status-im
/
codimd
mirror of https://github.com/status-im/codimd.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge branch 'develop' into feature/lutim

This commit is contained in:
Max Wu 2019-08-01 00:22:23 +08:00 committed by GitHub
parent 82ac870c26 9f16f32675
commit 62918134c0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
117 changed files with 8794 additions and 6327 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
.dockerignore Normal file
View File

@ -0,0 +1,8 @@
.git/
node_modules/
docs/
test/
.sequelizerc.example
config.json.example
public/build

3
.eslintignore
View File

@ -1,3 +0,0 @@
lib/ot
public/vendor
public/build

21
.eslintrc.js
View File

@ -1,21 +0,0 @@
module.exports = {
"root": true,
"extends": "standard",
"env": {
"node": true
},
"rules": {
// at some point all of these should return to their default "error" state
// but right now, this is not a good choice, because too many places are
// wrong.
"import/first": ["warn"],
"indent": ["warn"],
"no-multiple-empty-lines": ["warn"],
"no-multi-spaces": ["warn"],
"object-curly-spacing": ["warn"],
"one-var": ["warn"],
"quotes": ["warn"],
"semi": ["warn"],
"space-infix-ops": ["warn"]
}
};

2
.gitignore vendored
View File

@ -27,3 +27,5 @@ public/views/build
public/uploads/*
!public/uploads/.gitkeep
/.nyc_output
/coverage/

63
.travis.yml
View File

@ -1,47 +1,34 @@
language: node_js
dist: trusty
node_js:
- "lts/carbon"
- "lts/dubnium"
- "11"
- "12"
dist: xenial
cache: yarn
env:
global:
- CXX=g++-4.8
- YARN_VERSION=1.3.2
matrix:
fast_finish: true
include:
- node_js: lts/carbon
- node_js: lts/dubnium
allow_failures:
- node_js: "11"
- node_js: "12"
script:
- yarn test:ci
- yarn build
jobs:
include:
- env: task=npm-test
node_js:
- 6
before_install:
- curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version "$YARN_VERSION"
- export PATH="$HOME/.yarn/bin:$PATH"
- env: task=npm-test
node_js:
- 8
before_install:
- curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version "$YARN_VERSION"
- export PATH="$HOME/.yarn/bin:$PATH"
- env: task=npm-test
node_js:
- 10
before_install:
- curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version "$YARN_VERSION"
- export PATH="$HOME/.yarn/bin:$PATH"
- env: task=ShellCheck
script:
- shellcheck bin/heroku bin/setup
language: generic
- env: task=doctoc
install: npm install doctoc
- stage: doctoc-check
install: npm install -g doctoc
if: type = pull_request OR branch = master
script:
- cp README.md README.md.orig
- npm run doctoc
- diff -q README.md README.md.orig
language: generic
- env: task=json-lint
addons:
apt:
packages:
- jq
script:
- npm run jsonlint
language: generic
node_js: lts/carbon

423
README.md
View File

@ -1,382 +1,105 @@
CodiMD
===
[![#CodiMD on matrix.org][matrix.org-image]][matrix.org-url]
[![CodiMD on Gitter][gitter-image]][gitter-url]
[![build status][travis-image]][travis-url]
[![version][github-version-badge]][github-release-page]
[![Gitter][gitter-image]][gitter-url]
[![POEditor][poeditor-image]][poeditor-url]
CodiMD lets you create real-time collaborative markdown notes on all platforms.
Inspired by Hackpad, with more focus on speed and flexibility, and build from [HackMD](https://hackmd.io) source code.
Feel free to contribute.
Thanks for using! :smile:
CodiMD lets you collaborate in real-time with markdown.
Built on [HackMD](https://hackmd.io) source code, CodiMD lets you host and control your team's content with speed and ease.
<!-- START doctoc generated TOC please keep comment here to allow auto update -->
<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
# Table of Contents
- [HackMD CE became CodiMD](#hackmd-ce-became-codimd)
- [Browsers Requirement](#browsers-requirement)
- [Installation](#installation)
- [Getting started (Native install)](#getting-started-native-install)
- [Prerequisite](#prerequisite)
- [Instructions](#instructions)
- [Heroku Deployment](#heroku-deployment)
- [Kubernetes](#kubernetes)
- [CodiMD by docker container](#codimd-by-docker-container)
- [Cloudron](#cloudron)
- [Upgrade](#upgrade)
- [Native setup](#native-setup)
- [Configuration](#configuration)
- [Environment variables (will overwrite other server configs)](#environment-variables-will-overwrite-other-server-configs)
- [Application settings `config.json`](#application-settings-configjson)
- [Third-party integration API key settings](#third-party-integration-api-key-settings)
- [Third-party integration OAuth callback URLs](#third-party-integration-oauth-callback-urls)
- [Developer Notes](#developer-notes)
- [Structure](#structure)
- [Operational Transformation](#operational-transformation)
- [CodiMD - The Open Source HackMD](#codimd---the-open-source-hackmd)
- [Documentation](#documentation)
- [Deployment](#deployment)
- [Configuration](#configuration)
- [Upgrading and Migration](#upgrading-and-migration)
- [Developer](#developer)
- [Contribution and Discussion](#contribution-and-discussion)
- [Browser Support](#browser-support)
- [License](#license)
<!-- END doctoc generated TOC please keep comment here to allow auto update -->
# HackMD CE became CodiMD
## CodiMD - The Open Source HackMD
[HackMD](https://hackmd.io) helps developers write better documents and build active communities with open collaboration.
HackMD is built with one promise - **You own and control all your content**:
- You should be able to easily [download all your online content at once](https://hackmd.io/c/news/%2Fs%2Fr1cx3a3SE).
- Your content formatting should be portable as well. (That's why we choose [markdown](https://hackmd.io/features#Typography).)
- You should be able to control your content's presentation with HTML, [slide mode](https://hackmd.io/p/slide-example), or [book mode](https://hackmd.io/c/book-example/).
CodiMD was recently renamed from its former name was HackMD. CodiMD is the free software version of HackMD. It was the original Version of HackMD. The HackMD team initiated CodiMD and provided a solid code base. Due to the need of paying bills, A fork was created and called HackMD EE, which is a SaaS (Software as a Service) product available at [hackmd.io](https://hackmd.io).
With the same promise of you owning your content, CodiMD is the free software version of [HackMD](https://hackmd.io), developed and opened source by the HackMD team with reduced features, so you can use CodiMD for your community and own your data. *(See the [origin of the name CodiMD](https://github.com/hackmdio/hackmd/issues/720).)*
We decided to change the name to break the confusion between HackMD and CodiMD, formally known as HackMD CE, as it never was an open core project.
CodiMD is perfect for open communities, while HackMD emphasizes on permission and access controls for commercial use cases.
Just to more confusion: We are still friends with HackMD :heart:
HackMD team is committed to keep CodiMD open source. All contributions are welcome!
*For the whole renaming story, see the [related issue](https://github.com/hackmdio/hackmd/issues/720)*
## Documentation
You would find all documentation here: [CodiMD Documentation](https://hackmd.io/c/codimd-documentation)
# Browsers Requirement
### Deployment
If you want to spin up an instance and start using immediately, see [Docker deployment](https://hackmd.io/c/codimd-documentation/%2Fs%2Fcodimd-documentation#Deployment).
If you want to contribute to the project, start with [manual deployment](https://hackmd.io/c/codimd-documentation/%2Fs%2Fcodimd-manual-deployment).
- ![Chrome](http://browserbadge.com/chrome/47/18px) Chrome >= 47, Chrome for Android >= 47
- ![Safari](http://browserbadge.com/safari/9/18px) Safari >= 9, iOS Safari >= 8.4
- ![Firefox](http://browserbadge.com/firefox/44/18px) Firefox >= 44
- ![IE](http://browserbadge.com/ie/9/18px) IE >= 9, Edge >= 12
- ![Opera](http://browserbadge.com/opera/34/18px) Opera >= 34, Opera Mini not supported
### Configuration
CodiMD is highly customizable, learn about all configuration options of networking, security, performance, resources, privilege, privacy, image storage, and authentication in [CodiMD Configuration](https://hackmd.io/c/codimd-documentation/%2Fs%2Fcodimd-configuration).
### Upgrading and Migration
Upgrade CodiMD from previous version? See [this guide](https://hackmd.io/c/codimd-documentation/%2Fs%2Fcodimd-upgrade)
Migrating from Etherpad? Follow [this guide](https://hackmd.io/c/codimd-documentation/%2Fs%2Fcodimd-migration-etherpad)
### Developer
Join our contributor community! Start from deploying [CodiMD manually](https://hackmd.io/c/codimd-documentation/%2Fs%2Fcodimd-manual-deployment), [connecting to your own database](https://hackmd.io/c/codimd-documentation/%2Fs%2Fcodimd-db-connection), [learn about the project structure](https://hackmd.io/c/codimd-documentation/%2Fs%2Fcodimd-project-structure), to [build your changes](https://hackmd.io/c/codimd-documentation/%2Fs%2Fcodimd-webpack) with the help of webpack.
## Contribution and Discussion
All contributions are welcome! Even asking a question helps.
| Project | Contribution Types | Contribution Venue |
| ------- | ------------------ | ------------------ |
|**CodiMD**|:couple: Community chat|[Gitter][gitter-url]|
||:bug: Issues, bugs, and feature requests|[Issue tracker](https://github.com/hackmdio/codimd/issues)|
||:books: Improve documentation|[Documentations](https://hackmd.io/c/codimd-documentation)|
||:pencil: Translation|[POEditor][poeditor-url]|
||:coffee: Donation|[Buy us coffee](https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=KDGS4PREHX6QQ&lc=US&item_name=HackMD&currency_code=USD&bn=PP%2dDonationsBF%3abtn_donate_LG%2egif%3aNonHosted)|
|**HackMD**|:question: Issues related to [HackMD](https://hackmd.io/)|[Issue tracker](https://github.com/hackmdio/hackmd-io-issues/issues)|
||:pencil2: Translation|[hackmd-locales](https://github.com/hackmdio/hackmd-locales/tree/master/locales)|
## Browser Support
CodiMD is a service that runs on Node.js, while users use the service through browsers. We support your users using the following browsers:
- ![Chrome](http://browserbadge.com/chrome/47/18px)
- Chrome >= 47
- Chrome for Android >= 47
- ![Safari](http://browserbadge.com/safari/9/18px)
- Safari >= 9
- iOS Safari >= 8.4
- ![Firefox](http://browserbadge.com/firefox/44/18px)
- Firefox >= 44
- ![IE](http://browserbadge.com/ie/9/18px)
- IE >= 9
- Edge >= 12
- ![Opera](http://browserbadge.com/opera/34/18px)
- Opera >= 34
- Opera Mini not supported
- Android Browser >= 4.4
# Installation
To stay up to date with your installation it's recommended to subscribe the [release feed][github-release-feed].
## Getting started (Native install)
### Prerequisite
- Node.js 6.x or up (test up to 7.5.0) and <10.x
- Database (PostgreSQL, MySQL, MariaDB, SQLite, MSSQL) use charset `utf8`
- npm (and its dependencies, especially [uWebSockets](https://github.com/uWebSockets/uWebSockets#nodejs-developers), [node-gyp](https://github.com/nodejs/node-gyp#installation))
- For **building** CodiMD we recommend to use a machine with at least **2GB** RAM
### Instructions
1. Download a release and unzip or clone into a directory
2. Enter the directory and type `bin/setup`, which will install npm dependencies and create configs. The setup script is written in Bash, you would need bash as a prerequisite.
3. Setup the configs, see more below
4. Setup environment variables which will overwrite the configs
5. Build front-end bundle by `npm run build` (use `npm run dev` if you are in development)
6. Modify the file named `.sequelizerc`, change the value of the variable `url` with your db connection string
For example: `postgres://username:password@localhost:5432/codimd`
7. Run `node_modules/.bin/sequelize db:migrate`, this step will migrate your db to the latest schema
8. Run the server as you like (node, forever, pm2)
To stay up to date with your installation it's recommended to join our [Matrix channel][matrix.org-url] or subscribe to the [release feed][github-release-feed].
## Heroku Deployment
You can quickly setup a sample Heroku CodiMD application by clicking the button below.
[![Deploy on Heroku](https://www.herokucdn.com/deploy/button.svg)](https://heroku.com/deploy?template=https://github.com/hackmdio/codimd/tree/master)
If you deploy it without the button, keep in mind to use the right buildpacks. For details check `app.json`.
## Kubernetes
To install use `helm install stable/hackmd`.
For all further details, please check out the offical CodiMD [K8s helm chart](https://github.com/kubernetes/charts/tree/master/stable/hackmd).
## CodiMD by docker container
[![Try in PWD](https://cdn.rawgit.com/play-with-docker/stacks/cff22438/assets/images/button.png)](http://play-with-docker.com?stack=https://github.com/hackmdio/codimd-container/raw/master/docker-compose.yml&stack_name=codimd)
**Debian-based version:**
[![latest](https://images.microbadger.com/badges/version/hackmdio/hackmd:latest.svg)](https://microbadger.com/images/hackmdio/hackmd "Get your own version badge on microbadger.com") [![](https://images.microbadger.com/badges/image/hackmdio/hackmd:latest.svg)](https://microbadger.com/images/hackmdio/hackmd "Get your own image badge on microbadger.com")
**Alpine-based version:**
[![alpine](https://images.microbadger.com/badges/version/hackmdio/hackmd:alpine.svg)](https://microbadger.com/images/hackmdio/hackmd:alpine "Get your own version badge on microbadger.com") [![](https://images.microbadger.com/badges/image/hackmdio/hackmd:alpine.svg)](https://microbadger.com/images/hackmdio/hackmd:alpine "Get your own image badge on microbadger.com")
The easiest way to setup CodiMD using docker are using the following three commands:
```console
git clone https://github.com/hackmdio/codimd-container.git
cd codimd-container
docker-compose up
```
Read more about it in the [container repository…](https://github.com/hackmdio/codimd-container)
## Cloudron
Install CodiMD on [Cloudron](https://cloudron.io):
[![Install](https://cloudron.io/img/button.svg)](https://cloudron.io/button.html?app=io.hackmd.cloudronapp)
# Upgrade
## Native setup
If you are upgrading CodiMD from an older version, follow these steps:
1. Fully stop your old server first (important)
2. `git pull` or do whatever that updates the files
3. `npm install` to update dependencies
4. Build front-end bundle by `npm run build` (use `npm run dev` if you are in development)
5. Modify the file named `.sequelizerc`, change the value of the variable `url` with your db connection string
For example: `postgres://username:password@localhost:5432/codimd`
6. Run `node_modules/.bin/sequelize db:migrate`, this step will migrate your db to the latest schema
7. Start your whole new server!
To stay up to date with your installation it's recommended to join our [Matrix channel][matrix.org-url] or subscribe to the [release feed][github-release-feed].
* **migrate-to-1.1.0**
We deprecated the older lower case config style and moved on to camel case style. Please have a look at the current `config.json.example` and check the warnings on startup.
*Notice: This is not a breaking change right now but in the future*
* [**migration-to-0.5.0**](https://github.com/hackmdio/migration-to-0.5.0)
We don't use LZString to compress socket.io data and DB data after version 0.5.0.
Please run the migration tool if you're upgrading from the old version.
* [**migration-to-0.4.0**](https://github.com/hackmdio/migration-to-0.4.0)
We've dropped MongoDB after version 0.4.0.
So here is the migration tool for you to transfer the old DB data to the new DB.
This tool is also used for official service.
# Configuration
There are some config settings you need to change in the files below.
```
./config.json ----application settings
```
## Environment variables (will overwrite other server configs)
| variables | example values | description |
| --------- | ------ | ----------- |
| `NODE_ENV` | `production` or `development` | set current environment (will apply corresponding settings in the `config.json`) |
| `DEBUG` | `true` or `false` | set debug mode; show more logs |
| `CMD_CONFIG_FILE` | `/path/to/config.json` | optional override for the path to CodiMD's config file |
| `CMD_DOMAIN` | `codimd.org` | domain name |
| `CMD_URL_PATH` | `codimd` | sub URL path, like `www.example.com/<URL_PATH>` |
| `CMD_HOST` | `localhost` | host to listen on |
| `CMD_PORT` | `80` | web app port |
| `CMD_PATH` | `/var/run/codimd.sock` | path to UNIX domain socket to listen on (if specified, `CMD_HOST` and `CMD_PORT` are ignored) |
| `CMD_LOGLEVEL` | `info` | Defines what kind of logs are provided to stdout. |
| `CMD_ALLOW_ORIGIN` | `localhost, codimd.org` | domain name whitelist (use comma to separate) |
| `CMD_PROTOCOL_USESSL` | `true` or `false` | set to use SSL protocol for resources path (only applied when domain is set) |
| `CMD_URL_ADDPORT` | `true` or `false` | set to add port on callback URL (ports `80` or `443` won't be applied) (only applied when domain is set) |
| `CMD_USECDN` | `true` or `false` | set to use CDN resources or not (default is `true`) |
| `CMD_ALLOW_ANONYMOUS` | `true` or `false` | set to allow anonymous usage (default is `true`) |
| `CMD_ALLOW_ANONYMOUS_EDITS` | `true` or `false` | if `allowAnonymous` is `true`, allow users to select `freely` permission, allowing guests to edit existing notes (default is `false`) |
| `CMD_ALLOW_FREEURL` | `true` or `false` | set to allow new note creation by accessing a nonexistent note URL |
| `CMD_FORBIDDEN_NODE_IDS` | `'robots.txt'` | disallow creation of notes, even if `CMD_ALLOW_FREEURL` is `true` |
| `CMD_DEFAULT_PERMISSION` | `freely`, `editable`, `limited`, `locked` or `private` | set notes default permission (only applied on signed users) |
| `CMD_DB_URL` | `mysql://localhost:3306/database` | set the database URL |
| `CMD_SESSION_SECRET` | no example | Secret used to sign the session cookie. If non is set, one will randomly generated on startup |
| `CMD_SESSION_LIFE` | `1209600000` | Session life time. (milliseconds) |
| `CMD_FACEBOOK_CLIENTID` | no example | Facebook API client id |
| `CMD_FACEBOOK_CLIENTSECRET` | no example | Facebook API client secret |
| `CMD_TWITTER_CONSUMERKEY` | no example | Twitter API consumer key |
| `CMD_TWITTER_CONSUMERSECRET` | no example | Twitter API consumer secret |
| `CMD_GITHUB_CLIENTID` | no example | GitHub API client id |
| `CMD_GITHUB_CLIENTSECRET` | no example | GitHub API client secret |
| `CMD_GITLAB_SCOPE` | `read_user` or `api` | GitLab API requested scope (default is `api`) (GitLab snippet import/export need `api` scope) |
| `CMD_GITLAB_BASEURL` | no example | GitLab authentication endpoint, set to use other endpoint than GitLab.com (optional) |
| `CMD_GITLAB_CLIENTID` | no example | GitLab API client id |
| `CMD_GITLAB_CLIENTSECRET` | no example | GitLab API client secret |
| `CMD_GITLAB_VERSION` | no example | GitLab API version (v3 or v4) |
| `CMD_MATTERMOST_BASEURL` | no example | Mattermost authentication endpoint for versions below 5.0. For Mattermost version 5.0 and above, see [guide](docs/guides/auth/mattermost-self-hosted.md). |
| `CMD_MATTERMOST_CLIENTID` | no example | Mattermost API client id |
| `CMD_MATTERMOST_CLIENTSECRET` | no example | Mattermost API client secret |
| `CMD_DROPBOX_CLIENTID` | no example | Dropbox API client id |
| `CMD_DROPBOX_CLIENTSECRET` | no example | Dropbox API client secret |
| `CMD_GOOGLE_CLIENTID` | no example | Google API client id |
| `CMD_GOOGLE_CLIENTSECRET` | no example | Google API client secret |
| `CMD_LDAP_URL` | `ldap://example.com` | URL of LDAP server |
| `CMD_LDAP_BINDDN` | no example | bindDn for LDAP access |
| `CMD_LDAP_BINDCREDENTIALS` | no example | bindCredentials for LDAP access |
| `CMD_LDAP_SEARCHBASE` | `o=users,dc=example,dc=com` | LDAP directory to begin search from |
| `CMD_LDAP_SEARCHFILTER` | `(uid={{username}})` | LDAP filter to search with |
| `CMD_LDAP_SEARCHATTRIBUTES` | `displayName, mail` | LDAP attributes to search with (use comma to separate) |
| `CMD_LDAP_USERIDFIELD` | `uidNumber` or `uid` or `sAMAccountName` | The LDAP field which is used uniquely identify a user on CodiMD |
| `CMD_LDAP_USERNAMEFIELD` | Fallback to userid | The LDAP field which is used as the username on CodiMD |
| `CMD_LDAP_TLS_CA` | `server-cert.pem, root.pem` | Root CA for LDAP TLS in PEM format (use comma to separate) |
| `CMD_LDAP_PROVIDERNAME` | `My institution` | Optional name to be displayed at login form indicating the LDAP provider |
| `CMD_SAML_IDPSSOURL` | `https://idp.example.com/sso` | authentication endpoint of IdP. for details, see [guide](docs/guides/auth/saml-onelogin.md). |
| `CMD_SAML_IDPCERT` | `/path/to/cert.pem` | certificate file path of IdP in PEM format |
| `CMD_SAML_ISSUER` | no example | identity of the service provider (optional, default: serverurl)" |
| `CMD_SAML_IDENTIFIERFORMAT` | no example | name identifier format (optional, default: `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress`) |
| `CMD_SAML_GROUPATTRIBUTE` | `memberOf` | attribute name for group list (optional) |
| `CMD_SAML_REQUIREDGROUPS` | `Hackmd-users` | group names that allowed (use vertical bar to separate) (optional) |
| `CMD_SAML_EXTERNALGROUPS` | `Temporary-staff` | group names that not allowed (use vertical bar to separate) (optional) |
| `CMD_SAML_ATTRIBUTE_ID` | `sAMAccountName` | attribute map for `id` (optional, default: NameID of SAML response) |
| `CMD_SAML_ATTRIBUTE_USERNAME` | `mailNickname` | attribute map for `username` (optional, default: NameID of SAML response) |
| `CMD_SAML_ATTRIBUTE_EMAIL` | `mail` | attribute map for `email` (optional, default: NameID of SAML response if `CMD_SAML_IDENTIFIERFORMAT` is default) |
| `CMD_OAUTH2_USER_PROFILE_URL` | `https://example.com` | where retrieve information about a user after succesful login. Needs to output JSON. (no default value) Refer to the [Mattermost](docs/guides/auth/mattermost-self-hosted.md) or [Nextcloud](docs/guides/auth/nextcloud.md) examples for more details on all of the `CMD_OAUTH2...` options. |
| `CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR` | `name` | where to find the username in the JSON from the user profile URL. (no default value)|
| `CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR` | `display-name` | where to find the display-name in the JSON from the user profile URL. (no default value) |
| `CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR` | `email` | where to find the email address in the JSON from the user profile URL. (no default value) |
| `CMD_OAUTH2_TOKEN_URL` | `https://example.com` | sometimes called token endpoint, please refer to the documentation of your OAuth2 provider (no default value) |
| `CMD_OAUTH2_AUTHORIZATION_URL` | `https://example.com` | authorization URL of your provider, please refer to the documentation of your OAuth2 provider (no default value) |
| `CMD_OAUTH2_CLIENT_ID` | `afae02fckafd...` | you will get this from your OAuth2 provider when you register CodiMD as OAuth2-client, (no default value) |
| `CMD_OAUTH2_CLIENT_SECRET` | `afae02fckafd...` | you will get this from your OAuth2 provider when you register CodiMD as OAuth2-client, (no default value) |
| `CMD_OAUTH2_PROVIDERNAME` | `My institution` | Optional name to be displayed at login form indicating the oAuth2 provider |
| `CMD_IMGUR_CLIENTID` | no example | Imgur API client id |
| `CMD_EMAIL` | `true` or `false` | set to allow email signin |
| `CMD_ALLOW_PDF_EXPORT` | `true` or `false` | Enable or disable PDF exports |
| `CMD_ALLOW_EMAIL_REGISTER` | `true` or `false` | set to allow email register (only applied when email is set, default is `true`. Note `bin/manage_users` might help you if registration is `false`.) |
| `CMD_ALLOW_GRAVATAR` | `true` or `false` | set to `false` to disable gravatar as profile picture source on your instance |
| `CMD_IMAGE_UPLOAD_TYPE` | `imgur`, `s3`, `minio` or `filesystem` | Where to upload images. For S3, see our Image Upload Guides for [S3](docs/guides/s3-image-upload.md) or [Minio](docs/guides/minio-image-upload.md) |
| `CMD_S3_ACCESS_KEY_ID` | no example | AWS access key id |
| `CMD_S3_SECRET_ACCESS_KEY` | no example | AWS secret key |
| `CMD_S3_REGION` | `ap-northeast-1` | AWS S3 region |
| `CMD_S3_BUCKET` | no example | AWS S3 bucket name |
| `CMD_MINIO_ACCESS_KEY` | no example | Minio access key |
| `CMD_MINIO_SECRET_KEY` | no example | Minio secret key |
| `CMD_MINIO_ENDPOINT` | `minio.example.org` | Address of your Minio endpoint/instance |
| `CMD_MINIO_PORT` | `9000` | Port that is used for your Minio instance |
| `CMD_MINIO_SECURE` | `true` | If set to `true` HTTPS is used for Minio |
| `CMD_AZURE_CONNECTION_STRING` | no example | Azure Blob Storage connection string |
| `CMD_AZURE_CONTAINER` | no example | Azure Blob Storage container name (automatically created if non existent) |
| `CMD_HSTS_ENABLE` | ` true` | set to enable [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) if HTTPS is also enabled (default is ` true`) |
| `CMD_HSTS_INCLUDE_SUBDOMAINS` | `true` | set to include subdomains in HSTS (default is `true`) |
| `CMD_HSTS_MAX_AGE` | `31536000` | max duration in seconds to tell clients to keep HSTS status (default is a year) |
| `CMD_HSTS_PRELOAD` | `true` | whether to allow preloading of the site's HSTS status (e.g. into browsers) |
| `CMD_CSP_ENABLE` | `true` | whether to enable Content Security Policy (directives cannot be configured with environment variables) |
| `CMD_CSP_REPORTURI` | `https://<someid>.report-uri.com/r/d/csp/enforce` | Allows to add a URL for CSP reports in case of violations |
| `CMD_SOURCE_URL` | `https://github.com/hackmdio/codimd/tree/<current commit>` | Provides the link to the source code of CodiMD on the entry page (Please, make sure you change this when you run a modified version) |
***Note:** Due to the rename process we renamed all `HMD_`-prefix variables to be `CMD_`-prefixed. The old ones continue to work.*
## Application settings `config.json`
| variables | example values | description |
| --------- | ------ | ----------- |
| `debug` | `true` or `false` | set debug mode, show more logs |
| `domain` | `localhost` | domain name |
| `urlPath` | `codimd` | sub URL path, like `www.example.com/<urlpath>` |
| `host` | `localhost` | host to listen on |
| `port` | `80` | web app port |
| `path` | `/var/run/codimd.sock` | path to UNIX domain socket to listen on (if specified, `host` and `port` are ignored) |
| `loglevel` | `info` | Defines what kind of logs are provided to stdout. |
| `allowOrigin` | `['localhost']` | domain name whitelist |
| `useSSL` | `true` or `false` | set to use SSL server (if `true`, will auto turn on `protocolUseSSL`) |
| `hsts` | `{"enable": true, "maxAgeSeconds": 31536000, "includeSubdomains": true, "preload": true}` | [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) options to use with HTTPS (default is the example value, max age is a year) |
| `csp` | `{"enable": true, "directives": {"scriptSrc": "trustworthy-scripts.example.com"}, "upgradeInsecureRequests": "auto", "addDefaults": true}` | Configures [Content Security Policy](https://helmetjs.github.io/docs/csp/). Directives are passed to Helmet - see [their documentation](https://helmetjs.github.io/docs/csp/) for more information on the format. Some defaults are added to the configured values so that the application doesn't break. To disable this behaviour, set `addDefaults` to `false`. Further, if `usecdn` is on, some CDN locations are allowed too. By default (`auto`), insecure (HTTP) requests are upgraded to HTTPS via CSP if `useSSL` is on. To change this behaviour, set `upgradeInsecureRequests` to either `true` or `false`. |
| `protocolUseSSL` | `true` or `false` | set to use SSL protocol for resources path (only applied when domain is set) |
| `urlAddPort` | `true` or `false` | set to add port on callback URL (ports `80` or `443` won't be applied) (only applied when domain is set) |
| `useCDN` | `true` or `false` | set to use CDN resources or not (default is `true`) |
| `allowAnonymous` | `true` or `false` | set to allow anonymous usage (default is `true`) |
| `allowAnonymousEdits` | `true` or `false` | if `allowAnonymous` is `true`: allow users to select `freely` permission, allowing guests to edit existing notes (default is `false`) |
| `allowFreeURL` | `true` or `false` | set to allow new note creation by accessing a nonexistent note URL |
| `forbiddenNoteIDs` | `['robots.txt']` | disallow creation of notes, even if `allowFreeUrl` is `true` |
| `defaultPermission` | `freely`, `editable`, `limited`, `locked`, `protected` or `private` | set notes default permission (only applied on signed users) |
| `dbURL` | `mysql://localhost:3306/database` | set the db URL; if set, then db config (below) won't be applied |
| `db` | `{ "dialect": "sqlite", "storage": "./db.codimd.sqlite" }` | set the db configs, [see more here](http://sequelize.readthedocs.org/en/latest/api/sequelize/) |
| `sslKeyPath` | `./cert/client.key` | SSL key path<sup>1</sup> (only need when you set `useSSL`) |
| `sslCertPath` | `./cert/codimd_io.crt` | SSL cert path<sup>1</sup> (only need when you set `useSSL`) |
| `sslCAPath` | `['./cert/COMODORSAAddTrustCA.crt']` | SSL ca chain<sup>1</sup> (only need when you set `useSSL`) |
| `dhParamPath` | `./cert/dhparam.pem` | SSL dhparam path<sup>1</sup> (only need when you set `useSSL`) |
| `tmpPath` | `./tmp/` | temp directory path<sup>1</sup> |
| `defaultNotePath` | `./public/default.md` | default note file path<sup>1</sup> |
| `docsPath` | `./public/docs` | docs directory path<sup>1</sup> |
| `viewPath` | `./public/views` | template directory path<sup>1</sup> |
| `uploadsPath` | `./public/uploads` | uploads directory<sup>1</sup> - needs to be persistent when you use imageUploadType `filesystem` |
| `sessionName` | `connect.sid` | cookie session name |
| `sessionSecret` | `secret` | cookie session secret |
| `sessionLife` | `14 * 24 * 60 * 60 * 1000` | cookie session life |
| `staticCacheTime` | `1 * 24 * 60 * 60 * 1000` | static file cache time |
| `heartbeatInterval` | `5000` | socket.io heartbeat interval |
| `heartbeatTimeout` | `10000` | socket.io heartbeat timeout |
| `documentMaxLength` | `100000` | note max length |
| `email` | `true` or `false` | set to allow email signin |
| `oauth2` | `{baseURL: ..., userProfileURL: ..., userProfileUsernameAttr: ..., userProfileDisplayNameAttr: ..., userProfileEmailAttr: ..., tokenURL: ..., authorizationURL: ..., clientID: ..., clientSecret: ...}` | An object detailing your OAuth2 provider. Refer to the [Mattermost](docs/guides/auth/mattermost-self-hosted.md) or [Nextcloud](docs/guides/auth/nextcloud.md) examples for more details!|
| `allowEmailRegister` | `true` or `false` | set to allow email register (only applied when email is set, default is `true`. Note `bin/manage_users` might help you if registration is `false`.) |
| `allowGravatar` | `true` or `false` | set to `false` to disable gravatar as profile picture source on your instance |
| `imageUploadType` | `imgur`, `s3`, `minio`, `azure`, `lutim` or `filesystem`(default) | Where to upload images. For S3, see our Image Upload Guides for [S3](docs/guides/s3-image-upload.md) or [Minio](docs/guides/minio-image-upload.md)|
|`lutim`| `{"url": "YOUR_LUTIM_URL"}`| When `imageUploadType` is set to `lutim`, you can setup the lutim url|
| `minio` | `{ "accessKey": "YOUR_MINIO_ACCESS_KEY", "secretKey": "YOUR_MINIO_SECRET_KEY", "endpoint": "YOUR_MINIO_HOST", port: 9000, secure: true }` | When `imageUploadType` is set to `minio`, you need to set this key. Also checkout our [Minio Image Upload Guide](docs/guides/minio-image-upload.md) |
| `s3` | `{ "accessKeyId": "YOUR_S3_ACCESS_KEY_ID", "secretAccessKey": "YOUR_S3_ACCESS_KEY", "region": "YOUR_S3_REGION" }` | When `imageuploadtype` be set to `s3`, you would also need to setup this key, check our [S3 Image Upload Guide](docs/guides/s3-image-upload.md) |
| `s3bucket` | `YOUR_S3_BUCKET_NAME` | bucket name when `imageUploadType` is set to `s3` or `minio` |
| `sourceURL` | `https://github.com/hackmdio/codimd/tree/<current commit>` | Provides the link to the source code of CodiMD on the entry page (Please, make sure you change this when you run a modified version) |
<sup>1</sup>: relative paths are based on CodiMD's base directory
## Third-party integration API key settings
| service | settings location | description |
| ------- | --------- | ----------- |
| facebook, twitter, github, gitlab, mattermost, dropbox, google, ldap, saml | environment variables or `config.json` | for signin |
| imgur, s3, minio, azure | environment variables or `config.json` | for image upload |
| dropbox(`dropbox/appKey`) | `config.json` | for export and import |
## Third-party integration OAuth callback URLs
| service | callback URL (after the server URL) |
| ------- | --------- |
| facebook | `/auth/facebook/callback` |
| twitter | `/auth/twitter/callback` |
| github | `/auth/github/callback` |
| gitlab | `/auth/gitlab/callback` |
| mattermost | `/auth/mattermost/callback` |
| dropbox | `/auth/dropbox/callback` |
| google | `/auth/google/callback` |
| saml | `/auth/saml/callback` |
# Developer Notes
## Structure
```text
codimd/
├── tmp/ --- temporary files
├── docs/ --- document files
├── lib/ --- server libraries
└── public/ --- client files
├── css/ --- css styles
├── js/ --- js scripts
├── vendor/ --- vendor includes
└── views/ --- view templates
```
## Operational Transformation
From 0.3.2, we started supporting operational transformation.
It makes concurrent editing safe and will not break up other users' operations.
Additionally, now can show other clients' selections.
See more at [http://operational-transformation.github.io/](http://operational-transformation.github.io/)
# License
## License
**License under AGPL.**
[matrix.org-image]: https://img.shields.io/badge/Matrix.org-%23CodiMD@matrix.org-green.svg
[matrix.org-url]: https://riot.im/app/#/room/#codimd:matrix.org
[travis-image]: https://travis-ci.org/hackmdio/codimd.svg?branch=master
[travis-url]: https://travis-ci.org/hackmdio/codimd
[gitter-image]: https://img.shields.io/badge/gitter-hackmdio/codimd-blue.svg
[gitter-url]: https://gitter.im/hackmdio/hackmd
[travis-image]: https://travis-ci.com/hackmdio/codimd.svg?branch=master
[travis-url]: https://travis-ci.com/hackmdio/codimd
[github-version-badge]: https://img.shields.io/github/release/hackmdio/codimd.svg
[github-release-page]: https://github.com/hackmdio/codimd/releases
[github-release-feed]: https://github.com/hackmdio/codimd/releases.atom
[poeditor-image]: https://img.shields.io/badge/POEditor-translate-blue.svg
[poeditor-url]: https://poeditor.com/join/project/1OpGjF2Jir
[poeditor-url]: https://poeditor.com/join/project/q0nuPWyztp

