Merge branch 'master' into feat/GC-1097-user-privateWiki-restriction

CHANGES.md

@@ -1,15 +1,21 @@
 CHANGES
 ========
 
-## 3.2.5-RC
+## 3.2.6-RC
 
+* Feature: Import CSV/TSV/HTML table on Spreadsheet like GUI (Handsontable)
 * Feature: Add select alignment buttons of Spreadsheet like GUI (Handsontable)
+
+## 3.2.5
+
 * Improvement: Expandable Spreadsheet like GUI (Handsontable)
 * Improvement: Move/Resize rows/columns of Spreadsheet like GUI (Handsontable)
 * Improvement: Prevent XSS of New Page modal
 * Fix: Recent Created tab of user home shows wrong page list
     * Introduced by 3.2.4
 * Support: Upgrade libs
+    * @handsontable/react
+    * handsontable
     * metismenu
     * sinon
 

README.md

@@ -79,7 +79,7 @@ On-premise
 ### Dependencies
 
 - node 8.x (DON'T USE 9.x)
-- npm 5.x
+- npm 6.x
 - yarn
 - MongoDB 3.x
 

config/env.dev.js

@@ -10,4 +10,5 @@ module.exports = {
   ],
   // USER_UPPER_LIMIT: 0,
   // DEV_HTTPS: true,
+  // PUBLIC_WIKI_ONLY: true,
 };

package.json

@@ -1,6 +1,6 @@
 {
   "name": "growi",
-  "version": "3.2.5-RC",
+  "version": "3.2.6-RC",
   "description": "Team collaboration software using markdown",
   "tags": [
     "wiki",
@@ -218,7 +218,7 @@
   },
   "engines": {
     "node": ">=8.11.1 <9",
-    "npm": ">=5.6.0 <6",
+    "npm": ">=5.6.0 <7",
     "yarn": "^1.5.1"
   },
   "config": {

resource/locales/en-US/translation.json

@@ -298,6 +298,7 @@
 		"Selecting authentication mechanism": "Selecting authentication mechanism",
 		"common_authentication": "If you set the basic authentication, common authentication is applied on the whole page.",
 		"without_encryption": "Please be noted that your ID and Password will be sent wihtout encryption.",
+		"basic_acl_disable": "Because of Public Wiki  setting, basic authentication can not be used.",
 		"users_without_account": "Users without account is not accessible",
     "example": "Example",
     "restrict_emails": "You can restrict registerable e-mail address.",

resource/locales/ja/translation.json

@@ -317,6 +317,7 @@
     "Selecting authentication mechanism": "認証機構選択",
     "common_authentication": "Basic認証を設定すると、ページ全体に共通の認証がかかります。",
     "without_encryption": "IDとパスワードは暗号化されずに送信されるのでご注意下さい。",
+    "basic_acl_disable": "Public Wiki の設定のため、Basic認証は利用できません。",
     "users_without_account": "アカウントを持たないユーザーはアクセス不可",
     "example": "例",
     "restrict_emails": "登録可能なメールアドレスを制限することができます。",

src/client/js/components/PageEditor/HandsontableModal.jsx

@@ -56,7 +56,8 @@ export default class HandsontableModal extends React.Component {
            * HotTable#shouldComponentUpdate is called in this process and it call the updateSettings method for the Handsontable instance.
            * After updateSetting is executed, Handsontable calls a AfterUpdateSetting hook.
            */
-          afterUpdateSettings: HandsontableUtil.createHandlerToSynchronizeHandontableAlignWith(initMarkdownTable.options.align)
+          //// commented out and will be fixed by GC-1203 -- 2018.10.19 Yuki Takei
+          // afterUpdateSettings: HandsontableUtil.createHandlerToSynchronizeHandontableAlignWith(initMarkdownTable.options.align)
         })
       }
     );
@@ -77,7 +78,8 @@ export default class HandsontableModal extends React.Component {
 
   save() {
     let newMarkdownTable = this.state.markdownTable.clone();
-    newMarkdownTable.options.align = HandsontableUtil.getMarkdownTableAlignmentFrom(this.refs.hotTable.hotInstance);
+    //// commented out and will be fixed by GC-1203 -- 2018.10.19 Yuki Takei
+    // newMarkdownTable.options.align = HandsontableUtil.getMarkdownTableAlignmentFrom(this.refs.hotTable.hotInstance);
 
