Commit Graph

2670 Commits

Author SHA1 Message Date
Simounet
09af754a33
Fix #6618 mass action buttons not submitting anything 2023-06-15 14:52:59 +02:00
Simounet
fcb880fbd1
Empty space on the top bar used for more add url toggle clickable target 2023-06-14 21:54:57 +02:00
Nicolas Lœuillet
96cf34f730 Added flash message when we try to add to much tags 2023-06-13 13:06:35 +02:00
Simounet
fe740f4a69
Fix RSS feed_route not set 2023-06-12 19:05:38 +02:00
Simounet
3c7457801f
index class added to body 2023-06-12 18:15:39 +02:00
Simounet
e5b72f3123
Fix Stylelint errors 2023-06-12 18:15:38 +02:00
Kevin Decherf
3e02a8aaf5
Merge pull request #6547 from Simounet/feat/mass-action-ui
Feat/mass action UI
2023-06-01 22:20:05 +02:00
Jérémy Benoist
bea10aacbe
Merge pull request #6562 from Simounet/fix/downloadimages-redirect-following
Fix DownloadImages not following redirections
2023-05-31 15:04:02 +02:00
Simounet
548b610a17
Fix images downloading with numeric HTML entity 2023-05-30 13:38:50 +02:00
Simounet
2f944aa74a
Fix DownloadImages not following redirections 2023-05-30 12:41:00 +02:00
Simounet
81f58df7b8
Mass action tag layout updated 2023-05-26 21:14:32 +02:00
Simounet
f9143c4255
[Boyscout] Elements in need of entries hidden if no entry available 2023-05-25 22:22:48 +02:00
Simounet
d0aad7b96d
Mass actions available on cards view
fixup! Mass action toggle button added
2023-05-25 22:04:44 +02:00
Simounet
384918cda9
Mass action toggle button added 2023-05-25 21:56:09 +02:00
Simounet
eae4d5a142
[Boyscout] Feed link HTML facto 2023-05-25 21:56:08 +02:00
Martin Trigaux
26a4030e87 [FIX] round reading time in export
Before this commit, the exported entry (pdf, epub,...) could look like:

Estimated reading time:
2.6666666666667 min

Now it will be:
Estimated reading time
3 min
2023-05-24 17:07:44 +02:00
Jeremy Benoist
4dd380b7dd
Fix test following 2.5 merge into master 2023-04-24 14:46:40 +02:00
Jeremy Benoist
66b7bdd07c
Merge remote-tracking branch 'origin/2.5.x' 2023-04-24 14:36:32 +02:00
Casper Meijn
5a5148707c Fix API allowed_registration
Two configuration options need to be enabled to allow user registration via the API:
1) fosuser_registration, which indicates whether registration is allowed at all (frontend and API)
2) api_user_registration, which indicates whether registration is allowed via the API
2023-03-28 20:12:55 +02:00
Jérémy
1003e8f074
Deleted translation using Weblate (English (United States)) 2023-03-27 12:10:09 +02:00
Jérémy Benoist
268372dbbd
Merge pull request #6289 from wallabag/2.5/fix-csrf-user-deletion
Fix CSRF on user deletion
2023-02-07 21:52:51 +01:00
Jérémy Benoist
4e023bddc3
Merge pull request #6288 from wallabag/2.5/xss-username-share-page
Fix XSS on username on share page
2023-02-07 21:43:04 +01:00
Jeremy Benoist
f1b3d5cdd7
Fix CSRF on user deletion 2023-02-07 21:41:52 +01:00
Jeremy Benoist
242e3feac9
Fix adding tag to entries from other people
I've also limited tag length to 20 chars (and limit adding more than 5 tags at once)
2023-02-07 21:25:57 +01:00
Jeremy Benoist
bd4c71682e
Fix XSS on username on share page 2023-02-07 19:58:06 +01:00
Jeremy Benoist
b795622f06
Prepare 2.5.3 2023-02-01 09:51:02 +01:00
Jérémy Benoist
5ac6b6bff9
Merge pull request from GHSA-mrqx-mjc4-vfh3
AnnotationController: fix improper authorization vulnerability
2023-02-01 09:32:22 +01:00
Kevin Decherf
3ed7f2b751 AnnotationController: fix improper authorization vulnerability
This PR is based on 2.5.x branch.

