From 4ce301d37cf32c3cc9d2cc34028f967c96aecafd Mon Sep 17 00:00:00 2001 From: Nicolas Giard Date: Tue, 19 Sep 2023 20:48:55 -0400 Subject: [PATCH 01/10] docs: Update README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 19806737..229ca1c0 100644 --- a/README.md +++ b/README.md @@ -215,6 +215,7 @@ Support this project by becoming a sponsor. Your name will show up in the Contri - ameyrakheja ([@ameyrakheja](https://github.com/ameyrakheja)) - aniketpanjwani ([@aniketpanjwani](https://github.com/aniketpanjwani)) - aytaa ([@aytaa](https://github.com/aytaa)) +- cesar ([@cesarnr21](https://github.com/cesarnr21)) - chaee ([@chaee](https://github.com/chaee)) - lwileczek ([@lwileczek](https://github.com/lwileczek)) - magicpotato ([@fortheday](https://github.com/fortheday)) From b19c4e4f233fd0b5ae9a0907d58259e1f565635f Mon Sep 17 00:00:00 2001 From: Nicolas Giard Date: Wed, 20 Sep 2023 16:42:49 -0400 Subject: [PATCH 02/10] docs: Update README.md --- README.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 229ca1c0..2dda27da 100644 --- a/README.md +++ b/README.md @@ -85,6 +85,11 @@ Support this project by becoming a sponsor. Your name will show up in the Contri + + + + + @@ -141,12 +146,7 @@ Support this project by becoming a sponsor. Your name will show up in the Contri - - - - - - + From 8932d15c0c0197aecb7962aada5f01a47e4a2f5f Mon Sep 17 00:00:00 2001 From: Pablo Date: Mon, 25 Sep 2023 05:30:28 +0200 Subject: [PATCH 03/10] fix: typo in kroki name (#6745) --- server/modules/rendering/html-image-prefetch/definition.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/server/modules/rendering/html-image-prefetch/definition.yml b/server/modules/rendering/html-image-prefetch/definition.yml index bf7a65df..4a4d2b14 100644 --- a/server/modules/rendering/html-image-prefetch/definition.yml +++ b/server/modules/rendering/html-image-prefetch/definition.yml @@ -1,6 +1,6 @@ key: htmlImagePrefetch title: Image Prefetch -description: Prefetch remotely rendered images (korki/plantuml) +description: Prefetch remotely rendered images (kroki/plantuml) author: requarks.io icon: mdi-cloud-download-outline enabledDefault: false From 16245caeff19c67afb174887c13f65a0ab7dba4a Mon Sep 17 00:00:00 2001 From: Nicolas Giard Date: Wed, 18 Oct 2023 21:35:12 -0400 Subject: [PATCH 04/10] docs: Update README.md --- README.md | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index 2dda27da..ab067d78 100644 --- a/README.md +++ b/README.md @@ -80,11 +80,6 @@ Support this project by becoming a sponsor. Your name will show up in the Contri -
- - - - @@ -99,6 +94,11 @@ Support this project by becoming a sponsor. Your name will show up in the Contri + + + + - - - -
+ + + + Alexander Casassovici
(@alexksso) @@ -119,6 +119,13 @@ Support this project by becoming a sponsor. Your name will show up in the Contri 		+ + + +
Jay Daley
(@JayDaley) @@ -129,8 +136,6 @@ Support this project by becoming a sponsor. Your name will show up in the Contri Oleksii
(@idokka)
@@ -141,12 +146,7 @@ Support this project by becoming a sponsor. Your name will show up in the Contri - - - - + From fd91caff1da1683473fc3b65ecab84a41f4ebb8a Mon Sep 17 00:00:00 2001 From: Nicolas Giard Date: Fri, 27 Oct 2023 17:15:21 -0400 Subject: [PATCH 05/10] docs: Update README.md --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index ab067d78..fc835933 100644 --- a/README.md +++ b/README.md @@ -400,6 +400,7 @@ Thank you to all our patrons! 🙏 [[Become a patron](https://www.patreon.com/re
