diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/config/default.js | 9 | ||||
| -rw-r--r-- | lib/config/environment.js | 11 | ||||
| -rw-r--r-- | lib/config/index.js | 4 | ||||
| -rw-r--r-- | lib/models/revision.js | 8 | ||||
| -rw-r--r-- | lib/models/user.js | 8 | ||||
| -rwxr-xr-x | lib/response.js | 11 | ||||
| -rw-r--r-- | lib/web/auth/google/index.js | 6 |
7 files changed, 42 insertions, 15 deletions
diff --git a/lib/config/default.js b/lib/config/default.js index a14a4294..e7e2e4b3 100644 --- a/lib/config/default.js +++ b/lib/config/default.js @@ -7,6 +7,12 @@ module.exports = { urladdport: false, alloworigin: ['localhost'], usessl: false, + hsts: { + enable: true, + maxAgeSeconds: 31536000, + includeSubdomains: true, + preload: true + }, protocolusessl: false, usecdn: true, allowanonymous: true, @@ -88,5 +94,6 @@ module.exports = { tlsca: undefined }, email: true, - allowemailregister: true + allowemailregister: true, + allowpdfexport: true } diff --git a/lib/config/environment.js b/lib/config/environment.js index 75381ffc..6f33d140 100644 --- a/lib/config/environment.js +++ b/lib/config/environment.js @@ -6,8 +6,14 @@ module.exports = { domain: process.env.HMD_DOMAIN, urlpath: process.env.HMD_URL_PATH, port: process.env.HMD_PORT, - urladdport: process.env.HMD_URL_ADDPORT, + urladdport: toBooleanConfig(process.env.HMD_URL_ADDPORT), usessl: toBooleanConfig(process.env.HMD_USESSL), + hsts: { + enable: toBooleanConfig(process.env.HMD_HSTS_ENABLE), + maxAgeSeconds: process.env.HMD_HSTS_MAX_AGE, + includeSubdomains: toBooleanConfig(process.env.HMD_HSTS_INCLUDE_SUBDOMAINS), + preload: toBooleanConfig(process.env.HMD_HSTS_PRELOAD) + }, protocolusessl: toBooleanConfig(process.env.HMD_PROTOCOL_USESSL), alloworigin: process.env.HMD_ALLOW_ORIGIN ? process.env.HMD_ALLOW_ORIGIN.split(',') : undefined, usecdn: toBooleanConfig(process.env.HMD_USECDN), @@ -63,5 +69,6 @@ module.exports = { tlsca: process.env.HMD_LDAP_TLS_CA }, email: toBooleanConfig(process.env.HMD_EMAIL), - allowemailregister: toBooleanConfig(process.env.HMD_ALLOW_EMAIL_REGISTER) + allowemailregister: toBooleanConfig(process.env.HMD_ALLOW_EMAIL_REGISTER), + allowpdfexport: toBooleanConfig(process.env.HMD_ALLOW_PDF_EXPORT) } diff --git a/lib/config/index.js b/lib/config/index.js index bea5a6af..dfad28ed 100644 --- a/lib/config/index.js +++ b/lib/config/index.js @@ -1,3 +1,4 @@ + 'use strict' const fs = require('fs') @@ -90,6 +91,7 @@ config.isEmailEnable = config.email config.isGitHubEnable = config.github.clientID && config.github.clientSecret config.isGitLabEnable = config.gitlab.clientID && config.gitlab.clientSecret config.isLDAPEnable = config.ldap.url +config.isPDFExportEnable = config.allowpdfexport // generate correct path config.sslcapath = path.join(appRootPath, config.sslcapath) @@ -106,7 +108,7 @@ config.errorpath = path.join(appRootPath, config.errorpath) config.prettypath = path.join(appRootPath, config.prettypath) config.slidepath = path.join(appRootPath, config.slidepath) -// maek config readonly +// make config readonly config = deepFreeze(config) module.exports = config diff --git a/lib/models/revision.js b/lib/models/revision.js index 6f3a746f..225a95d4 100644 --- a/lib/models/revision.js +++ b/lib/models/revision.js @@ -110,7 +110,7 @@ module.exports = function (sequelize, DataTypes) { where: { noteId: note.id }, - order: '"createdAt" DESC' + order: [['createdAt', 'DESC']] }).then(function (revisions) { var data = [] for (var i = 0, l = revisions.length; i < l; i++) { @@ -131,7 +131,7 @@ module.exports = function (sequelize, DataTypes) { where: { noteId: note.id }, - order: '"createdAt" DESC' + order: [['createdAt', 'DESC']] }).then(function (revisions) { if (revisions.length <= 0) return callback(null, null) // measure target revision position @@ -142,7 +142,7 @@ module.exports = function (sequelize, DataTypes) { $gte: time } }, - order: '"createdAt" DESC' + order: [['createdAt', 'DESC']] }).then(function (count) { if (count <= 0) return callback(null, null) sendDmpWorker({ @@ -231,7 +231,7 @@ module.exports = function (sequelize, DataTypes) { where: { noteId: note.id }, - order: '"createdAt" DESC' + order: [['createdAt', 'DESC']] }).then(function (revisions) { if (revisions.length <= 0) { // if no revision available diff --git a/lib/models/user.js b/lib/models/user.js index 14c30bc3..e59b86cc 100644 --- a/lib/models/user.js +++ b/lib/models/user.js @@ -104,8 +104,12 @@ module.exports = function (sequelize, DataTypes) { break case 'gitlab': photo = profile.avatarUrl - if (bigger) photo = photo.replace(/(\?s=)\d*$/i, '$1400') - else photo = photo.replace(/(\?s=)\d*$/i, '$196') + if (photo) { + if (bigger) photo = photo.replace(/(\?s=)\d*$/i, '$1400') + else photo = photo.replace(/(\?s=)\d*$/i, '$196') + } else { + photo = letterAvatars(profile.username) + } break case 'dropbox': // no image api provided, use gravatar diff --git a/lib/response.js b/lib/response.js index a22d1e70..9e39ffb5 100755 --- a/lib/response.js +++ b/lib/response.js @@ -69,6 +69,7 @@ function showIndex (req, res, next) { ldap: config.isLDAPEnable, email: config.isEmailEnable, allowemailregister: config.allowemailregister, + allowpdfexport: config.allowpdfexport, signin: req.isAuthenticated(), infoMessage: req.flash('info'), errorMessage: req.flash('error') @@ -98,7 +99,8 @@ function responseHackMD (res, note) { google: config.isGoogleEnable, ldap: config.isLDAPEnable, email: config.isEmailEnable, - allowemailregister: config.allowemailregister + allowemailregister: config.allowemailregister, + allowpdfexport: config.allowpdfexport }) } @@ -382,7 +384,12 @@ function noteActions (req, res, next) { actionInfo(req, res, note) break case 'pdf': - actionPDF(req, res, note) + if (config.allowpdfexport) { + actionPDF(req, res, note) + } else { + logger.error('PDF export failed: Disabled by config. Set "allowpdfexport: true" to enable. Check the documentation for details') + response.errorForbidden(res) + } break case 'gist': actionGist(req, res, note) diff --git a/lib/web/auth/google/index.js b/lib/web/auth/google/index.js index bf2a260f..609c69cf 100644 --- a/lib/web/auth/google/index.js +++ b/lib/web/auth/google/index.js @@ -6,7 +6,7 @@ var GoogleStrategy = require('passport-google-oauth20').Strategy const config = require('../../../config') const {setReturnToFromReferer, passportGeneralCallback} = require('../utils') -let facebookAuth = module.exports = Router() +let googleAuth = module.exports = Router() passport.use(new GoogleStrategy({ clientID: config.google.clientID, @@ -14,12 +14,12 @@ passport.use(new GoogleStrategy({ callbackURL: config.serverurl + '/auth/google/callback' }, passportGeneralCallback)) -facebookAuth.get('/auth/google', function (req, res, next) { +googleAuth.get('/auth/google', function (req, res, next) { setReturnToFromReferer(req) passport.authenticate('google', { scope: ['profile'] })(req, res, next) }) // google auth callback -facebookAuth.get('/auth/google/callback', +googleAuth.get('/auth/google/callback', passport.authenticate('google', { successReturnToOrRedirect: config.serverurl + '/', failureRedirect: config.serverurl + '/' |