We fix the improper authorization by retrieving the annotation using id
and user id.

We also replace the ParamConverter used to get the requested Annotation
on put and delete actions with an explicit call to AnnotationRepository
in order to prevent a resource enumeration through response discrepancy.

Fixes GHSA-mrqx-mjc4-vfh3

Co-authored-by: Jeremy Benoist <jeremy.benoist@gmail.com>
Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
2023-01-27 23:34:14 +01:00
Wynton Franklin
baddc525bb fix for config links 2023-01-23 18:19:49 -04:00
Kevin Decherf
0fdd9aa991 ExportController: fix improper authorization vulnerability
We fix the improper authorization by duplicating the check done by
the private method EntryController::checkUserAction().

We also replace the ParamConverter used to get the requested Entry with
an explicit call to EntryRepository in order to prevent a resource
enumeration through response discrepancy. Thus, we get the same
exception whether the requested resource does not exist or is not owned
by the requester.

Fixes GHSA-qwx8-mxxx-mg96

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
2023-01-20 15:09:38 +01:00
Kevin Decherf
2f2cfa2c2a Add prefix for tag slugs
This should be considered as a temporary fix, we may deprecate tag
slugs in the future.

Fixes #6048

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
2023-01-11 23:20:13 +01:00
Jérémy Benoist
7625e36b5a
Merge pull request #6182 from caspermeijn/openapi3
Update annotations to OpenApi 3
2023-01-02 10:39:56 +01:00
Michael Ciociola
97fee36fa6
Update src/Wallabag/CoreBundle/Controller/TagController.php
Co-authored-by: Jérémy Benoist <j0k3r@users.noreply.github.com>
2022-12-23 11:03:25 -06:00
Casper Meijn
4f9c7a92a1 Update annotations to OpenApi 3
Most of the API annotations are directly converted. The changes in meaning are:
- Parameters "in body" is not supported anymore. These are changed to "in query" or to a request body (depending on the code).
2022-12-23 14:54:55 +01:00
Jérémy Benoist
f04e48fc23
Merge pull request #6171 from wallabag/fix/json-array-dbal-type
Properly handle `json_array` type removal
2022-12-22 16:29:53 +01:00
Jeremy Benoist
cdd2185063
Properly handle json_array type removal
The `json_array` type was removed from DBAL v3, we should handle it using a migration to avoid error.
I've also added the remove type because we need it during migration.
2022-12-21 11:02:51 +01:00
Jeremy Benoist
0a6e6abdc4
Add RabbitMQConsumerTotalProxy to lazy RabbitMQ services for messages
This is just a simple proxy because we can't lazy load RabbitMQ service just to count number of messages in the queue.
As they are automatically injected in the controller now, we can't lazy load them.

Also forgot to use `AbstractController` in previous PR about _controller as a service_.
2022-12-19 13:23:56 +01:00
Jeremy Benoist
6aca334d53
Move to controller as a service
Mostly using autowiring to inject deps.
The only tricky part was for import because all producer use the same class and have a different alias. So we must write them down in the service definition, autowiring doesn't work in that case.

