parse_url(url('/'), PHP_URL_HOST);
$rpEntity = PublicKeyCredentialRpEntity::create(
setting('app-name'),
$domain,
);
$user = $this->currentOrLastAttemptedUser();
// TODO - Ensure user ID is somewhat long and random
// See: https://webauthn-doc.spomky-labs.com/prerequisites/user-entity
// Maybe hash of (app-id from settings + user id)
// Or maybe a UUID/random_string which we connect via DB entry?
$userEntity = PublicKeyCredentialUserEntity::create(
$user->slug,
$user->id,
$user->name,
);
$publicKeyCredentialParametersList = [
PublicKeyCredentialParameters::create('public-key', Algorithms::COSE_ALGORITHM_ES256K), // More interesting algorithm
PublicKeyCredentialParameters::create('public-key', Algorithms::COSE_ALGORITHM_ES256), // ||
PublicKeyCredentialParameters::create('public-key', Algorithms::COSE_ALGORITHM_RS256), // ||
PublicKeyCredentialParameters::create('public-key', Algorithms::COSE_ALGORITHM_PS256), // \/
PublicKeyCredentialParameters::create('public-key', Algorithms::COSE_ALGORITHM_ED256), // Less interesting algorithm
];
$credentialOptions = PublicKeyCredentialCreationOptions::create(
$rpEntity,
$userEntity,
random_bytes(32),
$publicKeyCredentialParametersList,
hints: [
PublicKeyCredentialOptions::HINT_SECURITY_KEY,
],
timeout: 60000, // 1 minute
authenticatorSelection: AuthenticatorSelectionCriteria::create(
userVerification: AuthenticatorSelectionCriteria::USER_VERIFICATION_REQUIREMENT_DISCOURAGED,
)
);
$attestationStatementSupportManager = AttestationStatementSupportManager::create();
$attestationStatementSupportManager->add(NoneAttestationStatementSupport::create());
$factory = new WebauthnSerializerFactory($attestationStatementSupportManager);
$serializer = $factory->create();
$jsonOptions = $serializer->serialize(
$credentialOptions,
'json',
[
AbstractObjectNormalizer::SKIP_NULL_VALUES => true,
JsonEncode::OPTIONS => JSON_THROW_ON_ERROR,
]
);
// TODO - Change
$this->setPageTitle(trans('auth.mfa_gen_hardware_key_title'));
return view('mfa.hardware-key-generate', [
'options' => $jsonOptions,
]);
}
/**
* Confirm the setup of a hardware key, storing the key value against the user.
*
* @throws Exception
*/
public function confirm()
{
return redirect('/mfa/setup');
}
/**
* Verify the MFA method submission on check.
*
* @throws NotFoundException
* @throws ValidationException
*/
public function verify(Request $request, MfaSession $mfaSession, LoginService $loginService)
{
$user = $this->currentOrLastAttemptedUser();
$this->limiter->incrementAttempts($user, $request);
if ($this->limiter->hasHitLimit($user, $request)) {
$this->clearLastAttemptedUser();
$this->limiter->throwException();
}
}
}

View File

@@ -23,13 +23,14 @@ class MfaValue extends Model
const METHOD_TOTP = 'totp';
const METHOD_BACKUP_CODES = 'backup_codes';
const METHOD_HARDWARE_KEY = 'hardware_key';
/**
* Get all the MFA methods available.
*/
public static function allMethods(): array
{
return [self::METHOD_TOTP, self::METHOD_BACKUP_CODES];
return [self::METHOD_TOTP, self::METHOD_BACKUP_CODES, self::METHOD_HARDWARE_KEY];
}
/**

View File

@@ -25,7 +25,6 @@ class Handler extends ExceptionHandler
protected $dontReport = [
NotFoundException::class,
StoppedAuthenticationException::class,
NotifyException::class,
];
/**

View File

@@ -6,22 +6,18 @@ use Exception;
use Illuminate\Contracts\Support\Responsable;
use Symfony\Component\HttpKernel\Exception\HttpExceptionInterface;
/**
* An exception that is thrown to notify the user of something which went wrong.
* Typically these should be translated messages since they will be shown to the end user
* via a pop up notification error message in the UI.
*
* This exception is not intended to be used for internal system/application errors,
* and therefore will not be logged by the exception handler.
*/
class NotifyException extends Exception implements Responsable, HttpExceptionInterface
{
public function __construct(
string $message,
public string $redirectLocation = '/',
protected int $status = 500
) {
public $message;
public string $redirectLocation;
protected int $status;
public function __construct(string $message, string $redirectLocation = '/', int $status = 500)
{
$this->message = $message;
$this->redirectLocation = $redirectLocation;
$this->status = $status;
parent::__construct();
}

View File

@@ -290,7 +290,7 @@ class SearchRunner
$query->where('name', '=', $tagParts['name']);
}
if (is_numeric($tagParts['value']) && is_finite($tagParts['value']) && $tagParts['operator'] !== 'like') {
if (is_numeric($tagParts['value']) && $tagParts['operator'] !== 'like') {
// We have to do a raw sql query for this since otherwise PDO will quote the value and MySQL will
// search the value as a string which prevents being able to do number-based operations
// on the tag values. We ensure it has a numeric value and then cast it just to be sure.