     if (this.props.onSave != null) {
       this.props.onSave(newMarkdownTable);
@@ -153,13 +155,15 @@ export default class HandsontableModal extends React.Component {
           <Modal.Title>Edit Table</Modal.Title>
         </Modal.Header>
         <Modal.Body className="p-0 d-flex flex-column">
-          <Navbar>
+          <Navbar className="mb-0">
             <Navbar.Form>
+              {/* commented out and will be fixed by GC-1203 -- 2018.10.19 Yuki Takei
               <ButtonGroup>
                 <Button onClick={() => { this.setClassNameToColumns('htLeft') }}><i className="ti-align-left"></i></Button>
                 <Button onClick={() => { this.setClassNameToColumns('htCenter') }}><i className="ti-align-center"></i></Button>
                 <Button onClick={() => { this.setClassNameToColumns('htRight') }}><i className="ti-align-right"></i></Button>
               </ButtonGroup>
+              */}
             </Navbar.Form>
           </Navbar>
           <div ref="hotTableContainer" className="m-4 hot-table-container">
@@ -213,29 +217,30 @@ export default class HandsontableModal extends React.Component {
           'separator1': Handsontable.plugins.ContextMenu.SEPARATOR,
           'remove_row': {}, 'remove_col': {},
           'separator2': Handsontable.plugins.ContextMenu.SEPARATOR,
-          'custom_alignment': {
-            name: 'Align columns',
-            key: 'align_columns',
-            submenu: {
-              items: [{
-                name: 'Left',
-                key: 'align_columns:1',
-                callback: function(key, selection) {
-                  HandsontableUtil.setClassNameToColumns(this, selection[0].start.col, selection[0].end.col, 'htLeft');
-                }}, {
-                name: 'Center',
-                key: 'align_columns:2',
-                callback: function(key, selection) {
-                  HandsontableUtil.setClassNameToColumns(this, selection[0].start.col, selection[0].end.col, 'htCenter');
-                }}, {
-                name: 'Right',
-                key: 'align_columns:3',
-                callback: function(key, selection) {
-                  HandsontableUtil.setClassNameToColumns(this, selection[0].start.col, selection[0].end.col, 'htRight');
-                }}
-              ]
-            }
-          }
+          //// commented out and will be fixed by GC-1203 -- 2018.10.19 Yuki Takei
+          // 'custom_alignment': {
+          //   name: 'Align columns',
+          //   key: 'align_columns',
+          //   submenu: {
+          //     items: [{
+          //       name: 'Left',
+          //       key: 'align_columns:1',
+          //       callback: function(key, selection) {
+          //         HandsontableUtil.setClassNameToColumns(this, selection[0].start.col, selection[0].end.col, 'htLeft');
+          //       }}, {
+          //       name: 'Center',
+          //       key: 'align_columns:2',
+          //       callback: function(key, selection) {
+          //         HandsontableUtil.setClassNameToColumns(this, selection[0].start.col, selection[0].end.col, 'htCenter');
+          //       }}, {
+          //       name: 'Right',
+          //       key: 'align_columns:3',
+          //       callback: function(key, selection) {
+          //         HandsontableUtil.setClassNameToColumns(this, selection[0].start.col, selection[0].end.col, 'htRight');
+          //       }}
+          //     ]
+          //   }
+          // }
         }
       }
 

src/client/js/components/SavePageControls.jsx

@@ -42,6 +42,8 @@ class SavePageControls extends React.PureComponent {
   render() {
     const { t } = this.props;
 
+    const config = this.props.crowi.getConfig();
+    const isAclEnabled = config.isAclEnabled;
     const label = this.state.pageId == null ? t('Create') : t('Update');
 
     return (
@@ -56,17 +58,20 @@ class SavePageControls extends React.PureComponent {
               slackChannels={this.props.slackChannels} />
         </div>
 
-        <div className="mr-2">
-          <GrantSelector crowi={this.props.crowi}
-              ref={(elem) => {
-                if (this.refs.grantSelector == null) {
-                  this.refs.grantSelector = elem.getWrappedInstance();
-                }
-              }}
-              grant={this.props.grant}
-              grantGroupId={this.props.grantGroupId}
-              grantGroupName={this.props.grantGroupName} />
-        </div>
+
+        {isAclEnabled &&
+          <div className="mr-2">
+            <GrantSelector crowi={this.props.crowi}
+                ref={(elem) => {
+                  if (this.refs.grantSelector == null) {
+                    this.refs.grantSelector = elem.getWrappedInstance();
+                  }
+                }}
+                grant={this.props.grant}
+                grantGroupId={this.props.grantGroupId}
+                grantGroupName={this.props.grantGroupName} />
+          </div>
+        }
 