33
app.js
View File

@ -7,7 +7,6 @@ var ejs = require('ejs')
var passport = require('passport')
var methodOverride = require('method-override')
var cookieParser = require('cookie-parser')
var compression = require('compression')
var session = require('express-session')
var SequelizeStore = require('connect-session-sequelize')(session.Store)
var fs = require('fs')
@ -26,19 +25,17 @@ var response = require('./lib/response')
var models = require('./lib/models')
var csp = require('./lib/csp')
// server setup
var app = express()
var server = null
if (config.useSSL) {
var ca = (function () {
var i, len, results
function createHttpServer () {
if (config.useSSL) {
const ca = (function () {
let i, len, results
results = []
for (i = 0, len = config.sslCAPath.length; i < len; i++) {
results.push(fs.readFileSync(config.sslCAPath[i], 'utf8'))
}
return results
})()
var options = {
const options = {
key: fs.readFileSync(config.sslKeyPath, 'utf8'),
cert: fs.readFileSync(config.sslCertPath, 'utf8'),
ca: ca,
@ -46,11 +43,16 @@ if (config.useSSL) {
requestCert: false,
rejectUnauthorized: false
}
server = require('https').createServer(options, app)
} else {
server = require('http').createServer(app)
return require('https').createServer(options, app)
} else {
return require('http').createServer(app)
}
}
// server setup
var app = express()
var server = createHttpServer()
// logger
app.use(morgan('combined', {
'stream': logger.stream
@ -77,9 +79,6 @@ var sessionStore = new SequelizeStore({
db: models.sequelize
})
// compression
app.use(compression())
// use hsts to tell https users stick to this
if (config.hsts.enable) {
app.use(helmet.hsts({
@ -113,7 +112,7 @@ if (config.csp.enable) {
}
i18n.configure({
locales: ['en', 'zh-CN', 'zh-TW', 'fr', 'de', 'ja', 'es', 'ca', 'el', 'pt', 'it', 'tr', 'ru', 'nl', 'hr', 'pl', 'uk', 'hi', 'sv', 'eo', 'da', 'ko', 'id'],
locales: ['en', 'zh-CN', 'zh-TW', 'fr', 'de', 'ja', 'es', 'ca', 'el', 'pt', 'it', 'tr', 'ru', 'nl', 'hr', 'pl', 'uk', 'hi', 'sv', 'eo', 'da', 'ko', 'id', 'sr'],
cookie: 'locale',
directory: path.join(__dirname, '/locales'),
updateFiles: config.updateI18nFiles
@ -279,6 +278,7 @@ process.on('uncaughtException', function (err) {
function handleTermSignals () {
logger.info('CodiMD has been killed by signal, try to exit gracefully...')
realtime.maintenance = true
realtime.terminate()
// disconnect all socket.io clients
Object.keys(io.sockets.sockets).forEach(function (key) {
var socket = io.sockets.sockets[key]
@ -299,6 +299,9 @@ function handleTermSignals () {
})
}
}, 100)
setTimeout(() => {
process.exit(1)
}, 5000)
}
process.on('SIGINT', handleTermSignals)
process.on('SIGTERM', handleTermSignals)

2
app.json
View File

@ -6,7 +6,7 @@
"Markdown",
"Notes"
],
"website": "https://hackmd.io",
"website": "https://github.com/hackmdio/codimd",
"repository": "https://github.com/hackmdio/codimd",
"logo": "https://github.com/hackmdio/codimd/raw/master/public/codimd-icon-1024.png",
"success_url": "/",

118
bin/manage_users
View File

@ -1,119 +1,117 @@
#!/usr/bin/env node
// First configure the logger so it does not spam the console
const logger = require("../lib/logger");
logger.transports.forEach((transport) => transport.level = "warning")
const logger = require('../lib/logger')
logger.transports.forEach((transport) => {
transport.level = 'warning'
})
const models = require("../lib/models/");
const readline = require("readline-sync");
const minimist = require("minimist");
const models = require('../lib/models/')
const readline = require('readline-sync')
const minimist = require('minimist')
function showUsage(tips) {
function showUsage (tips) {
console.log(`${tips}
Command-line utility to create users for email-signin.
Usage: bin/manage_users [--pass password] (--add | --del) user-email
Options:
--add Add user with the specified user-email
--del Delete user with specified user-email
--reset Reset user password with specified user-email
--pass Use password from cmdline rather than prompting
`);
process.exit(1);
--add\tAdd user with the specified user-email
--del\tDelete user with specified user-email
--reset\tReset user password with specified user-email
--pass\tUse password from cmdline rather than prompting
`)
process.exit(1)
}
function getPass(argv, action) {
function getPass (argv, action) {
// Find whether we use cmdline or prompt password
if(typeof argv["pass"] !== 'string') {
return readline.question(`Password for ${argv[action]}:`, {hideEchoBack: true});
if (typeof argv['pass'] !== 'string') {
return readline.question(`Password for ${argv[action]}:`, { hideEchoBack: true })
}
console.log("Using password from commandline...");
return argv["pass"];
console.log('Using password from commandline...')
return argv['pass']
}
// Using an async function to be able to use await inside
async function createUser(argv) {
const existing_user = await models.User.findOne({where: {email: argv["add"]}});
async function createUser (argv) {
const existingUser = await models.User.findOne({ where: { email: argv['add'] } })
// Cannot create already-existing users
if(existing_user != undefined) {
console.log(`User with e-mail ${existing_user.email} already exists! Aborting ...`);
process.exit(1);
if (existingUser !== undefined) {
console.log(`User with e-mail ${existingUser.email} already exists! Aborting ...`)
process.exit(1)
}
const pass = getPass(argv, "add");
const pass = getPass(argv, 'add')
// Lets try to create, and check success
const ref = await models.User.create({email: argv["add"], password: pass});
if(ref == undefined) {
console.log(`Could not create user with email ${argv["add"]}`);
process.exit(1);
} else
console.log(`Created user with email ${argv["add"]}`);
const ref = await models.User.create({ email: argv['add'], password: pass })
if (ref === undefined) {
console.log(`Could not create user with email ${argv['add']}`)
process.exit(1)
} else { console.log(`Created user with email ${argv['add']}`) }
}
// Using an async function to be able to use await inside
async function deleteUser(argv) {
async function deleteUser (argv) {
// Cannot delete non-existing users
const existing_user = await models.User.findOne({where: {email: argv["del"]}});
if(existing_user === undefined) {
console.log(`User with e-mail ${argv["del"]} does not exist, cannot delete`);
process.exit(1);
const existingUser = await models.User.findOne({ where: { email: argv['del'] } })
if (existingUser === undefined) {
console.log(`User with e-mail ${argv['del']} does not exist, cannot delete`)
process.exit(1)
}
// Sadly .destroy() does not return any success value with all
// backends. See sequelize #4124
await existing_user.destroy();
console.log(`Deleted user ${argv["del"]} ...`);
await existingUser.destroy()
console.log(`Deleted user ${argv['del']} ...`)
}
// Using an async function to be able to use await inside
async function resetUser(argv) {
const existing_user = await models.User.findOne({where: {email: argv["reset"]}});
async function resetUser (argv) {
const existingUser = await models.User.findOne({ where: { email: argv['reset'] } })
// Cannot reset non-existing users
if(existing_user == undefined) {
console.log(`User with e-mail ${argv["reset"]} does not exist, cannot reset`);
process.exit(1);
if (existingUser === undefined) {
console.log(`User with e-mail ${argv['reset']} does not exist, cannot reset`)
process.exit(1)
}
const pass = getPass(argv, "reset");
const pass = getPass(argv, 'reset')
// set password and save
existing_user.password = pass;
await existing_user.save();
console.log(`User with email ${argv["reset"]} password has been reset`);
existingUser.password = pass
await existingUser.save()
console.log(`User with email ${argv['reset']} password has been reset`)
}
const options = {
add: createUser,
del: deleteUser,
reset: resetUser,
};
reset: resetUser
}
// Perform commandline-parsing
const argv = minimist(process.argv.slice(2));
const argv = minimist(process.argv.slice(2))
const keys = Object.keys(options);
const opts = keys.filter((key) => argv[key] !== undefined);
const action = opts[0];
const keys = Object.keys(options)
const opts = keys.filter((key) => argv[key] !== undefined)
const action = opts[0]
// Check for options missing
if (opts.length === 0) {
showUsage(`You did not specify either ${keys.map((key) => `--${key}`).join(' or ')}!`);
showUsage(`You did not specify either ${keys.map((key) => `--${key}`).join(' or ')}!`)
}
// Check if both are specified
if (opts.length > 1) {
showUsage(`You cannot ${action.join(' and ')} at the same time!`);
showUsage(`You cannot ${action.join(' and ')} at the same time!`)
}
// Check if not string
if (typeof argv[action] !== 'string') {
showUsage(`You must follow an email after --${action}`);
showUsage(`You must follow an email after --${action}`)
}
// Call respective processing functions
options[action](argv).then(function() {
process.exit(0);
});
options[action](argv).then(function () {
process.exit(0)
})

2
config.json.example
View File

@ -20,7 +20,7 @@
"loglevel": "info",
"hsts": {
"enable": true,
"maxAgeSeconds": "31536000",
"maxAgeSeconds": 31536000,
"includeSubdomains": true,
"preload": true
},

56
deployments/Dockerfile Normal file
View File

@ -0,0 +1,56 @@
FROM node:8.15.1-jessie AS BUILD
# use multi-stage build to build frontend javascript
WORKDIR /codimd
COPY . ./
RUN yarn install --non-interactive --pure-lockfile && \
yarn build
# ----------------------------------------------------
# Runtime Stage
FROM node:8.15.1 AS RUNTIME
# build for production
ENV NODE_ENV production
ENV PATH="/home/codimd/.npm-global/bin:${PATH}"
# setup isolated user for more security
ARG USER_NAME=codimd
ARG UID=1500
ARG GID=1500
RUN set +x -ue && \
wget https://github.com/hackmdio/portchecker/releases/download/v1.0.1/portchecker-linux-amd64.tar.gz && \
tar xvf portchecker-linux-amd64.tar.gz -C /usr/local/bin && \
mv /usr/local/bin/portchecker-linux-amd64 /usr/local/bin/pcheck && \
# Add user and groupd
groupadd --gid $GID $USER_NAME && \
useradd --uid $UID --gid $USER_NAME --no-log-init --create-home $USER_NAME && \
# setup local npm global directory
mkdir /home/codimd/.npm-global && \
echo "prefix=/home/codimd/.npm-global/" > /home/codimd/.npmrc && \
# setup app dir
mkdir /codimd && \
# adjust permission
chown -R $USER_NAME:$USER_NAME /home/codimd
# Copy build stage file to runtime
COPY --from=BUILD /codimd /codimd
RUN chown -R $USER_NAME:$USER_NAME /codimd
# change running user name
USER $USER_NAME
# build project
WORKDIR /codimd
RUN set +x -ue && \
cliVer=$(cat package.json | grep sequelize-cli | awk '{print substr($1, 2, length($1) - 3)"@"substr($2, 2, length($2) - 3)}') && \
npm -g install "$cliVer" && \
yarn install --production --non-interactive --pure-lockfile && \
yarn cache clean
VOLUME /codimd/public/uploads
EXPOSE 3000
ENTRYPOINT ["/codimd/docker-entrypoint.sh"]

7
deployments/dev-Dockerfile Normal file
View File

@ -0,0 +1,7 @@
FROM node:8.15.1-jessie
WORKDIR /codimd
EXPOSE 3000
VOLUME ['/codimd/node_modules']

25
deployments/dev-docker-compose.yml Normal file
View File

@ -0,0 +1,25 @@
version: '3'
services:
dev-database:
image: postgres:11.2
environment:
POSTGRES_USER: codimd
POSTGRES_PASSWORD: password
POSTGRES_DB: codimd
dev-codimd:
build:
dockerfile: ./deployments/dev-Dockerfile
context: ../
environment:
CMD_DB_URL: postgres://codimd:password@dev-database/codimd
volumes:
- ../:/codimd
- node_modules:/codimd/node_modules
- public_build:/codimd/public/build
- public_view_build:/codimd/public/views/build
ports:
- 3000:3000
volumes:
node_modules:
public_build:
public_view_build:

16
deployments/docker-compose.yml Normal file
View File

@ -0,0 +1,16 @@
version: '3'
services:
database:
image: postgres:11.2
environment:
POSTGRES_USER: codimd
POSTGRES_PASSWORD: password
POSTGRES_DB: codimd
codimd:
build:
dockerfile: ./deployments/Dockerfile
context: ../
environment:
CMD_DB_URL: postgres://codimd:password@database/codimd
ports:
- 3000:3000

9
deployments/docker-entrypoint.sh Executable file
View File

@ -0,0 +1,9 @@
#!/bin/bash
set -euo pipefail
pcheck -constr "$CMD_DB_URL"
sequelize db:migrate
node app.js