View File

@@ -4,12 +4,37 @@ namespace BookStack\Sorting;
class BookSortMapItem
{
public function __construct(
public int $id,
public int $sort,
public int|null $parentChapterId,
public string $type,
public int $parentBookId,
) {
/**
* @var int
*/
public $id;
/**
* @var int
*/
public $sort;
/**
* @var ?int
*/
public $parentChapterId;
/**
* @var string
*/
public $type;
/**
* @var int
*/
public $parentBookId;
public function __construct(int $id, int $sort, ?int $parentChapterId, string $type, int $parentBookId)
{
$this->id = $id;
$this->sort = $sort;
$this->parentChapterId = $parentChapterId;
$this->type = $type;
$this->parentBookId = $parentBookId;
}
}

View File

@@ -168,7 +168,7 @@ class BookSorter
$model->priority = $sortMapItem->sort;
}
if ($priorityChanged || $chapterChanged) {
if ($chapterChanged || $priorityChanged) {
$model::withoutTimestamps(fn () => $model->save());
}
}

View File

@@ -107,9 +107,6 @@ class AttachmentController extends Controller
{
/** @var Attachment $attachment */
$attachment = Attachment::query()->findOrFail($attachmentId);
$this->checkOwnablePermission(Permission::PageView, $attachment->page);
$this->checkOwnablePermission(Permission::PageUpdate, $attachment->page);
$this->checkOwnablePermission(Permission::AttachmentUpdate, $attachment);
try {
$this->validate($request, [
@@ -123,6 +120,10 @@ class AttachmentController extends Controller
]), 422);
}
$this->checkOwnablePermission(Permission::PageView, $attachment->page);
$this->checkOwnablePermission(Permission::PageUpdate, $attachment->page);
$this->checkOwnablePermission(Permission::AttachmentUpdate, $attachment);
$attachment = $this->attachmentService->updateFile($attachment, [
'name' => $request->input('attachment_edit_name'),
'link' => $request->input('attachment_edit_url'),
@@ -141,10 +142,6 @@ class AttachmentController extends Controller
public function attachLink(Request $request)
{
$pageId = $request->input('attachment_link_uploaded_to');
$page = $this->pageQueries->findVisibleByIdOrFail($pageId);
$this->checkPermission(Permission::AttachmentCreateAll);
$this->checkOwnablePermission(Permission::PageUpdate, $page);
try {
$this->validate($request, [
@@ -159,6 +156,11 @@ class AttachmentController extends Controller
]), 422);
}
$page = $this->pageQueries->findVisibleByIdOrFail($pageId);
$this->checkPermission(Permission::AttachmentCreateAll);
$this->checkOwnablePermission(Permission::PageUpdate, $page);
$attachmentName = $request->input('attachment_link_name');
$link = $request->input('attachment_link_url');
$this->attachmentService->saveNewFromLink($attachmentName, $link, intval($pageId));

View File

@@ -1,15 +1,13 @@
<?php
namespace BookStack\Util\HtmlPurifier;
namespace BookStack\Util;
use BookStack\App\AppVersion;
use BookStack\Util\HtmlPurifier\Filters\UriLimitFileProtocolToAnchors;
use HTMLPurifier;
use HTMLPurifier_Config;
use HTMLPurifier_DefinitionCache_Serializer;
use HTMLPurifier_HTML5Config;
use HTMLPurifier_HTMLDefinition;
use HTMLPurifier_URIDefinition;
/**
* Provides a configured HTML Purifier instance.
@@ -35,12 +33,7 @@ class ConfiguredHtmlPurifier
$htmlDef = $config->getDefinition('HTML', true, true);
if ($htmlDef instanceof HTMLPurifier_HTMLDefinition) {
$this->configureHtmlDefinition($htmlDef);
}
$uriDef = $config->getDefinition('URI', true, true);
if ($uriDef instanceof HTMLPurifier_URIDefinition) {
$this->configureUriDefinition($uriDef);
$this->configureDefinition($htmlDef);
}
$this->purifier = new HTMLPurifier($config);
@@ -98,7 +91,7 @@ class ConfiguredHtmlPurifier
// $config->set('Cache.DefinitionImpl', null); // Disable cache during testing
}
protected function configureHtmlDefinition(HTMLPurifier_HTMLDefinition $definition): void
public function configureDefinition(HTMLPurifier_HTMLDefinition $definition): void
{
// Allow the object element
$definition->addElement(
@@ -158,11 +151,6 @@ class ConfiguredHtmlPurifier
$definition->addAttribute('a', 'data-mention-user-id', 'Number');
}
protected function configureUriDefinition(HTMLPurifier_URIDefinition $definition): void
{
$definition->registerFilter(new UriLimitFileProtocolToAnchors());
}
public function purify(string $html): string
{
return $this->purifier->purify($html);

View File

@@ -2,7 +2,6 @@
namespace BookStack\Util;
use BookStack\Util\HtmlPurifier\ConfiguredHtmlPurifier;
use DOMAttr;
use DOMElement;
use DOMNodeList;

View File

@@ -1,55 +0,0 @@
<?php
namespace BookStack\Util\HtmlPurifier\Filters;
use HTMLPurifier_Config;
use HTMLPurifier_Context;
use HTMLPurifier_URI;
use HTMLPurifier_URIFilter;
/**
* Limits file:// URIs to only be used on anchor tags href attributes.
* This prevents use on iframes/embeds/images where they can be used to load external
* content on the network, triggering calls which may include NTLM auth hashes when in
* certain windows based environments.
*/
class UriLimitFileProtocolToAnchors extends HTMLPurifier_URIFilter
{
/**
* @type string
*/
public $name = 'LimitFileProtocolToAnchors';
/**
* @type bool
*/
public $always_load = true;
/**
* @param HTMLPurifier_URI $uri
* @param HTMLPurifier_Config $config
* @param HTMLPurifier_Context $context
* @return bool
*/
public function filter(&$uri, $config, $context)
{
// Ensure we're only filtering file:// URIs'
if ($uri->scheme !== 'file') {
return true;
}
$token = $context->get('CurrentToken', true);
$attr = $context->get('CurrentAttr', true);
// Only allow if used on hrefs on anchor tags
$isAnchor = $token && $token->name === 'a';
$isHref = $attr === 'href';
if ($isAnchor && $isHref) {
return true;
}
return false;
}
}
// vim: et sw=4 sts=4

View File

@@ -40,6 +40,7 @@
"socialiteproviders/okta": "^4.2",
"socialiteproviders/twitch": "^5.3",
"ssddanbrown/htmldiff": "^2.0.0",
"web-auth/webauthn-lib": "^5.3",
"xemlock/htmlpurifier-html5": "^0.1.12"
},
"require-dev": {