         <button className="btn btn-primary btn-submit" onClick={this.submit}>{label}</button>
       </div>

src/client/styles/scss/_override-handsontable.scss

@@ -1,3 +0,0 @@
-.modal .handsontable .wtBorder {
-  z-index: 110;
-}

src/client/styles/scss/style.scss

@@ -14,9 +14,6 @@
 // override react-bootstrap-typeahead styles
 @import 'override-rbt';
 
-// override Handsontable styles
-@import 'override-handsontable';
-
 // crowi component
 @import 'admin';
 @import 'attachments';

src/server/models/config.js

@@ -351,6 +351,11 @@ module.exports = function(crowi) {
   };
 
   configSchema.statics.isGuesstAllowedToRead = function(config) {
+    // return true if puclic wiki mode
+    if (Config.isPublicWikiOnly(config)) {
+      return true;
+    }
+
     // return false if undefined
     if (undefined === config.crowi || undefined === config.crowi['security:restrictGuestMode']) {
       return false;
@@ -373,6 +378,13 @@ module.exports = function(crowi) {
     const key = 'markdown:isEnabledLinebreaksInComments';
     return getValueForMarkdownNS(config, key);
   };
+  configSchema.statics.isPublicWikiOnly = function(config) {
+    const publicWikiOnly = process.env.PUBLIC_WIKI_ONLY;
+    if ( publicWikiOnly === 'true' || publicWikiOnly == 1) {
+      return true;
+    }
+    return false;
+  };
 
   configSchema.statics.pageBreakSeparator = function(config) {
     const key = 'markdown:presentation:pageBreakSeparator';
@@ -605,6 +617,7 @@ module.exports = function(crowi) {
         MATHJAX: env.MATHJAX || null,
       },
       recentCreatedLimit: Config.showRecentCreatedNumber(config),
+      isAclEnabled: !Config.isPublicWikiOnly(config),
     };
 
     return local_config;

src/server/routes/admin.js

@@ -104,7 +104,8 @@ module.exports = function(crowi, app) {
   actions.security = {};
   actions.security.index = function(req, res) {
     const settingForm = Config.setupCofigFormData('crowi', req.config);
-    return res.render('admin/security', { settingForm });
+    const isAclEnabled = !Config.isPublicWikiOnly(req.config);
+    return res.render('admin/security', { settingForm, isAclEnabled });
   };
 
   // app.get('/admin/markdown'                  , admin.markdown.index);
@@ -677,10 +678,12 @@ module.exports = function(crowi, app) {
   actions.userGroup = {};
   actions.userGroup.index = function(req, res) {
     var page = parseInt(req.query.page) || 1;
+    const isAclEnabled = !Config.isPublicWikiOnly(req.config);
     var renderVar = {
       userGroups: [],
       userGroupRelations: new Map(),
       pager: null,
+      isAclEnabled,
     };
 
     UserGroup.findUserGroupsWithPagination({ page: page })
@@ -1038,6 +1041,21 @@ module.exports = function(crowi, app) {
 
   actions.api.securitySetting = function(req, res) {
     const form = req.form.settingForm;
+    const config = crowi.getConfig();
+    const isPublicWikiOnly = Config.isPublicWikiOnly(config);
+    if (isPublicWikiOnly) {
+      const basicName = form['security:basicName'];
+      const basicSecret = form['security:basicSecret'];
+      if (basicName != '' || basicSecret != '') {
+        req.form.errors.push('Public Wikiのため、Basic認証は利用できません。');
+        return res.json({status: false, message: req.form.errors.join('\n')});
+      }
+      const guestMode = form['security:restrictGuestMode'];
+      if ( guestMode == 'Deny' ) {
+        req.form.errors.push('Private Wikiへの設定変更はできません。');
+        return res.json({status: false, message: req.form.errors.join('\n')});
+      }
+    }
 
     if (req.form.isValid) {
       debug('form content', form);

