devol
/
wallabag
mirror of https://github.com/wallabag/wallabag.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
8,982 Commits 13 Branches 100 Tags 192 MiB
Commit Graph

639 Commits

Author SHA1 Message Date
Jeremy Benoist 66b7bdd07c
Merge remote-tracking branch 'origin/2.5.x' 2023-04-24 14:36:32 +02:00
Casper Meijn 5a5148707c Fix API `allowed_registration` 
Two configuration options need to be enabled to allow user registration via the API:
1) fosuser_registration, which indicates whether registration is allowed at all (frontend and API)
2) api_user_registration, which indicates whether registration is allowed via the API
 2023-03-28 20:12:55 +02:00
Jeremy Benoist a237414f9c
Skip test because of encoding issue in PHP 8.1 2023-03-24 22:57:11 +01:00
Jeremy Benoist f1b3d5cdd7
Fix CSRF on user deletion 2023-02-07 21:41:52 +01:00
Jeremy Benoist b795622f06
Prepare 2.5.3 2023-02-01 09:51:02 +01:00
Jérémy Benoist 5ac6b6bff9
Merge pull request from GHSA-mrqx-mjc4-vfh3 
AnnotationController: fix improper authorization vulnerability
 2023-02-01 09:32:22 +01:00
Kevin Decherf 3ed7f2b751 AnnotationController: fix improper authorization vulnerability 
This PR is based on 2.5.x branch.

We fix the improper authorization by retrieving the annotation using id
and user id.

We also replace the ParamConverter used to get the requested Annotation
on put and delete actions with an explicit call to AnnotationRepository
in order to prevent a resource enumeration through response discrepancy.

Fixes GHSA-mrqx-mjc4-vfh3

Co-authored-by: Jeremy Benoist <jeremy.benoist@gmail.com>
Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2023-01-27 23:34:14 +01:00
Kevin Decherf 0fdd9aa991 ExportController: fix improper authorization vulnerability 
We fix the improper authorization by duplicating the check done by
the private method EntryController::checkUserAction().

We also replace the ParamConverter used to get the requested Entry with
an explicit call to EntryRepository in order to prevent a resource
enumeration through response discrepancy. Thus, we get the same
exception whether the requested resource does not exist or is not owned
by the requester.

Fixes GHSA-qwx8-mxxx-mg96

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2023-01-20 15:09:38 +01:00
Jeremy Benoist ea189503de
Fix tests 2023-01-16 10:21:37 +01:00
Kevin Decherf 2f2cfa2c2a Add prefix for tag slugs 
This should be considered as a temporary fix, we may deprecate tag
slugs in the future.

Fixes #6048

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2023-01-11 23:20:13 +01:00
Jeremy Benoist 6aca334d53
Move to controller as a service 
Mostly using autowiring to inject deps.
The only tricky part was for import because all producer use the same class and have a different alias. So we must write them down in the service definition, autowiring doesn't work in that case.