1153
composer.lock generated

File diff suppressed because it is too large Load Diff

View File

@@ -482,8 +482,8 @@ electron-to-chromium
License: ISC
License File: node_modules/electron-to-chromium/LICENSE
Copyright: Copyright 2018 Kilian Valkhof
Source: git+https://github.com/Kilian/electron-to-chromium.git
Link: git+https://github.com/Kilian/electron-to-chromium.git
Source: git+https://github.com/kilian/electron-to-chromium.git
Link: git+https://github.com/kilian/electron-to-chromium.git
-----------
emittery
License: MIT
@@ -860,7 +860,7 @@ License: MIT
License File: node_modules/handlebars/LICENSE
Copyright: Copyright (C) 2011-2019 by Yehuda Katz
Source: https://github.com/handlebars-lang/handlebars.js.git
Link: https://handlebarsjs.com/
Link: https://www.handlebarsjs.com/
-----------
has-bigints
License: MIT
@@ -1663,6 +1663,13 @@ Copyright: Copyright (c) Stephen Sugden <**@*************.***> (stephensugden.co
Source: grncdr/merge-stream
Link: grncdr/merge-stream
-----------
micromatch
License: MIT
License File: node_modules/micromatch/LICENSE
Copyright: Copyright (c) 2014-present, Jon Schlinkert.
Source: micromatch/micromatch
Link: https://github.com/micromatch/micromatch
-----------
mimic-fn
License: MIT
License File: node_modules/mimic-fn/license
@@ -3567,6 +3574,13 @@ Copyright: Copyright (c) 2017-present Devon Govett
Source: https://github.com/parcel-bundler/watcher.git
Link: https://github.com/parcel-bundler/watcher.git
-----------
@parcel/watcher-linux-x64-musl
License: MIT
License File: node_modules/@parcel/watcher-linux-x64-musl/LICENSE
Copyright: Copyright (c) 2017-present Devon Govett
Source: https://github.com/parcel-bundler/watcher.git
Link: https://github.com/parcel-bundler/watcher.git
-----------
@parcel/watcher
License: MIT
License File: node_modules/@parcel/watcher/LICENSE
@@ -3589,8 +3603,8 @@ Link: https://github.com/un-ts/pkgr/blob/master/packages/core
License: MIT
License File: node_modules/@sinclair/typebox/license
Copyright: Copyright (c) 2017-2026 Haydn Paterson
Source: https://github.com/sinclairzx81/sinclair-typebox
Link: https://github.com/sinclairzx81/sinclair-typebox
Source: https://github.com/sinclairzx81/typebox-legacy
Link: https://github.com/sinclairzx81/typebox-legacy
-----------
@sinonjs/commons
License: BSD-3-Clause
@@ -3803,3 +3817,8 @@ Link: https://github.com/ungap/structured-clone#readme
License: MIT
Source: git+https://github.com/unrs/unrs-resolver.git
Link: https://github.com/unrs/unrs-resolver#readme
-----------
@unrs/resolver-binding-linux-x64-musl
License: MIT
Source: git+https://github.com/unrs/unrs-resolver.git
Link: https://github.com/unrs/unrs-resolver#readme

View File

@@ -99,8 +99,8 @@ return [
'user_update_notification' => 'Uživatel byl úspěšně aktualizován',
'user_delete' => 'odstranil uživatele',
'user_delete_notification' => 'Uživatel byl úspěšně odstraněn',
'user_mfa_reset' => 'obnovit vícefaktorové ověření pro uživatele',
'user_mfa_reset_notification' => 'Obnovení metod vícefaktorového ověřování',
'user_mfa_reset' => 'reset MFA for user',
'user_mfa_reset_notification' => 'Multi-factor authentication methods reset',
// API Tokens
'api_token_create' => 'API token byl vytvořen',

View File

@@ -8,7 +8,7 @@ return [
'failed' => 'Neplatné přihlašovací údaje.',
'throttle' => 'Příliš mnoho pokusů o přihlášení. Zkuste to prosím znovu za :seconds sekund.',
'mfa_throttle' => '{0}Příliš mnoho pokusů o vícefázové ověření. Zkuste to prosím znovu za :seconds sekund.|{1}Příliš mnoho pokusů o vícefázové ověření. Zkuste to prosím znovu za :seconds sekundu.|[2,4]Příliš mnoho pokusů o vícefázové ověření. Zkuste to prosím znovu za :seconds sekundy.|[5,*]Příliš mnoho pokusů o vícefázové ověření. Zkuste to prosím znovu za :seconds sekund.',
'mfa_throttle' => 'Too many multi-factor verification attempts. Please try again in :seconds seconds.',
// Login & Register
'sign_up' => 'Registrace',

View File

@@ -173,7 +173,7 @@ return [
'books_sort_desc' => 'Pro přeuspořádání obsahu přesuňte kapitoly a stránky v knize. Mohou být přidány další knihy, které umožní snadný přesun kapitol a stránek mezi knihami. Volitelně lze nastavit pravidlo automatického řazení, aby se při změnách automaticky seřadil obsah této knihy.',
'books_sort_auto_sort' => 'Možnost automatického řazení',
'books_sort_auto_sort_active' => 'Aktivní automatické řazení: :sortName',
'books_sort_auto_sort_creation_hint' => 'Pravidla řazení mohou být vytvořena v nastavení "Seznamy a řazení" uživatelem s příslušnými oprávněními.',
'books_sort_auto_sort_creation_hint' => 'Auto sort option rules can be created in the "Lists & Sorting" settings area by a user with the relevant permissions.',
'books_sort_named' => 'Seřadit knihu :bookName',
'books_sort_name' => 'Seřadit podle názvu',
'books_sort_created' => 'Seřadit podle data vytvoření',
@@ -331,9 +331,9 @@ return [
// Editor Sidebar
'toggle_sidebar' => 'Skrýt/Zobrazit postranní panel',
'page_contents' => 'Obsah stránky',
'page_contents_none' => 'Na stránce nejsou žádné nadpisy.',
'page_contents_info' => 'Obsah se generuje ze všech použitých nadpisů na stránce.',
'page_contents' => 'Page Contents',
'page_contents_none' => 'No headings were found in the page content.',
'page_contents_info' => 'The contents menu is generated from any heading formats used in the page.',
'page_tags' => 'Štítky stránky',
'chapter_tags' => 'Štítky kapitoly',
'book_tags' => 'Štítky knihy',