6
docs/guides/auth/saml.md
View File

@ -5,9 +5,9 @@ Authentication guide - SAML
The basic procedure is the same as the case of OneLogin which is mentioned in [OneLogin-Guide](./saml-onelogin.md). If you want to match your IdP, you can use more configurations as below.
* If your IdP accepts metadata XML of the service provider to ease configuraion, use this url to download metadata XML.
* If your IdP accepts metadata XML of the service provider to ease configuration, use this url to download metadata XML.
* {{your-serverurl}}/auth/saml/metadata
* _Note: If not accessable from IdP, download to local once and upload to IdP._
* _Note: If not accessible from IdP, download to local once and upload to IdP._
* Change the value of `issuer`, `identifierFormat` to match your IdP.
* `issuer`: A unique id to identify the application to the IdP, which is the base URL of your HackMD as default
* `identifierFormat`: A format of unique id to identify the user of IdP, which is the format based on email address as default. It is recommend that you use as below.
@ -59,7 +59,7 @@ The basic procedure is the same as the case of OneLogin which is mentioned in [O
HMD_SAML_ATTRIBUTE_EMAIL=mail
````
* If you want to controll permission by group membership, add group attribute name and required group (allowed) or external group (not allowed).
* If you want to control permission by group membership, add group attribute name and required group (allowed) or external group (not allowed).
* `groupAttribute`: An attribute name of group membership
* `requiredGroups`: Group names array for allowed access to HackMD. Use vertical bar to separate for environment variables.
* `externalGroups`: Group names array for not allowed access to HackMD. Use vertical bar to separate for environment variables.

5
lib/config/default.js
View File

@ -56,6 +56,8 @@ module.exports = {
// socket.io
heartbeatInterval: 5000,
heartbeatTimeout: 10000,
// toobusy-js
responseMaxLag: 70,
// document
documentMaxLength: 100000,
// image upload setting, available options are imgur/s3/filesystem/azure/lutim
@ -69,7 +71,8 @@ module.exports = {
s3: {
accessKeyId: undefined,
secretAccessKey: undefined,
region: undefined
region: undefined,
endpoint: undefined
},
minio: {
accessKey: undefined,

8
lib/config/environment.js
View File

@ -1,6 +1,6 @@
'use strict'
const {toBooleanConfig, toArrayConfig, toIntegerConfig} = require('./utils')
const { toBooleanConfig, toArrayConfig, toIntegerConfig } = require('./utils')
module.exports = {
sourceURL: process.env.CMD_SOURCE_URL,
@ -14,7 +14,7 @@ module.exports = {
useSSL: toBooleanConfig(process.env.CMD_USESSL),
hsts: {
enable: toBooleanConfig(process.env.CMD_HSTS_ENABLE),
maxAgeSeconds: process.env.CMD_HSTS_MAX_AGE,
maxAgeSeconds: toIntegerConfig(process.env.CMD_HSTS_MAX_AGE),
includeSubdomains: toBooleanConfig(process.env.CMD_HSTS_INCLUDE_SUBDOMAINS),
preload: toBooleanConfig(process.env.CMD_HSTS_PRELOAD)
},
@ -33,6 +33,7 @@ module.exports = {
dbURL: process.env.CMD_DB_URL,
sessionSecret: process.env.CMD_SESSION_SECRET,
sessionLife: toIntegerConfig(process.env.CMD_SESSION_LIFE),
responseMaxLag: toIntegerConfig(process.env.CMD_RESPONSE_MAX_LAG),
imageUploadType: process.env.CMD_IMAGE_UPLOAD_TYPE,
imgur: {
clientID: process.env.CMD_IMGUR_CLIENTID
@ -40,7 +41,8 @@ module.exports = {
s3: {
accessKeyId: process.env.CMD_S3_ACCESS_KEY_ID,
secretAccessKey: process.env.CMD_S3_SECRET_ACCESS_KEY,
region: process.env.CMD_S3_REGION
region: process.env.CMD_S3_REGION,
endpoint: process.env.CMD_S3_ENDPOINT
},
minio: {
accessKey: process.env.CMD_MINIO_ACCESS_KEY,

5
lib/config/hackmdEnvironment.js
View File

@ -1,6 +1,6 @@
'use strict'
const {toBooleanConfig, toArrayConfig, toIntegerConfig} = require('./utils')
const { toBooleanConfig, toArrayConfig, toIntegerConfig } = require('./utils')
module.exports = {
domain: process.env.HMD_DOMAIN,
@ -10,7 +10,7 @@ module.exports = {
useSSL: toBooleanConfig(process.env.HMD_USESSL),
hsts: {
enable: toBooleanConfig(process.env.HMD_HSTS_ENABLE),
maxAgeSeconds: process.env.HMD_HSTS_MAX_AGE,
maxAgeSeconds: toIntegerConfig(process.env.HMD_HSTS_MAX_AGE),
includeSubdomains: toBooleanConfig(process.env.HMD_HSTS_INCLUDE_SUBDOMAINS),
preload: toBooleanConfig(process.env.HMD_HSTS_PRELOAD)
},
@ -28,6 +28,7 @@ module.exports = {
dbURL: process.env.HMD_DB_URL,
sessionSecret: process.env.HMD_SESSION_SECRET,
sessionLife: toIntegerConfig(process.env.HMD_SESSION_LIFE),
responseMaxLag: toIntegerConfig(process.env.HMD_RESPONSE_MAX_LAG),
imageUploadType: process.env.HMD_IMAGE_UPLOAD_TYPE,
imgur: {
clientID: process.env.HMD_IMGUR_CLIENTID

10
lib/config/index.js
View File

@ -4,11 +4,11 @@
const crypto = require('crypto')
const fs = require('fs')
const path = require('path')
const {merge} = require('lodash')
const { merge } = require('lodash')
const deepFreeze = require('deep-freeze')
const {Environment, Permission} = require('./enum')
const { Environment, Permission } = require('./enum')
const logger = require('../logger')
const {getGitCommit, getGitHubURL} = require('./utils')
const { getGitCommit, getGitHubURL } = require('./utils')
const appRootPath = path.resolve(__dirname, '../../')
const env = process.env.NODE_ENV || Environment.development
@ -17,7 +17,7 @@ const debugConfig = {
}
// Get version string from package.json
const {version, repository} = require(path.join(appRootPath, 'package.json'))
const { version, repository } = require(path.join(appRootPath, 'package.json'))
const commitID = getGitCommit(appRootPath)
const sourceURL = getGitHubURL(repository.url, commitID || version)
@ -128,7 +128,7 @@ if (config.gitlab && config.gitlab.version !== 'v4' && config.gitlab.version !==
config.gitlab.version = 'v4'
}
// If gitlab scope is api, enable snippets Export/import
config.isGitlabSnippetsEnable = (!config.gitlab.scope || config.gitlab.scope === 'api')
config.isGitlabSnippetsEnable = (!config.gitlab.scope || config.gitlab.scope === 'api') && config.isGitLabEnable
// Only update i18n files in development setups
config.updateI18nFiles = (env === Environment.development)

2
lib/config/oldEnvironment.js
View File

@ -1,6 +1,6 @@
'use strict'
const {toBooleanConfig} = require('./utils')
const { toBooleanConfig } = require('./utils')
module.exports = {
debug: toBooleanConfig(process.env.DEBUG),

2
lib/history.js
View File

@ -1,7 +1,7 @@
'use strict'
// history
// external modules
var LZString = require('lz-string')
var LZString = require('@hackmd/lz-string')
// core
var config = require('./config')

3
lib/letter-avatars.js
View File

@ -30,13 +30,14 @@ exports.generateAvatarURL = function (name, email = '', big = true) {
if (typeof email !== 'string') {
email = '' + name + '@example.com'
}
name = encodeURIComponent(name)
let hash = crypto.createHash('md5')
hash.update(email.toLowerCase())
let hexDigest = hash.digest('hex')
if (email !== '' && config.allowGravatar) {
photo = 'https://www.gravatar.com/avatar/' + hexDigest;
photo = 'https://www.gravatar.com/avatar/' + hexDigest
if (big) {
photo += '?s=400'
} else {

2
lib/logger.js
View File

@ -1,5 +1,5 @@
'use strict'
const {createLogger, format, transports} = require('winston')
const { createLogger, format, transports } = require('winston')
const logger = createLogger({
level: 'debug',

20
lib/migrations/20171009121200-longtext-for-mysql.js
View File

@ -1,16 +1,16 @@
'use strict'
module.exports = {
up: function (queryInterface, Sequelize) {
queryInterface.changeColumn('Notes', 'content', {type: Sequelize.TEXT('long')})
queryInterface.changeColumn('Revisions', 'patch', {type: Sequelize.TEXT('long')})
queryInterface.changeColumn('Revisions', 'content', {type: Sequelize.TEXT('long')})
queryInterface.changeColumn('Revisions', 'lastContent', {type: Sequelize.TEXT('long')})
up: async function (queryInterface, Sequelize) {
await queryInterface.changeColumn('Notes', 'content', { type: Sequelize.TEXT('long') })
await queryInterface.changeColumn('Revisions', 'patch', { type: Sequelize.TEXT('long') })
await queryInterface.changeColumn('Revisions', 'content', { type: Sequelize.TEXT('long') })
await queryInterface.changeColumn('Revisions', 'lastContent', { type: Sequelize.TEXT('long') })
},
down: function (queryInterface, Sequelize) {
queryInterface.changeColumn('Notes', 'content', {type: Sequelize.TEXT})
queryInterface.changeColumn('Revisions', 'patch', {type: Sequelize.TEXT})
queryInterface.changeColumn('Revisions', 'content', {type: Sequelize.TEXT})
queryInterface.changeColumn('Revisions', 'lastContent', {type: Sequelize.TEXT})
down: async function (queryInterface, Sequelize) {
await queryInterface.changeColumn('Notes', 'content', { type: Sequelize.TEXT })
await queryInterface.changeColumn('Revisions', 'patch', { type: Sequelize.TEXT })
await queryInterface.changeColumn('Revisions', 'content', { type: Sequelize.TEXT })
await queryInterface.changeColumn('Revisions', 'lastContent', { type: Sequelize.TEXT })
}
}

12
lib/migrations/20180209120907-longtext-of-authorship.js
View File

@ -1,13 +1,13 @@
'use strict'
module.exports = {
up: function (queryInterface, Sequelize) {
queryInterface.changeColumn('Notes', 'authorship', {type: Sequelize.TEXT('long')})
queryInterface.changeColumn('Revisions', 'authorship', {type: Sequelize.TEXT('long')})
up: async function (queryInterface, Sequelize) {
await queryInterface.changeColumn('Notes', 'authorship', { type: Sequelize.TEXT('long') })
await queryInterface.changeColumn('Revisions', 'authorship', { type: Sequelize.TEXT('long') })
},
down: function (queryInterface, Sequelize) {
queryInterface.changeColumn('Notes', 'authorship', {type: Sequelize.TEXT})
queryInterface.changeColumn('Revisions', 'authorship', {type: Sequelize.TEXT})
down: async function (queryInterface, Sequelize) {
await queryInterface.changeColumn('Notes', 'authorship', { type: Sequelize.TEXT })
await queryInterface.changeColumn('Revisions', 'authorship', { type: Sequelize.TEXT })
}
}

8
lib/migrations/20180306150303-fix-enum.js
View File

@ -1,11 +1,11 @@
'use strict'
module.exports = {
up: function (queryInterface, Sequelize) {
queryInterface.changeColumn('Notes', 'permission', {type: Sequelize.ENUM('freely', 'editable', 'limited', 'locked', 'protected', 'private')})
up: async function (queryInterface, Sequelize) {
await queryInterface.changeColumn('Notes', 'permission', { type: Sequelize.ENUM('freely', 'editable', 'limited', 'locked', 'protected', 'private') })
},
down: function (queryInterface, Sequelize) {
queryInterface.changeColumn('Notes', 'permission', {type: Sequelize.ENUM('freely', 'editable', 'locked', 'private')})
down: async function (queryInterface, Sequelize) {
await queryInterface.changeColumn('Notes', 'permission', { type: Sequelize.ENUM('freely', 'editable', 'locked', 'private') })
}
}

10
lib/models/author.js
View File

@ -18,9 +18,10 @@ module.exports = function (sequelize, DataTypes) {
unique: true,
fields: ['noteId', 'userId']
}
],
classMethods: {
associate: function (models) {
]
})
Author.associate = function (models) {
Author.belongsTo(models.Note, {
foreignKey: 'noteId',
as: 'note',
@ -36,7 +37,6 @@ module.exports = function (sequelize, DataTypes) {
hooks: true
})
}
}
})
return Author
}

6
lib/models/index.js
View File

@ -3,14 +3,16 @@
var fs = require('fs')
var path = require('path')
var Sequelize = require('sequelize')
const {cloneDeep} = require('lodash')
const { cloneDeep } = require('lodash')
// core
var config = require('../config')
var logger = require('../logger')
var dbconfig = cloneDeep(config.db)
dbconfig.logging = config.debug ? logger.info : false
dbconfig.logging = config.debug ? (data) => {
logger.info(data)
} : false
var sequelize = null

165
lib/models/note.js
View File

@ -2,18 +2,19 @@
// external modules
var fs = require('fs')
var path = require('path')
var LZString = require('lz-string')
var LZString = require('@hackmd/lz-string')
var base64url = require('base64url')
var md = require('markdown-it')()
var metaMarked = require('meta-marked')
var metaMarked = require('@hackmd/meta-marked')
var cheerio = require('cheerio')
var shortId = require('shortid')
var Sequelize = require('sequelize')
var async = require('async')
var moment = require('moment')
var DiffMatchPatch = require('diff-match-patch')
var DiffMatchPatch = require('@hackmd/diff-match-patch')
var dmp = new DiffMatchPatch()
var S = require('string')
const { stripTags } = require('../../utils/string')
// core
var config = require('../config')
@ -86,8 +87,53 @@ module.exports = function (sequelize, DataTypes) {
}
}, {
paranoid: false,
classMethods: {
associate: function (models) {
hooks: {
beforeCreate: function (note, options) {
return new Promise(function (resolve, reject) {
// if no content specified then use default note
if (!note.content) {
var body = null
let filePath = null
if (!note.alias) {
filePath = config.defaultNotePath
} else {
filePath = path.join(config.docsPath, note.alias + '.md')
}
if (Note.checkFileExist(filePath)) {
var fsCreatedTime = moment(fs.statSync(filePath).ctime)
body = fs.readFileSync(filePath, 'utf8')
note.title = Note.parseNoteTitle(body)
note.content = body
if (filePath !== config.defaultNotePath) {
note.createdAt = fsCreatedTime
}
}
}
// if no permission specified and have owner then give default permission in config, else default permission is freely
if (!note.permission) {
if (note.ownerId) {
note.permission = config.defaultPermission
} else {
note.permission = 'freely'
}
}
return resolve(note)
})
},
afterCreate: function (note, options, callback) {
return new Promise(function (resolve, reject) {
sequelize.models.Revision.saveNoteRevision(note, function (err, revision) {
if (err) {
return reject(err)
}
return resolve(note)
})
})
}
}
})
Note.associate = function (models) {
Note.belongsTo(models.User, {
foreignKey: 'ownerId',
as: 'owner',
@ -109,21 +155,21 @@ module.exports = function (sequelize, DataTypes) {
as: 'authors',
constraints: false
})
},
checkFileExist: function (filePath) {
}
Note.checkFileExist = function (filePath) {
try {
return fs.statSync(filePath).isFile()
} catch (err) {
return false
}
},
encodeNoteId: function (id) {
}
Note.encodeNoteId = function (id) {
// remove dashes in UUID and encode in url-safe base64
let str = id.replace(/-/g, '')
let hexStr = Buffer.from(str, 'hex')
return base64url.encode(hexStr)
},
decodeNoteId: function (encodedId) {
}
Note.decodeNoteId = function (encodedId) {
// decode from url-safe base64
let id = base64url.toBuffer(encodedId).toString('hex')
// add dashes between the UUID string parts
@ -134,13 +180,13 @@ module.exports = function (sequelize, DataTypes) {
idParts.push(id.substr(16, 4))
idParts.push(id.substr(20, 12))
return idParts.join('-')
},
checkNoteIdValid: function (id) {
}
Note.checkNoteIdValid = function (id) {
var uuidRegex = /^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i
var result = id.match(uuidRegex)
if (result && result.length === 1) { return true } else { return false }
},
parseNoteId: function (noteId, callback) {
}
Note.parseNoteId = function (noteId, callback) {
async.series({
parseNoteIdByAlias: function (_callback) {
// try to parse note id by alias (e.g. doc)
@ -273,42 +319,42 @@ module.exports = function (sequelize, DataTypes) {
}
return callback(null, null)
})
},
parseNoteInfo: function (body) {
}
Note.parseNoteInfo = function (body) {
var parsed = Note.extractMeta(body)
var $ = cheerio.load(md.render(parsed.markdown))
return {
title: Note.extractNoteTitle(parsed.meta, $),
tags: Note.extractNoteTags(parsed.meta, $)
}
},
parseNoteTitle: function (body) {
}
Note.parseNoteTitle = function (body) {
var parsed = Note.extractMeta(body)
var $ = cheerio.load(md.render(parsed.markdown))
return Note.extractNoteTitle(parsed.meta, $)
},
extractNoteTitle: function (meta, $) {
}
Note.extractNoteTitle = function (meta, $) {
var title = ''
if (meta.title && (typeof meta.title === 'string' || typeof meta.title === 'number')) {
title = meta.title
} else {
var h1s = $('h1')
if (h1s.length > 0 && h1s.first().text().split('\n').length === 1) { title = S(h1s.first().text()).stripTags().s }
if (h1s.length > 0 && h1s.first().text().split('\n').length === 1) { title = stripTags(h1s.first().text()) }
}
if (!title) title = 'Untitled'
return title
},
generateDescription: function (markdown) {
}
Note.generateDescription = function (markdown) {
return markdown.substr(0, 100).replace(/(?:\r\n|\r|\n)/g, ' ')
},
decodeTitle: function (title) {
}
Note.decodeTitle = function (title) {
return title || 'Untitled'
},
generateWebTitle: function (title) {
}
Note.generateWebTitle = function (title) {
title = !title || title === 'Untitled' ? 'CodiMD - Collaborative markdown notes' : title + ' - CodiMD'
return title
},
extractNoteTags: function (meta, $) {
}
Note.extractNoteTags = function (meta, $) {
var tags = []
var rawtags = []
if (meta.tags && (typeof meta.tags === 'string' || typeof meta.tags === 'number')) {
@ -323,7 +369,7 @@ module.exports = function (sequelize, DataTypes) {
if (/^tags/gmi.test($(value).text())) {
var codes = $(value).find('code')
for (let i = 0; i < codes.length; i++) {
var text = S($(codes[i]).text().trim()).stripTags().s
var text = stripTags($(codes[i]).text().trim())
if (text) rawtags.push(text)
}
}
@ -340,8 +386,8 @@ module.exports = function (sequelize, DataTypes) {
if (!found) { tags.push(rawtags[i]) }
}
return tags
},
extractMeta: function (content) {
}
Note.extractMeta = function (content) {
var obj = null
try {
obj = metaMarked(content)
@ -354,8 +400,8 @@ module.exports = function (sequelize, DataTypes) {
}
}
return obj
},
parseMeta: function (meta) {
}
Note.parseMeta = function (meta) {
var _meta = {}
if (meta) {
if (meta.title && (typeof meta.title === 'string' || typeof meta.title === 'number')) { _meta.title = meta.title }
@ -366,8 +412,8 @@ module.exports = function (sequelize, DataTypes) {
if (meta.slideOptions && (typeof meta.slideOptions === 'object')) { _meta.slideOptions = meta.slideOptions }
}
return _meta
},
updateAuthorshipByOperation: function (operation, userId, authorships) {
}
Note.updateAuthorshipByOperation = function (operation, userId, authorships) {
var index = 0
var timestamp = Date.now()
for (let i = 0; i < operation.length; i++) {
@ -467,8 +513,8 @@ module.exports = function (sequelize, DataTypes) {
}
}
return authorships
},
transformPatchToOperations: function (patch, contentLength) {
}
Note.transformPatchToOperations = function (patch, contentLength) {
var operations = []
if (patch.length > 0) {
// calculate original content length
@ -527,45 +573,6 @@ module.exports = function (sequelize, DataTypes) {
}
return operations
}
},
hooks: {
beforeCreate: function (note, options, callback) {
// if no content specified then use default note
if (!note.content) {
var body = null
let filePath = null
if (!note.alias) {
filePath = config.defaultNotePath
} else {
filePath = path.join(config.docsPath, note.alias + '.md')
}
if (Note.checkFileExist(filePath)) {
var fsCreatedTime = moment(fs.statSync(filePath).ctime)
body = fs.readFileSync(filePath, 'utf8')
note.title = Note.parseNoteTitle(body)
note.content = body
if (filePath !== config.defaultNotePath) {
note.createdAt = fsCreatedTime
}
}
}
// if no permission specified and have owner then give default permission in config, else default permission is freely
if (!note.permission) {
if (note.ownerId) {
note.permission = config.defaultPermission
} else {
note.permission = 'freely'
}
}
return callback(null, note)
},
afterCreate: function (note, options, callback) {
sequelize.models.Revision.saveNoteRevision(note, function (err, revision) {
callback(err, note)
})
}
}
})
return Note
}

54
lib/models/revision.js
View File

@ -7,6 +7,8 @@ var childProcess = require('child_process')
var shortId = require('shortid')
var path = require('path')
var Op = Sequelize.Op
// core
var config = require('../config')
var logger = require('../logger')
@ -97,9 +99,9 @@ module.exports = function (sequelize, DataTypes) {
this.setDataValue('authorship', value ? JSON.stringify(value) : value)
}
}
}, {
classMethods: {
associate: function (models) {
})
Revision.associate = function (models) {
Revision.belongsTo(models.Note, {
foreignKey: 'noteId',
as: 'note',
@ -107,8 +109,8 @@ module.exports = function (sequelize, DataTypes) {
onDelete: 'CASCADE',
hooks: true
})
},
getNoteRevisions: function (note, callback) {
}
Revision.getNoteRevisions = function (note, callback) {
Revision.findAll({
where: {
noteId: note.id
@ -127,8 +129,8 @@ module.exports = function (sequelize, DataTypes) {
}).catch(function (err) {
callback(err, null)
})
},
getPatchedNoteRevisionByTime: function (note, time, callback) {
}
Revision.getPatchedNoteRevisionByTime = function (note, time, callback) {
// find all revisions to prepare for all possible calculation
Revision.findAll({
where: {
@ -142,7 +144,7 @@ module.exports = function (sequelize, DataTypes) {
where: {
noteId: note.id,
createdAt: {
$gte: time
[Op.gte]: time
}
},
order: [['createdAt', 'DESC']]
@ -159,8 +161,8 @@ module.exports = function (sequelize, DataTypes) {
}).catch(function (err) {
return callback(err, null)
})
},
checkAllNotesRevision: function (callback) {
}
Revision.checkAllNotesRevision = function (callback) {
Revision.saveAllNotesRevision(function (err, notes) {
if (err) return callback(err, null)
if (!notes || notes.length <= 0) {
@ -169,28 +171,28 @@ module.exports = function (sequelize, DataTypes) {
Revision.checkAllNotesRevision(callback)
}
})
},
saveAllNotesRevision: function (callback) {
}
Revision.saveAllNotesRevision = function (callback) {
sequelize.models.Note.findAll({
// query all notes that need to save for revision
where: {
$and: [
[Op.and]: [
{
lastchangeAt: {
$or: {
$eq: null,
$and: {
$ne: null,
$gt: sequelize.col('createdAt')
[Op.or]: {
[Op.eq]: null,
[Op.and]: {
[Op.ne]: null,
[Op.gt]: sequelize.col('createdAt')
}
}
}
},
{
savedAt: {
$or: {
$eq: null,
$lt: sequelize.col('lastchangeAt')
[Op.or]: {
[Op.eq]: null,
[Op.lt]: sequelize.col('lastchangeAt')
}
}
}
@ -228,8 +230,8 @@ module.exports = function (sequelize, DataTypes) {
}).catch(function (err) {
return callback(err, null)
})
},
saveNoteRevision: function (note, callback) {
}
Revision.saveNoteRevision = function (note, callback) {
Revision.findAll({
where: {
noteId: note.id
@ -293,8 +295,8 @@ module.exports = function (sequelize, DataTypes) {
}).catch(function (err) {
return callback(err, null)
})
},
finishSaveNoteRevision: function (note, revision, callback) {
}
Revision.finishSaveNoteRevision = function (note, revision, callback) {
note.update({
savedAt: revision.updatedAt
}).then(function () {
@ -303,8 +305,6 @@ module.exports = function (sequelize, DataTypes) {
return callback(err, null)
})
}
}
})
return Revision
}

33
lib/models/user.js
View File

@ -1,11 +1,11 @@
'use strict'
// external modules
var Sequelize = require('sequelize')
var scrypt = require('@mlink/scrypt')
var scrypt = require('scrypt')
// core
var logger = require('../logger')
var {generateAvatarURL} = require('../letter-avatars')
var { generateAvatarURL } = require('../letter-avatars')
module.exports = function (sequelize, DataTypes) {
var User = sequelize.define('User', {
@ -47,18 +47,17 @@ module.exports = function (sequelize, DataTypes) {
this.setDataValue('password', hash)
}
}
}, {
instanceMethods: {
verifyPassword: function (attempt) {
})
User.prototype.verifyPassword = function (attempt) {
if (scrypt.verifyKdfSync(Buffer.from(this.password, 'hex'), attempt)) {
return this
} else {
return false
}
}
},
classMethods: {
associate: function (models) {
User.associate = function (models) {
User.hasMany(models.Note, {
foreignKey: 'ownerId',
constraints: false
@ -67,14 +66,14 @@ module.exports = function (sequelize, DataTypes) {
foreignKey: 'lastchangeuserId',
constraints: false
})
},
getProfile: function (user) {
}
User.getProfile = function (user) {
if (!user) {
return null
}
return user.profile ? User.parseProfile(user.profile) : (user.email ? User.parseProfileByEmail(user.email) : null)
},
parseProfile: function (profile) {
}
User.parseProfile = function (profile) {
try {
profile = JSON.parse(profile)
} catch (err) {
@ -89,8 +88,8 @@ module.exports = function (sequelize, DataTypes) {
}
}
return profile
},
parsePhotoByProfile: function (profile, bigger) {
}