Usually:
- if a controller has a constructor, it means injected services are at least re-used once in actions
- otherwise, service are injected per action
 2022-12-19 10:38:08 +01:00
Jeremy Benoist b3099f68c5
Update all Doctrine deps 
Also update these deps to be compatible with latest Doctrine version:
- `friendsofsymfony/oauth-server-bundle`
- `lexik/form-filter-bundle`
- `dama/doctrine-test-bundle`
 2022-12-16 10:29:42 +01:00
Jeremy Benoist 32661f380c
Replace SwiftMailer by Symfony Mailer 2022-12-16 10:03:34 +01:00
Jeremy Benoist d47c208743
Fix EventDispatcer & events 
Looks like parameter for the `->dispatch(` have been flipped (event first then event name).
Define events should now extends `Symfony\Contracts\EventDispatcher\Event`
 2022-12-15 21:47:31 +01:00
Jeremy Benoist 33267f0736
Update to FOSUserBundle 3.1 
Also remove some deprecation from Symfony.
Use `LegacyEventDispatcherProxy` to handle Symfony 4 dispatch from FOSUser
 2022-12-14 09:42:17 +01:00
Jeremy Benoist de5b138a59
Fix CS 2022-12-13 10:26:51 +01:00
Michael fbccae8a79 fix: update remove tag test to accept root relative urls 2022-12-10 11:52:18 -06:00
Jeremy Benoist e79f5c7a21
Skip MySQL test 2022-11-29 18:01:46 -08:00
Jeremy Benoist dd2f2fe340
Fix `pt_BR` test 2022-11-29 18:01:46 -08:00
Jeremy Benoist aa5c7f05b8
Upgrade to Symfony 4.4 
- disable autowiring for Event (because the Entry entity was injected)
- rename `getClient()` for test to `getTestClient()` to avoid error while overriding (from `BrowserKitAssertionsTrait`)
 2022-11-29 18:01:46 -08:00
Jeremy Benoist b7dba18cb2
Cleanup 2022-11-23 15:51:33 +01:00
Yassine Guedidi af6363bbbd
Fix missing call to parent setUp 2022-11-23 15:25:11 +01:00
Jeremy Benoist 1d3935fbd3
Remove LiipThemeBundle 
As baggy theme was removed and material is the only remaining theme, we don't need a theme switched anymore.
So:
- move all `*.twig` files from the material theme folder to the root
- remove useless translations
 2022-11-23 14:52:06 +01:00
Jeremy Benoist 8d3fcd4635
Merge remote-tracking branch 'origin/master' into 2.6.0 2022-11-03 10:30:17 +01:00
Nicolas Lœuillet 680da52ea8 Fixed tests 2022-11-03 09:55:24 +01:00
Nicolas Lœuillet 594c609a54 Fixed edit button for tagging rules 2022-11-03 09:55:24 +01:00
Nicolas Lœuillet aedaa50887 Fixed tests 2022-11-03 09:55:24 +01:00
Nicolas Lœuillet 29308024ac Removed old, not so maintained and buggy baggy theme 2022-11-03 09:55:20 +01:00
Yassine Guedidi e32794e9d6 Remove useless command input parameter 2022-10-18 15:19:07 +02:00
Yassine Guedidi 17497275b2 Use find for remaining useless addition 2022-10-18 15:19:07 +02:00
Yassine Guedidi 6915a92047 Remove useless command addition 2022-10-18 15:19:07 +02:00
Yassine Guedidi 8f20df6559 Remove InstallCommandMock 2022-10-18 15:19:07 +02:00
Jeremy Benoist dc28d7ea0f
Add support to download SVG locally 2022-10-18 11:14:45 +02:00
Jeremy Benoist c372d68cc1
Merge remote-tracking branch 'origin/master' into 2.6.0 2022-10-18 11:11:02 +02:00
Jeremy Benoist d4b0b62bb5
Fix unrelated failing test 
LExpansion is down ATM.
Use a website which isn't down randomly.
 2022-10-17 21:49:03 +02:00
Jeremy Benoist 7b150dcd26
Add tests 2022-10-17 21:37:08 +02:00
Jeremy Benoist 53574f05d5
Fix random failing tests 
Looks like `20minutos.es` sometimes does not return the expected language.
Switching to `elpais.com` fix the problem.
 2022-10-10 09:15:26 +02:00
JT Smith 6da76ffaae Typofixes 2022-10-03 18:31:43 -06:00
Jeremy Benoist 812b4a906f
Add `nbEntries` to the API tags list response 
So client will be able to do the same as in the web UI.