View File

@@ -207,7 +207,7 @@ return [
'role_all' => 'Vše',
'role_own' => 'Vlastní',
'role_controlled_by_asset' => 'Řídí se obsahem, do kterého jsou nahrávány',
'role_controlled_by_page_delete' => 'Řídí se právem k odstranění stránky',
'role_controlled_by_page_delete' => 'Controlled by page delete permissions',
'role_save' => 'Uložit roli',
'role_users' => 'Uživatelé mající tuto roli',
'role_users_none' => 'Žádný uživatel nemá tuto roli',
@@ -260,13 +260,13 @@ return [
'users_api_tokens_create' => 'Vytvořit Token',
'users_api_tokens_expires' => 'Vyprší',
'users_api_tokens_docs' => 'Dokumentace API',
'users_mfa' => 'Vícefaktorové ověření',
'users_mfa' => 'Vícefázové ověření',
'users_mfa_desc' => 'Nastavit vícefaktorové ověřování jako další vrstvu zabezpečení vašeho uživatelského účtu.',
'users_mfa_x_methods' => ':count nastavená metoda|:count nastavených metod',
'users_mfa_configure' => 'Konfigurovat metody',
'users_mfa_reset' => 'Obnova metod vícefaktorového ověření',
'users_mfa_reset_desc' => 'Tímto se obnoví a vymažou všechny nakonfigurované metody vícefaktorového ověřování pro tohoto uživatele. Pokud některá z jeho rolí vyžaduje vícefaktorové ověřování, bude při příštím přihlášení vyzván k nastavení nových metod.',
'users_mfa_reset_confirm' => 'Opravdu chcete obnovit vícefaktorové ověřování pro tohoto uživatele?',
'users_mfa_reset' => 'Reset Multi-Factor Authentication Methods',
'users_mfa_reset_desc' => 'This will reset and clear all configured multi-factor authentication methods for this user. If multi-factor authentication is required by any of their roles, they\'ll be prompted to configure new methods on their next login.',
'users_mfa_reset_confirm' => 'Are you sure you want to reset multi-factor authentication for this user?',
// API Tokens
'user_api_token_create' => 'Vytvořit API Token',

View File

@@ -8,7 +8,7 @@ return [
'failed' => 'De indtastede brugeroplysninger stemmer ikke overens med vores registreringer.',
'throttle' => 'For mange mislykkede loginforsøg. Prøv igen om :seconds sekunder.',
'mfa_throttle' => 'For mange mislykkede loginforsøg. Prøv igen om :seconds sekunder.',
'mfa_throttle' => 'Too many multi-factor verification attempts. Please try again in :seconds seconds.',
// Login & Register
'sign_up' => 'Registrer',

View File

@@ -331,9 +331,9 @@ return [
// Editor Sidebar
'toggle_sidebar' => 'Sidebjælke til/fra',
'page_contents' => 'Sideindhold',
'page_contents_none' => 'Ingen overskrifter blev fundet i sidens indhold.',
'page_contents_info' => 'Indholdsmenuen er genereret fra alle kursformater, der bruges på siden.',
'page_contents' => 'Page Contents',
'page_contents_none' => 'No headings were found in the page content.',
'page_contents_info' => 'The contents menu is generated from any heading formats used in the page.',
'page_tags' => 'Sidetags',
'chapter_tags' => 'Kapiteltags',
'book_tags' => 'Bogtags',

View File

@@ -367,7 +367,7 @@ return [
'sk' => 'Slovensky',
'sl' => 'Slovenščina',
'sv' => 'Svenska',
'th' => 'Thailandsk',
'th' => 'ภาษาไทย',
'tr' => 'Türkçe',
'uk' => 'Українська',
'uz' => 'Ozbekcha',

View File

@@ -8,7 +8,7 @@ return [
'failed' => 'Diese Anmeldedaten stimmen nicht mit unseren Aufzeichnungen überein.',
'throttle' => 'Zu viele Anmeldeversuche. Bitte versuchen Sie es in :seconds Sekunden erneut.',
'mfa_throttle' => 'Zu viele Multi-Faktor-Verifizierungsversuche. Bitte versuchen Sie es in :seconds Sekunden erneut.',
'mfa_throttle' => 'Too many multi-factor verification attempts. Please try again in :seconds seconds.',
// Login & Register
'sign_up' => 'Registrieren',

View File

@@ -173,7 +173,7 @@ return [
'books_sort_desc' => 'Verschieben Sie Kapitel und Seiten innerhalb eines Buches, um dessen Inhalt neu zu ordnen. Es können weitere Bücher hinzugefügt werden, wodurch Kapitel und Seiten problemlos zwischen den Büchern verschoben werden können. Optional kann eine automatische Sortierregel festgelegt werden, um den Inhalt dieses Buches bei Änderungen automatisch zu sortieren.',
'books_sort_auto_sort' => 'Automatische Sortierfunktionsoption',
'books_sort_auto_sort_active' => 'Automatische Sortierung aktiv: :sortName',
'books_sort_auto_sort_creation_hint' => 'Regeln für die automatische Sortierung können von einem Benutzer mit den entsprechenden Berechtigungen im Einstellungsbereich "Listen & Sortieren" erstellt werden.',
'books_sort_auto_sort_creation_hint' => 'Auto sort option rules can be created in the "Lists & Sorting" settings area by a user with the relevant permissions.',
'books_sort_named' => 'Buch ":bookName" sortieren',
'books_sort_name' => 'Sortieren nach Namen',
'books_sort_created' => 'Sortieren nach Erstellungsdatum',
@@ -331,9 +331,9 @@ return [
// Editor Sidebar
'toggle_sidebar' => 'Seitenleiste umschalten',
'page_contents' => 'Seiteninhalt',
'page_contents_none' => 'Es wurden keine Überschriften im Seiteninhalt gefunden.',
'page_contents_info' => 'Das Inhaltsmenü wird aus allen auf der Seite verwendeten Überschriften generiert.',
'page_contents' => 'Page Contents',
'page_contents_none' => 'No headings were found in the page content.',
'page_contents_info' => 'The contents menu is generated from any heading formats used in the page.',
'page_tags' => 'Seiten-Schlagwörter',
'chapter_tags' => 'Kapitel-Schlagwörter',
'book_tags' => 'Buch-Schlagwörter',

