summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/config/default.js9
-rw-r--r--lib/config/environment.js11
-rw-r--r--lib/config/index.js8
-rw-r--r--lib/models/index.js2
-rw-r--r--lib/models/revision.js8
-rw-r--r--lib/models/user.js8
-rwxr-xr-xlib/response.js13
-rw-r--r--lib/utils.js9
-rw-r--r--lib/web/auth/google/index.js6
-rw-r--r--lib/web/auth/ldap/index.js5
-rw-r--r--lib/web/imageRouter.js5
11 files changed, 63 insertions, 21 deletions
diff --git a/lib/config/default.js b/lib/config/default.js
index a14a4294..e7e2e4b3 100644
--- a/lib/config/default.js
+++ b/lib/config/default.js
@@ -7,6 +7,12 @@ module.exports = {
urladdport: false,
alloworigin: ['localhost'],
usessl: false,
+ hsts: {
+ enable: true,
+ maxAgeSeconds: 31536000,
+ includeSubdomains: true,
+ preload: true
+ },
protocolusessl: false,
usecdn: true,
allowanonymous: true,
@@ -88,5 +94,6 @@ module.exports = {
tlsca: undefined
},
email: true,
- allowemailregister: true
+ allowemailregister: true,
+ allowpdfexport: true
}
diff --git a/lib/config/environment.js b/lib/config/environment.js
index 75381ffc..6f33d140 100644
--- a/lib/config/environment.js
+++ b/lib/config/environment.js
@@ -6,8 +6,14 @@ module.exports = {
domain: process.env.HMD_DOMAIN,
urlpath: process.env.HMD_URL_PATH,
port: process.env.HMD_PORT,
- urladdport: process.env.HMD_URL_ADDPORT,
+ urladdport: toBooleanConfig(process.env.HMD_URL_ADDPORT),
usessl: toBooleanConfig(process.env.HMD_USESSL),
+ hsts: {
+ enable: toBooleanConfig(process.env.HMD_HSTS_ENABLE),
+ maxAgeSeconds: process.env.HMD_HSTS_MAX_AGE,
+ includeSubdomains: toBooleanConfig(process.env.HMD_HSTS_INCLUDE_SUBDOMAINS),
+ preload: toBooleanConfig(process.env.HMD_HSTS_PRELOAD)
+ },
protocolusessl: toBooleanConfig(process.env.HMD_PROTOCOL_USESSL),
alloworigin: process.env.HMD_ALLOW_ORIGIN ? process.env.HMD_ALLOW_ORIGIN.split(',') : undefined,
usecdn: toBooleanConfig(process.env.HMD_USECDN),
@@ -63,5 +69,6 @@ module.exports = {
tlsca: process.env.HMD_LDAP_TLS_CA
},
email: toBooleanConfig(process.env.HMD_EMAIL),
- allowemailregister: toBooleanConfig(process.env.HMD_ALLOW_EMAIL_REGISTER)
+ allowemailregister: toBooleanConfig(process.env.HMD_ALLOW_EMAIL_REGISTER),
+ allowpdfexport: toBooleanConfig(process.env.HMD_ALLOW_PDF_EXPORT)
}
diff --git a/lib/config/index.js b/lib/config/index.js
index 6bc9a419..dfad28ed 100644
--- a/lib/config/index.js
+++ b/lib/config/index.js
@@ -1,3 +1,4 @@
+
'use strict'
const fs = require('fs')
@@ -34,8 +35,8 @@ if (config.ldap.tlsca) {
let ca = config.ldap.tlsca.split(',')
let caContent = []
for (let i of ca) {
- if (fs.existsSync(ca[i])) {
- caContent.push(fs.readFileSync(ca[i], 'utf8'))
+ if (fs.existsSync(i)) {
+ caContent.push(fs.readFileSync(i, 'utf8'))
}
}
let tlsOptions = {
@@ -90,6 +91,7 @@ config.isEmailEnable = config.email
config.isGitHubEnable = config.github.clientID && config.github.clientSecret
config.isGitLabEnable = config.gitlab.clientID && config.gitlab.clientSecret
config.isLDAPEnable = config.ldap.url
+config.isPDFExportEnable = config.allowpdfexport
// generate correct path
config.sslcapath = path.join(appRootPath, config.sslcapath)
@@ -106,7 +108,7 @@ config.errorpath = path.join(appRootPath, config.errorpath)
config.prettypath = path.join(appRootPath, config.prettypath)
config.slidepath = path.join(appRootPath, config.slidepath)
-// maek config readonly
+// make config readonly
config = deepFreeze(config)