Usually:
- if a controller has a constructor, it means injected services are at least re-used once in actions
- otherwise, service are injected per action
2022-12-19 10:38:08 +01:00
Jeremy Benoist
67a344c2c6
Update PagerFanta 2022-12-16 12:22:56 +01:00
Jeremy Benoist
b3099f68c5
Update all Doctrine deps
Also update these deps to be compatible with latest Doctrine version:
- `friendsofsymfony/oauth-server-bundle`
- `lexik/form-filter-bundle`
- `dama/doctrine-test-bundle`
2022-12-16 10:29:42 +01:00
Jérémy Benoist
8f473ecf5c
Merge pull request #6152 from wallabag/fix/container-aware-command
Remove `ContainerAwareCommand` from commands
2022-12-16 10:25:26 +01:00
Jeremy Benoist
32661f380c
Replace SwiftMailer by Symfony Mailer 2022-12-16 10:03:34 +01:00
Jeremy Benoist
5832482a10
Remove ContainerAwareCommand from commands
And use DI to retrieve services in commands (except for `RedisWorkerCommand` where the container is injected, hard to find a better way, at least for now).
2022-12-16 10:02:15 +01:00
Nicolas Lœuillet
9c16dd7bd1
Merge pull request #6154 from wallabag/fix/event-dispatcher
Fix EventDispatcher & events
2022-12-16 08:08:53 +01:00
Jeremy Benoist
d47c208743
Fix EventDispatcer & events
Looks like parameter for the `->dispatch(` have been flipped (event first then event name).
Define events should now extends `Symfony\Contracts\EventDispatcher\Event`
2022-12-15 21:47:31 +01:00
Jeremy Benoist
5e2ad5f8db
Move translations files to /translations
This is a recommendation for Symfony 5
2022-12-15 21:19:41 +01:00
Jeremy Benoist
28abfe264a
Upgrade to Twig 3 2022-12-15 13:44:21 +01:00
Jeremy Benoist
33267f0736
Update to FOSUserBundle 3.1
Also remove some deprecation from Symfony.
Use `LegacyEventDispatcherProxy` to handle Symfony 4 dispatch from FOSUser
2022-12-14 09:42:17 +01:00
Jérémy Benoist
a57c815ddc
Merge pull request #6113 from wallabag/dependabot/composer/friendsofphp/php-cs-fixer-3.4.0
Bump friendsofphp/php-cs-fixer from 2.19.3 to 3.4.0
2022-12-13 10:30:58 +01:00
Jeremy Benoist
de5b138a59
Fix CS 2022-12-13 10:26:51 +01:00
Diego Heras
519e9db94b
Translated using Weblate (Spanish)
Currently translated at 100.0% (576 of 576 strings)
2022-12-12 04:16:51 +01:00
Michael Ciociola
13bd448e01 feat: use session instead of referer for redirects 2022-12-04 16:20:11 -06:00
Jeremy Benoist
aa5c7f05b8
Upgrade to Symfony 4.4
- disable autowiring for Event (because the Entry entity was injected)
- rename `getClient()` for test to `getTestClient()` to avoid error while overriding (from `BrowserKitAssertionsTrait`)
2022-11-29 18:01:46 -08:00
Jeremy Benoist
b7dba18cb2
Cleanup 2022-11-23 15:51:33 +01:00
Jeremy Benoist
1d3935fbd3
Remove LiipThemeBundle
As baggy theme was removed and material is the only remaining theme, we don't need a theme switched anymore.
So:
- move all `*.twig` files from the material theme folder to the root
- remove useless translations
2022-11-23 14:52:06 +01:00
Jeremy Benoist
27e788d0be
Re-create all API routes 2022-11-23 12:44:55 +01:00
Jeremy Benoist
b41696fd1c Remove some deprecation 2022-11-22 21:39:34 +01:00
Jérémy Benoist
d1cdae9967
Merge pull request #6062 from caspermeijn/openapi
Switch to Swagger for api documentation
2022-11-16 16:42:11 +01:00