View File

@@ -207,7 +207,7 @@ return [
'role_all' => 'Alle',
'role_own' => 'Eigene',
'role_controlled_by_asset' => 'Abhängig von dem Asset, in das sie hochgeladen werden',
'role_controlled_by_page_delete' => 'Kontrolliert durch die Berechtigung zum Löschen einer Seite',
'role_controlled_by_page_delete' => 'Controlled by page delete permissions',
'role_save' => 'Rolle speichern',
'role_users' => 'Dieser Rolle zugeordnete Benutzer',
'role_users_none' => 'Derzeit sind diesem Rollentyp keine Benutzer zugewiesen',
@@ -265,7 +265,7 @@ return [
'users_mfa_x_methods' => ':count Methode konfiguriert|:count Methoden konfiguriert',
'users_mfa_configure' => 'Methoden konfigurieren',
'users_mfa_reset' => 'Setze Multifaktor-Authentifizierung zurück',
'users_mfa_reset_desc' => 'Dies wird alle konfigurierten Multifaktor-Authentifizierungsmethoden für diesen Nutzer zurücksetzen. Falls Multifaktor-Authentifizierung für eine seiner Rollen erforderlich ist, wird der Nutzer aufgefordert, neue Methoden beim nächsten Login zu konfigurieren.',
'users_mfa_reset_desc' => 'Dies wird alle konfigurierten Multifaktor-Authentifizierungsmethoden für diesen Nutzer zurücksetzen. Falls Multifaktor-Authentifizierung für eine seiner Rollen erforderlich ist, werden sie aufgefordert, neue Methoden beim nächsten Login zu konfigurieren.',
'users_mfa_reset_confirm' => 'Sind Sie sicher, dass Sie diese Multi-Faktor-Authentifizierungsmethode für diesen Nutzer zurücksetzen möchten?',
// API Tokens

View File

@@ -8,7 +8,7 @@ return [
'failed' => 'Die eingegebenen Anmeldedaten sind ungültig.',
'throttle' => 'Zu viele Anmeldeversuche. Bitte versuche es in :seconds Sekunden erneut.',
'mfa_throttle' => 'Zu viele Multi-Faktor-Verifizierungsversuche. Bitte versuche es in :seconds Sekunden erneut.',
'mfa_throttle' => 'Too many multi-factor verification attempts. Please try again in :seconds seconds.',
// Login & Register
'sign_up' => 'Registrieren',

View File

@@ -173,7 +173,7 @@ return [
'books_sort_desc' => 'Kapitel und Seiten innerhalb eines Buches verschieben, um dessen Inhalt zu reorganisieren. Andere Bücher können hinzugefügt werden, was das Verschieben von Kapiteln und Seiten zwischen Büchern erleichtert. Optional kann eine automatische Sortierregel erstellt werden, um den Inhalt dieses Buches nach Änderungen automatisch zu sortieren.',
'books_sort_auto_sort' => 'Auto-Sortieroption',
'books_sort_auto_sort_active' => 'Automatische Sortierung aktiv: :sortName',
'books_sort_auto_sort_creation_hint' => 'Regeln für die automatische Sortierung können von einem Benutzer mit den entsprechenden Berechtigungen im Einstellungsbereich "Listen & Sortieren" erstellt werden.',
'books_sort_auto_sort_creation_hint' => 'Auto sort option rules can be created in the "Lists & Sorting" settings area by a user with the relevant permissions.',
'books_sort_named' => 'Buch ":bookName" sortieren',
'books_sort_name' => 'Sortieren nach Namen',
'books_sort_created' => 'Sortieren nach Erstellungsdatum',
@@ -331,9 +331,9 @@ return [
// Editor Sidebar
'toggle_sidebar' => 'Seitenleiste umschalten',
'page_contents' => 'Seiteninhalt',
'page_contents_none' => 'Es wurden keine Überschriften im Seiteninhalt gefunden.',
'page_contents_info' => 'Das Inhaltsmenü wird aus allen auf der Seite verwendeten Überschriften generiert.',
'page_contents' => 'Page Contents',
'page_contents_none' => 'No headings were found in the page content.',
'page_contents_info' => 'The contents menu is generated from any heading formats used in the page.',
'page_tags' => 'Seiten-Schlagwörter',
'chapter_tags' => 'Kapitel-Schlagwörter',
'book_tags' => 'Buch-Schlagwörter',

View File

@@ -208,7 +208,7 @@ Hinweis: Benutzer können ihre E-Mail Adresse nach erfolgreicher Registrierung
'role_all' => 'Alle',
'role_own' => 'Eigene',
'role_controlled_by_asset' => 'Berechtigungen werden vom Uploadziel bestimmt',
'role_controlled_by_page_delete' => 'Kontrolliert durch die Berechtigung zum Löschen einer Seite',
'role_controlled_by_page_delete' => 'Controlled by page delete permissions',
'role_save' => 'Rolle speichern',
'role_users' => 'Dieser Rolle zugeordnete Benutzer',
'role_users_none' => 'Bisher sind dieser Rolle keine Benutzer zugeordnet',
@@ -266,8 +266,8 @@ Hinweis: Benutzer können ihre E-Mail Adresse nach erfolgreicher Registrierung
'users_mfa_x_methods' => ':count Methode konfiguriert|:count Methoden konfiguriert',
'users_mfa_configure' => 'Methoden konfigurieren',
'users_mfa_reset' => 'Setze Multifaktor-Authentifizierung zurück',
'users_mfa_reset_desc' => 'Dies wird alle konfigurierten Multifaktor-Authentifizierungsmethoden für diesen Nutzer zurücksetzen. Falls Multifaktor-Authentifizierung für eine seiner Rollen erforderlich ist, wird der Nutzer aufgefordert, neue Methoden beim nächsten Login zu konfigurieren.',
'users_mfa_reset_confirm' => 'Bist du sicher, dass du diese Multi-Faktor-Authentifizierungsmethode für diesen Nutzer zurücksetzen möchtest?',
'users_mfa_reset_desc' => 'Dies wird alle konfigurierten Multifaktor-Authentifizierungsmethoden für diesen Nutzer zurücksetzen. Falls Multifaktor-Authentifizierung für eine seiner Rollen erforderlich ist, werden sie aufgefordert, neue Methoden beim nächsten Login zu konfigurieren.',
'users_mfa_reset_confirm' => 'Sind Sie sicher, dass Sie diese Multi-Faktor-Authentifizierungsmethode für diesen Nutzer zurücksetzen möchten?',
// API Tokens
'user_api_token_create' => 'Neuen API-Token erstellen',

