mirrors/wallabag
1
0
Fork 0
mirror of https://github.com/wallabag/wallabag.git synced 2024-09-27 05:50:02 +00:00
Code Issues Projects Releases Wiki Activity
9208 commits 11 branches 99 tags 157 MiB
Commit graph

62 commits

Author SHA1 Message Date
Yassine Guedidi
24da70e338 Move test files directly under tests/ directory 2024-02-23 07:42:48 +01:00
Yassine Guedidi
a37ded9101 Move User entity to Core 2024-01-25 20:34:40 +01:00
Yassine Guedidi
2190174754 Move Annotation entity to Core 2024-01-25 20:34:39 +01:00
Kevin Decherf
4a5f769428 Merge remote-tracking branch 'origin/2.6' into port/2.6.7 
Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2023-10-25 22:09:21 +02:00
Jeremy Benoist
fa107116cc
Prepare 2.6.7 release 2023-10-02 14:14:34 +02:00
Kevin Decherf
aa06e8328e ConfigController: remove 2fa cancel step 
This change annoys me, however this endpoint was anyway problematic:
- it was vulnerable to a CSRF attack, see GHSA-56fm-hfp3-x3w3
- it is useless as we don't really handle a two-steps validation

Still, if you send an incorrect code during the "activation" phase a
flash error will pop up but the 2fa will stay enabled. This need rework
when possible.

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2023-09-30 00:49:58 +02:00
Kevin Decherf
5240684be9 ConfigController: move OTP endpoints to POST method only 
Fixes GHSA-56fm-hfp3-x3w3

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2023-09-30 00:49:58 +02:00
Nicolas Lœuillet
b1752b619d Add display article configurator (font family, font size, line height and max width) 2023-08-22 13:02:50 +02:00
Nicolas Lœuillet
cbcfa69c05 Remove (useless) demo mode 
Fix #6671
 2023-08-21 13:16:56 +02:00
Nicolas Lœuillet
a9893d754f Replace GET way to POST way to reset data user 
Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2023-08-09 21:39:03 +02:00
Nicolas Lœuillet
7eddea6ff7
Added test 2023-06-16 14:27:27 +02:00
Jeremy Benoist
66b7bdd07c
Merge remote-tracking branch 'origin/2.5.x' 2023-04-24 14:36:32 +02:00
Jeremy Benoist
f1b3d5cdd7
Fix CSRF on user deletion 2023-02-07 21:41:52 +01:00
Kevin Decherf
3ed7f2b751 AnnotationController: fix improper authorization vulnerability 
This PR is based on 2.5.x branch.

We fix the improper authorization by retrieving the annotation using id
and user id.

We also replace the ParamConverter used to get the requested Annotation
on put and delete actions with an explicit call to AnnotationRepository
in order to prevent a resource enumeration through response discrepancy.

Fixes GHSA-mrqx-mjc4-vfh3

Co-authored-by: Jeremy Benoist <jeremy.benoist@gmail.com>
Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2023-01-27 23:34:14 +01:00
Jeremy Benoist
aa5c7f05b8
Upgrade to Symfony 4.4 
- disable autowiring for Event (because the Entry entity was injected)
- rename `getClient()` for test to `getTestClient()` to avoid error while overriding (from `BrowserKitAssertionsTrait`)
 2022-11-29 18:01:46 -08:00
Jeremy Benoist
b7dba18cb2
Cleanup 2022-11-23 15:51:33 +01:00
Jeremy Benoist
1d3935fbd3
Remove LiipThemeBundle 
As baggy theme was removed and material is the only remaining theme, we don't need a theme switched anymore.
So:
- move all `*.twig` files from the material theme folder to the root
- remove useless translations
 2022-11-23 14:52:06 +01:00
Nicolas Lœuillet
680da52ea8 Fixed tests 2022-11-03 09:55:24 +01:00
Nicolas Lœuillet
594c609a54 Fixed edit button for tagging rules 2022-11-03 09:55:24 +01:00
Nicolas Lœuillet
aedaa50887 Fixed tests 2022-11-03 09:55:24 +01:00
Nicolas Lœuillet
29308024ac Removed old, not so maintained and buggy baggy theme 2022-11-03 09:55:20 +01:00
Yassine Guedidi
eb43c78720 Use FQCN instead of service alias 2022-09-01 09:07:19 +02:00
Yassine Guedidi
156158673f Alias Config entity to ConfigEntity to not conflict with Craue Config 2022-09-01 09:07:18 +02:00
Yassine Guedidi
8b7b4975d6 Migrate getRepository with entities 2022-08-26 17:47:46 +02:00
Jeremy Benoist
732ec8a2eb
Fix deprecated method in tests 2020-06-15 14:21:35 +02:00
Kevin Decherf
71f7e58fbd tests: add a NetworkCalls group for tests making network calls 
Excluding this group can decrease the run time of tests during
development.