+- Aeternum - Al Romano - Alex Balabanov - Alex Milanov @@ -424,11 +425,11 @@ Thank you to all our patrons! 🙏 [[Become a patron](https://www.patreon.com/re - Ian - Imari Childress - Iskander Callos -- Josh Stewart +- Josh Stewart - Justin Dunsworth - Keir - Loïc CRAMPON From 38a46e68ea60c0e3650d19214ee0ebad6d3159f2 Mon Sep 17 00:00:00 2001 From: aelgasser Date: Mon, 20 Nov 2023 22:59:33 +0100 Subject: [PATCH 06/10] feat: sync groups with SAML provider (#6299) * feat: added implementation for group mapping in SAML strategies --------- Co-authored-by: Abderraouf El Gasser Co-authored-by: Nicolas Giard --- .../authentication/saml/authentication.js | 20 +++++++++++++++++++ .../authentication/saml/definition.yml | 12 +++++++++++ 2 files changed, 32 insertions(+) diff --git a/server/modules/authentication/saml/authentication.js b/server/modules/authentication/saml/authentication.js index 6eeef27a..13248907 100644 --- a/server/modules/authentication/saml/authentication.js +++ b/server/modules/authentication/saml/authentication.js @@ -56,6 +56,26 @@ module.exports = { picture: _.get(profile, conf.mappingPicture, '') } }) + + // map users provider groups to wiki groups with the same name, and remove any groups that don't match + // Code copied from the LDAP implementation with a slight variation on the field we extract the value from + // In SAML v2 groups come in profile.attributes and can be 1 string or an array of strings + if (conf.mapGroups) { + const maybeArrayOfGroups = _.get(profile.attributes, conf.mappingGroups) + const groups = (maybeArrayOfGroups && !_.isArray(maybeArrayOfGroups)) ? [maybeArrayOfGroups] : maybeArrayOfGroups + + if (groups && _.isArray(groups)) { + const currentGroups = (await user.$relatedQuery('groups').select('groups.id')).map(g => g.id) + const expectedGroups = Object.values(WIKI.auth.groups).filter(g => groups.includes(g.name)).map(g => g.id) + for (const groupId of _.difference(expectedGroups, currentGroups)) { + await user.$relatedQuery('groups').relate(groupId) + } + for (const groupId of _.difference(currentGroups, expectedGroups)) { + await user.$relatedQuery('groups').unrelate().where('groupId', groupId) + } + } + } + cb(null, user) } catch (err) { cb(err, null) diff --git a/server/modules/authentication/saml/definition.yml b/server/modules/authentication/saml/definition.yml index bfb24d15..c39dd731 100644 --- a/server/modules/authentication/saml/definition.yml +++ b/server/modules/authentication/saml/definition.yml @@ -162,3 +162,15 @@ props: default: 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/picture' hint: The field storing the user avatar picture. Can be a variable name or a URI-formatted string. order: 43 + mapGroups: + type: Boolean + title: Map Groups + hint: Map groups matching names from the provider user groups. User Groups Field Mapping must also be defined for this to work. Note this will remove any groups the user has that doesn't match any group from the provider. + default: false + order: 44 + mappingGroups: + title: User Groups Field Mapping + type: String + default: 'memberOf' + hint: The field storing the user groups attribute (when Map Groups is enabled). Can be a variable name or a URI-formatted string. + order: 45 From 34c037c68bef2eb224ae5ddf712f129d428e85be Mon Sep 17 00:00:00 2001 From: Nicolas Giard Date: Sun, 21 Jan 2024 00:32:01 -0500 Subject: [PATCH 07/10] docs: Update README.md --- README.