View File

@@ -367,7 +367,7 @@ return [
'sk' => 'Slovensky',
'sl' => 'Slovenščina',
'sv' => 'Svenska',
'th' => 'Thai',
'th' => 'ภาษาไทย',
'tr' => 'Türkçe',
'uk' => 'Українська',
'uz' => 'Ozbekcha',

View File

@@ -173,7 +173,7 @@ return [
'books_sort_desc' => 'ブック内のチャプタおよびページを移動して内容を再編成できます。他のブックを並べて、ブック間でチャプタやページを簡単に移動することもできます。オプションで自動ソートルールを設定すると、変更時にブックの内容を自動的にソートすることができます。',
'books_sort_auto_sort' => '自動ソートオプション',
'books_sort_auto_sort_active' => '自動ソート有効: :sortName',
'books_sort_auto_sort_creation_hint' => '自動ソートオプションのルールは、関連する権限を持ったユーザーによって設定の「一覧とソート」エリアで作成できます。',
'books_sort_auto_sort_creation_hint' => 'Auto sort option rules can be created in the "Lists & Sorting" settings area by a user with the relevant permissions.',
'books_sort_named' => 'ブック「:bookName」を並べ替え',
'books_sort_name' => '名前で並べ替え',
'books_sort_created' => '作成日で並べ替え',

View File

@@ -207,7 +207,7 @@ return [
'role_all' => '全て',
'role_own' => '自身',
'role_controlled_by_asset' => 'このアセットに対し、右記の操作を許可:',
'role_controlled_by_page_delete' => 'ページ削除権限を適用',
'role_controlled_by_page_delete' => 'Controlled by page delete permissions',
'role_save' => '役割を保存',
'role_users' => 'この役割を持つユーザー',
'role_users_none' => 'この役割が付与されたユーザーはいません',

View File

@@ -331,7 +331,7 @@ return [
// Editor Sidebar
'toggle_sidebar' => 'Zijbalk Tonen/Verbergen',
'page_contents' => 'Pagina Inhoud',
'page_contents' => 'Page Contents',
'page_contents_none' => 'No headings were found in the page content.',
'page_contents_info' => 'The contents menu is generated from any heading formats used in the page.',
'page_tags' => 'Pagina Labels',

View File

@@ -50,8 +50,8 @@ return [
'import_zip_validation_errors' => 'Errors were detected while validating the provided ZIP file:',
'import_pending' => 'Pending Imports',
'import_pending_none' => 'No imports have been started.',
'import_continue' => 'Continuar importação',
'import_continue_desc' => 'Continuar importação',
'import_continue' => 'Continue Import',
'import_continue_desc' => 'Review the content due to be imported from the uploaded ZIP file. When ready, run the import to add its contents to this system. The uploaded ZIP import file will be automatically removed on successful import.',
'import_details' => 'Import Details',
'import_run' => 'Run Import',
'import_size' => ':size Import ZIP Size',

View File

@@ -78,7 +78,7 @@ return [
// Users
'users_cannot_delete_only_admin' => 'Não pode excluir o único administrador',
'users_cannot_delete_guest' => 'Não pode excluir o usuário convidado',
'users_could_not_send_invite' => 'Não foi possível criar o utilizador, pois o envio do endereço eletrónico de convite falhou',
'users_could_not_send_invite' => 'Could not create user since invite email failed to send',
// Roles
'role_cannot_be_edited' => 'Este cargo não pode ser editado',
@@ -106,7 +106,7 @@ return [
'back_soon' => 'Voltaremos em breve.',
// Import
'import_zip_cant_read' => 'Não foi possível ler o ficheiro ZIP.',
'import_zip_cant_read' => 'Could not read ZIP file.',
'import_zip_cant_decode_data' => 'Could not find and decode ZIP data.json content.',
'import_zip_no_data' => 'ZIP file data has no expected book, chapter or page content.',
'import_zip_data_too_large' => 'ZIP data.json content exceeds the configured application maximum upload size.',

View File

@@ -99,8 +99,8 @@ return [
'user_update_notification' => 'Користувача було успішно оновлено',
'user_delete' => 'вилучений користувач',
'user_delete_notification' => 'Користувача успішно видалено',
'user_mfa_reset' => 'скинути MFA для користувача',
'user_mfa_reset_notification' => 'Скидання методів багатофакторної автентифікації',
'user_mfa_reset' => 'reset MFA for user',
'user_mfa_reset_notification' => 'Multi-factor authentication methods reset',
// API Tokens
'api_token_create' => 'створений APi токен',

View File

@@ -8,7 +8,7 @@ return [
'failed' => 'Цей обліковий запис не знайдено.',
'throttle' => 'Забагато спроб входу в систему. Будь ласка, спробуйте ще раз через :seconds секунд.',
'mfa_throttle' => 'Занадто багато спроб багатофакторної перевірки. Будь ласка, спробуйте ще раз через :seconds секунд.',
'mfa_throttle' => 'Too many multi-factor verification attempts. Please try again in :seconds seconds.',
// Login & Register
'sign_up' => 'Реєстрація',