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2020-04-25 15:59:23 +02:00
Kevin Decherf
24230a5130 Add new Ignore Origin rules tab, update ConfigController 
Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2020-04-25 15:59:23 +02:00
Nicolas Lœuillet
4ff1efa418
Added a button to disable 2FA when enabled 2020-04-13 17:00:53 +02:00
Nicolas Lœuillet
af7b22a3be
Fixed default value for reading speed 2019-09-19 14:23:06 +02:00
Jérémy Benoist
4f46330087
Merge pull request #4053 from wallabag/feature/manual-input-reading-speed 
Add ability to manually define the reading speed
 2019-07-09 11:53:20 +02:00
Jeremy Benoist
41022cb289
Add ability to manually define the reading speed 
Instead of using a select, let the user decide its own speed.
 2019-07-08 20:18:59 +02:00
Jeremy Benoist
34be2d5de4
Add ability to import/export tagging rules 
- Add missing translations
- Add some tests
- Add `/api/taggingrule/export` API endpoint
- Add baggy theme
- Add error message when importing tagging rules failed
- Also fix all translations (I think we are good now)
 2019-07-08 09:38:32 +02:00
Jeremy Benoist
c4bf12aade
Add ability to revoke feed token 2019-06-05 17:55:13 +02:00
Thomas Citharel
531c8d0a5c
Changed RSS to Atom feed and improve paging 2019-04-25 13:46:31 +02:00
Jeremy Benoist
a0c5eb003f
Change the way to enable 2FA 
And add a step to validate a generated code from the OTP app
 2019-01-23 13:28:24 +01:00
Jeremy Benoist
a6b242a1fd
Enable OTP 2FA 
- Update SchebTwoFactorBundle to version 3
- Enable Google 2fa on the bundle
- Disallow ability to use both email and google as 2fa
- Update Ocramius Proxy Manager to handle typed function & attributes (from PHP 7)
- use `$this->addFlash` shortcut instead of `$this->get('session')->getFlashBag()->add`
- update admin to be able to create/reset the 2fa
 2019-01-23 13:28:02 +01:00
Jeremy Benoist
1e0d8ad7b7
Enable PHPStan 
- Fix error for level 0 & 1 (level 7 has 699 errors...)
- Add `updated_at` to site_credential (so the `timestamps()` method applies correctly)
 2019-01-18 15:25:50 +01:00
Jeremy Benoist
4d4147b228
Ensure language is valid 
- Do not override locale if user has choosen a locale from the login screen.
- Add some tests about locale url
 2018-10-13 09:39:00 +02:00
Sébastien Viande
7975395d10
Entry: add archived_at property and updateArchived method 2018-09-21 10:33:33 +02:00
Jeremy Benoist
778543311f
Fix tests 2018-06-06 17:34:20 +02:00
Jeremy Benoist
f808b01692
Add a real configuration for CS-Fixer 2017-07-01 09:52:38 +02:00
adev
7ab5eb9508 Isolated tests 
Use https://github.com/dmaicher/doctrine-test-bundle to have test isolation.
 2017-05-31 16:03:54 +02:00
Nicolas Lœuillet
73f28afb19
Renamed countAllEntriesByUsername method 2017-03-31 10:46:47 +02:00
Thomas Citharel
6da1aebc94 Allow to remove all archived entries 
Since we still support fucking SQLite, we need to retrieve all tags & annotations for archived entries before deleting them.

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
 2017-03-31 10:46:05 +02:00
Thomas Citharel
273b6f0658 Rename method from *username to *user 
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
 2017-03-30 16:07:48 +02:00
Jeremy Benoist
5aa0294cca
Limit rule to 255 
To avoid database error
 2016-12-03 11:10:39 +01:00
Nicolas Lœuillet
56a7ce17f3 Hide article text on mobile with list mode 2016-11-28 14:27:58 +01:00
Nicolas Lœuillet
8f3ff39ca3 Added test for list view 2016-11-28 14:27:58 +01:00
Jeremy Benoist
5066c3e066
Re-use FOSUser master branch 2016-11-22 21:25:05 +01:00
Jeremy Benoist
68003139e1
Merge remote-tracking branch 'origin/master' into 2.2 
# Conflicts:
#	.editorconfig
#	docs/de/index.rst
#	docs/de/user/import.rst
#	docs/en/index.rst
#	docs/en/user/configuration.rst
#	docs/en/user/import.rst
#	docs/fr/index.rst
#	docs/fr/user/import.rst
#	src/Wallabag/CoreBundle/Command/InstallCommand.php
#	src/Wallabag/CoreBundle/Resources/translations/messages.da.yml
#	src/Wallabag/CoreBundle/Resources/translations/messages.de.yml
#	src/Wallabag/CoreBundle/Resources/translations/messages.en.yml
#	src/Wallabag/CoreBundle/Resources/translations/messages.es.yml
#	src/Wallabag/CoreBundle/Resources/translations/messages.fa.yml
#	src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml
#	src/Wallabag/CoreBundle/Resources/translations/messages.it.yml
#	src/Wallabag/CoreBundle/Resources/translations/messages.oc.yml
#	src/Wallabag/CoreBundle/Resources/translations/messages.pl.yml
#	src/Wallabag/CoreBundle/Resources/translations/messages.pt.yml
#	src/Wallabag/CoreBundle/Resources/translations/messages.ro.yml
#	src/Wallabag/CoreBundle/Resources/translations/messages.tr.yml
#	src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/index.html.twig
#	web/bundles/wallabagcore/themes/baggy/css/style.min.css
#	web/bundles/wallabagcore/themes/baggy/js/baggy.min.js
#	web/bundles/wallabagcore/themes/material/css/style.min.css
#	web/bundles/wallabagcore/themes/material/js/material.min.js
 2016-11-19 15:30:49 +01:00