Also remove empty `div` from the tags template.
 2022-09-23 15:16:38 +02:00
Yassine Guedidi 98af2e25f2 Use ::class notation where possible 2022-09-01 20:54:56 +02:00
Yassine Guedidi d1d56fbe25 Import used classes 2022-09-01 19:21:45 +02:00
Yassine Guedidi eb43c78720 Use FQCN instead of service alias 2022-09-01 09:07:19 +02:00
Yassine Guedidi 156158673f Alias Config entity to ConfigEntity to not conflict with Craue Config 2022-09-01 09:07:18 +02:00
Yassine Guedidi 51884911f5 Pass logger in constructor for importers 2022-08-31 02:05:29 +02:00
Yassine Guedidi 791b674cdc Migrate remaining places 2022-08-26 17:47:46 +02:00
Yassine Guedidi 1c880883e2 Migrate ParamConverter class parameter 2022-08-26 17:47:46 +02:00
Yassine Guedidi 8b7b4975d6 Migrate getRepository with entities 2022-08-26 17:47:46 +02:00
Yassine Guedidi 9549a90e76 Migrate first level template references to new notation 2022-08-25 21:09:26 +02:00
Yassine Guedidi a5f22ff835 Use FQCN as service name for Predis client 2022-08-24 23:24:25 +02:00
Yassine Guedidi 0f9c359476 Use FQCN as service name for repositories 2022-08-24 23:24:25 +02:00
Yassine Guedidi 844e8e9d22 Use FQCN as service name for helper services 2022-08-24 23:24:24 +02:00
Yassine Guedidi b7aaceeaad Use FQCN as service name for ImportChain 2022-08-24 23:24:24 +02:00
Yassine Guedidi a7addd3c13 Use FQCN as service name for Import services 2022-08-24 23:24:24 +02:00
Jeremy Benoist 131f21883d
Merge remote-tracking branch 'origin/master' into 2.6.0 2022-08-23 08:43:46 +02:00
Jérémy Benoist 2f1f6e9c51
Merge pull request #5838 from wallabag/feat/mass-action-tag 
Add support of mass action to tag entries
 2022-08-22 20:56:04 +02:00
Jeremy Benoist cd4105bbe9
Fix tests 2022-08-22 19:57:57 +02:00
Yassine Guedidi c15a3e5340 Fix DateTime case 2022-07-31 22:01:23 +01:00
Kevin Decherf 08eb190c95 Add support of mass action to tag entries 
Closes #3118

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2022-06-29 15:48:41 +02:00
Nicolas Lœuillet 5291f7fb97 Fixed test 2022-06-16 15:18:10 +02:00
Nicolas Lœuillet 4feca1ccd5
Added tag deletion from tags list 
Fixed #2952
 2022-06-15 16:18:11 +02:00
Jeremy Benoist 37019b5ad5
Fix tests 2022-05-13 14:15:19 +02:00
Jeremy Benoist 4947ea6758
Merge remote-tracking branch 'origin/master' into 2.5.0 2022-05-13 13:50:50 +02:00
Jérémy Benoist ebfbdb4519
Merge pull request #5381 from wallabag/tag-search-results 2022-05-13 07:09:18 +02:00
Jeremy Benoist 9f6414785c
Fix tests 2022-04-20 23:13:17 +02:00
Nicolas Lœuillet 5077c46e4e
Added action to tag search results 2022-04-20 22:57:25 +02:00
Jeremy Benoist a885f5043a
Update tests 2022-04-20 22:14:56 +02:00
Nicolas Lœuillet 33b1c252a7
fixed review 2022-04-20 22:12:49 +02:00
Nicolas Lœuillet aaa03cc395
Added serialization group 2022-04-20 22:12:49 +02:00
Nicolas Lœuillet bb12538fab
Added new endpoint for API: config 2022-04-20 22:12:49 +02:00
Kevin Decherf 8f2fefe233
Merge pull request #5680 from wallabag/impr/intl 
Replace `iconv()` calls with Transliterator
 2022-03-21 22:28:49 +01:00
Kevin Decherf 1608bf5a4e Replace iconv() calls with Transliterator 
See https://stackoverflow.com/a/35178027/954513