View File

@@ -173,7 +173,7 @@ return [
'books_sort_desc' => 'Перекладіть розділи та сторінки в межах книги, щоб реорганізувати вміст. Інші книги можна додати, що дозволяє легко переміщати глави та сторінки між книгами. При необхідності правило автоматичного сортування може бути встановлено для автоматичного сортування вмісту цієї книги при змінах.',
'books_sort_auto_sort' => 'Опція автоматичного сортування',
'books_sort_auto_sort_active' => 'Автосортування : :sortName',
'books_sort_auto_sort_creation_hint' => 'Правила автоматичного сортування можуть бути створені в області налаштувань "Списки і сортування" за допомогою користувача з відповідними дозволами.',
'books_sort_auto_sort_creation_hint' => 'Auto sort option rules can be created in the "Lists & Sorting" settings area by a user with the relevant permissions.',
'books_sort_named' => 'Сортувати книгу :bookName',
'books_sort_name' => 'Сортувати за назвою',
'books_sort_created' => 'Сортувати за датою створення',
@@ -331,9 +331,9 @@ return [
// Editor Sidebar
'toggle_sidebar' => 'Перемикач бічної панелі',
'page_contents' => 'Вміст сторінки',
'page_contents_none' => 'У тексті сторінки не знайдено заголовків.',
'page_contents_info' => 'Вміст меню створюється з будь-яких форматів заголовків, використовуваних для сторінки.',
'page_contents' => 'Page Contents',
'page_contents_none' => 'No headings were found in the page content.',
'page_contents_info' => 'The contents menu is generated from any heading formats used in the page.',
'page_tags' => 'Теги сторінки',
'chapter_tags' => 'Теги розділів',
'book_tags' => 'Теги книг',

View File

@@ -125,7 +125,7 @@ return [
'api_incorrect_token_secret' => 'Секрет, наданий для даного використовуваного токена API є неправильним',
'api_user_no_api_permission' => 'Власник використовуваного токена API не має дозволу здійснювати виклики API',
'api_user_token_expired' => 'Термін дії токена авторизації закінчився',
'api_cookie_auth_only_get' => 'Дозволяються тільки запити GET при використанні API з автентифікацією на основі cookie',
'api_cookie_auth_only_get' => 'Only GET requests are allowed when using the API with cookie-based authentication',
// Settings & Maintenance
'maintenance_test_email_failure' => 'Помилка під час надсилання тестового електронного листа:',

View File

@@ -104,7 +104,7 @@ return [
'sort_rule_op_chapters_first' => 'Спочатку розділи',
'sort_rule_op_chapters_last' => 'Розділи останні',
'sorting_page_limits' => 'Обмеження відображення сторінок',
'sorting_page_limits_desc' => 'Кількість елементів для відображення в різних списках в системі. Зазвичай менша кількість буде більш продуктивною, в той час як більша кількість уникає необхідність натискання на кілька сторінок. Використання кратного 6 рекомендується.',
'sorting_page_limits_desc' => 'Set how many items to show per-page in various lists within the system. Typically a lower amount will be more performant, while a higher amount avoids the need to click through multiple pages. Using a multiple of 6 is recommended.',
// Maintenance settings
'maint' => 'Обслуговування',
@@ -207,7 +207,7 @@ return [
'role_all' => 'Все',
'role_own' => 'Власне',
'role_controlled_by_asset' => 'Контролюється за об\'єктом, до якого вони завантажуються',
'role_controlled_by_page_delete' => 'Керується правами доступу для видалення сторінки',
'role_controlled_by_page_delete' => 'Controlled by page delete permissions',
'role_save' => 'Зберегти роль',
'role_users' => 'Користувачі в цій ролі',
'role_users_none' => 'Наразі жоден користувач не призначений для цієї ролі',
@@ -264,9 +264,9 @@ return [
'users_mfa_desc' => 'Двофакторна аутентифікація додає ще один рівень безпеки для вашого облікового запису.',
'users_mfa_x_methods' => ':count метод налаштовано|:count методів налаштовано',
'users_mfa_configure' => 'Налаштувати Методи',
'users_mfa_reset' => 'Скинути методи багатофакторної автентифікації',
'users_mfa_reset_desc' => 'Це скине та очистить всі налаштовані методи багатофакторної аутентифікації для цього користувача. Якщо багатофакторна аутентифікація обов\'язкова будь-якою зі своїх ролей, то вона буде запитана налаштувати нові способи при наступному вході в систему.',
'users_mfa_reset_confirm' => 'Ви впевнені, що хочете скинути багатофакторну аутентифікацію для цього користувача?',
'users_mfa_reset' => 'Reset Multi-Factor Authentication Methods',
'users_mfa_reset_desc' => 'This will reset and clear all configured multi-factor authentication methods for this user. If multi-factor authentication is required by any of their roles, they\'ll be prompted to configure new methods on their next login.',
'users_mfa_reset_confirm' => 'Are you sure you want to reset multi-factor authentication for this user?',
// API Tokens
'user_api_token_create' => 'Створити токен API',

View File

@@ -0,0 +1,74 @@
@extends('layouts.simple')
@section('body')
<div class="container very-small py-xl">
<div class="card content-wrap auto-height">
<h1 class="list-heading">{{ trans('auth.mfa_gen_hardware_key_title') }}</h1>
<p>{{ trans('auth.mfa_gen_hardware_key_desc') }}</p>
<div class="text-center mb-xs">
<button type="button" id="setup">setup_key</button>
</div>
<form action="{{ url('/mfa/hardware_key/confirm') }}" method="POST">
{{ csrf_field() }}
<div class="mt-s text-right">
<a href="{{ url('/mfa/setup') }}" class="button outline">{{ trans('common.cancel') }}</a>
<button class="button">{{ trans('auth.mfa_gen_confirm_and_enable') }}</button>
</div>
</form>
</div>
</div>
<script type="module" nonce="{{ $cspNonce }}">
// TODO - Extract to its own compontent
// TODO - Add some guidance and call this on click
// https://webauthn-doc.spomky-labs.com/prerequisites/javascript#using-native-browser-api
const setupButton = document.getElementById('setup');
const options = {!! $options !!};
const publicKeyCredentialCreationOptions = {
...options,
challenge: base64urlDecode(options.challenge),
user: {
...options.user,
id: base64urlDecode(options.user.id)
},
excludeCredentials: options.excludeCredentials?.map(cred => ({
...cred,
id: base64urlDecode(cred.id)
}))
};
setupButton.addEventListener('click', async () => {
console.log(publicKeyCredentialCreationOptions);
const credential = await navigator.credentials.create({
publicKey: publicKeyCredentialCreationOptions,
});
console.log(credential);
});
function base64urlEncode(buffer) {
const base64 = btoa(String.fromCharCode(...new Uint8Array(buffer)));
return base64
.replace(/\+/g, '-')
.replace(/\//g, '_')
.replace(/=/g, '');
}
function base64urlDecode(base64url) {
const base64 = base64url
.replace(/-/g, '+')
.replace(/_/g, '/');
const padding = '='.repeat((4 - base64.length % 4) % 4);
const binary = atob(base64 + padding);
const bytes = new Uint8Array(binary.length);
for (let i = 0; i < binary.length; i++) {
bytes[i] = binary.charCodeAt(i);
}
return bytes.buffer;
}
</script>
@stop

