86ac86b83f
Response: addHeader(): Pass by value, not reference
2021-10-10 20:15:28 +02:00
92e7390056
utils: Pass by value where it makes sense
2021-10-10 20:15:28 +02:00
b1a8572eb6
utils: hasKey(), getKeyOrEmpty(), getAll(): Take params as references
...
Somehow, the fact that multimap was being copyied slipped through.
2021-10-10 20:15:28 +02:00
44ade88cae
Template: createPage(): Take std::string_view
2021-10-10 20:15:28 +02:00
aadb623bf7
UserDaoSqlite: Remove redundant std::move
2021-10-08 23:38:22 +02:00
828d827c3d
Adjust to new Template::getPage() returning value, not reference
2021-10-08 00:11:58 +02:00
8ffa64beea
Template: Use MapCache, getPage(): Return value, not reference
2021-10-08 00:11:30 +02:00
e970ba1682
cache: MapCache: Introduce MapCache, thread-safe cache (key/value store)
2021-10-08 00:08:00 +02:00
b59e81a41d
CLI: Begin 'page' and 'pageperms' commands
2021-10-05 21:57:20 +02:00
f002969cc1
PermissionsDao: Add save()
2021-10-05 21:51:31 +02:00
c4072a7e95
Sandbox: Remove multiple stages
...
While interesitng in theory, there is nothing to be gained here,
because we don't really have user input at those early stages.
As we are also not a privileged process, those early stage
sandboxes in the end are not worth it, since they increase
complexity while there is no benefit in practise.
So, reduce those 3 stages to a single one (enable()), which we
activate after CLI server has launched.
2021-10-03 23:53:56 +02:00
257675485d
Template: Remove redundant debug output
2021-10-03 23:13:59 +02:00
94ade7238e
CLI: Add 'version' command
2021-10-03 23:04:46 +02:00
fa5e75893f
Add version.{h,cpp}: Returning version info
2021-10-03 23:01:19 +02:00
3d0fce590b
Introduce CLI
...
main: Parse args using getopt_long() in main().
Begin implementation of a CLI. It can be launched
using ./qswiki config --cli.
Allow connecting to another instance using "attach" command.
This uses Unix domain sockets, and in the future can be used
to drop caches, reload template, etc.
Closes : #21
2021-10-03 17:05:46 +02:00
1082f8ac5a
Permissions: Add toString()
...
Get a (reasonable) string representation of the permissions contained
in a Permissions object.
2021-10-03 17:01:48 +02:00
8b044d712b
Authenticator: Introduce AUTH_DEFAULT_SALT_SIZE
2021-10-03 17:01:03 +02:00
5037a17fba
utils: introduce trim()
2021-10-03 16:51:04 +02:00
164b2c19ee
userDao: Implement list()
2021-10-03 16:51:04 +02:00
8d685dc581
Makefile: Remove -lseccomp as we don't need it anymore
2021-09-29 18:33:45 +02:00
ed43f5f700
submodules: update cpp-httplib
2021-09-29 18:28:18 +02:00
10f00aeb45
main: Pass absolute path of config file
...
As sandboxing code chroots and chdirs away,
2021-09-23 17:13:08 +02:00
67eb8b6428
sandbox: adjust to latest qssb.h
2021-09-23 17:13:08 +02:00
f26fd19fb4
submodules: sync with latest upstream
2021-09-23 17:13:08 +02:00
204a72da1f
setup: Fix broken FTS DELETE op
...
Thie previous DELETE statement lead to strange
behaviours. It was pure luck this did not blow up
before all these years. It appears it may leave the index
in an undefined state, and the database recently started
to display strange behaviour in connection with newer sqlite
version.
Now, just remove the previous revision from the FTS index,
as for now, search only cares about the most recent revisions.
Also, remove redundant UPDATE trigger on revision table
We never update revisions, thus such trigger is simply
redundant.
Relevant: https://gitlab.gnome.org/GNOME/tracker/-/merge_requests/353
2021-09-23 17:13:08 +02:00
88816a4015
utils: html_xss(): Add ' and &
...
They REALLY should have been there from the beginning...
2021-06-15 18:37:52 +02:00
a930b7aea6
submodules: sync with latest upstream
2021-04-18 13:35:43 +02:00
250e4a94a6
Authenticator: pbkd5(): Mark as const
2021-04-18 13:35:43 +02:00
ac56b2f61d
Random: Mark getRandom* const
2021-04-18 13:35:43 +02:00
4dc688f9eb
utils: split: Rename all splitBy*() variants to split()
2021-04-18 13:35:02 +02:00
b995362d1f
HandlerLogin: Remove dead code
2021-04-16 16:37:34 +02:00
9f9fd2920b
template: Remove user_changepw, it's usersettings now
2021-04-16 16:37:34 +02:00
70c4bfaffa
Introduce HandlerUserSettings to change user settings, e. g. pw changes
2021-04-16 16:37:34 +02:00
ac99894157
HandlerLogin: Use Authenticator, drop own logic
2021-03-26 23:02:03 +01:00
5693911e01
Introduce Authenticator: Centralizes Authentication/password check logic
2021-03-26 22:48:26 +01:00
e322587d07
Add usersettings template and config values
2021-03-26 22:45:09 +01:00
9840dbbeff
Random: add getRandom(), returning std::vector<char>
2021-03-26 22:44:08 +01:00
d507c507e4
handlersearch: Allow all characters by escaping FTS
...
Escape FTS queries by simply treating everything as string.
Though this way a user cannot use operators, it's an improvement
over how it was done before.
Closes : #7
2021-03-25 21:44:02 +01:00
2aa11fc2b2
HandlerPageView: Add misisng check whether passed revision is most recent
2021-03-16 21:05:59 +01:00
e4562809a0
handlerpageedit: Retain comment when clicking preview
2021-03-08 11:37:45 +01:00
00392e2469
Parser: Add category to tagfinder to replace it with an empty str
2021-03-02 23:36:19 +01:00
dac07d23a9
HandlerPageView: Use revision from db, not query param, as template value.
...
Not a vulnerability, but more correct this way.
2021-01-29 16:46:13 +01:00
0c66fdf70d
Handler: queryOption: Take default sort order param. History: default descending
2020-12-31 16:15:36 +01:00
b9ff4068bd
Handler: QueryOptions: Change default to more natural ascending sort
2020-12-29 23:36:07 +01:00
821d799e3e
submodules: sync each with latest repo HEAD
2020-11-20 15:53:16 +01:00
a6c08a3447
Parser: reformat and remove dead code
2020-11-15 20:27:48 +01:00
cd7e99bf30
template/quitesimple: insert missing space
2020-10-12 22:13:32 +02:00
bc24035f4d
submodule/cpp-httplib: update to current release
2020-09-26 17:28:57 +02:00
75f76f58eb
sandbox: First version using qssb.h
2020-09-26 17:13:29 +02:00
5abaaf67d0
HandlerPageView: Prevent viewing older revisions if not allowed
2020-09-21 21:44:26 +02:00