Casper Meijn
470a8575c0 Update to nelmio/api-doc 3.0
Convert ApiDoc to Swagger
2022-11-16 16:10:33 +01:00
Xosé M
a5047aff98
Translated using Weblate (Galician)
Currently translated at 100.0% (579 of 579 strings)
2022-11-10 06:47:01 +01:00
retiolus
e7464867ae
Translated using Weblate (Catalan)
Currently translated at 3.1% (18 of 579 strings)
2022-11-07 04:33:43 +01:00
Milo Ivir
acfbe92640
Translated using Weblate (Croatian)
Currently translated at 100.0% (579 of 579 strings)
2022-11-07 04:33:43 +01:00
Eric
6d9d3f9fd4
Translated using Weblate (Chinese (Simplified))
Currently translated at 100.0% (579 of 579 strings)
2022-11-04 17:00:57 +01:00
Oğuz Ersen
d4d57b4d22
Translated using Weblate (Turkish)
Currently translated at 100.0% (579 of 579 strings)
2022-11-04 17:00:57 +01:00
Matthaiks
bfd6614b2f
Translated using Weblate (Polish)
Currently translated at 100.0% (579 of 579 strings)
2022-11-04 17:00:56 +01:00
retiolus
849e39ec80
Translated using Weblate (Catalan)
Currently translated at 1.3% (8 of 578 strings)
2022-11-03 10:53:21 +01:00
Jeremy Benoist
48803b68d6
Cleanup baggy 2022-11-03 10:35:33 +01:00
Jeremy Benoist
8d3fcd4635
Merge remote-tracking branch 'origin/master' into 2.6.0 2022-11-03 10:30:17 +01:00
Nicolas Lœuillet
9d39130a96
Removed useless files 2022-11-03 10:16:52 +01:00
Nicolas Lœuillet
df44e6eff8 Fixed bug on new form page 2022-11-03 09:59:31 +01:00
Nicolas Lœuillet
b62511652b Removed useless file 2022-11-03 09:59:31 +01:00
Nicolas Lœuillet
594c609a54 Fixed edit button for tagging rules 2022-11-03 09:55:24 +01:00
Nicolas Lœuillet
29308024ac Removed old, not so maintained and buggy baggy theme 2022-11-03 09:55:20 +01:00
Jérémy Benoist
0883bda18d
Merge pull request #5954 from yguedidi/rework-command-tests
Rework command tests
2022-11-03 09:01:21 +01:00
retiolus
2f1f5551b3
Translated using Weblate (Catalan)
Currently translated at 100.0% (7 of 7 strings)
2022-11-02 09:55:59 +01:00
Weblate
d60c0300ba
Added translation using Weblate (Catalan) 2022-11-02 09:55:59 +01:00
Weblate
2690e4d920
Added translation using Weblate (Catalan) 2022-11-02 09:55:59 +01:00
Weblate
587670260b
Added translation using Weblate (Catalan) 2022-11-02 09:55:59 +01:00
Nicolas Lœuillet
4947d419a3
Removed Carrot & Scuttle share 2022-11-01 15:10:02 +01:00
SAKATA, Yusuke
08ce432cea
Translated using Weblate (Japanese)
Currently translated at 97.7% (565 of 578 strings)
2022-10-20 02:07:40 +02:00
Yassine Guedidi
39cd51a3f9 Make InstallCommand properties and methods private 2022-10-18 15:19:07 +02:00
Yassine Guedidi
8f20df6559 Remove InstallCommandMock 2022-10-18 15:19:07 +02:00
Jeremy Benoist
dc28d7ea0f
Add support to download SVG locally 2022-10-18 11:14:45 +02:00
Jeremy Benoist
c372d68cc1
Merge remote-tracking branch 'origin/master' into 2.6.0 2022-10-18 11:11:02 +02:00
Yotam Nachum
f994ab8b5d Add domain_name to entries api endpoint 2022-10-16 18:36:41 +03:00
Andrea Brandi
6f750a3b66
Translated using Weblate (Italian)
Currently translated at 82.3% (476 of 578 strings)
2022-10-13 00:29:42 +02:00
JT Smith
6da76ffaae Typofixes 2022-10-03 18:31:43 -06:00
Jeremy Benoist
812b4a906f
Add nbEntries to the API tags list response
So client will be able to do the same as in the web UI.