View File

@@ -8,7 +8,7 @@
<p class="mb-none"> {{ trans('auth.mfa_setup_desc') }}</p>
<div class="setting-list">
@foreach(['totp', 'backup_codes'] as $method)
@foreach(\BookStack\Access\Mfa\MfaValue::allMethods() as $method)
@include('mfa.parts.setup-method-row', ['method' => $method])
@endforeach
</div>

View File

@@ -319,6 +319,8 @@ Route::middleware('mfa-setup')->group(function () {
Route::post('/mfa/totp/confirm', [AccessControllers\MfaTotpController::class, 'confirm']);
Route::get('/mfa/backup_codes/generate', [AccessControllers\MfaBackupCodesController::class, 'generate']);
Route::post('/mfa/backup_codes/confirm', [AccessControllers\MfaBackupCodesController::class, 'confirm']);
Route::get('/mfa/hardware_key/generate', [AccessControllers\MfaHardwareKeyController::class, 'generate']);
Route::post('/mfa/hardware_key/confirm', [AccessControllers\MfaHardwareKeyController::class, 'confirm']);
});
Route::middleware('guest')->group(function () {
Route::get('/mfa/verify', [AccessControllers\MfaController::class, 'verify']);

View File

@@ -464,11 +464,6 @@ HTML;
'<div style="background:#FF0000;left:0;color:#00FFEE;">Hello!</div>' => '<div style="background:#FF0000;color:#00FFEE;">Hello!</div>',
'<div style="color:#00FFEE;">Hello!<style>testinghello!</style></div>' => '<div style="color:#00FFEE;">Hello!</div>',
'<div drawio-diagram="5332" another-attr="cat">Hello!</div>' => '<div drawio-diagram="5332">Hello!</div>',
'<iframe src="file://link/to/file" id="bkmrk-file-iframe"></iframe>' => '<iframe id="bkmrk-file-iframe"></iframe>',
'<embed src="file://link/to/file" id="bkmrk-file-embed"></embed>' => '<embed id="bkmrk-file-embed">',
'<object data="file://link/to/file" id="bkmrk-file-object"></object>' => '<object id="bkmrk-file-object">',
'<div id="bkmrk-file-img"><img src="file://link/to/file" alt="My local image"></div>' => '<div id="bkmrk-file-img"></div>',
'<div id="bkmrk-file-img"><img srcset="file://link/to/file" alt="My local image"></div>' => '<div id="bkmrk-file-img"></div>',
];
config()->set('app.content_filtering', 'a');
@@ -481,7 +476,6 @@ HTML;
$resp = $this->get($page->getUrl());
$resp->assertSee($expected, false);
$resp->assertDontSee($input, false);
}
}
@@ -490,7 +484,6 @@ HTML;
$testCasesExpectedByInput = [
'<p><a href="https://example.com" target="_blank">New tab linkydoodle</a></p>',
'<p><a href="https://example.com/user/1" data-mention-user-id="5">@mentionusertext</a></p>',
'<p><a href="file://link/to/file">Link to file</a></p>',
'<details><summary>Hello</summary><p>Mydetailshere</p></details>',
];

View File

@@ -233,18 +233,6 @@ class EntitySearchTest extends TestCase
$this->get('/search?term=' . urlencode('danzorbhsing {created_before:2037-01-01}'))->assertDontSee($page->name);
}
public function test_search_tags_with_unexpected_numeric_values_does_not_cause_error()
{
$pageA = $this->entities->page();
$pageA->name = 'MyTestPageWithAwkwardNumericTagValue';
$pageA->save();
$pageA->tags()->save(new Tag(['name' => 'Count', 'value' => '1E999']));
$resp = $this->asEditor()->get('/search?term=' . urlencode('[Count=1E999]'));
$resp->assertStatus(200);
$resp->assertSee('MyTestPageWithAwkwardNumericTagValue');
}
public function test_entity_selector_search()
{
$page = $this->entities->newPage(['name' => 'my ajax search test', 'html' => 'ajax test']);

View File

@@ -159,38 +159,6 @@ class AttachmentTest extends TestCase
$this->files->deleteAllAttachmentFiles();
}
public function test_attachment_update_without_permission()
{
$page = $this->entities->page();
$attachment = Attachment::factory()->create(['uploaded_to' => $page->id]);
$this->permissions->disableEntityInheritedPermissions($page);
$resp = $this->asViewer()->put("attachments/{$attachment->id}", [
'attachment_edit_name' => 'My new attachment name',
'attachment_edit_url' => 'https://test.example.com',
]);
$this->assertPermissionError($resp);
}
public function test_attachment_update_without_permission_with_validation_errors()
{
$page = $this->entities->page();
/** @var Attachment $attachment */
$attachment = Attachment::factory()->create(['uploaded_to' => $page->id]);
$this->permissions->disableEntityInheritedPermissions($page);
$resp = $this->asViewer()->put("attachments/{$attachment->id}", [
'attachment_edit_name' => '',
'attachment_edit_url' => 'https://test.example.com',
]);
$this->assertPermissionError($resp);
$resp->assertDontSee($attachment->path);
}
public function test_file_deletion()
{
$page = $this->entities->page();