User.parsePhotoByProfile = function (profile, bigger) {
var photo = null
switch (profile.provider) {
case 'facebook':
@ -142,16 +141,14 @@ module.exports = function (sequelize, DataTypes) {
break
}
return photo
},
parseProfileByEmail: function (email) {
}
User.parseProfileByEmail = function (email) {
return {
name: email.substring(0, email.lastIndexOf('@')),
photo: generateAvatarURL('', email, false),
biggerphoto: generateAvatarURL('', email, true)
}
}
}
})
return User
}

106
lib/processQueue.js Normal file
View File

@ -0,0 +1,106 @@
'use strict'
const EventEmitter = require('events').EventEmitter
/**
* Queuing Class for connection queuing
*/
const QueueEvent = {
Tick: 'Tick',
Push: 'Push',
Finish: 'Finish'
}
class ProcessQueue extends EventEmitter {
constructor ({
maximumLength = 500,
triggerTimeInterval = 5000,
// execute on push
proactiveMode = true,
// execute next work on finish
continuousMode = true
}) {
super()
this.max = maximumLength
this.triggerTime = triggerTimeInterval
this.taskMap = new Map()
this.queue = []
this.lock = false
this.on(QueueEvent.Tick, this.onEventProcessFunc.bind(this))
if (proactiveMode) {
this.on(QueueEvent.Push, this.onEventProcessFunc.bind(this))
}
if (continuousMode) {
this.on(QueueEvent.Finish, this.onEventProcessFunc.bind(this))
}
}
onEventProcessFunc () {
if (this.lock) return
this.lock = true
setImmediate(() => {
this.process()
})
}
start () {
if (this.eventTrigger) return
this.eventTrigger = setInterval(() => {
this.emit(QueueEvent.Tick)
}, this.triggerTime)
}
stop () {
if (this.eventTrigger) {
clearInterval(this.eventTrigger)
this.eventTrigger = null
}
}
checkTaskIsInQueue (id) {
return this.taskMap.has(id)
}
/**
* pushWithKey a promisify-task to queue
* @param id {string}
* @param processingFunc {Function<Promise>}
* @returns {boolean} if success return true, otherwise false
*/
push (id, processingFunc) {
if (this.queue.length >= this.max) return false
if (this.checkTaskIsInQueue(id)) return false
const task = {
id: id,
processingFunc: processingFunc
}
this.taskMap.set(id, true)
this.queue.push(task)
this.start()
this.emit(QueueEvent.Push)
return true
}
process () {
if (this.queue.length <= 0) {
this.stop()
this.lock = false
return
}
const task = this.queue.shift()
this.taskMap.delete(task.id)
const finishTask = () => {
this.lock = false
setImmediate(() => {
this.emit(QueueEvent.Finish)
})
}
task.processingFunc().then(finishTask).catch(finishTask)
}
}
exports.ProcessQueue = ProcessQueue

938
lib/realtime.js
View File

File diff suppressed because it is too large Load Diff

49
lib/realtimeCleanDanglingUserJob.js Normal file
View File

@ -0,0 +1,49 @@
'use strict'
const async = require('async')
const config = require('./config')
const logger = require('./logger')
/**
* clean when user not in any rooms or user not in connected list
*/
class CleanDanglingUserJob {
constructor (realtime) {
this.realtime = realtime
}
start () {
if (this.timer) return
this.timer = setInterval(this.cleanDanglingUser.bind(this), 60000)
}
stop () {
if (!this.timer) return
clearInterval(this.timer)
this.timer = undefined
}
cleanDanglingUser () {
const users = this.realtime.getUserPool()
async.each(Object.keys(users), (key, callback) => {
const socket = this.realtime.io.sockets.connected[key]
if ((!socket && users[key]) ||
(socket && (!socket.rooms || socket.rooms.length <= 0))) {
if (config.debug) {
logger.info('cleaner found redundant user: ' + key)
}
if (!socket) {
return callback(null, null)
}
if (!this.realtime.disconnectProcessQueue.checkTaskIsInQueue(socket.id)) {
this.realtime.queueForDisconnect(socket)
}
}
return callback(null, null)
}, function (err) {
if (err) return logger.error('cleaner error', err)
})
}
}
exports.CleanDanglingUserJob = CleanDanglingUserJob

232
lib/realtimeClientConnection.js Normal file
View File

@ -0,0 +1,232 @@
'use strict'
const get = require('lodash/get')
const config = require('./config')
const models = require('./models')
const logger = require('./logger')
class RealtimeClientConnection {
constructor (socket) {
this.socket = socket
this.realtime = require('./realtime')
}
registerEventHandler () {
// received client refresh request
this.socket.on('refresh', this.refreshEventHandler.bind(this))
// received user status
this.socket.on('user status', this.userStatusEventHandler.bind(this))
// when a new client disconnect
this.socket.on('disconnect', this.disconnectEventHandler.bind(this))
// received cursor focus
this.socket.on('cursor focus', this.cursorFocusEventHandler.bind(this))
// received cursor activity
this.socket.on('cursor activity', this.cursorActivityEventHandler.bind(this))
// received cursor blur
this.socket.on('cursor blur', this.cursorBlurEventHandler.bind(this))
// check version
this.socket.on('version', this.checkVersionEventHandler.bind(this))
// received sync of online users request
this.socket.on('online users', this.onlineUsersEventHandler.bind(this))
// reveiced when user logout or changed
this.socket.on('user changed', this.userChangedEventHandler.bind(this))
// delete a note
this.socket.on('delete', this.deleteNoteEventHandler.bind(this))
// received note permission change request
this.socket.on('permission', this.permissionChangeEventHandler.bind(this))
}
isUserLoggedIn () {
return this.socket.request.user && this.socket.request.user.logged_in
}
isNoteAndUserExists () {
const note = this.realtime.getNoteFromNotePool(this.socket.noteId)
const user = this.realtime.getUserFromUserPool(this.socket.id)
return note && user
}
isNoteOwner () {
const note = this.getCurrentNote()
return get(note, 'owner') === this.getCurrentLoggedInUserId()
}
isAnonymousEnable () {
// TODO: move this method to config module
return config.allowAnonymous || config.allowAnonymousEdits
}
getCurrentUser () {
if (!this.socket.id) return
return this.realtime.getUserFromUserPool(this.socket.id)
}
getCurrentLoggedInUserId () {
return get(this.socket, 'request.user.id')
}
getCurrentNote () {
if (!this.socket.noteId) return
return this.realtime.getNoteFromNotePool(this.socket.noteId)
}
getNoteChannel () {
return this.socket.broadcast.to(this.socket.noteId)
}
async destroyNote (id) {
return models.Note.destroy({
where: { id: id }
})
}
async changeNotePermission (newPermission) {
const [changedRows] = await models.Note.update({
permission: newPermission
}, {
where: {
id: this.getCurrentNote().id
}
})
if (changedRows !== 1) {
throw new Error(`updated permission failed, cannot set permission ${newPermission} to note ${this.getCurrentNote().id}`)
}
}
notifyPermissionChanged () {
this.realtime.io.to(this.getCurrentNote().id).emit('permission', {
permission: this.getCurrentNote().permission
})
this.getCurrentNote().socks.forEach((sock) => {
if (sock) {
if (!this.realtime.checkViewPermission(sock.request, this.getCurrentNote())) {
sock.emit('info', {
code: 403
})
setTimeout(function () {
sock.disconnect(true)
}, 0)
}
}
})
}
refreshEventHandler () {
this.realtime.emitRefresh(this.socket)
}
checkVersionEventHandler () {
this.socket.emit('version', {
version: config.fullversion,
minimumCompatibleVersion: config.minimumCompatibleVersion
})
}
userStatusEventHandler (data) {
if (!this.isNoteAndUserExists()) return
const user = this.getCurrentUser()
if (config.debug) {
logger.info('SERVER received [' + this.socket.noteId + '] user status from [' + this.socket.id + ']: ' + JSON.stringify(data))
}
if (data) {
user.idle = data.idle
user.type = data.type
}
this.realtime.emitUserStatus(this.socket)
}
userChangedEventHandler () {
logger.info('user changed')
const note = this.getCurrentNote()
if (!note) return
const user = note.users[this.socket.id]
if (!user) return
this.realtime.updateUserData(this.socket, user)
this.realtime.emitOnlineUsers(this.socket)
}
onlineUsersEventHandler () {
if (!this.isNoteAndUserExists()) return
const currentNote = this.getCurrentNote()
const currentNoteOnlineUserList = Object.keys(currentNote.users)
.map(key => this.realtime.buildUserOutData(currentNote.users[key]))
this.socket.emit('online users', {
users: currentNoteOnlineUserList
})
}
cursorFocusEventHandler (data) {
if (!this.isNoteAndUserExists()) return
const user = this.getCurrentUser()
user.cursor = data
const out = this.realtime.buildUserOutData(user)
this.getNoteChannel().emit('cursor focus', out)
}
cursorActivityEventHandler (data) {
if (!this.isNoteAndUserExists()) return
const user = this.getCurrentUser()
user.cursor = data
const out = this.realtime.buildUserOutData(user)
this.getNoteChannel().emit('cursor activity', out)
}
cursorBlurEventHandler () {
if (!this.isNoteAndUserExists()) return
const user = this.getCurrentUser()
user.cursor = null
this.getNoteChannel().emit('cursor blur', {
id: this.socket.id
})
}
deleteNoteEventHandler () {
// need login to do more actions
if (this.isUserLoggedIn() && this.isNoteAndUserExists()) {
const note = this.getCurrentNote()
// Only owner can delete note
if (note.owner && note.owner === this.getCurrentLoggedInUserId()) {
this.destroyNote(note.id)
.then((successRows) => {
if (!successRows) return
this.realtime.disconnectSocketOnNote(note)
})
.catch(function (err) {
return logger.error('delete note failed: ' + err)
})
}
}
}
permissionChangeEventHandler (permission) {
if (!this.isUserLoggedIn()) return
if (!this.isNoteAndUserExists()) return
const note = this.getCurrentNote()
// Only owner can change permission
if (!this.isNoteOwner()) return
if (!this.isAnonymousEnable() && permission === 'freely') return
this.changeNotePermission(permission)
.then(() => {
note.permission = permission
this.notifyPermissionChanged()
})
.catch(err => logger.error('update note permission failed: ' + err))
}
disconnectEventHandler () {
if (this.realtime.disconnectProcessQueue.checkTaskIsInQueue(this.socket.id)) {
return
}
this.realtime.queueForDisconnect(this.socket)
}
}
exports.RealtimeClientConnection = RealtimeClientConnection

45
lib/realtimeSaveRevisionJob.js Normal file
View File

@ -0,0 +1,45 @@
'use strict'
const models = require('./models')
const logger = require('./logger')
/**
* clean when user not in any rooms or user not in connected list
*/
class SaveRevisionJob {
constructor (realtime) {
this.realtime = realtime
this.saverSleep = false
}
start () {
if (this.timer) return
this.timer = setInterval(this.saveRevision.bind(this), 5 * 60 * 1000)
}
stop () {
if (!this.timer) return
clearInterval(this.timer)
this.timer = undefined
}
saveRevision () {
if (this.getSaverSleep()) return
models.Revision.saveAllNotesRevision((err, notes) => {
if (err) return logger.error('revision saver failed: ' + err)
if (notes && notes.length <= 0) {
this.setSaverSleep(true)
}
})
}
getSaverSleep () {
return this.saverSleep
}
setSaverSleep (val) {
this.saverSleep = val
}
}
exports.SaveRevisionJob = SaveRevisionJob

78
lib/realtimeUpdateDirtyNoteJob.js Normal file
View File

@ -0,0 +1,78 @@
'use strict'
const config = require('./config')
const logger = require('./logger')
const moment = require('moment')
class UpdateDirtyNoteJob {
constructor (realtime) {
this.realtime = realtime
}
start () {
if (this.timer) return
this.timer = setInterval(this.updateDirtyNotes.bind(this), 1000)
}
stop () {
if (!this.timer) return
clearInterval(this.timer)
this.timer = undefined
}
updateDirtyNotes () {
const notes = this.realtime.getNotePool()
Object.keys(notes).forEach((key) => {
const note = notes[key]
this.updateDirtyNote(note)
.catch((err) => {
logger.error('updateDirtyNote: updater error', err)
})
})
}
async updateDirtyNote (note) {
const notes = this.realtime.getNotePool()
if (!note.server.isDirty) return
if (config.debug) logger.info('updateDirtyNote: updater found dirty note: ' + note.id)
note.server.isDirty = false
try {
const _note = await this.updateNoteAsync(note)
// handle when note already been clean up
if (!notes[note.id] || !notes[note.id].server) return
if (!_note) {
this.realtime.io.to(note.id).emit('info', {
code: 404
})
logger.error('updateDirtyNote: note not found: ', note.id)
this.realtime.disconnectSocketOnNote(note)
}
note.updatetime = moment(_note.lastchangeAt).valueOf()
this.realtime.emitCheck(note)
} catch (err) {
logger.error('updateDirtyNote: note not found: ', note.id)
this.realtime.io.to(note.id).emit('info', {
code: 404
})
this.realtime.disconnectSocketOnNote(note)
throw err
}
}
updateNoteAsync (note) {
return new Promise((resolve, reject) => {
this.realtime.updateNote(note, (err, _note) => {
if (err) {
return reject(err)
}
return resolve(_note)
})
})
}
}
exports.UpdateDirtyNoteJob = UpdateDirtyNoteJob

15
lib/response.js
View File

@ -14,16 +14,17 @@ var config = require('./config')
var logger = require('./logger')
var models = require('./models')
var utils = require('./utils')
var history = require('./history')
// public
var response = {
errorForbidden: function (res) {
const {req} = res
const { req } = res
if (req.user) {
responseError(res, '403', 'Forbidden', 'oh no.')
} else {
req.flash('error', 'You are not allowed to access this page. Maybe try logging in?')
res.redirect(config.serverURL)
res.redirect(config.serverURL + '/')
}
},
errorNotFound: function (res) {
@ -106,6 +107,12 @@ function responseCodiMD (res, note) {
})
}
function updateHistory (userId, note, document, time) {
var noteId = note.alias ? note.alias : models.Note.encodeNoteId(note.id)
history.updateHistory(userId, noteId, document, time)
logger.info('history updated')
}
function newNote (req, res, next) {
var owner = null
var body = ''
@ -125,6 +132,10 @@ function newNote (req, res, next) {
alias: req.alias ? req.alias : null,
content: body
}).then(function (note) {
if (req.isAuthenticated()) {
updateHistory(owner, note, body)
}
return res.redirect(config.serverURL + '/' + models.Note.encodeNoteId(note.id))
}).catch(function (err) {
logger.error(err)

2
lib/web/auth/dropbox/index.js
View File

@ -4,7 +4,7 @@ const Router = require('express').Router
const passport = require('passport')
const DropboxStrategy = require('passport-dropbox-oauth2').Strategy
const config = require('../../../config')
const {setReturnToFromReferer, passportGeneralCallback} = require('../utils')
const { setReturnToFromReferer, passportGeneralCallback } = require('../utils')
let dropboxAuth = module.exports = Router()

4
lib/web/auth/email/index.js
View File

@ -7,8 +7,8 @@ const LocalStrategy = require('passport-local').Strategy
const config = require('../../../config')
const models = require('../../../models')
const logger = require('../../../logger')
const {setReturnToFromReferer} = require('../utils')
const {urlencodedParser} = require('../../utils')
const { setReturnToFromReferer } = require('../utils')
const { urlencodedParser } = require('../../utils')
const response = require('../../../response')
let emailAuth = module.exports = Router()

2
lib/web/auth/facebook/index.js
View File

@ -5,7 +5,7 @@ const passport = require('passport')
const FacebookStrategy = require('passport-facebook').Strategy
const config = require('../../../config')
const {setReturnToFromReferer, passportGeneralCallback} = require('../utils')
const { setReturnToFromReferer, passportGeneralCallback } = require('../utils')
let facebookAuth = module.exports = Router()

2
lib/web/auth/github/index.js
View File

@ -5,7 +5,7 @@ const passport = require('passport')
const GithubStrategy = require('passport-github').Strategy
const config = require('../../../config')
const response = require('../../../response')
const {setReturnToFromReferer, passportGeneralCallback} = require('../utils')
const { setReturnToFromReferer, passportGeneralCallback } = require('../utils')
let githubAuth = module.exports = Router()

2
lib/web/auth/gitlab/index.js
View File

@ -5,7 +5,7 @@ const passport = require('passport')
const GitlabStrategy = require('passport-gitlab2').Strategy
const config = require('../../../config')
const response = require('../../../response')
const {setReturnToFromReferer, passportGeneralCallback} = require('../utils')
const { setReturnToFromReferer, passportGeneralCallback } = require('../utils')
let gitlabAuth = module.exports = Router()

7
lib/web/auth/google/index.js
View File

@ -4,21 +4,22 @@ const Router = require('express').Router
const passport = require('passport')
var GoogleStrategy = require('passport-google-oauth20').Strategy
const config = require('../../../config')
const {setReturnToFromReferer, passportGeneralCallback} = require('../utils')
const { setReturnToFromReferer, passportGeneralCallback } = require('../utils')
let googleAuth = module.exports = Router()
passport.use(new GoogleStrategy({
clientID: config.google.clientID,
clientSecret: config.google.clientSecret,
callbackURL: config.serverURL + '/auth/google/callback'
callbackURL: config.serverURL + '/auth/google/callback',
userProfileURL: 'https://www.googleapis.com/oauth2/v3/userinfo'
}, passportGeneralCallback))
googleAuth.get('/auth/google', function (req, res, next) {
setReturnToFromReferer(req)
passport.authenticate('google', { scope: ['profile'] })(req, res, next)
})
// google auth callback
// google auth callback
googleAuth.get('/auth/google/callback',
passport.authenticate('google', {
successReturnToOrRedirect: config.serverURL + '/',

4
lib/web/auth/ldap/index.js
View File

@ -6,8 +6,8 @@ const LDAPStrategy = require('passport-ldapauth')
const config = require('../../../config')
const models = require('../../../models')
const logger = require('../../../logger')
const {setReturnToFromReferer} = require('../utils')
const {urlencodedParser} = require('../../utils')
const { setReturnToFromReferer } = require('../utils')
const { urlencodedParser } = require('../../utils')
const response = require('../../../response')
let ldapAuth = module.exports = Router()

27
lib/web/auth/mattermost/index.js
View File

@ -1,16 +1,17 @@
'use strict'
require('babel-polyfill')
require('isomorphic-fetch')
const Router = require('express').Router
const passport = require('passport')
const Mattermost = require('mattermost')
const MattermostClient = require('mattermost-redux/client/client4').default
const OAuthStrategy = require('passport-oauth2').Strategy
const config = require('../../../config')
const {setReturnToFromReferer, passportGeneralCallback} = require('../utils')
const mattermost = new Mattermost.Client()
const { setReturnToFromReferer, passportGeneralCallback } = require('../utils')
let mattermostAuth = module.exports = Router()
const mattermostClient = new MattermostClient()
let mattermostStrategy = new OAuthStrategy({
authorizationURL: config.mattermost.baseURL + '/oauth/authorize',
tokenURL: config.mattermost.baseURL + '/oauth/access_token',
@ -20,17 +21,11 @@ let mattermostStrategy = new OAuthStrategy({
}, passportGeneralCallback)
mattermostStrategy.userProfile = (accessToken, done) => {
mattermost.setUrl(config.mattermost.baseURL)
mattermost.token = accessToken
mattermost.useHeaderToken()
mattermost.getMe(
(data) => {
done(null, data)
},
(err) => {
done(err)
}
)
mattermostClient.setUrl(config.mattermost.baseURL)
mattermostClient.setToken(accessToken)
mattermostClient.getMe()
.then((data) => done(null, data))
.catch((err) => done(err))
}
passport.use(mattermostStrategy)

2
lib/web/auth/oauth2/index.js
View File

@ -4,7 +4,7 @@ const Router = require('express').Router
const passport = require('passport')
const { Strategy, InternalOAuthError } = require('passport-oauth2')
const config = require('../../../config')
const {setReturnToFromReferer, passportGeneralCallback} = require('../utils')
const { setReturnToFromReferer, passportGeneralCallback } = require('../utils')
let oauth2Auth = module.exports = Router()

4
lib/web/auth/openid/index.js
View File

@ -6,8 +6,8 @@ const OpenIDStrategy = require('@passport-next/passport-openid').Strategy
const config = require('../../../config')
const models = require('../../../models')
const logger = require('../../../logger')
const {urlencodedParser} = require('../../utils')
const {setReturnToFromReferer} = require('../utils')
const { urlencodedParser } = require('../../utils')
const { setReturnToFromReferer } = require('../utils')
let openIDAuth = module.exports = Router()

2
lib/web/auth/saml/index.js
View File

@ -6,7 +6,7 @@ const SamlStrategy = require('passport-saml').Strategy
const config = require('../../../config')
const models = require('../../../models')
const logger = require('../../../logger')
const {urlencodedParser} = require('../../utils')
const { urlencodedParser } = require('../../utils')
const fs = require('fs')
const intersection = function (array1, array2) { return array1.filter((n) => array2.includes(n)) }

2
lib/web/auth/twitter/index.js
View File

@ -5,7 +5,7 @@ const passport = require('passport')
const TwitterStrategy = require('passport-twitter').Strategy
const config = require('../../../config')
const {setReturnToFromReferer, passportGeneralCallback} = require('../utils')
const { setReturnToFromReferer, passportGeneralCallback } = require('../utils')
let twitterAuth = module.exports = Router()

2
lib/web/historyRouter.js
View File

@ -2,7 +2,7 @@
const Router = require('express').Router
const {urlencodedParser} = require('./utils')
const { urlencodedParser } = require('./utils')
const history = require('../history')
const historyRouter = module.exports = Router()

9
lib/web/imageRouter/filesystem.js
View File

@ -16,5 +16,12 @@ exports.uploadImage = function (imagePath, callback) {
return
}
callback(null, (new URL(path.basename(imagePath), config.serverURL + '/uploads/')).href)
let url
try {
url = (new URL(path.basename(imagePath), config.serverURL + '/uploads/')).href
} catch (e) {
url = config.serverURL + '/uploads/' + path.basename(imagePath)
}
callback(null, url)
}

2
lib/web/imageRouter/imgur.js
View File

@ -2,7 +2,7 @@
const config = require('../../config')
const logger = require('../../logger')
const imgur = require('imgur')
const imgur = require('@hackmd/imgur')
exports.uploadImage = function (imagePath, callback) {
if (!imagePath || typeof imagePath !== 'string') {

6
lib/web/imageRouter/minio.js
View File

@ -3,7 +3,7 @@ const fs = require('fs')
const path = require('path')
const config = require('../../config')
const {getImageMimeType} = require('../../utils')
const { getImageMimeType } = require('../../utils')
const logger = require('../../logger')
const Minio = require('minio')
@ -40,7 +40,9 @@ exports.uploadImage = function (imagePath, callback) {
callback(new Error(err), null)
return
}
callback(null, `${protocol}://${config.minio.endPoint}:${config.minio.port}/${config.s3bucket}/${key}`)
let hidePort = [80, 443].includes(config.minio.port)
let urlPort = hidePort ? '' : `:${config.minio.port}`
callback(null, `${protocol}://${config.minio.endPoint}${urlPort}/${config.s3bucket}/${key}`)
})
})
}

6
lib/web/imageRouter/s3.js
View File

@ -3,7 +3,7 @@ const fs = require('fs')
const path = require('path')
const config = require('../../config')
const {getImageMimeType} = require('../../utils')
const { getImageMimeType } = require('../../utils')
const logger = require('../../logger')
const AWS = require('aws-sdk')
@ -42,7 +42,9 @@ exports.uploadImage = function (imagePath, callback) {
}
let s3Endpoint = 's3.amazonaws.com'
if (config.s3.region && config.s3.region !== 'us-east-1') {
if (config.s3.endpoint) {
s3Endpoint = config.s3.endpoint
} else if (config.s3.region && config.s3.region !== 'us-east-1') {
s3Endpoint = `s3-${config.s3.region}.amazonaws.com`
}
callback(null, `https://${s3Endpoint}/${config.s3bucket}/${params.Key}`)

3
lib/web/middleware/tooBusy.js
View File

@ -2,8 +2,11 @@
const toobusy = require('toobusy-js')
const config = require('../../config')
const response = require('../../response')
toobusy.maxLag(config.responseMaxLag)
module.exports = function (req, res, next) {
if (toobusy()) {
response.errorServiceUnavailable(res)

2
lib/web/noteRouter.js
View File

@ -4,7 +4,7 @@ const Router = require('express').Router
const response = require('../response')
const {markdownParser} = require('./utils')
const { markdownParser } = require('./utils')
const noteRouter = module.exports = Router()

2
lib/web/statusRouter.js
View File

@ -8,7 +8,7 @@ const config = require('../config')
const models = require('../models')
const logger = require('../logger')
const {urlencodedParser} = require('./utils')
const { urlencodedParser } = require('./utils')