Also remove empty `div` from the tags template.
2022-09-23 15:16:38 +02:00
Cthulhux
b768371a13
Translated using Weblate (German)
Currently translated at 100.0% (578 of 578 strings)
2022-09-22 00:19:06 +02:00
Matthaiks
db25a7f5d8
Translated using Weblate (Polish)
Currently translated at 100.0% (7 of 7 strings)
2022-09-19 09:02:44 +02:00
Matthaiks
f1dde1ac80
Translated using Weblate (Polish)
Currently translated at 100.0% (578 of 578 strings)
2022-09-19 09:02:44 +02:00
Yassine Guedidi
98af2e25f2 Use ::class notation where possible 2022-09-01 20:54:56 +02:00
Yassine Guedidi
d1d56fbe25 Import used classes 2022-09-01 19:21:45 +02:00
Yassine Guedidi
eb43c78720 Use FQCN instead of service alias 2022-09-01 09:07:19 +02:00
Yassine Guedidi
156158673f Alias Config entity to ConfigEntity to not conflict with Craue Config 2022-09-01 09:07:18 +02:00
Yassine Guedidi
1c479d6b97 Autowire Redis and RabbitMQ services 2022-08-31 02:05:30 +02:00
Yassine Guedidi
d520e55c84 Bind most constructor parameters to simplify service definition 2022-08-31 02:05:30 +02:00
Yassine Guedidi
1bee0eeb29 Make repositories use ServiceEntityRepository 2022-08-31 02:05:30 +02:00
Yassine Guedidi
51884911f5 Pass logger in constructor for importers 2022-08-31 02:05:29 +02:00
Yassine Guedidi
dad088b575 Autowire service arguments 2022-08-31 02:05:29 +02:00
Yassine Guedidi
73bdd66c84 Move services and parameters to app services 2022-08-31 02:05:29 +02:00
Yassine Guedidi
791b674cdc Migrate remaining places 2022-08-26 17:47:46 +02:00
Yassine Guedidi
481283bbee Migrate controller and action references 2022-08-26 17:47:46 +02:00
Yassine Guedidi
1c880883e2 Migrate ParamConverter class parameter 2022-08-26 17:47:46 +02:00
Yassine Guedidi
8b7b4975d6 Migrate getRepository with entities 2022-08-26 17:47:46 +02:00
MarkLee
cbe77537b1
Translated using Weblate (Chinese (Traditional))
Currently translated at 13.4% (78 of 578 strings)
2022-08-26 04:20:12 +02:00
Yassine Guedidi
9549a90e76 Migrate first level template references to new notation 2022-08-25 21:09:26 +02:00
Yassine Guedidi
10f1bc5506 Migrate root level template references to new notation 2022-08-25 21:08:21 +02:00
Jérémy Benoist
009697f844
Merge pull request #5748 from yguedidi/use-fqcn-as-service-name 2022-08-25 07:37:06 +02:00
Yassine Guedidi
538fd258fe Use FQCN as service name for Rulerz operators 2022-08-24 23:24:25 +02:00
Yassine Guedidi
a5f22ff835 Use FQCN as service name for Predis client 2022-08-24 23:24:25 +02:00
Yassine Guedidi
60777e0573 Use FQCN as service name for remaining CoreBundle services 2022-08-24 23:24:25 +02:00
Yassine Guedidi
0f9c359476 Use FQCN as service name for repositories 2022-08-24 23:24:25 +02:00
Yassine Guedidi
844e8e9d22 Use FQCN as service name for helper services 2022-08-24 23:24:24 +02:00
Yassine Guedidi
7227d55913 Use FQCN as service name for Graby services 2022-08-24 23:24:24 +02:00
Yassine Guedidi
dd5ec92e08 Use FQCN as service name for form types 2022-08-24 23:24:24 +02:00
Yassine Guedidi
b7aaceeaad Use FQCN as service name for ImportChain 2022-08-24 23:24:24 +02:00
Yassine Guedidi
9f7a076e41 Use FQCN as service name for commands 2022-08-24 23:24:24 +02:00
Yassine Guedidi
a7addd3c13 Use FQCN as service name for Import services 2022-08-24 23:24:24 +02:00
Yassine Guedidi
4449265836 Use FQCN as service name for remaining UserBundle services 2022-08-24 23:17:17 +02:00
Yassine Guedidi
ff9f719ec5 Use FQCN as service name for UserRepository 2022-08-24 23:17:17 +02:00
Yassine Guedidi
c6d9a3fcea Add empty line for code readability 2022-08-24 23:17:16 +02:00
Yassine Guedidi
fc85cfd52e Fix TwigCS issues 2022-08-24 23:13:18 +02:00
Jeremy Benoist
131f21883d
Merge remote-tracking branch 'origin/master' into 2.6.0 2022-08-23 08:43:46 +02:00
Jérémy Benoist
2f1f6e9c51
Merge pull request #5838 from wallabag/feat/mass-action-tag
Add support of mass action to tag entries
2022-08-22 20:56:04 +02:00
Azorimor
e81f8043b3
Translated using Weblate (German)
Currently translated at 100.0% (7 of 7 strings)
2022-08-22 20:21:11 +02:00
Yassine Guedidi
007bd31bee Use a listener to skip registration 2022-08-15 17:23:16 +02:00
Yassine Guedidi
bfc28d4c0b Use Twig globals to pass registration_enabled 2022-08-15 17:23:16 +02:00
Yassine Guedidi
5a55a64fee Use fosuser_registration directly instead of wallabag_user.registration_enabled 2022-08-15 17:23:16 +02:00
Xosé M
bc4e9aa908
Translated using Weblate (Galician)
Currently translated at 100.0% (578 of 578 strings)
2022-08-15 13:10:37 +02:00
Yassine Guedidi
327fa7d527 Extend right FOSRestBundle controller class 2022-08-15 12:59:28 +02:00
Yassine Guedidi
e494d51868 Register missed commands 2022-08-14 22:16:47 +02:00
Yassine Guedidi
c15a3e5340 Fix DateTime case 2022-07-31 22:01:23 +01:00
Oğuz Ersen
c92622ff5e
Translated using Weblate (Turkish)
Currently translated at 100.0% (578 of 578 strings)
2022-07-21 21:17:47 +02:00
Kevin Decherf
08eb190c95 Add support of mass action to tag entries
Closes #3118