src/server/views/admin/security.html

@@ -44,16 +44,20 @@
             <label for="settingForm[security:registrationMode]" class="col-xs-3 control-label">{{ t('Basic authentication') }}</label>
             <div class="col-xs-3">
               <label for="">ID</label>
-              <input class="form-control" type="text" name="settingForm[security:basicName]"   value="{{ settingForm['security:basicName']|default('') }}">
+              <input class="form-control" type="text" name="settingForm[security:basicName]"   value="{{ settingForm['security:basicName']|default('') }}" {% if not isAclEnabled  %}readonly{% endif%}>
             </div>
             <div class="col-xs-3">
               <label for="">{{ t('Password') }}</label>
-              <input class="form-control" type="text" name="settingForm[security:basicSecret]" value="{{ settingForm['security:basicSecret']|default('') }}">
+              <input class="form-control" type="text" name="settingForm[security:basicSecret]" value="{{ settingForm['security:basicSecret']|default('') }}" {% if not isAclEnabled  %}readonly{% endif%}>
             </div>
             <div class="col-xs-offset-3 col-xs-9">
               <p class="help-block">
-                {{ t("security_setting.common_authentication") }}<br>
-                {{ t("security_setting.without_encryption") }}<br>
+                {% if not isAclEnabled %}
+                  {{ t("security_setting.basic_acl_disable") }}<br>
+                {% else %}
+                  {{ t("security_setting.common_authentication") }}<br>
+                  {{ t("security_setting.without_encryption") }}<br>
+                {% endif %}
               </p>
             </div>
           </div>
@@ -301,6 +305,7 @@
       {
         function showMessage(formId, msg, status) {
           $('#' + formId + ' > .alert').remove();
+          $('#' + formId ).find('.alert').remove();
 
           if (!status) {
             status = 'success';

src/server/views/admin/user-groups.html

@@ -33,7 +33,11 @@
 
     <div class="col-md-9">
       <p>
-        <button  data-toggle="collapse" class="btn btn-default" href="#createGroupForm">新規グループの作成</button>
+        {% if isAclEnabled %}
+          <button  data-toggle="collapse" class="btn btn-default" href="#createGroupForm">新規グループの作成</button>
+        {% else %}
+          現在の設定では新規グループの作成はできません。
+        {% endif %}
       </p>
       <form role="form" action="/admin/user-group/create" method="post">
         <div id="createGroupForm" class="collapse">
@@ -124,13 +128,18 @@
             <td>
               <img src="{{ sGroup|picture }}" class="picture img-circle" />
             </td>
-            <td><a href="{{ sGroupDetailPageUrl }}">{{ sGroup.name | preventXss }}</a></td>
+            {% if isAclEnabled %}
+              <td><a href="{{ sGroupDetailPageUrl }}">{{ sGroup.name | preventXss }}</a></td>
+            {% else %}
+              <td>{{ sGroup.name | preventXss }}</td>
+            {% endif %}
             <td><ul class="list-inline">
               {% for relation in userGroupRelations.get(sGroup) %}
               <li class="list-inline-item badge badge-primary">{{relation.relatedUser.username}}</li>
               {% endfor %}
             </ul></td>
             <td>{{ sGroup.createdAt|date('Y-m-d', sGroup.createdAt.getTimezoneOffset()) }}</td>
+            {% if isAclEnabled %}
             <td>
               <div class="btn-group admin-group-menu">
                 <button type="button" class="btn btn-default btn-sm dropdown-toggle" data-toggle="dropdown">
@@ -156,6 +165,9 @@
                 </ul>
               </div>
             </td>
+            {% else %}
+              <td></td>
+            {% endif %}
           </tr>
           {% endfor %}
         </tbody>

wercker.yml

@@ -17,7 +17,10 @@ test:
 
     - script:
       name: print dependencies
-      code: yarn list --depth=0
+      code: |
+        echo -n "node " && node -v
+        echo -n "npm " && npm -v
+        yarn list --depth=0
 
     - script:
       name: npm test
@@ -52,7 +55,10 @@ build-prod:
 
     - script:
       name: print dependencies
-      code: yarn list --depth=0
+      code: |
+        echo -n "node " && node -v
+        echo -n "npm " && npm -v
+        yarn list --depth=0
 
     - script:
       name: npm run build:prod:analyze
@@ -97,7 +103,10 @@ build-dev:
 
     - script:
       name: print dependencies
-      code: yarn list --depth=0
+      code: |
+        echo -n "node " && node -v
+        echo -n "npm " && npm -v
+        yarn list --depth=0
 
     - script:
       name: npm run build:dev