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/README.md b/README.md index fc835933..595df3d4 100644 --- a/README.md +++ b/README.md @@ -13,8 +13,7 @@ [![Build + Publish](https://github.com/Requarks/wiki/actions/workflows/build.yml/badge.svg)](https://github.com/Requarks/wiki/actions/workflows/build.yml) [![Huntr](https://img.shields.io/badge/security%20bounty-disclose-brightgreen.svg?style=flat&logo=cachet&logoColor=white)](https://huntr.dev/bounties/disclose) [![GitHub Sponsors](https://img.shields.io/github/sponsors/ngpixel?logo=github&color=ea4aaa)](https://github.com/users/NGPixel/sponsorship) -[![Open Collective backers and sponsors](https://img.shields.io/opencollective/all/wikijs?label=backers&color=218bff&logo=opencollective&logoColor=white)](https://opencollective.com/wikijs) -[![Subscribe to Newsletter](https://img.shields.io/badge/newsletter-subscribe-yellow.svg?style=flat&logo=mailchimp&logoColor=white)](https://blog.js.wiki/subscribe) +[![Open Collective backers and sponsors](https://img.shields.io/opencollective/all/wikijs?label=backers&color=218bff&logo=opencollective&logoColor=white)](https://opencollective.com/wikijs) [![Chat on Slack](https://img.shields.io/badge/slack-requarks-CC2B5E.svg?style=flat&logo=slack)](https://wiki.requarks.io/slack) [![Follow on Twitter](https://img.shields.io/badge/twitter-%40requarks-blue.svg?style=flat&logo=twitter&logoColor=white)](https://twitter.com/requarks) [![Follow on Telegram](https://img.shields.io/badge/telegram-%40wiki__js-blue.svg?style=flat&logo=telegram)](https://t.me/wiki_js) From 99e74e8eb2de988c8602e6e1311e689533957380 Mon Sep 17 00:00:00 2001 From: Jasmine Tai <45131430+j-tai@users.noreply.github.com> Date: Mon, 22 Jan 2024 17:20:01 -0800 Subject: [PATCH 08/10] feat: upgrade markdown-it-emoji to 3.0.0 (#6945) --- client/components/editor/editor-markdown.vue | 2 +- package.json | 2 +- server/modules/comments/default/comment.js | 2 +- server/modules/rendering/markdown-emoji/renderer.js | 2 +- yarn.lock | 8 ++++---- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/client/components/editor/editor-markdown.vue b/client/components/editor/editor-markdown.vue index 04b5c6aa..4ca6e192 100644 --- a/client/components/editor/editor-markdown.vue +++ b/client/components/editor/editor-markdown.vue @@ -200,7 +200,7 @@ import 'codemirror/addon/fold/foldgutter.css' import MarkdownIt from 'markdown-it' import mdAttrs from 'markdown-it-attrs' import mdDecorate from 'markdown-it-decorate' -import mdEmoji from 'markdown-it-emoji' +import { full as mdEmoji } from 'markdown-it-emoji' import mdTaskLists from 'markdown-it-task-lists' import mdExpandTabs from 'markdown-it-expand-tabs' import mdAbbr from 'markdown-it-abbr' diff --git a/package.json b/package.json index e78c91b1..d6723534 100644 --- a/package.json +++ b/package.json @@ -109,7 +109,7 @@ "markdown-it-abbr": "1.0.4", "markdown-it-attrs": "3.0.3", "markdown-it-decorate": "1.2.2", - "markdown-it-emoji": "1.4.0", + "markdown-it-emoji": "3.0.0", "markdown-it-expand-tabs": "1.0.13", "markdown-it-external-links": "0.0.6", "markdown-it-footnote": "3.0.3", diff --git a/server/modules/comments/default/comment.js b/server/modules/comments/default/comment.js index fa819c8b..10948f3e 100644 --- a/server/modules/comments/default/comment.js +++ b/server/modules/comments/default/comment.js @@ -1,5 +1,5 @@ const md = require('markdown-it') -const mdEmoji = require('markdown-it-emoji') +const { full: mdEmoji } = require('markdown-it-emoji') const { JSDOM } = require('jsdom') const createDOMPurify = require('dompurify') const _ = require('lodash') diff --git a/server/modules/rendering/markdown-emoji/renderer.js b/server/modules/rendering/markdown-emoji/renderer.js index 331b97ef..0c7e7407 100644 --- a/server/modules/rendering/markdown-emoji/renderer.js +++ b/server/modules/rendering/markdown-emoji/renderer.js @@ -1,4 +1,4 @@ -const mdEmoji = require('markdown-it-emoji') +const { full: mdEmoji } = require('markdown-it-emoji') const twemoji = require('twemoji') // ------------------------------------ diff --git a/yarn.lock b/yarn.lock index d7003475..6ac6a6f4 100644 --- a/yarn.lock +++ b/yarn.lock @@ -13146,10 +13146,10 @@ markdown-it-decorate@1.2.2: resolved "https://registry.yarnpkg.com/markdown-it-decorate/-/markdown-it-decorate-1.2.2.tgz#f1e11d11d837ae78906198f8a2c974f0e646acb7" integrity sha512-7BFWJ97KBXgkaPVjKHISQnhSW8RWQ7yRNXpr8pPUV2Rw4GHvGrgb6CelKCM+GSijP0uSLCAVfc/knWIz+2v/Sw== -markdown-it-emoji@1.4.0: - version "1.4.0" - resolved "https://registry.yarnpkg.com/markdown-it-emoji/-/markdown-it-emoji-1.4.0.tgz#9bee0e9a990a963ba96df6980c4fddb05dfb4dcc" - integrity sha512-QCz3Hkd+r5gDYtS2xsFXmBYrgw6KuWcJZLCEkdfAuwzZbShCmCfta+hwAMq4NX/4xPzkSHduMKgMkkPUJxSXNg== +markdown-it-emoji@3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/markdown-it-emoji/-/markdown-it-emoji-3.0.0.tgz#8475a04d671d7c93f931b76fb90c582768b7f0b5" + integrity sha512-+rUD93bXHubA4arpEZO3q80so0qgoFJEKRkRbjKX8RTdca89v2kfyF+xR3i2sQTwql9tpPZPOQN5B+PunspXRg== markdown-it-expand-tabs@1.0.13: version "1.0.13" From b1e1759f254b172069849fa858c7923c8da0f415 Mon Sep 17 00:00:00 2001 From: Nicolas Giard Date: Sun, 28 Jan 2024 20:03:06 -0500 Subject: [PATCH 09/10] fix: set securityTrustProxy to false by default --- client/components/admin/admin-security.vue | 2 +- server/app/data.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/client/components/admin/admin-security.vue b/client/components/admin/admin-security.vue index 7a8d305b..8c062c52 100644 --- a/client/components/admin/admin-security.vue +++ b/client/components/admin/admin-security.vue @@ -265,7 +265,7 @@ export default { securityOpenRedirect: true, securityIframe: true, securityReferrerPolicy: true, - securityTrustProxy: true, + securityTrustProxy: false, securitySRI: true, securityHSTS: false, securityHSTSDuration: 0, diff --git a/server/app/data.yml b/server/app/data.yml index 7c3d0803..0cd628a6 100644 --- a/server/app/data.yml +++ b/server/app/data.yml @@ -85,7 +85,7 @@ defaults: securityOpenRedirect: true securityIframe: true securityReferrerPolicy: true - securityTrustProxy: true + securityTrustProxy: false securitySRI: true securityHSTS: false securityHSTSDuration: 300 From ece5753ebbe6e0e94a565045e53c32e85eab8aca Mon Sep 17 00:00:00 2001 From: Nicolas Giard Date: Wed, 7 Feb 2024 15:31:49 -0500 Subject: [PATCH 10/10] docs: Update README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 595df3d4..942857c1 100644 --- a/README.md +++ b/README.md @@ -167,6 +167,7 @@ Support this project by becoming a sponsor. Your name will show up in the Contri - Cloud Data Hosting LLC ([@CloudDataHostingLLC](https://github.com/CloudDataHostingLLC)) - Cole Manning ([@RVRX](https://github.com/RVRX)) - CrazyMarvin ([@CrazyMarvin](https://github.com/CrazyMarvin)) +- Daniel Horner ([@danhorner](https://github.com/danhorner)) - David Christian Holin ([@SirGibihm](https://github.com/SirGibihm)) - Dragan Espenschied ([@despens](https://github.com/despens)) - Elijah Zobenko ([@he110](https://github.com/he110))