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
2022-06-29 15:48:41 +02:00
Nicolas Lœuillet
5291f7fb97 Fixed test 2022-06-16 15:18:10 +02:00
Simounet
e55cb639fc
Tag delete style action updated 2022-06-15 16:18:12 +02:00
Nicolas Lœuillet
086b3dda88
Fixed cs 2022-06-15 16:18:12 +02:00
Nicolas Lœuillet
4feca1ccd5
Added tag deletion from tags list
Fixed #2952
2022-06-15 16:18:11 +02:00
Jeremy Benoist
2984c0dfcc
Merge remote-tracking branch 'origin/master' into 2.6.0 2022-06-15 16:17:50 +02:00
Strubbl
821093c033
Translated using Weblate (German)
Currently translated at 99.1% (573 of 578 strings)
2022-06-15 10:00:18 +02:00
Gil
e50f2daf76
Translated using Weblate (Portuguese)
Currently translated at 62.6% (362 of 578 strings)
2022-06-13 06:02:08 +02:00
Milo Ivir
274d6d325c
Translated using Weblate (Croatian)
Currently translated at 100.0% (578 of 578 strings)
2022-06-13 06:02:08 +02:00
Jeremy Benoist
40595af2cf
Merge remote-tracking branch 'origin/master' into 2.6.0 2022-06-09 11:33:05 +02:00
Jérémy
14a1755445
Translated using Weblate (French)
Currently translated at 100.0% (578 of 578 strings)
2022-06-09 07:16:39 +02:00
Kevin Decherf
932a1cb422
Translated using Weblate (Hungarian)
Currently translated at 54.8% (317 of 578 strings)
2022-06-06 20:14:33 +02:00
Kevin Decherf
e934516b28
Translated using Weblate (Thai)
Currently translated at 78.3% (453 of 578 strings)
2022-06-06 20:14:33 +02:00
Kevin Decherf
6999f32020
Translated using Weblate (Portuguese)
Currently translated at 62.4% (361 of 578 strings)
2022-06-06 20:14:32 +02:00
Kevin Decherf
9a5821eb09
Translated using Weblate (Polish)
Currently translated at 86.8% (502 of 578 strings)
2022-06-06 20:14:32 +02:00
Kevin Decherf
67e1bb06b7
Translated using Weblate (Occitan)
Currently translated at 82.8% (479 of 578 strings)
2022-06-06 20:14:31 +02:00