Commit graph

198 commits

Author SHA1 Message Date
Sheogorath
747629e549 Add allowemailregister option 2017-01-12 13:54:45 +01:00
Max Wu
a8068d38d5 Merge pull request #313 from elct9620/feature/disable_anonymous_view
WIP: Add options to limit anonymous view note
2017-01-10 20:23:47 +08:00
蒼時弦也
7b02c48d93 Adjust permission order to more clarly 2017-01-10 14:13:30 +08:00
蒼時弦也
be7696170f Fix syntax when use case 2017-01-10 10:19:18 +08:00
蒼時弦也
89b8ddeaba Add limited and protected permission 2017-01-10 10:02:37 +08:00
蒼時弦也
c21fb8e2a0 Recovery tariling spaces 2017-01-10 09:35:21 +08:00
蒼時弦也
f8e5b54767 Remove temporary change 2017-01-10 09:32:44 +08:00
neopostmodern
ff545b2688 Allow displaying LDAP provider name on sign-in modal 2017-01-09 12:49:23 +01:00
Max Wu
b13635aac9 Merge pull request #279 from alecdwm/ldap-auth
Support for LDAP server authentication
2017-01-09 00:49:40 +08:00
alecdwm
94abfaba7c removed comma 2017-01-06 07:21:59 +01:00
alecdwm
e4fe93249f dark avatar backgrounds only 2017-01-06 07:18:22 +01:00
alecdwm
b044c2ae19 Use randomcolor not seedrandom for avatar backgrounds 2017-01-06 07:08:07 +01:00
alecdwm
01361afa7a Profile pictures for LDAP users 2017-01-06 05:37:40 +01:00
蒼時弦也
1fbecbb03d Fix anonymouse view permission check 2017-01-05 23:37:10 +08:00
蒼時弦也
aaf1ff4b2f Add limit for constrain anonymous view note 2017-01-05 22:36:40 +08:00
Wu Cheng-Han
c1b5e74cf9 Fix and refactor extracting content using metaMarked directly might lead in invalid object 2017-01-04 23:57:16 +08:00
Wu Cheng-Han
bd4335964d Mark as 0.5.0 2017-01-02 11:19:01 +08:00
Wu Cheng-Han
10a8448c6a Fix yaml metadata description not able to show 2017-01-02 11:13:41 +08:00
Wu Cheng-Han
b1ec3ba748 Refactor data processing to model definition 2017-01-02 11:05:36 +08:00
Wu Cheng-Han
d9e19b6029 Update to remove null byte before saving to DB and remove null byte on changes 2017-01-02 11:05:05 +08:00
Wu Cheng-Han
c3a96ff112 Fix migration script of revision lacks of definition of primary key 2017-01-02 11:00:40 +08:00
Wu Cheng-Han
99628a5662 Fix to not use diff_cleanupSemantic, bug report refer to https://code.google.com/p/google-diff-match-patch/issues/detail?id=67 2017-01-02 11:00:08 +08:00
Wu Cheng-Han
f6d8e3ab00 Remove LZString compression for data storage 2017-01-02 10:59:53 +08:00
Wu Cheng-Han
c904083d1f Remove manual LZString compression for partial socket io event data 2017-01-02 10:52:47 +08:00
bananaappletw
96fb3743f3 Use dburl to configurate 2016-12-22 21:51:48 +08:00
bananaappletw
3a091ff9a5 Simplify code for heroku 2016-12-22 19:42:00 +08:00
bananaappletw
acaeef172a Fix #293 2016-12-22 13:23:17 +08:00
Florian Rhiem
fdea226159 Fixed typo: anonmyous 2016-12-21 14:36:54 +01:00
Wu Cheng-Han
d140a140de Fix possible user is undefined in realtime events 2016-12-20 20:33:46 +08:00
Wu Cheng-Han
ae2db1da16 Fix email option in config not parse correctly 2016-12-20 10:47:37 +08:00
Wu Cheng-Han
39521f25a7 Mark as 0.4.6 2016-12-19 17:30:33 +08:00
Wu Cheng-Han
62eccd48e5 Try to fix when server have heavy loading cache might not update to db properly 2016-12-18 22:52:30 +08:00
Wu Cheng-Han
5bb3de2675 Add support of allow free url config option with correspond modifications 2016-12-16 15:38:05 +08:00
Wu Cheng-Han
4b7b902806 Fix typo 2016-12-16 15:37:01 +08:00
Wu Cheng-Han
5c7eb48319 Add support of allow anonymous config option with correspond modifications 2016-12-15 14:11:23 +08:00
alecdwm
3491f97f7e LDAP auth use email if provided 2016-12-14 13:24:25 +01:00
alecdwm
3007163799 Tokens not required for ldap auth 2016-12-14 12:38:03 +01:00
alecdwm
6ba9a2f039 Added HMD_LDAP_TLS_CA env variable 2016-12-14 11:49:33 +01:00
alecdwm
02e9927714 Initial support for LDAP server authentication
Limitations as of this commit:

- tlsOptions can only be specified in config.json, not as env vars
- authentication failures are not yet gracefully handled by the UI
  - instead the error message is shown on a blank page (/auth/ldap)
- no email address is associated with the LDAP user's account
- no picture/profile URL is associated with the LDAP user's account
- we might have to generate our own access + refresh tokens,
  because we aren't using oauth. The currently generated
  tokens are just a placeholder.
- 'LDAP Sign in' needs to be translated to each locale
2016-12-13 22:41:07 +01:00
Yukai Huang
5282bf491e Update sequelize init condition 2016-12-12 11:12:59 +08:00
Yukai Huang
74c1da4536 Simplify output with sequelize database argument 2016-12-12 10:36:24 +08:00
Wu Cheng-Han
a73d9ce39e Update to support optional email register and signin 2016-12-02 01:58:14 +08:00
Max Wu
bd3d4958e4 Merge pull request #248 from hackmdio/file-upload-options
Support other options for image uploading
2016-11-27 10:54:00 +08:00
Wu Cheng-Han
71a356552f Update to auto generate meta description based on content in publish note and slide 2016-11-26 23:04:29 +08:00
Wu Cheng-Han
9d4ede4cff Fix possible XSS in yaml-metadata and turn using ejs escape syntax than external lib [Security Issue] 2016-11-26 22:55:31 +08:00
Wu Cheng-Han
f86a9e0c4b Fix slide might trigger script when processing markdown which cause XSS [Security Issue] 2016-11-26 22:46:08 +08:00
Wu Cheng-Han
c671d54d67 Add dmp worker to leverage CPU intensive calculation to child process 2016-11-18 12:09:58 +08:00
Yukai Huang
46a4fe10ab Add env config prefix 2016-11-17 16:28:02 +08:00
Yukai Huang
2b2c593531 Config s3 through env variables 2016-11-16 14:44:42 +08:00
Wu Cheng-Han
c58162a2e7 Revert "Add workers for notes to leverage CPU intensive work loading"
This reverts commit 4ccfdfa538.
2016-11-16 13:58:59 +08:00