const statusRouter = module.exports = Router()

4
lib/web/userRouter.js
View File

@ -8,7 +8,7 @@ const response = require('../response')
const config = require('../config')
const models = require('../models')
const logger = require('../logger')
const {generateAvatar} = require('../letter-avatars')
const { generateAvatar } = require('../letter-avatars')
const UserRouter = module.exports = Router()
@ -33,7 +33,7 @@ UserRouter.get('/me', function (req, res) {
return response.errorInternalError(res)
})
} else {
res.send({
res.status(401).send({
status: 'forbidden'
})
}

2
lib/workers/dmpWorker.js
View File

@ -1,6 +1,6 @@
'use strict'
// external modules
var DiffMatchPatch = require('diff-match-patch')
var DiffMatchPatch = require('@hackmd/diff-match-patch')
var dmp = new DiffMatchPatch()
// core

4
locales/en.json
View File

@ -113,5 +113,7 @@
"Delete user": "Delete user",
"Export user data": "Export user data",
"Help us translating on %s": "Help us translating on %s",
"Source Code": "Source Code"
"Source Code": "Source Code",
"Powered by %s": "Powered by %s",
"Register": "Register"
}

22
locales/fr.json
View File

@ -15,7 +15,7 @@
"or": "ou",
"Sign Out": "Se déconnecter",
"Explore all features": "Explorer toutes les fonctionnalités",
"Select tags...": "Selectionner les tags...",
"Select tags...": "Sélectionner les tags...",
"Search keyword...": "Chercher un mot-clef...",
"Sort by title": "Trier par titre",
"Title": "Titre",
@ -29,7 +29,7 @@
"Import from browser": "Importer depuis le navigateur",
"Releases": "Versions",
"Are you sure?": "Ëtes-vous sûr ?",
"Do you really want to delete this note?": "Voulez-vous vraiment supprimer cette note?",
"Do you really want to delete this note?": "Voulez-vous vraiment supprimer cette note ?",
"All users will lose their connection.": "Tous les utilisateurs perdront leur connexion.",
"Cancel": "Annuler",
"Yes, do it!": "Oui, je suis sûr !",
@ -88,14 +88,14 @@
"This is a alert area.": "Ceci est un texte d'alerte.",
"Revert": "Revenir en arrière",
"Import from clipboard": "Importer depuis le presse-papier",
"Paste your markdown or webpage here...": "Coller votre markdown ou votre page web ici...",
"Paste your markdown or webpage here...": "Collez votre markdown ou votre page web ici...",
"Clear": "Vider",
"This note is locked": "Cette note est verrouillée",
"Sorry, only owner can edit this note.": "Désolé, seulement le propriétaire peut éditer cette note.",
"Sorry, only owner can edit this note.": "Désolé, seul le propriétaire peut éditer cette note.",
"OK": "OK",
"Reach the limit": "Atteindre la limite",
"Sorry, you've reached the max length this note can be.": "Désolé, vous avez atteint la longueur maximale que cette note peut avoir.",
"Please reduce the content or divide it to more notes, thank you!": "Merci de réduire le contenu ou de le diviser en plusieurs notes!",
"Please reduce the content or divide it to more notes, thank you!": "Merci de réduire le contenu ou de le diviser en plusieurs notes !",
"Import from Gist": "Importer depuis Gist",
"Paste your gist url here...": "Coller l'URL de votre Gist ici...",
"Import from Snippet": "Importer depuis Snippet",
@ -104,14 +104,16 @@
"OR": "OU",
"Export to Snippet": "Exporter vers Snippet",
"Select Visibility Level": "Sélectionner le niveau de visibilité",
"Night Theme": "Theme Nuit",
"Night Theme": "Thème Nuit",
"Follow us on %s and %s.": "Suivez-nous sur %s, et %s.",
"Privacy": "Confidentialité",
"Terms of Use": "Conditions d'utilisation",
"Do you really want to delete your user account?": "Voulez-vous vraiment supprimer votre compte utilisateur",
"Do you really want to delete your user account?": "Voulez-vous vraiment supprimer votre compte utilisateur ?",
"This will delete your account, all notes that are owned by you and remove all references to your account from other notes.": "Cela supprimera votre compte, toutes les notes dont vous êtes propriétaire et supprimera toute référence à votre compte dans les autres notes.",
"Delete user": "Suprrimez l'utilisteur",
"Export user data": "Exportez les données utilisateur",
"Delete user": "Supprimer l'utilisateur",
"Export user data": "Exporter les données utilisateur",
"Help us translating on %s": "Aidez nous à traduire sur %s",
"Source Code": "Code source"
"Source Code": "Code source",
"Register": "S'enregistrer",
"Powered by %s": "Propulsé par %s"
}

6
locales/id.json
View File

@ -111,5 +111,9 @@
"Do you really want to delete your user account?": "Apakah anda yakin ingin menghapus akun anda?",
"This will delete your account, all notes that are owned by you and remove all references to your account from other notes.": "Ini akan menghapus akun anda, semua catatan yang dimiliki oleh anda akan dihapus dan menghapus semua referensi ke akun anda dari catatan lain.",
"Delete user": "Hapus pengguna",
"Export user data": "Ekspor data pengguna"
"Export user data": "Ekspor data pengguna",
"Help us translating on %s": "Bantu kami menerjemahkan di %s",
"Source Code": "Sumber Kode",
"Register": "Daftar",
"Powered by %s": "Ditenagai oleh %s"
}

4
locales/it.json
View File

@ -113,5 +113,7 @@
"Delete user": "Elimina utente",
"Export user data": "Esporta dati utente",
"Help us translating on %s": "Aiutaci nella traduzione su %s",
"Source Code": "Codice Sorgente"
"Source Code": "Codice Sorgente",
"Register": "Registrati",
"Powered by %s": "Alimentato da %s"
}

4
locales/ja.json
View File

@ -113,5 +113,7 @@
"Delete user": "ユーザーの削除",
"Export user data": "ユーザーデータをエクスポート",
"Help us translating on %s": "%s の翻訳にご協力ください",
"Source Code": "ソースコード"
"Source Code": "ソースコード",
"Register": "登録",
"Powered by %s": "Powered by %s"
}

8
locales/nl.json
View File

@ -6,8 +6,8 @@
"History": "Geschiedenis",
"New guest note": "Nieuwe gastnotitie",
"Collaborate with URL": "Samenwerken met URL",
"Support charts and MathJax": "Ondersteun grafieken en MathJax",
"Support slide mode": "Ondersteun presentatiemodus",
"Support charts and MathJax": "Ondersteunt grafieken en MathJax",
"Support slide mode": "Ondersteunt presentatiemodus",
"Sign In": "Inloggen",
"Below is the history from browser": "Hier onder staat de browser geschiedenis",
"Welcome!": "Welkom!",
@ -113,5 +113,7 @@
"Delete user": "Gebruiker verwijderen",
"Export user data": "Gebruikersdata exporteren",
"Help us translating on %s": "Help ons vertalen op %s",
"Source Code": "Broncode"
"Source Code": "Broncode",
"Register": "Registreren",
"Powered by %s": "Powered by %s"
}

117
locales/sr.json Normal file
View File

@ -0,0 +1,117 @@
{
"Collaborative markdown notes": "Дељене белешке у Markdown формату",
"Realtime collaborative markdown notes on all platforms.": "Заједнички рад на markdown тексту у реалном времену, на свим платформама",
"Best way to write and share your knowledge in markdown.": "Савршен начин за писање и дељење знања у markdown формату",
"Intro": "Увод",
"History": "Историја",
"New guest note": "Нова белешка госта",
"Collaborate with URL": "Сарадња уз помоћ URL-а",
"Support charts and MathJax": "Подршка за графиконе и MathJax",
"Support slide mode": "Подршка за слајдове и презентације",
"Sign In": "Пријави се",
"Below is the history from browser": "Ниже је историјат преузет из прегледача",
"Welcome!": "Добродошли!",
"New note": "Нова белешка",
"or": "или",
"Sign Out": "Одјави се",
"Explore all features": "Истражи све могућности",
"Select tags...": "Одабери тагове...",
"Search keyword...": "Претрага по кључној речи...",
"Sort by title": "Редослед по наслову",
"Title": "Наслов",
"Sort by time": "Редослед по времену",
"Time": "време",
"Export history": "Извези историјат",
"Import history": "Увези историјат",
"Clear history": "Очисти историју",
"Refresh history": "Освежи историју",
"No history": "Нема историје",
"Import from browser": "Увези из прегледача",
"Releases": "Издања",
"Are you sure?": "Јесте ли сигурни?",
"Do you really want to delete this note?": "Да ли заиста желите да обришете ову белешку?",
"All users will lose their connection.": "Сви корисници ће изгубити везу у реалном времену.",
"Cancel": "Одустани",
"Yes, do it!": "Да, уради!",
"Choose method": "Изаберите начин",
"Sign in via %s": "Пријавите се помоћу %s",
"New": "Ново",
"Publish": "Објави",
"Extra": "Додатно",
"Revision": "Ревизија",
"Slide Mode": "Презентациони мод",
"Export": "Извоз",
"Import": "Увоз",
"Clipboard": "Клипборд",
"Download": "Преузимање",
"Raw HTML": "Сирови HTML",
"Edit": "Измени",
"View": "Прегледај",
"Both": "Обоје",
"Help": "Помоћ",
"Upload Image": "Пошаљи слику",
"Menu": "Мени",
"This page need refresh": "Ову страну је неопходно освежити",
"You have an incompatible client version.": "Ова верзија клијента није компатибилна.",
"Refresh to update.": "Освежите за приказ измена.",
"New version available!": "Доступна је нова верзија!",
"See releases notes here": "Овде погледајте напомене о издањима",
"Refresh to enjoy new features.": "Освежите како бисте уживали у новим функцијама.",
"Your user state has changed.": "Ваше корисничко стање се променило.",
"Refresh to load new user state.": "Освежите за учитавање новог корисничког стања.",
"Refresh": "Освежи",
"Contacts": "Контакти",
"Report an issue": "Пријава проблема",
"Meet us on %s": "Пронађите нас на %s",
"Send us email": "Пошаљите нам имејл",
"Documents": "Документи",
"Features": "Могућности",
"YAML Metadata": "YAML Метаподаци",
"Slide Example": "Пример слајда",
"Cheatsheet": "Трикови и форе",
"Example": "Пример",
"Syntax": "Синтакса",
"Header": "Заглавље",
"Unordered List": "Неуређени списак",
"Ordered List": "Уређени списак",
"Todo List": "Списак обавеза",
"Blockquote": "Пасус са наводима",
"Bold font": "Масна слова",
"Italics font": "Закривљена слова",
"Strikethrough": "Прецртано",
"Inserted text": "Уметнут текст",
"Marked text": "Означени текст",
"Link": "Линк",
"Image": "Слика",
"Code": "Код",
"Externals": "Спољни",
"This is a alert area.": "Ово је пасус за упозорења.",
"Revert": "Врати",
"Import from clipboard": "Увези из клипборда",
"Paste your markdown or webpage here...": "Залепи свој markdown или веб страну овде...",
"Clear": "Очисти",
"This note is locked": "Ова белешка је закључана",
"Sorry, only owner can edit this note.": "Жао нам је, ову белешку може мењати само њен власник.",
"OK": "OK",
"Reach the limit": "Досегни лимит",
"Sorry, you've reached the max length this note can be.": "Нажалост, досегли сте максималну дужину ове белешке.",
"Please reduce the content or divide it to more notes, thank you!": "Молимо Вас да смањите количину текста или да га поделите на више белешки, хвала!",
"Import from Gist": "Увези из Github Gist-а",
"Paste your gist url here...": "Залепите Gist URL адресу овде...",
"Import from Snippet": "Увези из \"исечака\"",
"Select From Available Projects": "Изабери из доступних пројеката",
"Select From Available Snippets": "Изабери из доступних исечака",
"OR": "ИЛИ",
"Export to Snippet": "Извези у \"исечак\"",
"Select Visibility Level": "Изаберите ниво читкости",
"Night Theme": "Ноћна тема",
"Follow us on %s and %s.": "Пратите нас на %s и %s.",
"Privacy": "Приватност",
"Terms of Use": "Услови коришћења",
"Do you really want to delete your user account?": "Да ли заиста желите да трајно обришете свој налог?",
"This will delete your account, all notes that are owned by you and remove all references to your account from other notes.": "Ова операција ће избрисати ваш налог, све ваше белешке, а уклониће и све везе ка вашем налогу из других белешки.",
"Delete user": "Брисање корисника",
"Export user data": "Извоз свих корисничких података",
"Help us translating on %s": "Помозите нам да преведемо на %s",
"Source Code": "Изворни код"
}

52
locales/zh-TW.json
View File

@ -1,42 +1,42 @@
{
"Collaborative markdown notes": "Markdown 協作筆記",
"Realtime collaborative markdown notes on all platforms.": "使用 Markdown 的跨平台即時協作筆記",
"Best way to write and share your knowledge in markdown.": "使用 Markdown 寫作與分享知識的最佳方式",
"Best way to write and share your knowledge in markdown.": "使用 Markdown 寫作與分享知識的最佳方式",
"Intro": "簡介",
"History": "錄",
"History": "歷史記錄",
"New guest note": "建立訪客筆記",
"Collaborate with URL": "使用網址協作",
"Support charts and MathJax": "支援圖表與 MathJax",
"Support slide mode": "支援簡報模式",
"Sign In": "登入",
"Below is the history from browser": "以下為來自瀏覽器的紀錄",
"Below is the history from browser": "以下是從瀏覽器取得的歷史記錄",
"Welcome!": "歡迎!",
"New note": "建立筆記",
"or": "或",
"Sign Out": "登出",
"Explore all features": "探索所有功能",
"Select tags...": "選擇標籤...",
"Search keyword...": "搜尋關鍵字...",
"Sort by title": "標題排序",
"Select tags...": "選擇標籤",
"Search keyword...": "搜尋關鍵字",
"Sort by title": "標題排序",
"Title": "標題",
"Sort by time": "時間排序",
"Sort by time": "時間排序",
"Time": "時間",
"Export history": "匯出錄",
"Import history": "匯入錄",
"Clear history": "清空錄",
"Refresh history": "更新紀錄",
"No history": "沒有錄",
"Export history": "匯出錄",
"Import history": "匯入錄",
"Clear history": "清空錄",
"Refresh history": "重新整理記錄",
"No history": "沒有錄",
"Import from browser": "從瀏覽器匯入",
"Releases": "版本",
"Are you sure?": "確定嗎?",
"Do you really want to delete this note?": "確定要刪除這個文件嗎",
"Are you sure?": "確定嗎?",
"Do you really want to delete this note?": "確定刪除這則筆記",
"All users will lose their connection.": "所有使用者將會失去連線",
"Cancel": "取消",
"Yes, do it!": "沒錯,就這樣辦",
"Yes, do it!": "沒錯,就這麼做",
"Choose method": "選擇方式",
"Sign in via %s": "透過 %s 登入",
"New": "新增",
"Publish": "發",
"Publish": "發",
"Extra": "增益",
"Revision": "修訂版本",
"Slide Mode": "簡報模式",
@ -55,7 +55,7 @@
"You have an incompatible client version.": "您使用的是不相容的客戶端",
"Refresh to update.": "請重新整理來更新",
"New version available!": "新版本來了!",
"See releases notes here": "請由此查閱更新錄",
"See releases notes here": "請由此查閱更新錄",
"Refresh to enjoy new features.": "請重新整理來享受最新功能",
"Your user state has changed.": "您的使用者狀態已變更",
"Refresh to load new user state.": "請重新整理來載入新的使用者狀態",
@ -66,7 +66,7 @@
"Send us email": "寄信給我們",
"Documents": "文件",
"Features": "功能簡介",
"YAML Metadata": "YAML Metadata",
"YAML Metadata": "YAML 中繼資料",
"Slide Example": "簡報範例",
"Cheatsheet": "快速簡表",
"Example": "範例",
@ -88,7 +88,7 @@
"This is a alert area.": "這是警告區塊",
"Revert": "還原",
"Import from clipboard": "從剪貼簿匯入",
"Paste your markdown or webpage here...": "在這裡貼上 Markdown 或是網頁內容...",
"Paste your markdown or webpage here...": "在這裡貼上 Markdown 或是網頁內容",
"Clear": "清除",
"This note is locked": "此份筆記已被鎖定",
"Sorry, only owner can edit this note.": "抱歉,只有擁有者可以編輯此筆記",
@ -97,21 +97,23 @@
"Sorry, you've reached the max length this note can be.": "抱歉,您已使用到此份筆記可用的最大長度",
"Please reduce the content or divide it to more notes, thank you!": "請減少內容或是將內容切成更多筆記,謝謝!",
"Import from Gist": "從 Gist 匯入",
"Paste your gist url here...": "在這裡貼上 gist 網址...",
"Paste your gist url here...": "在此處貼上 gist 網址…",
"Import from Snippet": "從 Snippet 匯入",
"Select From Available Projects": "從可用專案選擇",
"Select From Available Snippets": "從可用的 Snippets 選擇",
"Select From Available Projects": "從可用專案選擇",
"Select From Available Snippets": "從可用的 Snippets 選擇",
"OR": "或是",
"Export to Snippet": "匯出 Snippet",
"Export to Snippet": "匯出 Snippet",
"Select Visibility Level": "選擇可見層級",
"Night Theme": "夜間主題",
"Follow us on %s and %s.": "來 %s 或 %s 和我們互動吧!",
"Privacy": "隱私權政策",
"Terms of Use": "使用條款",
"Do you really want to delete your user account?": "你確定真的想要刪除帳戶?",
"This will delete your account, all notes that are owned by you and remove all references to your account from other notes.": "我們將會刪除你的帳戶、你所擁有的筆記、以及你在別人筆記裡的作者錄。",
"This will delete your account, all notes that are owned by you and remove all references to your account from other notes.": "我們將會刪除你的帳戶、你所擁有的筆記、以及你在別人筆記裡的作者錄。",
"Delete user": "刪除使用者",
"Export user data": "匯出使用者資料",
"Help us translating on %s": "來 %s 幫我們翻譯",
"Source Code": "原始碼"
"Source Code": "原始碼",
"Powered by %s": "技術支援:%s",
"Register": "註冊"
}

387
package.json
View File

@ -1,151 +1,197 @@
{
"name": "CodiMD",
"version": "1.2.1",
"name": "codimd",
"version": "1.3.1",
"description": "Realtime collaborative markdown notes on all platforms.",
"main": "app.js",
"license": "AGPL-3.0",
"scripts": {
"test": "npm run-script eslint && npm run-script jsonlint && mocha",
"eslint": "node_modules/.bin/eslint lib public test app.js",
"jsonlint": "find . -not -path './node_modules/*' -type f -name '*.json' -o -type f -name '*.json.example' | while read json; do echo $json ; jq . $json; done",
"standard": "echo 'standard is no longer being used, use `npm run eslint` instead!' && exit 1",
"dev": "webpack --config webpack.dev.js --progress --colors --watch",
"build": "webpack --config webpack.prod.js --progress --colors --bail",
"postinstall": "bin/heroku",
"start": "sequelize db:migrate && node app.js",
"doctoc": "doctoc --title='# Table of Contents' README.md"
},
"dependencies": {
"@mlink/scrypt": "^6.1.2",
"@passport-next/passport-openid": "^1.0.0",
"Idle.Js": "git+https://github.com/shawnmclean/Idle.js",
"archiver": "^2.1.1",
"async": "^2.1.4",
"aws-sdk": "^2.345.0",
"azure-storage": "^2.7.0",
"base64url": "^3.0.0",
"body-parser": "^1.15.2",
"bootstrap": "^3.4.0",
"bootstrap-validator": "^0.11.8",
"chance": "^1.0.4",
"cheerio": "^0.22.0",
"codemirror": "git+https://github.com/hackmdio/CodeMirror.git",
"compression": "^1.6.2",
"connect-flash": "^0.1.1",
"connect-session-sequelize": "^4.1.0",
"cookie": "0.3.1",
"cookie-parser": "1.4.3",
"deep-freeze": "^0.0.1",
"diff-match-patch": "git+https://github.com/hackmdio/diff-match-patch.git",
"ejs": "^2.5.5",
"emojify.js": "~1.1.0",
"express": ">=4.14",
"express-session": "^1.14.2",
"file-saver": "^1.3.3",
"flowchart.js": "^1.6.4",
"fork-awesome": "^1.1.3",
"formidable": "^1.0.17",
"gist-embed": "~2.6.0",
"graceful-fs": "^4.1.11",
"handlebars": "^4.0.6",
"helmet": "^3.13.0",
"highlight.js": "~9.12.0",
"i18n": "^0.8.3",
"imgur": "git+https://github.com/hackmdio/node-imgur.git",
"ionicons": "~2.0.1",
"jquery": "^3.1.1",
"jquery-mousewheel": "^3.1.13",
"jquery-ui": "^1.12.1",
"js-cookie": "^2.1.3",
"js-sequence-diagrams": "^1000000.0.6",
"js-url": "^2.3.0",
"js-yaml": "^3.7.0",
"jsdom-nogyp": "^0.8.3",
"keymaster": "^1.6.2",
"list.js": "^1.5.0",
"lodash": "^4.17.11",
"lutim": "^1.0.2",
"lz-string": "git+https://github.com/hackmdio/lz-string.git",
"markdown-it": "^8.2.2",
"markdown-it-abbr": "^1.0.4",
"markdown-it-container": "^2.0.0",
"markdown-it-deflist": "^2.0.1",
"markdown-it-emoji": "^1.3.0",
"markdown-it-footnote": "^3.0.1",
"markdown-it-imsize": "^2.0.1",
"markdown-it-ins": "^2.0.0",
"markdown-it-mark": "^2.0.0",
"markdown-it-mathjax": "^2.0.0",
"markdown-it-regexp": "^0.4.0",
"markdown-it-sub": "^1.0.0",
"markdown-it-sup": "^1.0.0",
"markdown-pdf": "^9.0.0",
"mathjax": "~2.7.0",
"mattermost": "^3.4.0",
"mermaid": "~7.1.0",
"meta-marked": "^0.4.2",
"method-override": "^2.3.7",
"minimist": "^1.2.0",
"minio": "^6.0.0",
"moment": "^2.17.1",
"morgan": "^1.7.0",
"mysql": "^2.12.0",
"passport": "^0.4.0",
"passport-dropbox-oauth2": "^1.1.0",
"passport-facebook": "^2.1.1",
"passport-github": "^1.1.0",
"passport-gitlab2": "^4.0.0",
"passport-google-oauth20": "^1.0.0",
"passport-ldapauth": "^2.0.0",
"passport-local": "^1.0.0",
"passport-oauth2": "^1.4.0",
"passport-saml": "^1.0.0",
"passport-twitter": "^1.0.4",
"passport.socketio": "^3.7.0",
"pdfobject": "^2.0.201604172",
"pg": "^6.1.2",
"pg-hstore": "^2.3.2",
"prismjs": "^1.6.0",
"randomcolor": "^0.5.3",
"raphael": "git+https://github.com/dmitrybaranovskiy/raphael",
"readline-sync": "^1.4.7",
"request": "^2.88.0",
"reveal.js": "~3.7.0",
"select2": "^3.5.2-browserify",
"sequelize": "^3.28.0",
"sequelize-cli": "^2.5.1",
"shortid": "2.2.8",
"socket.io": "~2.1.1",
"socket.io-client": "~2.1.1",
"spin.js": "^2.3.2",
"sqlite3": "^4.0.1",
"store": "^2.0.12",
"string": "^3.3.3",
"tedious": "^1.14.0",
"toobusy-js": "^0.5.1",
"turndown": "^5.0.1",
"uuid": "^3.1.0",
"validator": "^10.4.0",
"velocity-animate": "^1.4.0",
"visibilityjs": "^1.2.4",
"viz.js": "^1.7.0",
"winston": "^3.1.0",
"ws": "^6.0.0",
"xss": "^1.0.3"
},
"resolutions": {
"**/tough-cookie": "~2.4.0"
},
"engines": {
"node": ">=6.x"
},
"bugs": "https://github.com/hackmdio/codimd/issues",
"keywords": [
"Collaborative",
"Markdown",
"Notes"
],
"homepage": "https://codimd.org",
"bugs": "https://github.com/hackmdio/codimd/issues",
"repository": {
"type": "git",
"url": "https://github.com/hackmdio/codimd.git"
},
"license": "AGPL-3.0",
"main": "app.js",
"scripts": {
"build": "webpack --config webpack.prod.js --progress --colors --bail",
"dev": "webpack --config webpack.dev.js --progress --colors --watch",
"doctoc": "doctoc --title='# Table of Contents' README.md",
"lint": "standard",
"jsonlint": "find . -type f -not -ipath \"./node_modules/*\" \\( -name \"*.json\" -o -name \"*.json.*\" \\) | xargs -n 1 -I{} -- bash -c 'echo {}; jq . {} > /dev/null;'",
"start": "sequelize db:migrate && node app.js",
"mocha": "mocha --require intelli-espower-loader --exit ./test --recursive",
"mocha:ci": "mocha --no-color -R dot --require intelli-espower-loader --exit ./test --recursive",
"coverage": "nyc mocha --require intelli-espower-loader --exit --recursive ./test",
"coverage:ci": "nyc mocha --no-color -R dot --require intelli-espower-loader --exit --recursive ./test",
"test": "npm run-script lint && npm run-script jsonlint && npm run-script coverage",
"test:ci": "npm run-script lint && npm run-script jsonlint && npm run-script coverage:ci"
},
"dependencies": {
"@hackmd/codemirror": "~5.46.2",
"@hackmd/diff-match-patch": "~1.1.1",
"@hackmd/idle-js": "~1.0.1",
"@hackmd/imgur": "~0.4.1",
"@hackmd/js-sequence-diagrams": "~0.0.1-alpha.3",
"@hackmd/lz-string": "~1.4.4",
"@hackmd/meta-marked": "~0.4.4",
"@passport-next/passport-openid": "~1.0.0",
"archiver": "~2.1.1",
"async": "~2.1.4",
"aws-sdk": "~2.345.0",
"azure-storage": "~2.10.2",
"babel-polyfill": "~6.26.0",
"base64url": "~3.0.0",
"body-parser": "~1.18.3",
"bootstrap": "~3.4.0",
"bootstrap-validator": "~0.11.8",
"chance": "~1.0.4",
"cheerio": "~0.22.0",
"compression": "~1.7.4",
"connect-flash": "~0.1.1",
"connect-session-sequelize": "~6.0.0",
"cookie": "~0.3.1",
"cookie-parser": "~1.4.3",
"deep-freeze": "~0.0.1",
"ejs": "~2.5.5",
"emojify.js": "~1.1.0",
"express": "~4.16.4",
"express-session": "~1.16.1",
"file-saver": "~1.3.3",
"flowchart.js": "~1.12.0",
"fork-awesome": "~1.1.3",
"formidable": "~1.2.1",
"gist-embed": "~2.6.0",
"graceful-fs": "~4.1.11",
"handlebars": "~4.0.13",
"helmet": "~3.13.0",
"highlight.js": "~9.12.0",
"i18n": "~0.8.3",
"ionicons": "~2.0.1",
"isomorphic-fetch": "~2.2.1",
"jquery": "~3.1.1",
"jquery-mousewheel": "~3.1.13",
"jquery-ui": "~1.12.1",
"js-cookie": "~2.1.3",
"js-yaml": "~3.13.1",
"jsdom-nogyp": "~0.8.3",
"keymaster": "~1.6.2",
"list.js": "~1.5.0",
"lodash": "~4.17.11",
"lutim": "~1.0.2",
"markdown-it": "~8.2.2",
"markdown-it-abbr": "~1.0.4",
"markdown-it-container": "~2.0.0",
"markdown-it-deflist": "~2.0.1",
"markdown-it-emoji": "~1.3.0",
"markdown-it-footnote": "~3.0.1",
"markdown-it-imsize": "~2.0.1",
"markdown-it-ins": "~2.0.0",
"markdown-it-mark": "~2.0.0",
"markdown-it-mathjax": "~2.0.0",
"markdown-it-regexp": "~0.4.0",
"markdown-it-sub": "~1.0.0",
"markdown-it-sup": "~1.0.0",
"markdown-pdf": "~9.0.0",
"mathjax": "~2.7.0",
"mattermost-redux": "~5.9.0",
"mermaid": "~8.2.3",
"method-override": "~2.3.7",
"minimist": "~1.2.0",
"minio": "~6.0.0",
"moment": "~2.24.0",
"morgan": "~1.9.1",
"mysql": "~2.16.0",
"passport": "~0.4.0",
"passport-dropbox-oauth2": "~1.1.0",
"passport-facebook": "~2.1.1",
"passport-github": "~1.1.0",
"passport-gitlab2": "~4.0.0",
"passport-google-oauth20": "~1.0.0",
"passport-ldapauth": "~2.1.3",
"passport-local": "~1.0.0",
"passport-oauth2": "~1.4.0",
"passport-saml": "~1.0.0",
"passport-twitter": "~1.0.4",
"passport.socketio": "~3.7.0",
"pdfobject": "~2.0.201604172",
"pg": "~6.1.2",
"pg-hstore": "~2.3.2",
"prismjs": "~1.6.0",
"randomcolor": "~0.5.3",
"raphael": "~2.2.8",
"readline-sync": "~1.4.7",
"request": "~2.88.0",
"reveal.js": "~3.7.0",
"scrypt": "~6.0.3",
"select2": "~3.5.2-browserify",
"sequelize": "5.3.5",
"shortid": "~2.2.8",
"socket.io": "~2.1.1",
"socket.io-client": "~2.1.1",
"spin.js": "~2.3.2",
"sqlite3": "~4.0.1",
"store": "~2.0.12",
"tedious": "~6.1.0",
"toobusy-js": "~0.5.1",
"turndown": "~5.0.1",
"uuid": "~3.1.0",
"validator": "~10.4.0",
"velocity-animate": "~1.4.0",
"visibilityjs": "~1.2.4",
"viz.js": "~1.7.0",
"winston": "~3.1.0",
"ws": "~6.0.0",
"wurl": "~2.5.3",
"xss": "~1.0.3"
},
"devDependencies": {