module.exports = config
diff --git a/lib/models/index.js b/lib/models/index.js
index 0679a7fc..e3aa8bf3 100644
--- a/lib/models/index.js
+++ b/lib/models/index.js
@@ -10,7 +10,7 @@ var config = require('../config')
var logger = require('../logger')
var dbconfig = cloneDeep(config.db)
-dbconfig.logger = config.debug ? logger.info : false
+dbconfig.logging = config.debug ? logger.info : false
var sequelize = null
diff --git a/lib/models/revision.js b/lib/models/revision.js
index 6f3a746f..225a95d4 100644
--- a/lib/models/revision.js
+++ b/lib/models/revision.js
@@ -110,7 +110,7 @@ module.exports = function (sequelize, DataTypes) {
where: {
noteId: note.id
},
- order: '"createdAt" DESC'
+ order: [['createdAt', 'DESC']]
}).then(function (revisions) {
var data = []
for (var i = 0, l = revisions.length; i < l; i++) {
@@ -131,7 +131,7 @@ module.exports = function (sequelize, DataTypes) {
where: {
noteId: note.id
},
- order: '"createdAt" DESC'
+ order: [['createdAt', 'DESC']]
}).then(function (revisions) {
if (revisions.length <= 0) return callback(null, null)
// measure target revision position
@@ -142,7 +142,7 @@ module.exports = function (sequelize, DataTypes) {
$gte: time
}
},
- order: '"createdAt" DESC'
+ order: [['createdAt', 'DESC']]
}).then(function (count) {
if (count <= 0) return callback(null, null)
sendDmpWorker({
@@ -231,7 +231,7 @@ module.exports = function (sequelize, DataTypes) {
where: {
noteId: note.id
},
- order: '"createdAt" DESC'
+ order: [['createdAt', 'DESC']]
}).then(function (revisions) {
if (revisions.length <= 0) {
// if no revision available
diff --git a/lib/models/user.js b/lib/models/user.js
index 14c30bc3..e59b86cc 100644
--- a/lib/models/user.js
+++ b/lib/models/user.js
@@ -104,8 +104,12 @@ module.exports = function (sequelize, DataTypes) {
break
case 'gitlab':
photo = profile.avatarUrl
- if (bigger) photo = photo.replace(/(\?s=)\d*$/i, '$1400')
- else photo = photo.replace(/(\?s=)\d*$/i, '$196')
+ if (photo) {
+ if (bigger) photo = photo.replace(/(\?s=)\d*$/i, '$1400')
+ else photo = photo.replace(/(\?s=)\d*$/i, '$196')
+ } else {
+ photo = letterAvatars(profile.username)
+ }
break
case 'dropbox':
// no image api provided, use gravatar
diff --git a/lib/response.js b/lib/response.js
index a9abd1d4..9e39ffb5 100755
--- a/lib/response.js
+++ b/lib/response.js
@@ -13,6 +13,7 @@ var moment = require('moment')
var config = require('./config')
var logger = require('./logger')
var models = require('./models')
+var utils = require('./utils')
// public
var response = {
@@ -68,6 +69,7 @@ function showIndex (req, res, next) {
ldap: config.isLDAPEnable,
email: config.isEmailEnable,
allowemailregister: config.allowemailregister,
+ allowpdfexport: config.allowpdfexport,
signin: req.isAuthenticated(),
infoMessage: req.flash('info'),
errorMessage: req.flash('error')
@@ -97,7 +99,8 @@ function responseHackMD (res, note) {
google: config.isGoogleEnable,
ldap: config.isLDAPEnable,
email: config.isEmailEnable,
- allowemailregister: config.allowemailregister
+ allowemailregister: config.allowemailregister,
+ allowpdfexport: config.allowpdfexport
})
}
@@ -381,7 +384,12 @@ function noteActions (req, res, next) {
actionInfo(req, res, note)
break
case 'pdf':
- actionPDF(req, res, note)
+ if (config.allowpdfexport) {
+ actionPDF(req, res, note)
+ } else {
+ logger.error('PDF export failed: Disabled by config. Set "allowpdfexport: true" to enable. Check the documentation for details')