Closes #5377

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2022-03-21 22:12:11 +01:00
Jeremy Benoist 0049ef390b
Add some basic test 2022-03-21 21:29:30 +01:00
Jeremy Benoist 3a918cf30e
Fix test with `usinenouvelle.com` being flaky these times 
Replace it with a more robust website 🤩
 2022-03-21 20:43:29 +01:00
Jérémy Benoist eb99cacf43
Merge pull request #5664 from Simounet/feat/home-entries-updated 2022-03-15 09:34:00 +01:00
Adrien Gallou 29df8ed590
this change adds an option to sort the feed entires by updated_at 
There is now an option to sort the feed entires by updated_at, on the
controler : a sort querystring argument that accepts either "created"
or "updated".
 2022-03-14 22:58:45 +01:00
Simounet 85e91f9e67
CSS grid used for bloc mode entries and flex for card bloc 2022-03-14 22:09:07 +01:00
Jeremy Benoist 7ec0c9f844
Fix tests 2022-03-02 20:12:08 +01:00
Nicolas Lœuillet cd975c5f13
Added annotated filter 2022-03-02 20:07:44 +01:00
Nicolas Lœuillet 6dfc031839
Enhanced tests and changed route 2022-03-02 20:07:43 +01:00
Nicolas Lœuillet 0aeaf0e8c2
Added tests 2022-03-02 20:07:17 +01:00
Jeremy Benoist 9a6146d2ef
Merge remote-tracking branch 'origin/master' into 2.5.0 2022-03-02 20:03:33 +01:00
Jeremy Benoist 10d071a4f2
Fix tests 2022-03-02 19:28:48 +01:00
Jeremy Benoist 5c4993832e
Fix tagging rule match when user a custom reading speed 
By default, we assume the reading speed is 200 word per minute (WPM) when we save an entry.
User can change that value in the config and the rendering is properly performed with the user reading speed.
BUT, when the matching rule is applied, it uses the default reading time defined in the entry without applying the custom reading speed of the user.
This should fix that bug.

Also update the `wallabag:tag:all` to fix the bug when tagging all entries.
 2022-03-02 19:12:33 +01:00
Jeremy Benoist 2b3ff84829
Avoid overlapping images when downloading them 2022-02-07 15:19:49 +01:00
Jeremy Benoist 3c507d676f
Add build test on PHP 8.0 & 8.1 
Add `isTransactional` to `WallabagMigration` because PHP 8 behave differently with PDO transaction.
This is a workaround because we can't upgrade Doctrine Migration for now (upper versions have the fix).

- Build is now using Composer v2 (instead of v1)
- All actions have been updated to latest version
- Fix bug in PHP 8 were `$entry->getTags()` can't be properly used as a _traversable_ by `assertContains` during tests. Added a custom method `Entry::getTagsLabel()` which return a flatted tag array with only label
- Replace `assertNotRegExp` by `assertDoesNotMatchRegularExpression` because it was deprecated
 2022-01-31 12:59:39 +01:00
Jeremy Benoist 283675ccd0
Rebuild assets and update webpack config 
And optimize images (Thanks ImageOptim)
 2022-01-05 16:09:43 +01:00
Jeremy Benoist 0afd91a160
Remove dead test 
The URL seems to be down now.
Move to a more frequent deps update
 2022-01-05 13:25:50 +01:00
Nicolas Lœuillet c34fe9945a Fixed test 2021-08-03 08:36:56 +02:00
Nicolas Lœuillet 609193cf59 Fixed unavailable russian website in test 2021-08-03 07:56:14 +02:00
Simounet 6324d30db2
Fix PHPUnit deprecated warning 2021-04-14 13:07:46 +02:00
Simounet e491052b0d
Fix 404 on real content test URL 2021-04-14 13:07:34 +02:00
Jeremy Benoist 7ca833bccb
Fix tests 2021-03-18 11:44:57 +01:00
Kevin Decherf 7acd207054 Convert tag label to lowercase in RuleBasedTagger 
Fixes #4266

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2021-03-06 19:46:24 +01:00
Jeremy Benoist 38902a2f04
Fix test 2021-02-08 09:57:10 +01:00
Jeremy Benoist a962a3ab13
CS 2021-02-08 09:56:25 +01:00
Jeremy Benoist dd9d6a4c64
Add Delicious import 
Since 2021, you can export again your data \o/

Also fix indentation in json fixtures files.
 2021-02-08 09:47:56 +01:00
Nicolas Lœuillet 890c7d0bfa
Added button to show entries with the same domain 2021-02-08 09:45:38 +01:00
Jeremy Benoist f061581bbd
Fix test 2021-02-08 09:38:01 +01:00
Jeremy Benoist 3137d9b1cc
Fix test 2021-02-08 09:05:57 +01:00
Kevin Decherf 8e89b3ad76 Preselect currently active section in the filter menu 
Fixes #2533

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2021-01-24 02:16:43 +01:00