"acorn": "~6.1.1",
"babel-core": "~6.26.3",
"babel-loader": "~7.1.4",
"babel-plugin-transform-runtime": "~6.23.0",
"babel-preset-env": "~1.7.0",
"babel-runtime": "~6.26.0",
"copy-webpack-plugin": "~4.5.2",
"css-loader": "~1.0.0",
"doctoc": "~1.4.0",
"ejs-loader": "~0.3.1",
"exports-loader": "~0.7.0",
"expose-loader": "~0.7.5",
"file-loader": "~2.0.0",
"html-webpack-plugin": "~4.0.0-beta.2",
"imports-loader": "~0.8.0",
"intelli-espower-loader": "~1.0.1",
"jsonlint": "~1.6.2",
"less": "~3.9.0",
"less-loader": "~4.1.0",
"mini-css-extract-plugin": "~0.4.1",
"mocha": "~5.2.0",
"mock-require": "~3.0.3",
"nyc": "~14.0.0",
"optimize-css-assets-webpack-plugin": "~5.0.0",
"power-assert": "~1.6.1",
"script-loader": "~0.7.2",
"sequelize-cli": "~5.4.0",
"sinon": "~7.3.2",
"standard": "~12.0.1",
"string-loader": "~0.0.1",
"style-loader": "~0.21.0",
"uglifyjs-webpack-plugin": "~1.2.7",
"url-loader": "~1.0.1",
"webpack": "~4.30.0",
"webpack-cli": "~3.3.0",
"webpack-merge": "~4.1.4",
"webpack-parallel-uglify-plugin": "~1.1.0"
},
"optionalDependencies": {
"bufferutil": "~4.0.0",
"utf-8-validate": "~5.0.1"
},
"engines": {
"node": ">=8.0.0"
},
"maintainers": [
{
"name": "Max Wu",
@ -156,52 +202,19 @@
"email": "codimd@sheogorath.shivering-isles.com"
}
],
"repository": {
"type": "git",
"url": "https://github.com/hackmdio/codimd.git"
"standard": {
"ignore": [
"/public/build",
"/public/vendor",
"/lib/ot"
]
},
"devDependencies": {
"babel-cli": "^6.26.0",
"babel-core": "^6.26.3",
"babel-loader": "^7.1.4",
"babel-plugin-transform-runtime": "^6.23.0",
"babel-polyfill": "^6.26.0",
"babel-preset-env": "^1.7.0",
"babel-runtime": "^6.26.0",
"copy-webpack-plugin": "^4.5.2",
"css-loader": "^1.0.0",
"doctoc": "^1.4.0",
"ejs-loader": "^0.3.1",
"eslint": "^5.9.0",
"eslint-config-standard": "^12.0.0",
"eslint-plugin-import": "^2.14.0",
"eslint-plugin-node": "^8.0.0",
"eslint-plugin-promise": "^4.0.1",
"eslint-plugin-standard": "^4.0.0",
"exports-loader": "^0.7.0",
"expose-loader": "^0.7.5",
"file-loader": "^2.0.0",
"html-webpack-plugin": "4.0.0-beta.2",
"imports-loader": "^0.8.0",
"jsonlint": "^1.6.2",
"less": "^2.7.1",
"less-loader": "^4.1.0",
"mini-css-extract-plugin": "^0.4.1",
"mocha": "^5.2.0",
"mock-require": "^3.0.3",
"optimize-css-assets-webpack-plugin": "^5.0.0",
"script-loader": "^0.7.2",
"string-loader": "^0.0.1",
"style-loader": "^0.21.0",
"uglifyjs-webpack-plugin": "^1.2.7",
"url-loader": "^1.0.1",
"webpack": "^4.14.0",
"webpack-cli": "^3.1.0",
"webpack-merge": "^4.1.4",
"webpack-parallel-uglify-plugin": "^1.1.0"
},
"optionalDependencies": {
"bufferutil": "^4.0.0",
"utf-8-validate": "^5.0.1"
"nyc": {
"all": true,
"include": [
"app.js",
"lib/**/*.js"
],
"reporter": "lcov"
}
}

1
public/.eslintrc.js
View File

@ -12,7 +12,6 @@ module.exports = {
"ui": false,
"Spinner": false,
"modeType": false,
"Idle": false,
"serverurl": false,
"key": false,
"gapi": false,

144
public/build/reveal.js/plugin/elapsed-time-bar/elapsed-time-bar.js Normal file
View File

@ -0,0 +1,144 @@
var ElapsedTimeBar = {
// default value
barColor: 'rgb(200,0,0)',
pausedBarColor: 'rgba(200,0,0,.6)',
isPaused: false,
isFinished: false,
allottedTime: null,
timeProgressBar: null,
startTime: null,
pauseTime: null,
pauseTimeDuration: 0,
/**
* initialize elements
*/
handleReady() {
var config = Reveal.getConfig();
// activate this plugin if config.allottedTime exists.
if (!config.allottedTime) {
console.warn('Failed to start ElapsedTimeBar plugin. "allottedTime" property is required.');
return;
}
// set configurations
this.barColor = config.barColor || this.barColor;
this.pausedBarColor = config.pausedBarColor || this.pausedBarColor;
// calc barHeight from config.barHeight or page-progress container
var barHeight;
var pageProgressContainer = document.querySelector('.progress');
if (config.progressBarHeight) {
barHeight = parseInt(config.progressBarHeight, 10) + 'px';
// override height of page-progress container
pageProgressContainer && (pageProgressContainer.style.height = barHeight);
} else if (config.progress && pageProgressContainer) {
// get height from page-progress container
barHeight = pageProgressContainer.getBoundingClientRect().height + 'px';
} else {
// default
barHeight = '3px';
}
// create container of time-progress
var timeProgressContainer = document.createElement('div');
timeProgressContainer.classList.add('progress');
Object.entries({
display: 'block',
position: 'fixed',
bottom: config.progress ? barHeight : 0,
width: '100%',
height: barHeight
}).forEach(([k, v]) => {
timeProgressContainer.style[k] = v;
});
document.querySelector('.reveal').appendChild(timeProgressContainer);
// create content of time-progress
this.timeProgressBar = document.createElement('div');
Object.entries({
height: '100%',
willChange: 'width'
}).forEach(([k, v]) => {
this.timeProgressBar.style[k] = v;
});
timeProgressContainer.appendChild(this.timeProgressBar);
// start timer
this.start(config.allottedTime);
},
/**
* update repeatedly using requestAnimationFrame.
*/
loop() {
if (this.isPaused) return;
var now = +new Date();
var elapsedTime = now - this.startTime - this.pauseTimeDuration;
if (elapsedTime > this.allottedTime) {
this.timeProgressBar.style.width = '100%';
this.isFinished = true;
} else {
this.timeProgressBar.style.width = elapsedTime / this.allottedTime * 100 + '%';
requestAnimationFrame(this.loop.bind(this));
}
},
/**
* set color of progress bar
*/
setBarColor() {
if (this.isPaused) {
this.timeProgressBar.style.backgroundColor = this.pausedBarColor;
} else {
this.timeProgressBar.style.backgroundColor = this.barColor;
}
},
/**
* start(reset) timer with new allotted time.
* @param {number} allottedTime
* @param {number} [elapsedTime=0]
*/
start(allottedTime, elapsedTime = 0) {
this.isFinished = false;
this.isPaused = false;
this.allottedTime = allottedTime;
this.startTime = +new Date() - elapsedTime;
this.pauseTimeDuration = 0;
this.setBarColor();
this.loop();
},
reset() {
this.start(this.allottedTime);
},
pause() {
if (this.isPaused) return;
this.isPaused = true;
this.pauseTime = +new Date();
this.setBarColor();
},
resume() {
if (!this.isPaused) return;
// add paused time duration
this.isPaused = false;
this.pauseTimeDuration += new Date() - this.pauseTime;
this.pauseTime = null;
this.setBarColor();
this.loop();
}
};
if (Reveal.isReady()) {
ElapsedTimeBar.handleReady();
} else {
Reveal.addEventListener('ready', () => ElapsedTimeBar.handleReady());
}

283
public/build/reveal.js/plugin/spotlight/spotlight.js Normal file
View File

@ -0,0 +1,283 @@
var RevealSpotlight = window.RevealSpotlight || (function () {
//configs
var spotlightSize;
var toggleOnMouseDown;
var spotlightOnKeyPressAndHold;
var presentingCursor;
var spotlightCursor;
var initialPresentationMode;
var disablingUserSelect;
var fadeInAndOut;
var style;
var lockPointerInsideCanvas;
var getMousePos;
var drawBoard;
var isSpotlightOn = true;
var isCursorOn = true;
var lastMouseMoveEvent;
function onRevealJsReady(event) {
configure();
drawBoard = setupCanvas();
addWindowResizeListener();
addMouseMoveListener();
if (toggleOnMouseDown) {
addMouseToggleSpotlightListener();
}
if (spotlightOnKeyPressAndHold) {
addKeyPressAndHoldSpotlightListener(spotlightOnKeyPressAndHold);
}
setCursor(!initialPresentationMode);
setSpotlight(false);
}
function configure() {
var config = Reveal.getConfig().spotlight || {};
spotlightSize = config.size || 60;
presentingCursor = config.presentingCursor || "none";
spotlightCursor = config.spotlightCursor || "none";
var useAsPointer = config.useAsPointer || false;
var pointerColor = config.pointerColor || 'red';
lockPointerInsideCanvas = config.lockPointerInsideCanvas || false;
if(lockPointerInsideCanvas){
getMousePos = getMousePosByMovement;
} else {
getMousePos = getMousePosByBoundingClientRect;
}
// If using as pointer draw a transparent background and
// the mouse pointer in the specified color or default
var pointerStyle = {
backgroundFillStyle : "rgba(0, 0, 0, 0)",
mouseFillStyle : pointerColor
};
var spotlightStyle = {
backgroundFillStyle : "#000000A8",
mouseFillStyle : "#FFFFFFFF"
};
style = useAsPointer ? pointerStyle : spotlightStyle;
if (config.hasOwnProperty("toggleSpotlightOnMouseDown")) {
toggleOnMouseDown = config.toggleSpotlightOnMouseDown;
} else {
toggleOnMouseDown = true;
}
if (config.hasOwnProperty("initialPresentationMode")) {
initialPresentationMode = config.initialPresentationMode;
} else {
initialPresentationMode = toggleOnMouseDown;
}
if (config.hasOwnProperty("spotlightOnKeyPressAndHold")) {
spotlightOnKeyPressAndHold = config.spotlightOnKeyPressAndHold;
} else {
spotlightOnKeyPressAndHold = false;
}
if (config.hasOwnProperty("disablingUserSelect")) {
disablingUserSelect = config.disablingUserSelect;
} else {
disablingUserSelect = true;
}
if (config.hasOwnProperty("fadeInAndOut")) {
fadeInAndOut = config.fadeInAndOut;
} else {
fadeInAndOut = false;
}
}
function setupCanvas() {
var container = document.createElement('div');
container.id = "spotlight";
container.style.cssText = "position:absolute;top:0;left:0;bottom:0;right:0;z-index:99;";
if (fadeInAndOut) {
container.style.cssText += "transition: " + fadeInAndOut + "ms opacity;";
}
var canvas = document.createElement('canvas');
var context = canvas.getContext("2d");
canvas.width = window.innerWidth;
canvas.height = window.innerHeight;
container.appendChild(canvas);
document.body.appendChild(container);
container.style.opacity = 0;
container.style['pointer-events'] = 'none';
return {
container,
canvas,
context
}
}
function addWindowResizeListener() {
window.addEventListener('resize', function (e) {
var canvas = drawBoard.canvas;
canvas.width = window.innerWidth;
canvas.height = window.innerHeight;
}, false);
}
function addMouseMoveListener() {
document.body.addEventListener('mousemove', function (e) {
if(isSpotlightOn) {
showSpotlight(e);
}
lastMouseMoveEvent = e;
}, false);
}
function addMouseToggleSpotlightListener() {
window.addEventListener("mousedown", function (e) {
if (!isCursorOn) {
setSpotlight(true, e);
}
}, false);
window.addEventListener("mouseup", function (e) {
if (!isCursorOn) {
setSpotlight(false, e);
}
}, false);
}
function addKeyPressAndHoldSpotlightListener(keyCode) {
window.addEventListener("keydown", function (e) {
if (!isCursorOn && !isSpotlightOn && e.keyCode === keyCode) {
setSpotlight(true, lastMouseMoveEvent);
}
}, false);
window.addEventListener("keyup", function (e) {
if (!isCursorOn && e.keyCode === keyCode) {
setSpotlight(false);
}
}, false);
}
function toggleSpotlight() {
setSpotlight(!isSpotlightOn, lastMouseMoveEvent);
}
function setSpotlight(isOn, mouseEvt) {
isSpotlightOn = isOn;
var container = drawBoard.container;
if (isOn) {
if (lockPointerInsideCanvas && document.pointerLockElement != drawBoard.canvas) {
drawBoard.canvas.requestPointerLock();
}
container.style.opacity = 1;
container.style['pointer-events'] = null;
document.body.style.cursor = spotlightCursor;
if (mouseEvt) {
showSpotlight(mouseEvt);
}
} else {
container.style.opacity = 0;
container.style['pointer-events'] = 'none';
document.body.style.cursor = presentingCursor;
}
}
function togglePresentationMode() {
setCursor(!isCursorOn);
}
function setCursor(isOn) {
isCursorOn = isOn;
if (isOn) {
if (disablingUserSelect) {
document.body.style.userSelect = null;
}
document.body.style.cursor = null;
} else {
if (disablingUserSelect) {
document.body.style.userSelect = "none";
}
document.body.style.cursor = presentingCursor;
}
}
function showSpotlight(mouseEvt) {
var canvas = drawBoard.canvas;
var context = drawBoard.context;
var mousePos = getMousePos(canvas, mouseEvt);
context.clearRect(0, 0, canvas.width, canvas.height);
// Create a canvas mask
var maskCanvas = document.createElement('canvas');
maskCanvas.width = canvas.width;
maskCanvas.height = canvas.height;
var maskCtx = maskCanvas.getContext('2d');
maskCtx.fillStyle = style.backgroundFillStyle;
maskCtx.fillRect(0, 0, maskCanvas.width, maskCanvas.height);
maskCtx.globalCompositeOperation = 'xor';
maskCtx.fillStyle = style.mouseFillStyle;
maskCtx.arc(mousePos.x, mousePos.y, spotlightSize, 0, 2 * Math.PI);
maskCtx.fill();
context.drawImage(maskCanvas, 0, 0);
}
var mX = 0;
var mY = 0;
function getMousePosByMovement(canvas, evt) {
var movementX = evt.movementX || 0;
var movementY = evt.movementY || 0;
mX += movementX;
mY += movementY;
if (mX > canvas.clientWidth) {
mX = canvas.clientWidth;
}
if (mY > canvas.clientHeight) {
mY = canvas.clientHeight;
}
if (mX < 0) {
mX = 0;
}
if (mY < 0) {
mY = 0;
}
return {
x: mX,
y: mY
};
}
function getMousePosByBoundingClientRect(canvas, evt) {
var rect = canvas.getBoundingClientRect();
return {
x: evt.clientX - rect.left,
y: evt.clientY - rect.top
};
}
Reveal.addEventListener('ready', onRevealJsReady);
this.toggleSpotlight = toggleSpotlight;
this.togglePresentationMode = togglePresentationMode;
return this;
})();

38
public/css/cover.css
View File

@ -372,3 +372,41 @@ select {
max-width: 100%;
}
}
.btn-mattermost {
background-color: #2179ec;
border-color: rgba(0,0,0,0.2);
color: #fff;
}
.btn-gitlab {
background-color: #e35431;
border-color: rgba(0,0,0,0.2);
color: #fff;
}
.btn-mattermost:hover, .btn-mattermost:active {
background-color: #105fc6;
border-color: rgba(0,0,0,0.2);
color: #fff;
}
.btn-gitlab:hover, .btn-gitlab:active {
background-color: #c23b1a;
border-color: rgba(0,0,0,0.2);
color: #fff;
}
a.btn.btn-social > i.oauth-icon {
display: inline-flex;
height: 45px;
width: 45px;
line-height: inherit;
padding: 6px;
}
a.btn.btn-social > i.oauth-icon > img {
width: 100%;
height: 100%;
line-height: inherit;
}

5
public/docs/features.md
View File

@ -8,7 +8,7 @@ This means that you can write notes with other people on your **desktop**, **tab
You can sign-in via multiple auth providers like **Facebook**, **Twitter**, **GitHub** and many more on the [_homepage_](/).
If you experience any _issues_, feel free to report it on [**GitHub**](https://github.com/hackmdio/codimd/issues).
Or meet us on [**Matrix.org**](https://riot.im/app/#/room/#codimd:matrix.org) for dev-talk and interactive help.
Or meet us on [**Gitter**](https://gitter.im/hackmdio/hackmd) for dev-talk and interactive help.
**Thank you very much!**
Workspace
@ -222,9 +222,6 @@ When youre a carpenter making a beautiful chest of drawers, youre not goin
### SlideShare
{%slideshare briansolis/26-disruptive-technology-trends-2016-2018-56796196 %}
### Speakerdeck
{%speakerdeck sugarenia/xxlcss-how-to-scale-css-and-keep-your-sanity %}
### PDF
**Caution: this might be blocked by your browser if not using an `https` URL.**
{%pdf https://papers.nips.cc/paper/5346-sequence-to-sequence-learning-with-neural-networks.pdf %}

120
public/docs/release-notes.md
View File

@ -1,6 +1,126 @@
Release Notes
===
<i class="fa fa-tag"></i> 1.3.1 <i class="fa fa-clock-o"></i> 2019-03-23 00:00
---
### Enhancements
* Add some missing translations
* Add Serbian language
### Fixes
* Fix broken redirect for empty `serverURL`
* Fix wrong variable type for HSTS maxAge
* Fix GitLab snippets showing up without being configured
* Fix Google's API after disabling Google+
* Fix broken PDF export
### Contributors
* atachibana (translator)
* [Aurélien JANVIER](https://github.com/ajanvier) (translator)
* [Daan Sprenkels](https://github.com/dsprenkels) (translator)
* Farizrizaldy (translator)
* [Luclu7](https://github.com/Luclu7)
* Sylke Vicious (translator)
* [toshi0123](https://github.com/toshi0123) & okochi-toshiki
* [Turakar](https://github.com/Turakar)
* [Vladan](https://github.com/cvladan) (translator)
<i class="fa fa-tag"></i> 1.3.0 <i class="fa fa-clock-o"></i> 2019-03-03 00:00
---
### Enhancements
* Run db migrations on `npm start`
* Add documentation about integration with AD LDAP
* Add `rel="noopener"` to all links
* Add documentation about integration with Nextcloud for authentication
* Update URL on frontpage to point to codimd.org
* Replace Fontawesome with Forkawesome
* Add OpenID support
* Add print icon to slide view
* Add auto-complete for language names that are highlighted in codeblocks
* Improve translations for Chinese, Dutch, French, German, Italien, Korean, Polish, and Russian language
* Add Download action to published document API
* Add reset password feature to `manage_users` script
* Move from own `./tmp` directory to system temp directory
* Add Etherpad migration guide
* Move XSS library to a more native position
* Use full version string to determine changes from the backend
* Update winston (logging library)
* Use slide preview in slide example
* Improve migration handling
* Update reveal.js to version 3.7.0
* Replace scrypt library with its successor
* Replace `to-markdown` with `turndown` (successor library)
* Update socket.io
* Add warning on missing base URL
* Update bootstrap to version 3.4.0
* Update handlebar
### Fixes
* Fix paths in GitLab documentation
* Fix missing `data:` URL in CSP
* Fix oAuth2 name/label field
* Fix GitLab API integration
* Fix auto-completed but not rendered emojis
* Fix menu organization depending on enabled services
* Fix some logging in the OT module
* Fix some unhandled internalOAuthError exception
* Fix unwanted creation of robots.txt document in "freeurl-mode"
* Fix some links on index page to lead to the right sections on feature page
* Fix document breaking, empty headlines
* Fix wrong multiplication for HSTS header seconds
* Fix wrong subdirectories in exported user data
* Fix CSP for speaker notes
* Fix CSP for disqus
* Fix URL API usage
* Fix Gist embedding
* Fix upload provider error message
* Fix unescaped disqus user names
* Fix SAML vulnerability
* Fix link to SAML guide
* Fix deep dependency problem with node 6.x
* Fix broken PDF export by wrong unlink call
* Fix possible XSS attack in MathJax
### Refactors
* Refactor to use `ws` instead of the the no longer supported `uws`
* Refactor frontend build system to use webpack version 4
* Refactor file path configuration (views, uploads, …)
* Refactor `manage_users` script
* Refactor handling of template variables
* Refactor linting to use eslint
### Removes
* Remove no longer working Octicons
* Remove links to our old Gitter channel
* Remove unused library node-uuid
* Remove unneeded blueimp-md5 dependency
* Remove speakerdeck due to broken implementation
### Contributors
* Adam.emts (translator)
* [Alex Garcia](https://github.com/asg017)
* [Cédric Couralet (micedre)](https://github.com/micedre)
* [Claudius Coenen](https://github.com/ccoenen)
* [Daan Sprenkels](https://github.com/dsprenkels)
* [David Mehren](https://github.com/davidmehren)
* [Erona](https://github.com/Eronana)
* [Felix Yan](https://github.com/felixonmars)
* [Jonathan](https://github.com/phrix32)
* Jong-kai Yang (translator)
* [MartB](https://github.com/MartB)
* [Max Wu (jackycute)](https://github.com/jackycute)
* [mcnesium](https://github.com/mcnesium)
* Nullnine (translator)
* RanoIP (translator)
* [SuNbiT](https://github.com/sunbit)
* Sylke Vicious (translator)
* Timothee (translator)
* [WilliButz](https://github.com/WilliButz)
* [Xaver Maierhofer](https://github.com/xf-)
* [云屿](https://github.com/cloudyu)
<i class="fa fa-tag"></i> 1.2.1 <i class="fa fa-clock-o"></i> 2018-09-26 00:00
---

33
public/images/mattermost-logo.svg Normal file
View File

@ -0,0 +1,33 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 20010904//EN"
"http://www.w3.org/TR/2001/REC-SVG-20010904/DTD/svg10.dtd">
<svg xmlns="http://www.w3.org/2000/svg"
width="500" height="500" viewBox="0 0 500 500">
<path id="mattermost" fill="#ffffff" stroke="none"
d="M 250.05,34.00
C 251.95,34.04 253.85,34.11 255.65,34.20
255.65,34.20 225.86,69.71 225.86,69.71
225.79,69.72 225.71,69.74 225.63,69.75
149.26,84.10 98.22,146.50 98.22,222.97
98.22,264.53 121.29,313.47 157.97,342.07
186.58,364.39 222.26,378.97 259.18,378.97
352.58,378.97 419.33,310.36 419.33,222.97
419.33,188.06 403.34,150.20 377.57,122.21
377.57,122.21 375.94,74.82 375.94,74.82
430.39,113.97 465.89,177.84 466.00,249.99
466.00,250.00 466.00,250.00 466.00,250.00
466.00,369.29 369.30,466.00 250.00,466.00
130.71,466.00 34.00,369.29 34.00,250.00
34.00,130.71 130.71,34.00 250.00,34.00
250.00,34.00 250.05,34.00 250.05,34.00 Z
M 314.15,54.29
C 314.81,54.25 315.47,54.32 316.11,54.54
319.12,55.54 319.96,58.11 320.04,60.99
320.04,60.99 323.88,207.87 323.88,207.87
324.64,236.53 306.72,276.31 263.49,276.43
232.52,276.51 199.81,255.60 199.81,216.30
199.82,201.57 205.42,185.04 219.06,168.19
219.06,168.19 309.09,57.01 309.09,57.01
310.24,55.59 312.17,54.43 314.15,54.29
314.15,54.29 314.15,54.29 314.15,54.29 Z" />
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 1.6 KiB

14
public/js/cover.js
View File

@ -1,11 +1,6 @@
/* eslint-env browser, jquery */
/* global moment, serverurl */
require('./locale')
require('../css/cover.css')
require('../css/site.css')
import {
checkIfAuth,
clearLoginState,
@ -30,7 +25,12 @@ import {
import { saveAs } from 'file-saver'
import List from 'list.js'
import S from 'string'
import unescapeHTML from 'lodash/unescape'
require('./locale')
require('../css/cover.css')
require('../css/site.css')
const options = {
valueNames: ['id', 'text', 'timestamp', 'fromNow', 'time', 'tags', 'pinned'],
@ -397,7 +397,7 @@ function buildTagsFilter (tags) {
for (let i = 0; i < tags.length; i++) {
tags[i] = {
id: i,
text: S(tags[i]).unescapeHTML().s
text: unescapeHTML(tags[i])
}
}
filtertags = tags

106
public/js/extra.js
View File

@ -1,6 +1,24 @@
/* eslint-env browser, jquery */
/* global moment, serverurl */
import Prism from 'prismjs'
import hljs from 'highlight.js'
import PDFObject from 'pdfobject'
import { saveAs } from 'file-saver'
import escapeHTML from 'lodash/escape'
import unescapeHTML from 'lodash/unescape'
import { stripTags } from '../../utils/string'
import getUIElements from './lib/editor/ui-elements'
import markdownit from 'markdown-it'
import markdownitContainer from 'markdown-it-container'
/* Defined regex markdown it plugins */
import Plugin from 'markdown-it-regexp'
require('prismjs/themes/prism.css')
require('prismjs/components/prism-wiki')
require('prismjs/components/prism-haskell')
@ -10,17 +28,9 @@ require('prismjs/components/prism-jsx')
require('prismjs/components/prism-makefile')
require('prismjs/components/prism-gherkin')
import Prism from 'prismjs'
import hljs from 'highlight.js'
import PDFObject from 'pdfobject'
import S from 'string'
import { saveAs } from 'file-saver'
require('./lib/common/login')
require('../vendor/md-toc')
var Viz = require('viz.js')
import getUIElements from './lib/editor/ui-elements'
const ui = getUIElements()
// auto update last change
@ -157,7 +167,7 @@ export function renderTags (view) {
function slugifyWithUTF8 (text) {
// remove html tags and trim spaces
let newText = S(text).trim().stripTags().s
let newText = stripTags(text.toString().trim())
// replace all spaces in between to dashes
newText = newText.replace(/\s+/g, '-')
// slugify string to make it valid for attribute
@ -259,9 +269,9 @@ export function finishView (view) {
li.innerHTML = html
let disabled = 'disabled'
if (typeof editor !== 'undefined' && window.havePermission()) { disabled = '' }
if (/^\s*\[[x ]\]\s*/.test(html)) {
li.innerHTML = html.replace(/^\s*\[ \]\s*/, `<input type="checkbox" class="task-list-item-checkbox "${disabled}><label></label>`)
.replace(/^\s*\[x\]\s*/, `<input type="checkbox" class="task-list-item-checkbox" checked ${disabled}><label></label>`)
if (/^\s*\[[x ]]\s*/.test(html)) {
li.innerHTML = html.replace(/^\s*\[ ]\s*/, `<input type="checkbox" class="task-list-item-checkbox "${disabled}><label></label>`)
.replace(/^\s*\[x]\s*/, `<input type="checkbox" class="task-list-item-checkbox" checked ${disabled}><label></label>`)
if (li.tagName.toLowerCase() !== 'li') {
li.parentElement.setAttribute('class', 'task-list-item')
} else {
@ -323,7 +333,7 @@ export function finishView (view) {
svg[0].setAttribute('preserveAspectRatio', 'xMidYMid meet')
} catch (err) {
$value.unwrap()
$value.parent().append('<div class="alert alert-warning">' + err + '</div>')
$value.parent().append(`<div class="alert alert-warning">${escapeHTML(err)}</div>`)
console.warn(err)
}
})
@ -347,7 +357,7 @@ export function finishView (view) {
$value.children().unwrap().unwrap()
} catch (err) {
$value.unwrap()