+ response.errorForbidden(res)
+ }
break
case 'gist':
actionGist(req, res, note)
@@ -574,6 +582,7 @@ function showPublishSlide (req, res, next) {
updatetime: updatetime,
url: origin,
body: markdown,
+ theme: meta.slideOptions && utils.isRevealTheme(meta.slideOptions.theme),
meta: JSON.stringify(extracted.meta),
useCDN: config.usecdn,
owner: note.owner ? note.owner.id : null,
diff --git a/lib/utils.js b/lib/utils.js
index d9289dca..247f85f2 100644
--- a/lib/utils.js
+++ b/lib/utils.js
@@ -1,4 +1,6 @@
'use strict'
+const fs = require('fs')
+const path = require('path')
exports.isSQLite = function isSQLite (sequelize) {
return sequelize.options.dialect === 'sqlite'
@@ -23,3 +25,10 @@ exports.getImageMimeType = function getImageMimeType (imagePath) {
return undefined
}
}
+
+exports.isRevealTheme = function isRevealTheme (theme) {
+ if (fs.existsSync(path.join(__dirname, '..', 'public', 'build', 'reveal.js', 'css', 'theme', theme + '.css'))) {
+ return theme
+ }
+ return undefined
+}
diff --git a/lib/web/auth/google/index.js b/lib/web/auth/google/index.js
index bf2a260f..609c69cf 100644
--- a/lib/web/auth/google/index.js
+++ b/lib/web/auth/google/index.js
@@ -6,7 +6,7 @@ var GoogleStrategy = require('passport-google-oauth20').Strategy
const config = require('../../../config')
const {setReturnToFromReferer, passportGeneralCallback} = require('../utils')
-let facebookAuth = module.exports = Router()
+let googleAuth = module.exports = Router()
passport.use(new GoogleStrategy({
clientID: config.google.clientID,
@@ -14,12 +14,12 @@ passport.use(new GoogleStrategy({
callbackURL: config.serverurl + '/auth/google/callback'
}, passportGeneralCallback))
-facebookAuth.get('/auth/google', function (req, res, next) {
+googleAuth.get('/auth/google', function (req, res, next) {
setReturnToFromReferer(req)
passport.authenticate('google', { scope: ['profile'] })(req, res, next)
})
// google auth callback
-facebookAuth.get('/auth/google/callback',
+googleAuth.get('/auth/google/callback',
passport.authenticate('google', {
successReturnToOrRedirect: config.serverurl + '/',
failureRedirect: config.serverurl + '/'
diff --git a/lib/web/auth/ldap/index.js b/lib/web/auth/ldap/index.js
index 766c5cbc..9a63578a 100644
--- a/lib/web/auth/ldap/index.js
+++ b/lib/web/auth/ldap/index.js
@@ -23,9 +23,10 @@ passport.use(new LDAPStrategy({
tlsOptions: config.ldap.tlsOptions || null
}
}, function (user, done) {
+ var uuid = user.uidNumber || user.uid || user.sAMAccountName
var profile = {
- id: 'LDAP-' + user.uidNumber,
- username: user.uid,
+ id: 'LDAP-' + uuid,
+ username: uuid,
displayName: user.displayName,
emails: user.mail ? [user.mail] : [],
avatarUrl: null,
diff --git a/lib/web/imageRouter.js b/lib/web/imageRouter.js
index 592a497c..bebab302 100644
--- a/lib/web/imageRouter.js
+++ b/lib/web/imageRouter.js
@@ -64,8 +64,11 @@ imageRouter.post('/uploadimage', function (req, res) {
res.status(500).end('upload image error')
return
}
+
+ var s3Endpoint = 's3.amazonaws.com'
+ if (config.s3.region && config.s3.region !== 'us-east-1') { s3Endpoint = `s3-${config.s3.region}.amazonaws.com` }
res.send({
- link: `https://s3-${config.s3.region}.amazonaws.com/${config.s3bucket}/${params.Key}`
+ link: `https://${s3Endpoint}/${config.s3bucket}/${params.Key}`
})
})
})
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-04 06:36:30 +0000