$value.parent().append('<div class="alert alert-warning">' + err + '</div>')
$value.parent().append(`<div class="alert alert-warning">${escapeHTML(err)}</div>`)
console.warn(err)
}
})
@ -366,7 +376,7 @@ export function finishView (view) {
$value.children().unwrap().unwrap()
} catch (err) {
$value.unwrap()
$value.parent().append('<div class="alert alert-warning">' + err + '</div>')
$value.parent().append(`<div class="alert alert-warning">${escapeHTML(err)}</div>`)
console.warn(err)
}
})
@ -377,19 +387,14 @@ export function finishView (view) {
var $value = $(value)
const $ele = $(value).closest('pre')
window.mermaid.mermaidAPI.parse($value.text())
window.mermaid.parse($value.text())
$ele.addClass('mermaid')
$ele.html($value.text())
window.mermaid.init(undefined, $ele)
} catch (err) {
var errormessage = err
if (err.str) {
errormessage = err.str
}
$value.unwrap()
$value.parent().append('<div class="alert alert-warning">' + errormessage + '</div>')
console.warn(errormessage)
$value.parent().append(`<div class="alert alert-warning">${escapeHTML(err.str)}</div>`)
console.warn(err)
}
})
// abc.js
@ -408,7 +413,7 @@ export function finishView (view) {
svg[0].setAttribute('preserveAspectRatio', 'xMidYMid meet')
} catch (err) {
$value.unwrap()
$value.parent().append('<div class="alert alert-warning">' + err + '</div>')
$value.parent().append(`<div class="alert alert-warning">${escapeHTML(err)}</div>`)
console.warn(err)
}
})
@ -459,33 +464,12 @@ export function finishView (view) {
// speakerdeck
view.find('div.speakerdeck.raw').removeClass('raw')
.each((key, value) => {
const url = `https://speakerdeck.com/oembed.json?url=https%3A%2F%2Fspeakerdeck.com%2F${encodeURIComponent($(value).attr('data-speakerdeckid'))}`
// use yql because speakerdeck not support jsonp
$.ajax({
url: 'https://query.yahooapis.com/v1/public/yql',
data: {
q: `select * from json where url ='${url}'`,
format: 'json'
},
dataType: 'jsonp',
success (data) {
if (!data.query || !data.query.results) return
const json = data.query.results.json
const html = json.html
var ratio = json.height / json.width
$(value).html(html)
const iframe = $(value).children('iframe')
const src = iframe.attr('src')
if (src.indexOf('//') === 0) { iframe.attr('src', `https:${src}`) }
const inner = $('<div class="inner"></div>').append(iframe)
const height = iframe.attr('height')
const width = iframe.attr('width')
ratio = (height / width) * 100
inner.css('padding-bottom', `${ratio}%`)
$(value).html(inner)
if (window.viewAjaxCallback) window.viewAjaxCallback()
}
})
const url = `https://speakerdeck.com/${$(value).attr('data-speakerdeckid')}`
const inner = $('<a>Speakerdeck</a>')
inner.attr('href', url)
inner.attr('rel', 'noopener noreferrer')
inner.attr('target', '_blank')
$(value).append(inner)
})
// pdf
view.find('div.pdf.raw').removeClass('raw')
@ -513,22 +497,22 @@ export function finishView (view) {
value: code
}
} else if (reallang === 'haskell' || reallang === 'go' || reallang === 'typescript' || reallang === 'jsx' || reallang === 'gherkin') {
code = S(code).unescapeHTML().s
code = unescapeHTML(code)
result = {
value: Prism.highlight(code, Prism.languages[reallang])
}
} else if (reallang === 'tiddlywiki' || reallang === 'mediawiki') {
code = S(code).unescapeHTML().s
code = unescapeHTML(code)
result = {
value: Prism.highlight(code, Prism.languages.wiki)
}
} else if (reallang === 'cmake') {
code = S(code).unescapeHTML().s
code = unescapeHTML(code)
result = {
value: Prism.highlight(code, Prism.languages.makefile)
}
} else {
code = S(code).unescapeHTML().s
code = unescapeHTML(code)
const languages = hljs.listLanguages()
if (!languages.includes(reallang)) {
result = hljs.highlightAuto(code)
@ -589,7 +573,7 @@ export function postProcess (code) {
if (warning && warning.length > 0) {
warning.text(md.metaError)
} else {
warning = $('<div id="meta-error" class="alert alert-warning">' + md.metaError + '</div>')
warning = $(`<div id="meta-error" class="alert alert-warning">${escapeHTML(md.metaError)}</div>`)
result.prepend(warning)
}
}
@ -923,7 +907,7 @@ export function scrollToHash () {
function highlightRender (code, lang) {
if (!lang || /no(-?)highlight|plain|text/.test(lang)) { return }
code = S(code).escapeHTML().s
code = escapeHTML(code)
if (lang === 'sequence') {
return `<div class="sequence-diagram raw">${code}</div>`
} else if (lang === 'flow') {
@ -955,9 +939,6 @@ function highlightRender (code, lang) {
return result.value
}
import markdownit from 'markdown-it'
import markdownitContainer from 'markdown-it-container'
export let md = markdownit('default', {
html: true,
breaks: true,
@ -1055,9 +1036,6 @@ md.renderer.rules.fence = (tokens, idx, options, env, self) => {
return `<pre><code${self.renderAttrs(token)}>${highlighted}</code></pre>\n`
}
/* Defined regex markdown it plugins */
import Plugin from 'markdown-it-regexp'
// youtube
const youtubePlugin = new Plugin(
// regexp to match
@ -1155,7 +1133,7 @@ const emojijsPlugin = new Plugin(
(match, utils) => {
const emoji = match[1].toLowerCase()
const div = $(`<img class="emoji" src="${serverurl}/build/emojify.js/dist/images/basic/${emoji}.png"></img>`)
const div = $(`<img class="emoji" alt=":${emoji}:" src="${serverurl}/build/emojify.js/dist/images/basic/${emoji}.png"></img>`)
return div[0].outerHTML
}
)

23
public/js/history.js
View File

@ -2,30 +2,29 @@
/* global serverurl, moment */
import store from 'store'
import S from 'string'
import LZString from 'lz-string'
import LZString from '@hackmd/lz-string'
import escapeHTML from 'lodash/escape'
import wurl from 'wurl'
import {
checkNoteIdValid,
encodeNoteId
} from './utils'
import {
checkIfAuth
} from './lib/common/login'
import { checkIfAuth } from './lib/common/login'
import {
urlpath
} from './lib/config'
import { urlpath } from './lib/config'
window.migrateHistoryFromTempCallback = null
migrateHistoryFromTemp()
function migrateHistoryFromTemp () {
if (window.url('#tempid')) {
if (wurl('#tempid')) {
$.get(`${serverurl}/temp`, {
tempid: window.url('#tempid')
tempid: wurl('#tempid')
})
.done(data => {
if (data && data.temp) {
@ -274,8 +273,8 @@ function parseToHistory (list, notehistory, callback) {
notehistory[i].fromNow = timestamp.fromNow()
notehistory[i].time = timestamp.format('llll')
// prevent XSS
notehistory[i].text = S(notehistory[i].text).escapeHTML().s
notehistory[i].tags = (notehistory[i].tags && notehistory[i].tags.length > 0) ? S(notehistory[i].tags).escapeHTML().s.split(',') : []
notehistory[i].text = escapeHTML(notehistory[i].text)
notehistory[i].tags = (notehistory[i].tags && notehistory[i].tags.length > 0) ? escapeHTML(notehistory[i].tags).split(',') : []
// add to list
if (notehistory[i].id && list.get('id', notehistory[i].id).length === 0) { list.add(notehistory[i]) }
}

31
public/js/index.js
View File

@ -1,16 +1,6 @@
/* eslint-env browser, jquery */
/* global CodeMirror, Cookies, moment, editor, ui, Spinner,
modeType, Idle, serverurl, key, gapi, Dropbox, FilePicker
ot, MediaUploader, hex2rgb, num_loaded, Visibility */
require('../vendor/showup/showup')
require('../css/index.css')
require('../css/extra.css')
require('../css/slide-preview.css')
require('../css/site.css')
require('highlight.js/styles/github-gist.css')
/* global CodeMirror, Cookies, moment, Spinner, serverurl,
key, Dropbox, ot, hex2rgb, Visibility, inlineAttachment */
import TurndownService from 'turndown'
@ -21,8 +11,12 @@ import hljs from 'highlight.js'
import _ from 'lodash'
import wurl from 'wurl'
import List from 'list.js'
import Idle from '@hackmd/idle-js'
import {
checkLoginStateChanged,
setloginStateChangeEvent
@ -83,6 +77,15 @@ import getUIElements from './lib/editor/ui-elements'
import modeType from './lib/modeType'
import appState from './lib/appState'
require('../vendor/showup/showup')
require('../css/index.css')
require('../css/extra.css')
require('../css/slide-preview.css')
require('../css/site.css')
require('highlight.js/styles/github-gist.css')
var defaultTextHeight = 20
var viewportMargin = 20
var defaultEditorMode = 'gfm'
@ -1389,12 +1392,12 @@ $('#gistImportModalConfirm').click(function () {
if (!isValidURL(gisturl)) {
showMessageModal('<i class="fa fa-github"></i> Import from Gist', 'Not a valid URL :(', '', '', false)
} else {
var hostname = window.url('hostname', gisturl)
var hostname = wurl('hostname', gisturl)
if (hostname !== 'gist.github.com') {
showMessageModal('<i class="fa fa-github"></i> Import from Gist', 'Not a valid Gist URL :(', '', '', false)
} else {
ui.spinner.show()
$.get('https://api.github.com/gists/' + window.url('-1', gisturl))
$.get('https://api.github.com/gists/' + wurl('-1', gisturl))
.done(function (data) {
if (data.files) {
var contents = ''

1
public/js/lib/editor/index.js
View File

@ -1,3 +1,4 @@
/* global CodeMirror, $, editor, Cookies */
import * as utils from './utils'
import config from './config'
import statusBarTemplate from './statusbar.html'

1
public/js/lib/editor/ui-elements.js
View File

@ -1,6 +1,7 @@
/*
* Global UI elements references
*/
/* global $ */
export const getUIElements = () => ({
spinner: $('.ui-spinner'),

15
public/js/lib/editor/utils.js
View File

@ -1,3 +1,4 @@
/* global CodeMirror, editor */
const wrapSymbols = ['*', '_', '~', '^', '+', '=']
export function wrapTextWith (editor, cm, symbol) {
if (!cm.getSelection()) {
@ -51,7 +52,7 @@ export function insertText (cm, text, cursorEnd = 0) {
let cursor = cm.getCursor()
cm.replaceSelection(text, cursor, cursor)
cm.focus()
cm.setCursor({line: cursor.line, ch: cursor.ch + cursorEnd})
cm.setCursor({ line: cursor.line, ch: cursor.ch + cursorEnd })
}
export function insertLink (cm, isImage) {
@ -80,7 +81,7 @@ export function insertLink (cm, isImage) {
cm.setSelections(ranges)
} else {
cm.replaceRange(symbol + linkEnd, cursor, cursor)
cm.setCursor({line: cursor.line, ch: cursor.ch + symbol.length + linkEnd.length})
cm.setCursor({ line: cursor.line, ch: cursor.ch + symbol.length + linkEnd.length })
}
}
cm.focus()
@ -88,8 +89,8 @@ export function insertLink (cm, isImage) {
export function insertHeader (cm) {
let cursor = cm.getCursor()
let startOfLine = {line: cursor.line, ch: 0}
let startOfLineText = cm.getRange(startOfLine, {line: cursor.line, ch: 1})
let startOfLine = { line: cursor.line, ch: 0 }
let startOfLineText = cm.getRange(startOfLine, { line: cursor.line, ch: 1 })
// See if it is already a header
if (startOfLineText === '#') {
cm.replaceRange('#', startOfLine, startOfLine)
@ -108,14 +109,14 @@ export function insertOnStartOfLines (cm, symbol) {
if (!range.empty()) {
const from = range.from()
const to = range.to()
let selection = cm.getRange({line: from.line, ch: 0}, to)
let selection = cm.getRange({ line: from.line, ch: 0 }, to)
selection = selection.replace(/\n/g, '\n' + symbol)
selection = symbol + selection
cm.replaceRange(selection, from, to)
} else {
cm.replaceRange(symbol, {line: cursor.line, ch: 0}, {line: cursor.line, ch: 0})
cm.replaceRange(symbol, { line: cursor.line, ch: 0 }, { line: cursor.line, ch: 0 })
}
}
cm.setCursor({line: cursor.line, ch: cursor.ch + symbol.length})
cm.setCursor({ line: cursor.line, ch: cursor.ch + symbol.length })
cm.focus()
}

12
public/js/pretty.js
View File

@ -1,12 +1,6 @@
/* eslint-env browser, jquery */
/* global refreshView */
require('../css/extra.css')
require('../css/slide-preview.css')
require('../css/site.css')
require('highlight.js/styles/github-gist.css')
import {
autoLinkify,
deduplicatedHeaderId,
@ -24,6 +18,12 @@ import {
import { preventXSS } from './render'
require('../css/extra.css')
require('../css/slide-preview.css')
require('../css/site.css')
require('highlight.js/styles/github-gist.css')
const markdown = $('#doc.markdown-body')
const text = markdown.text()
const lastMeta = md.meta

21
public/js/slide.js
View File

@ -1,12 +1,12 @@
/* eslint-env browser, jquery */
/* global serverurl, Reveal, RevealMarkdown */
require('../css/extra.css')
require('../css/site.css')
import { preventXSS } from './render'
import { md, updateLastChange, removeDOMEvents, finishView } from './extra'
require('../css/extra.css')
require('../css/site.css')
const body = preventXSS($('.slides').text())
window.createtime = window.lastchangeui.time.attr('data-createtime')
@ -74,6 +74,21 @@ const defaultOptions = {
const meta = JSON.parse($('#meta').text())
var options = meta.slideOptions || {}
if (options.hasOwnProperty('spotlight')) {
defaultOptions.dependencies.push({
src: `${serverurl}/build/reveal.js/plugin/spotlight/spotlight.js`
})
}
if (options.hasOwnProperty('allottedTime') || options.hasOwnProperty('allottedMinutes')) {
defaultOptions.dependencies.push({
src: `${serverurl}/build/reveal.js/plugin/elapsed-time-bar/elapsed-time-bar.js`
})
if (options.hasOwnProperty('allottedMinutes')) {
options.allottedTime = options.allottedMinutes * 60 * 1000
}
}
const view = $('.reveal')
// text language

4
public/views/codimd/foot.ejs
View File

@ -8,8 +8,9 @@
<script src="https://cdnjs.cloudflare.com/ajax/libs/js-yaml/3.7.0/js-yaml.min.js" integrity="sha256-8PanqYAVOGlOct+i65R+HqibK3KPsXINnrSfxN+Y/J0=" crossorigin="anonymous" defer></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/MathJax.js" integrity="sha256-yYfngbEKv4RENfGDvNUqJTqGFcKf31NJEe9OTnnMH3Y=" crossorigin="anonymous" defer></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/config/TeX-AMS-MML_HTMLorMML.js" integrity="sha256-immzXfCGLhnx3Zfi9F/dUcqxEM8K3o3oTFy9Bh6HCwg=" crossorigin="anonymous" defer></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/config/Safe.js" integrity="sha256-0ygBUDksNDXZS4vm5HMNH1a33KUu6QT1cdNTN+ZLF+4=" crossorigin="anonymous" defer></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.17.1/moment-with-locales.min.js" integrity="sha256-vvT7Ok9u6GbfnBPXnbM6FVDEO8E1kTdgHOFZOAXrktA=" crossorigin="anonymous" defer></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/mermaid/7.1.0/mermaid.min.js" integrity="sha256-M3OC0Q6g4/+Q4j73OvnsnA+lMkdAE5KgupRHqTiPbnI=" crossorigin="anonymous" defer></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/mermaid/8.2.3/mermaid.min.js" integrity="sha256-4s3fF5e1iWRLtiV7mRev7n17oALqqDHbWrNqF3/r7jU=" crossorigin="anonymous" defer></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/emojify.js/1.1.0/js/emojify.min.js" integrity="sha256-VAB5tAlKBvgaxw8oJ1crWMVbdmBVl4mP/2M8MNRl+4E=" crossorigin="anonymous" defer></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/lodash.js/4.17.2/lodash.min.js" integrity="sha256-Cv5v4i4SuYvwRYzIONifZjoc99CkwfncROMSWat1cVA=" crossorigin="anonymous" defer></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/socket.io/2.1.1/socket.io.js" integrity="sha256-ji09tECORKvr8xB9iCl8DJ8iNMLriDchC1+p+yt1hSs=" crossorigin="anonymous"></script>
@ -23,5 +24,6 @@
<% } else { %>
<script src="<%- serverURL %>/build/MathJax/MathJax.js" defer></script>
<script src="<%- serverURL %>/build/MathJax/config/TeX-AMS-MML_HTMLorMML.js" defer></script>
<script src="<%- serverURL %>/build/MathJax/config/Safe.js" defer></script>
<%- include ../build/index-pack-scripts %>
<% } %>

5
public/views/index/body.ejs
View File

@ -148,12 +148,13 @@
<option value="da">dansk</option>
<option value="ko">한국어</option>
<option value="id">Bahasa Indonesia</option>
<option value="sr">српски</option>
</select>
<p>
Powered by <a href="https://codimd.org">CodiMD</a> | <a href="<%- serverURL %>/s/release-notes" target="_blank" rel="noopener"><%= __('Releases') %></a>| <a href="<%- sourceURL %>" target="_blank" rel="noopener"><%= __('Source Code') %></a><% if(privacyStatement) { %> | <a href="<%- serverURL %>/s/privacy" target="_blank" rel="noopener"><%= __('Privacy') %></a><% } %><% if(termsOfUse) { %> | <a href="<%- serverURL %>/s/terms-of-use" target="_blank" rel="noopener"><%= __('Terms of Use') %></a><% } %>
<%- __('Powered by %s', '<a href="https://github.com/hackmdio/codimd">CodiMD</a>') %> | <a href="<%- serverURL %>/s/release-notes" target="_blank" rel="noopener"><%= __('Releases') %></a>| <a href="<%- sourceURL %>" target="_blank" rel="noopener"><%= __('Source Code') %></a><% if(privacyStatement) { %> | <a href="<%- serverURL %>/s/privacy" target="_blank" rel="noopener"><%= __('Privacy') %></a><% } %><% if(termsOfUse) { %> | <a href="<%- serverURL %>/s/terms-of-use" target="_blank" rel="noopener"><%= __('Terms of Use') %></a><% } %>
</p>
<h6 class="social-foot">
<%- __('Follow us on %s and %s.', '<a href="https://github.com/hackmdio/CodiMD" target="_blank" rel="noopener"><i class="fa fa-github"></i> GitHub</a>, <a href="https://riot.im/app/#/room/#codimd:matrix.org" target="_blank" rel="noopener"><i class="fa fa-comments"></i> Riot</a>', '<a href="https://translate.codimd.org" target="_blank" rel="noopener"><i class="fa fa-globe"></i> POEditor</a>') %>
<%- __('Follow us on %s and %s.', '<a href="https://github.com/hackmdio/CodiMD" target="_blank" rel="noopener"><i class="fa fa-github"></i> GitHub</a>, <a href="https://gitter.im/hackmdio/hackmd" target="_blank" rel="noopener"><i class="fa fa-comments"></i> Gitter</a>', '<a href="https://poeditor.com/join/project/q0nuPWyztp" target="_blank" rel="noopener"><i class="fa fa-globe"></i> POEditor</a>') %>
</h6>
</div>
</div>

4
public/views/pretty.ejs
View File

@ -80,8 +80,9 @@
<script src="https://cdnjs.cloudflare.com/ajax/libs/js-yaml/3.7.0/js-yaml.min.js" integrity="sha256-8PanqYAVOGlOct+i65R+HqibK3KPsXINnrSfxN+Y/J0=" crossorigin="anonymous" defer></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/MathJax.js" integrity="sha256-yYfngbEKv4RENfGDvNUqJTqGFcKf31NJEe9OTnnMH3Y=" crossorigin="anonymous" defer></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/config/TeX-AMS-MML_HTMLorMML.js" integrity="sha256-immzXfCGLhnx3Zfi9F/dUcqxEM8K3o3oTFy9Bh6HCwg=" crossorigin="anonymous" defer></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/config/Safe.js" integrity="sha256-0ygBUDksNDXZS4vm5HMNH1a33KUu6QT1cdNTN+ZLF+4=" crossorigin="anonymous" defer></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.17.1/moment-with-locales.min.js" integrity="sha256-vvT7Ok9u6GbfnBPXnbM6FVDEO8E1kTdgHOFZOAXrktA=" crossorigin="anonymous" defer></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/mermaid/7.1.0/mermaid.min.js" integrity="sha256-M3OC0Q6g4/+Q4j73OvnsnA+lMkdAE5KgupRHqTiPbnI=" crossorigin="anonymous" defer></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/mermaid/8.2.3/mermaid.min.js" integrity="sha256-4s3fF5e1iWRLtiV7mRev7n17oALqqDHbWrNqF3/r7jU=" crossorigin="anonymous" defer></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/emojify.js/1.1.0/js/emojify.min.js" integrity="sha256-VAB5tAlKBvgaxw8oJ1crWMVbdmBVl4mP/2M8MNRl+4E=" crossorigin="anonymous" defer></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/4.0.6/handlebars.min.js" integrity="sha256-1O3BtOwnPyyRzOszK6P+gqaRoXHV6JXj8HkjZmPYhCI=" crossorigin="anonymous" defer></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.12.0/highlight.min.js" integrity="sha256-/BfiIkHlHoVihZdc6TFuj7MmJ0TWcWsMXkeDFwhi0zw=" crossorigin="anonymous" defer></script>
@ -92,6 +93,7 @@
<% } else { %>
<script src="<%- serverURL %>/build/MathJax/MathJax.js" defer></script>
<script src="<%- serverURL %>/build/MathJax/config/TeX-AMS-MML_HTMLorMML.js" defer></script>
<script src="<%- serverURL %>/build/MathJax/config/Safe.js" defer></script>
<%- include build/pretty-pack-scripts %>
<% } %>
<%- include shared/ga %>

4
public/views/shared/help-modal.ejs
View File

@ -17,9 +17,9 @@
<div class="panel-body">
<a href="https://github.com/hackmdio/codimd/issues" target="_blank"><i class="fa fa-tag fa-fw"></i> <%= __('Report an issue') %></a>
<br>
<a href="https://riot.im/app/#/room/#codimd:matrix.org" target="_blank"><i class="fa fa-hashtag fa-fw"></i> <%= __('Meet us on %s', 'Matrix') %></a>
<a href="https://gitter.im/hackmdio/hackmd" target="_blank"><i class="fa fa-hashtag fa-fw"></i> <%= __('Meet us on %s', 'Gitter') %></a>
<br>
<a href="https://translate.codimd.org" target="_blank"><i class="fa fa-language fa-fw"></i> <%= __('Help us translating on %s', 'POEditor') %></a>
<a href="https://poeditor.com/join/project/q0nuPWyztp" target="_blank"><i class="fa fa-language fa-fw"></i> <%= __('Help us translating on %s', 'POEditor') %></a>
</div>
</div>
<div class="panel panel-default">

22
public/views/shared/signin-modal.ejs
View File

@ -24,13 +24,13 @@
</a>
<% } %>
<% if (authProviders.gitlab) { %>
<a href="<%- serverURL %>/auth/gitlab" class="btn btn-lg btn-block btn-social btn-soundcloud">
<a href="<%- serverURL %>/auth/gitlab" class="btn btn-lg btn-block btn-social btn-gitlab">
<i class="fa fa-gitlab"></i> <%= __('Sign in via %s', 'GitLab') %>
</a>
<% } %>
<% if (authProviders.mattermost) { %>
<a href="<%- serverURL %>/auth/mattermost" class="btn btn-lg btn-block btn-social btn-soundcloud">
<i class="fa fa-mattermost"></i> <%= __('Sign in via %s', 'Mattermost') %>
<a href="<%- serverURL %>/auth/mattermost" class="btn btn-lg btn-block btn-social btn-mattermost">
<i class="oauth-icon"><img alt="mattermost-logo" src="<%- serverURL %>/images/mattermost-logo.svg" /></i> <%= __('Sign in via %s', 'Mattermost') %>
</a>
<% } %>
<% if (authProviders.dropbox) { %>
@ -57,7 +57,7 @@
<hr>
<% }%>
<% if (authProviders.ldap) { %>
<h4>Via <% if (authProviders.ldapProviderName) { %> <%= authProviders.ldapProviderName %> (LDAP) <% } else { %> LDAP <% } %></h4>
<h4><%= __('Sign in via %s', authProviders.ldapProviderName ? authProviders.ldapProviderName + ' (LDAP)' : 'LDAP') %></h4>
<form data-toggle="validator" role="form" class="form-horizontal" method="post" enctype="application/x-www-form-urlencoded">
<div class="form-group">
<div class="col-sm-12">
@ -73,7 +73,7 @@
</div>
<div class="form-group">
<div class="col-sm-12">
<button type="submit" class="btn btn-primary" formaction="<%- serverURL %>/auth/ldap">Sign in</button>
<button type="submit" class="btn btn-primary" formaction="<%- serverURL %>/auth/ldap"><%= __('Sign In') %></button>
</div>
</div>
</form>
@ -82,7 +82,7 @@
<hr>
<% }%>
<% if (authProviders.openID) { %>
<h4>OpenID</h4>
<h4><%= __('Sign in via %s', 'OpenID') %></h4>
<form data-toggle="validator" role="form" class="form-horizontal" method="post" enctype="application/x-www-form-urlencoded">
<div class="form-group">
<div class="col-sm-12">
@ -92,7 +92,7 @@
</div>
<div class="form-group">
<div class="col-sm-12">
<button type="submit" class="btn btn-primary" formaction="<%- serverURL %>/auth/openid">Sign in</button>
<button type="submit" class="btn btn-primary" formaction="<%- serverURL %>/auth/openid"><%= __('Sign In') %></button>
</div>
</div>
</form>
@ -101,11 +101,11 @@
<hr>
<% }%>
<% if (authProviders.email) { %>
<h4>Via Email</h4>
<h4><%= __('Sign in via %s', 'E-Mail') %></h4>
<form data-toggle="validator" role="form" class="form-horizontal" method="post" enctype="application/x-www-form-urlencoded">
<div class="form-group">
<div class="col-sm-12">
<input type="email" class="form-control" name="email" placeholder="Email" required>
<input type="email" class="form-control" name="email" placeholder="E-Mail" required>
<span class="help-block control-label with-errors" style="display: inline;"></span>
</div>
</div>
@ -117,8 +117,8 @@
</div>
<div class="form-group">
<div class="col-sm-12">
<button type="submit" class="btn btn-primary" formaction="<%- serverURL %>/login">Sign in</button>
<% if (authProviders.allowEmailRegister) { %><button type="submit" class="btn btn-default" formaction="<%- serverURL %>/register">Register</button><% }%>
<button type="submit" class="btn btn-primary" formaction="<%- serverURL %>/login"><%= __('Sign In') %></button>
<% if (authProviders.allowEmailRegister) { %><button type="submit" class="btn btn-default" formaction="<%- serverURL %>/register"><%= __('Register') %></button><% }%>
</div>
</div>
</form>

4
public/views/slide.ejs
View File

@ -96,8 +96,9 @@
<script src="https://cdnjs.cloudflare.com/ajax/libs/js-yaml/3.7.0/js-yaml.min.js" integrity="sha256-8PanqYAVOGlOct+i65R+HqibK3KPsXINnrSfxN+Y/J0=" crossorigin="anonymous" defer></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/MathJax.js" integrity="sha256-yYfngbEKv4RENfGDvNUqJTqGFcKf31NJEe9OTnnMH3Y=" crossorigin="anonymous" defer></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/config/TeX-AMS-MML_HTMLorMML.js" integrity="sha256-immzXfCGLhnx3Zfi9F/dUcqxEM8K3o3oTFy9Bh6HCwg=" crossorigin="anonymous" defer></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/config/Safe.js" integrity="sha256-0ygBUDksNDXZS4vm5HMNH1a33KUu6QT1cdNTN+ZLF+4=" crossorigin="anonymous" defer></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.17.1/moment-with-locales.min.js" integrity="sha256-vvT7Ok9u6GbfnBPXnbM6FVDEO8E1kTdgHOFZOAXrktA=" crossorigin="anonymous" defer></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/mermaid/7.1.0/mermaid.min.js" integrity="sha256-M3OC0Q6g4/+Q4j73OvnsnA+lMkdAE5KgupRHqTiPbnI=" crossorigin="anonymous" defer></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/mermaid/8.2.3/mermaid.min.js" integrity="sha256-4s3fF5e1iWRLtiV7mRev7n17oALqqDHbWrNqF3/r7jU=" crossorigin="anonymous" defer></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/emojify.js/1.1.0/js/emojify.min.js" integrity="sha256-VAB5tAlKBvgaxw8oJ1crWMVbdmBVl4mP/2M8MNRl+4E=" crossorigin="anonymous" defer></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/4.0.6/handlebars.min.js" integrity="sha256-1O3BtOwnPyyRzOszK6P+gqaRoXHV6JXj8HkjZmPYhCI=" crossorigin="anonymous" defer></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.12.0/highlight.min.js" integrity="sha256-/BfiIkHlHoVihZdc6TFuj7MmJ0TWcWsMXkeDFwhi0zw=" crossorigin="anonymous" defer></script>
@ -108,6 +109,7 @@
<% } else { %>
<script src="<%- serverURL %>/build/MathJax/MathJax.js" defer></script>
<script src="<%- serverURL %>/build/MathJax/config/TeX-AMS-MML_HTMLorMML.js" defer></script>
<script src="<%- serverURL %>/build/MathJax/config/Safe.js" defer></script>
<%- include build/slide-pack-scripts %>
<% } %>
</body>

129
test/connectionQueue.test.js Normal file
View File

@ -0,0 +1,129 @@
/* eslint-env node, mocha */
'use strict'
const assert = require('assert')
const sinon = require('sinon')
const { ProcessQueue } = require('../lib/processQueue')
describe('ProcessQueue', function () {
let clock
const waitTimeForCheckResult = 50
beforeEach(() => {
clock = sinon.useFakeTimers({
toFake: ['setInterval']
})
})
afterEach(() => {
clock.restore()
sinon.restore()
})
it('should not accept more than maximum task', () => {
const queue = new ProcessQueue({ maximumLength: 2 })
queue.start()
assert(queue.push(1, () => (Promise.resolve())))
assert(queue.push(1, () => (Promise.resolve())) === false)
})
it('should run task every interval', (done) => {
const runningClock = []
const queue = new ProcessQueue({ maximumLength: 2 })
const task = async () => {
runningClock.push(clock.now)
}
queue.start()
assert(queue.push(1, task))
assert(queue.push(2, task))
clock.tick(5)
setTimeout(() => {
clock.tick(5)
}, 1)
setTimeout(() => {
clock.tick(5)
}, 2)
setTimeout(() => {
clock.tick(5)
}, 3)
setTimeout(() => {
queue.stop()
assert(runningClock.length === 2)
done()
}, waitTimeForCheckResult)
})
it('should not crash when repeat stop queue', () => {
const queue = new ProcessQueue({ maximumLength: 2, triggerTimeInterval: 10 })
try {
queue.stop()
queue.stop()
queue.stop()
assert.ok(true)
} catch (e) {
assert.fail(e)
}
})
it('should run process when queue is empty', (done) => {
const queue = new ProcessQueue({ maximumLength: 2, triggerTimeInterval: 100 })
const processSpy = sinon.spy(queue, 'process')
queue.start()
clock.tick(100)
setTimeout(() => {
assert(processSpy.called)
done()
}, waitTimeForCheckResult)
})
it('should run process although error occurred', (done) => {
const queue = new ProcessQueue({ maximumLength: 2, triggerTimeInterval: 100 })
const failedTask = sinon.spy(async () => {
throw new Error('error')
})
const normalTask = sinon.spy(async () => {
})
queue.start()
assert(queue.push(1, failedTask))
assert(queue.push(2, normalTask))
clock.tick(100)
setTimeout(() => {
clock.tick(100)
}, 1)
setTimeout(() => {
// assert(queue.queue.length === 0)
assert(failedTask.called)
assert(normalTask.called)
done()
}, waitTimeForCheckResult)
})
it('should ignore trigger when event not complete', (done) => {
const queue = new ProcessQueue({ maximumLength: 2, triggerTimeInterval: 10 })
const processSpy = sinon.spy(queue, 'process')
const longTask = async () => {
return new Promise((resolve) => {
setInterval(() => {
resolve()
}, 50)
})
}
queue.start()
queue.push(1, longTask)
clock.tick(10)
setTimeout(() => {
clock.tick(10)
}, 0)
setTimeout(() => {
clock.tick(10)
}, 1)
setTimeout(() => {
assert(processSpy.callCount === 1)
assert(processSpy.calledOnce)
done()
}, waitTimeForCheckResult)
})
})

43
test/letter-avatars.js
View File

@ -3,11 +3,50 @@
'use strict'
const assert = require('assert')
const avatars = require('../lib/letter-avatars')
const mock = require('mock-require')
describe('generateAvatarURL() gravatar enabled', function () {
let avatars
beforeEach(function () {
// Reset config to make sure we don't influence other tests
let testconfig = {
allowGravatar: true,
serverURL: 'http://localhost:3000',
port: 3000
}
mock('../lib/config', testconfig)
avatars = mock.reRequire('../lib/letter-avatars')
})
describe('generateAvatarURL()', function () {
it('should return correct urls', function () {
assert.strictEqual(avatars.generateAvatarURL('Daan Sprenkels', 'hello@dsprenkels.com', true), 'https://www.gravatar.com/avatar/d41b5f3508cc3f31865566a47dd0336b?s=400')
assert.strictEqual(avatars.generateAvatarURL('Daan Sprenkels', 'hello@dsprenkels.com', false), 'https://www.gravatar.com/avatar/d41b5f3508cc3f31865566a47dd0336b?s=96')
})
it('should return correct urls for names with spaces', function () {
assert.strictEqual(avatars.generateAvatarURL('Daan Sprenkels'), 'http://localhost:3000/user/Daan%20Sprenkels/avatar.svg')
})
})
describe('generateAvatarURL() gravatar disabled', function () {
let avatars
beforeEach(function () {
// Reset config to make sure we don't influence other tests
let testconfig = {
allowGravatar: false,
serverURL: 'http://localhost:3000',
port: 3000
}
mock('../lib/config', testconfig)
avatars = mock.reRequire('../lib/letter-avatars')
})
it('should return correct urls', function () {
assert.strictEqual(avatars.generateAvatarURL('Daan Sprenkels', 'hello@dsprenkels.com', true), 'http://localhost:3000/user/Daan%20Sprenkels/avatar.svg')
assert.strictEqual(avatars.generateAvatarURL('Daan Sprenkels', 'hello@dsprenkels.com', false), 'http://localhost:3000/user/Daan%20Sprenkels/avatar.svg')
})
it('should return correct urls for names with spaces', function () {
assert.strictEqual(avatars.generateAvatarURL('Daan Sprenkels'), 'http://localhost:3000/user/Daan%20Sprenkels/avatar.svg')
})
})

69
test/realtime/cleanDanglingUser.test.js Normal file
View File

@ -0,0 +1,69 @@
/* eslint-env node, mocha */
'use strict'
const assert = require('assert')
const mock = require('mock-require')
const sinon = require('sinon')
const { removeModuleFromRequireCache, makeMockSocket } = require('./utils')
describe('cleanDanglingUser', function () {
let clock
beforeEach(() => {
clock = sinon.useFakeTimers()
mock('../../lib/processQueue', require('../testDoubles/ProcessQueueFake'))
mock('../../lib/logger', {
error: () => {},
info: () => {}
})
mock('../../lib/history', {})
mock('../../lib/models', {
Revision: {
saveAllNotesRevision: () => {
}
}
})
mock('../../lib/config', {
debug: true
})
mock('../../lib/realtimeUpdateDirtyNoteJob', require('../testDoubles/realtimeJobStub'))
mock('../../lib/realtimeSaveRevisionJob', require('../testDoubles/realtimeJobStub'))
})
afterEach(() => {
clock.restore()
removeModuleFromRequireCache('../../lib/realtime')
mock.stopAll()
sinon.restore()
})
it('should call queueForDisconnectSpy when user is dangling', (done) => {
const realtime = require('../../lib/realtime')
const queueForDisconnectSpy = sinon.spy(realtime, 'queueForDisconnect')
realtime.io = {
to: sinon.stub().callsFake(function () {
return {
emit: sinon.fake()
}
}),
sockets: {
connected: {}
}
}
let user1Socket = makeMockSocket()
let user2Socket = makeMockSocket()
user1Socket.rooms.push('room1')
realtime.io.sockets.connected[user1Socket.id] = user1Socket
realtime.io.sockets.connected[user2Socket.id] = user2Socket
realtime.users[user1Socket.id] = user1Socket
realtime.users[user2Socket.id] = user2Socket
clock.tick(60000)
clock.restore()
setTimeout(() => {
assert(queueForDisconnectSpy.called)
done()
}, 50)
})
})

193
test/realtime/connection.test.js Normal file
View File

@ -0,0 +1,193 @@
/* eslint-env node, mocha */
'use strict'
const assert = require('assert')
const mock = require('mock-require')
const sinon = require('sinon')
const { createFakeLogger } = require('../testDoubles/loggerFake')
const { removeLibModuleCache, makeMockSocket } = require('./utils')
const realtimeJobStub = require('../testDoubles/realtimeJobStub')
describe('realtime#connection', function () {
describe('connection', function () {
let realtime
let modelStub
beforeEach(() => {
removeLibModuleCache()
modelStub = {
Note: {
findOne: sinon.stub()
},
User: {},
Author: {}
}
mock('../../lib/logger', createFakeLogger())
mock('../../lib/history', {})
mock('../../lib/models', modelStub)
mock('../../lib/config', {})
mock('../../lib/realtimeUpdateDirtyNoteJob', realtimeJobStub)
mock('../../lib/realtimeCleanDanglingUserJob', realtimeJobStub)
mock('../../lib/realtimeSaveRevisionJob', realtimeJobStub)
mock('../../lib/ot', require('../testDoubles/otFake'))
realtime = require('../../lib/realtime')
})
afterEach(() => {
mock.stopAll()
sinon.restore()
})
describe('fail', function () {
it('should fast return when server not start', () => {
const mockSocket = makeMockSocket()
realtime.maintenance = true
const spy = sinon.spy(realtime, 'parseNoteIdFromSocketAsync')
realtime.connection(mockSocket)
assert(!spy.called)
})
it('should failed when parse noteId occur error', (done) => {
const mockSocket = makeMockSocket()
realtime.maintenance = false
const parseNoteIdFromSocketSpy = sinon.stub(realtime, 'parseNoteIdFromSocketAsync').callsFake(async (socket) => {
/* eslint-disable-next-line */
throw 'error'
})
const failConnectionSpy = sinon.stub(realtime, 'failConnection')
realtime.connection(mockSocket)
setTimeout(() => {
assert(parseNoteIdFromSocketSpy.called)
assert(failConnectionSpy.calledOnce)
assert.deepStrictEqual(failConnectionSpy.lastCall.args, [500, 'error', mockSocket])
done()
}, 50)
})
it('should failed when noteId not exists', (done) => {
const mockSocket = makeMockSocket()
realtime.maintenance = false
const parseNoteIdFromSocketSpy = sinon.stub(realtime, 'parseNoteIdFromSocketAsync').callsFake(async (socket) => {
return null
})
const failConnectionSpy = sinon.stub(realtime, 'failConnection')
realtime.connection(mockSocket)
setTimeout(() => {
assert(parseNoteIdFromSocketSpy.called)
assert(failConnectionSpy.calledOnce)
assert.deepStrictEqual(failConnectionSpy.lastCall.args, [404, 'note id not found', mockSocket])
done()
}, 50)
})
})
it('should success connect', function (done) {
const mockSocket = makeMockSocket()
const noteId = 'note123'
realtime.maintenance = false
const parseNoteIdFromSocketSpy = sinon.stub(realtime, 'parseNoteIdFromSocketAsync').callsFake(async (socket) => {
return noteId
})
const updateUserDataStub = sinon.stub(realtime, 'updateUserData')
realtime.connection(mockSocket)
setTimeout(() => {
assert.ok(parseNoteIdFromSocketSpy.calledOnce)
assert(updateUserDataStub.calledOnce)
done()
}, 50)
})
describe('flow', function () {
it('should establish connection', function (done) {
const noteId = 'note123'
const mockSocket = makeMockSocket(null, {
noteId: noteId
})
mockSocket.request.user.logged_in = true
mockSocket.request.user.id = 'user1'
mockSocket.noteId = noteId
realtime.maintenance = false
sinon.stub(realtime, 'parseNoteIdFromSocketAsync').callsFake(async (socket) => {
return noteId
})
const updateHistoryStub = sinon.stub(realtime, 'updateHistory')
const emitOnlineUsersStub = sinon.stub(realtime, 'emitOnlineUsers')
const emitRefreshStub = sinon.stub(realtime, 'emitRefresh')
const failConnectionSpy = sinon.spy(realtime, 'failConnection')
let note = {
id: noteId,
authors: [
{
userId: 'user1',
color: 'red',
user: {
id: 'user1',
name: 'Alice'
}
},
{
userId: 'user2',
color: 'blue',
user: {
id: 'user2',
name: 'Bob'
}
}
]
}
modelStub.Note.findOne.returns(Promise.resolve(note))
modelStub.User.getProfile = sinon.stub().callsFake((user) => {
return user
})
sinon.stub(realtime, 'checkViewPermission').returns(true)
realtime.connection(mockSocket)
setTimeout(() => {
assert(modelStub.Note.findOne.calledOnce)
assert.deepStrictEqual(modelStub.Note.findOne.lastCall.args[0].include, [
{
model: modelStub.User,
as: 'owner'
}, {
model: modelStub.User,
as: 'lastchangeuser'
}, {
model: modelStub.Author,
as: 'authors',
include: [{
model: modelStub.User,
as: 'user'
}]
}
])
assert(modelStub.Note.findOne.lastCall.args[0].where.id === noteId)
assert(updateHistoryStub.calledOnce)
assert(emitOnlineUsersStub.calledOnce)
assert(emitRefreshStub.calledOnce)
assert(failConnectionSpy.callCount === 0)
assert(realtime.getNotePool()[noteId].id === noteId)
assert(realtime.getNotePool()[noteId].socks.length === 1)
assert.deepStrictEqual(realtime.getNotePool()[noteId].authors, {
user1: {
userid: 'user1', color: 'red', photo: undefined, name: 'Alice'
},
user2: {
userid: 'user2', color: 'blue', photo: undefined, name: 'Bob'
}
})
assert(Object.keys(realtime.getNotePool()[noteId].users).length === 1)
done()
}, 50)
})
})
})
})

129
test/realtime/dirtyNoteUpdate.test.js Normal file
View File

@ -0,0 +1,129 @@
/* eslint-env node, mocha */
'use strict'
const assert = require('assert')
const mock = require('mock-require')
const sinon = require('sinon')
const { removeModuleFromRequireCache, makeMockSocket, removeLibModuleCache } = require('./utils')
describe('realtime#update note is dirty timer', function () {
let realtime
let clock
beforeEach(() => {
removeLibModuleCache()
clock = sinon.useFakeTimers({
toFake: ['setInterval']
})
mock('../../lib/logger', {
error: () => {
}
})
mock('../../lib/history', {})
mock('../../lib/models', {
Revision: {
saveAllNotesRevision: () => {
}
}
})
mock('../../lib/config', {})
realtime = require('../../lib/realtime')
realtime.io = {
to: sinon.stub().callsFake(function () {
return {
emit: sinon.fake()
}
})
}
})
afterEach(() => {
removeModuleFromRequireCache('../../lib/realtimeUpdateDirtyNoteJob')
removeModuleFromRequireCache('../../lib/realtime')
mock.stopAll()
clock.restore()
})
it('should update note when note is dirty', (done) => {
sinon.stub(realtime, 'updateNote').callsFake(function (note, callback) {
callback(null, note)
})
realtime.notes['note1'] = {
server: {
isDirty: false
},
socks: []
}
let note2 = {
server: {
isDirty: true
},
socks: []
}
realtime.notes['note2'] = note2
clock.tick(1000)
setTimeout(() => {
assert(note2.server.isDirty === false)
done()
}, 10)
})
it('should not do anything when note missing', function (done) {
sinon.stub(realtime, 'updateNote').callsFake(function (note, callback) {
delete realtime.notes['note']
callback(null, note)
})
let note = {
server: {
isDirty: true
},
socks: [makeMockSocket()]
}
realtime.notes['note'] = note
clock.tick(1000)
setTimeout(() => {
assert(note.server.isDirty === false)
assert(note.socks[0].disconnect.called === false)
done()
}, 50)
})
it('should disconnect all clients when update note error', function (done) {
sinon.stub(realtime, 'updateNote').callsFake(function (note, callback) {
callback(new Error('some error'), null)
})
realtime.io = {
to: sinon.stub().callsFake(function () {
return {
emit: sinon.fake()
}
})
}
let note = {
server: {
isDirty: true
},
socks: [makeMockSocket(), undefined, makeMockSocket()]
}
realtime.notes['note'] = note
clock.tick(1000)
setTimeout(() => {
assert(note.server.isDirty === false)
assert(note.socks[0].disconnect.called)
assert(note.socks[2].disconnect.called)
done()
}, 50)
})
})

94
test/realtime/disconnect-process.test.js Normal file
View File

@ -0,0 +1,94 @@
/* eslint-env node, mocha */
'use strict'
const assert = require('assert')
const mock = require('mock-require')
const sinon = require('sinon')
const { makeMockSocket, removeModuleFromRequireCache } = require('./utils')
describe('realtime#disconnect', function () {
const noteId = 'note1_id'
let realtime
let updateNoteStub
let emitOnlineUsersStub
let client
beforeEach(() => {
mock('../../lib/logger', {
error: () => {
}
})
mock('../../lib/history', {})
mock('../../lib/models', {
Revision: {
saveAllNotesRevision: () => {
}
}
})
mock('../../lib/config', {})
realtime = require('../../lib/realtime')
updateNoteStub = sinon.stub(realtime, 'updateNote').callsFake((note, callback) => {
callback(null, note)
})
emitOnlineUsersStub = sinon.stub(realtime, 'emitOnlineUsers')
client = makeMockSocket()
client.noteId = noteId
realtime.users[client.id] = {
id: client.id,
color: '#ff0000',
cursor: null,
login: false,
userid: null,
name: null,
idle: false,
type: null
}
realtime.getNotePool()[noteId] = {
id: noteId,
server: {
isDirty: true
},
users: {
[client.id]: realtime.users[client.id]
},
socks: [client]
}
})
afterEach(() => {
removeModuleFromRequireCache('../../lib/realtime')
mock.stopAll()
sinon.restore()
})
it('should disconnect success', function (done) {
realtime.queueForDisconnect(client)
setTimeout(() => {
assert(typeof realtime.users[client.id] === 'undefined')
assert(emitOnlineUsersStub.called)
assert(updateNoteStub.called)
assert(Object.keys(realtime.users).length === 0)
assert(Object.keys(realtime.notes).length === 0)
done()
}, 5)
})
it('should disconnect success when note is not dirty', function (done) {
realtime.notes[noteId].server.isDirty = false
realtime.queueForDisconnect(client)
setTimeout(() => {
assert(typeof realtime.users[client.id] === 'undefined')
assert(emitOnlineUsersStub.called)
assert(updateNoteStub.called === false)
assert(Object.keys(realtime.users).length === 0)
assert(Object.keys(realtime.notes).length === 0)
done()
}, 5)
})
})

91
test/realtime/extractNoteIdFromSocket.test.js Normal file
View File

@ -0,0 +1,91 @@
/* eslint-env node, mocha */
'use strict'
const mock = require('mock-require')
const assert = require('assert')
const { makeMockSocket } = require('./utils')
describe('realtime#extractNoteIdFromSocket', function () {
beforeEach(() => {
mock('../../lib/logger', {})
mock('../../lib/history', {})
mock('../../lib/models', {})
})
afterEach(() => {
delete require.cache[require.resolve('../../lib/realtime')]
mock.stopAll()
})
describe('urlPath not set', function () {
beforeEach(() => {
mock('../../lib/config', {})
realtime = require('../../lib/realtime')
})
let realtime
it('return false if socket or socket.handshake not exists', function () {
let noteId = realtime.extractNoteIdFromSocket()
assert.strictEqual(false, noteId)
noteId = realtime.extractNoteIdFromSocket({})
assert.strictEqual(false, noteId)
})
it('return false if query not set and referer not set', function () {
let noteId = realtime.extractNoteIdFromSocket(makeMockSocket({
otherHeader: 1
}, {
otherQuery: 1
}))
assert.strictEqual(false, noteId)
})
it('return noteId from query', function () {
// Arrange
const incomingNoteId = 'myNoteId'
const incomingSocket = makeMockSocket(undefined, { noteId: incomingNoteId })
// Act
const noteId = realtime.extractNoteIdFromSocket(incomingSocket)
// Assert
assert.strictEqual(noteId, incomingNoteId)
})
it('return noteId from old method (referer)', function () {
// Arrange
const incomingNoteId = 'myNoteId'
const incomingSocket = makeMockSocket({
referer: `https://localhost:3000/${incomingNoteId}`
})
// Act
const noteId = realtime.extractNoteIdFromSocket(incomingSocket)
// Assert
assert.strictEqual(noteId, incomingNoteId)
})
})
describe('urlPath is set', function () {
let realtime
it('return noteId from old method (referer) and urlPath set', function () {
// Arrange
const urlPath = 'hello'
mock('../../lib/config', {
urlPath: urlPath
})
realtime = require('../../lib/realtime')
const incomingNoteId = 'myNoteId'
const incomingSocket = makeMockSocket({
referer: `https://localhost:3000/${urlPath}/${incomingNoteId}`
})
// Act
const noteId = realtime.extractNoteIdFromSocket(incomingSocket)
// Assert
assert.strictEqual(noteId, incomingNoteId)
})
})
})

126
test/realtime/ifMayEdit.test.js Normal file
View File

@ -0,0 +1,126 @@
/* eslint-env node, mocha */
'use strict'
const assert = require('assert')
const mock = require('mock-require')
const sinon = require('sinon')
const { createFakeLogger } = require('../testDoubles/loggerFake')
const realtimeJobStub = require('../testDoubles/realtimeJobStub')
const { removeLibModuleCache, makeMockSocket } = require('./utils')
describe('realtime#ifMayEdit', function () {
let modelsStub
beforeEach(() => {
removeLibModuleCache()
mock('../../lib/config', {})
mock('../../lib/logger', createFakeLogger())
mock('../../lib/models', modelsStub)
mock('../../lib/realtimeUpdateDirtyNoteJob', realtimeJobStub)
mock('../../lib/realtimeCleanDanglingUserJob', realtimeJobStub)
mock('../../lib/realtimeSaveRevisionJob', realtimeJobStub)
})
afterEach(() => {
mock.stopAll()
sinon.restore()
})
const Role = {
Guest: 'guest',
LoggedIn: 'LoggedIn',
Owner: 'Owner'
}
const Permission = {
Freely: 'freely',
Editable: 'editable',
Limited: 'limited',
Locked: 'locked',
Protected: 'protected',
Private: 'private'
}
const testcases = [
{ role: Role.Guest, permission: Permission.Freely, canEdit: true },
{ role: Role.LoggedIn, permission: Permission.Freely, canEdit: true },
{ role: Role.Owner, permission: Permission.Freely, canEdit: true },
{ role: Role.Guest, permission: Permission.Editable, canEdit: false },
{ role: Role.LoggedIn, permission: Permission.Editable, canEdit: true },
{ role: Role.Owner, permission: Permission.Editable, canEdit: true },
{ role: Role.Guest, permission: Permission.Limited, canEdit: false },
{ role: Role.LoggedIn, permission: Permission.Limited, canEdit: true },
{ role: Role.Owner, permission: Permission.Limited, canEdit: true },
{ role: Role.Guest, permission: Permission.Locked, canEdit: false },
{ role: Role.LoggedIn, permission: Permission.Locked, canEdit: false },
{ role: Role.Owner, permission: Permission.Locked, canEdit: true },
{ role: Role.Guest, permission: Permission.Protected, canEdit: false },
{ role: Role.LoggedIn, permission: Permission.Protected, canEdit: false },
{ role: Role.Owner, permission: Permission.Protected, canEdit: true },
{ role: Role.Guest, permission: Permission.Private, canEdit: false },
{ role: Role.LoggedIn, permission: Permission.Private, canEdit: false },
{ role: Role.Owner, permission: Permission.Private, canEdit: true }
]
const noteOwnerId = 'owner'
const loggedInUserId = 'user1'
const noteId = 'noteId'
testcases.forEach((tc) => {
it(`${tc.role} ${tc.canEdit ? 'can' : 'can\'t'} edit note with permission ${tc.permission}`, function () {
const client = makeMockSocket()
const note = {
permission: tc.permission,
owner: noteOwnerId
}
if (tc.role === Role.LoggedIn) {
client.request.user.logged_in = true
client.request.user.id = loggedInUserId
} else if (tc.role === Role.Owner) {
client.request.user.logged_in = true
client.request.user.id = noteOwnerId
}
client.noteId = noteId
const realtime = require('../../lib/realtime')
realtime.getNotePool()[noteId] = note
const callback = sinon.stub()
realtime.ifMayEdit(client, callback)
assert(callback.calledOnce)
assert(callback.lastCall.args[0] === tc.canEdit)
})
})
it('should set lsatchangeuser to null if guest edit operation', function () {
const note = {
permission: Permission.Freely
}
const client = makeMockSocket()
client.noteId = noteId
const callback = sinon.stub()
client.origin = 'operation'
const realtime = require('../../lib/realtime')
realtime.getNotePool()[noteId] = note
realtime.ifMayEdit(client, callback)
assert(callback.calledOnce)
assert(callback.lastCall.args[0])
assert(note.lastchangeuser === null)
})
it('should set lastchangeuser to logged_in user id if user edit', function () {
const note = {
permission: Permission.Freely
}
const client = makeMockSocket()
client.noteId = noteId
client.request.user.logged_in = true
client.request.user.id = loggedInUserId
const callback = sinon.stub()
client.origin = 'operation'
const realtime = require('../../lib/realtime')
realtime.getNotePool()[noteId] = note
realtime.ifMayEdit(client, callback)
assert(callback.calledOnce)
assert(callback.lastCall.args[0])
assert(note.lastchangeuser === loggedInUserId)
})
})

Some files were not shown because too many files have changed in this diff Show More