Merge branch 'staging' into replace-help-menu

pull/1/head
yflory 4 years ago
commit 3808f414b6

@ -1,25 +1,22 @@
# 4.2.0-candidate (C)
# 4.2.0 (C)
## Goals
* catch up on pending branches and activities
* documentation
* translation
* stabilize
We've made a lot of big changes to the platform lately. This release has largely been an attempt to stabilize the codebase by fixing bugs and merging features that we hadn't had a chance to test until now, all while updating our documentation and removing unused or outdated code.
## Update notes
* serverside dependency updates
* removed translations. if you see something, say something
* removed /assert/translations/ and related code as this is handled by weblate
* display subscribe button on home page if subscriptions are supported
* display a home page notice via application_config.js via supplied HTML
* link to our sponsors websites via their logos
* scripts
* separate archive deletion code from inactive pad removal
* script to identify unused translations
This release includes an update to the sheet editor which is not backwards-compatible. Clients running the new version will not be able to correctly communicate with clients running older versions. Clients will automatically detect that a new version is available upon reconnecting to the server after a restart, so as long as you follow the steps recommended below this should be fine.
Otherwise, to update from 4.1.0 to 4.2.0:
We've also updated a server-side dependency that is not backwards-compatible. Failure to update both the platform and its dependencies together will result in errors.
The `scripts` directory now includes a script to identify unused translations. We used this to reduce the size of our localization files (`cryptpad/www/common/translations/*.json`). We reviewed the changes carefully and did our best to test, but it's always possible that a string was erroneously removed. If you notice any bugs in the UI where text seems to be missing, please let us (the developers) know via a GitHub issue.
CryptPad.fr now stores more than a terabyte of data, making it quite intensive to run the scripts to remove inactive files from the disk. To help alleviate this strain we've moved the code responsible for deleting files that have been archived for longer than the configured retention period into its own script (`./scripts/evict-archived.js`). For the moment this script is not integrated into the server and will not automatically run in the background as the main eviction script does. It's recommended that you run it manually if you find you are low on disk space.
Since early in the pandemic we've been serving a custom home page on CryptPad.fr to inform users that we've increased the amount of storage provided for free. This was originally intended as a temporary measure, but since almost a year has passed we figured it was about time we integrate this custom code into the platform itself. Admins can now add a custom note to the home page, using customized HTML in `customize/application_config.js`. To do this, define an `AppConfig.homeNotice` attribute like so: `AppConfig.homeNotice = "<b>pewpew</b>";`.
To update from 4.1.0 to 4.2.0:
1. Stop your server
2. Get the latest code from the 4.1.0 tag (`git fetch origin && git checkout 4.1.0`, or just `git pull origin main`)
@ -28,67 +25,44 @@ Otherwise, to update from 4.1.0 to 4.2.0:
## Features
* chat color in pads, teams, and the contacts app
* rich text
* use white background for rich text documents even in dark mode
* offline improvements
* offline mode for file app
* offline teams and team shared folder
* download whiteboard from the drive
* checkup page
* translations
* update prompts related to password protection in various modals
* link to the docs from the support page's ticket creation interface
* refresh server performance stats without refreshing the admin page
* The "What is CryptPad" page now links to our sponsors websites instead of just mentioning them by name.
* We've updated the colors for the contacts app and the chat integrated into documents and teams to fit better with our other styles.
* We've reverted the styles for the rich text editor so that the document always has a white background, even in dark mode, since we could not guarantee that documents would be legible to all users if custom text colors had been applied. While we were looking at this editor, we also repositioned several buttons used to control the page's layout, including the width of the document, the presence of the table of contents, and its comments.
* We've continued to improve several key parts of the platform to accommodate offline usage. Teams, shared folders within teams, and the file app can now load and display content cached within the browser even if the client cannot establish a connection to our API server.
* The content of _whiteboard_ documents can now be downloaded directly from within team or user drives, rather than exclusively from within the whiteboard editor itself. To do so, right-click a whiteboard and choose _download_ to export a PNG file.
* Since we now regularly serve more than 125 thousand visitors a week it's gotten quite difficult to keep up with support tickets. To help alleviate this burden we're taking steps to increase the visibility of our documentation (https://docs.cryptpad.fr). The support ticket page now displays a link to that documentation above the form to create a new ticket.
* Several users have reported confusion regarding various password fields in CryptPad, in the access menu, pad creation screen, when uploading new files, and when creating a shared folder. We've updated the text associated with these fields to better indicate that they are not requesting your user password, but rather that they allow you to add an optional password as an additional layer of protection.
* Server administrators can now refresh the _performance_ table on the admin panel without reloading the page.
* We've begun working on a _checkup_ page for CryptPad to help administrators identify and fix common misconfigurations of the platform. It's still in a very basic state, but we hope to to make it a core part of the server installation guide that is under development.
* The kanban app now supports import like the rest of our apps and rejects content of any file-type other than JSON.
## Bug fixes
* chat spinner: correctly hidden when the chat finishes loading
* caused by insufficient selector specificity
* rich text
* display button to adjust document width inline instead of in toolbar
* display comments inline on mobile instead of on the right
* server
* messages are not acknowledged or broadcast until they have been validated and written to the disk
* see [#553](https://github.com/xwiki-labs/cryptpad/issues/553)
* completion of unowned uploads was broken by a change introduced in late december
* shared folders
* fix a bug: loss of access to shared folders
* related to access lists and the offline cache
* loss of access with pads loaded before the worker is ready
* dark mode
* text media-tags use markdown's block styles
* 404 page
* uses the dark theme's background color correctly
* remove an unnecessary scrollbar
* darkfix branch
* removed unused colors
* admin support last message is no longer red
* sidebar hint uses new grey name
* more severe fade on drive icon hover
* drive info box inline links are now styled
* autocomplete dropdown styles weren't applied
* notifications bell now uses same text color as toolbar title
* filepicker background color
* fix tippy popper color
* fix plaintext colors in file app
* styles
* remove round corners on limit bar
* add branded link color to support ticket attachment links in the admin panel
* OnlyOffice sheets
* use configured language from CryptPad
* support multiple locks per-user
* not backwards compatible... restart server when updating!
* fix filter/sort
* caused by the overly eager suppression of a modal
* add support for strict mode
* supports undo/redo
* [#195](https://github.com/xwiki-labs/cryptpad/issues/195)
* fix kanban import
* file upload
* warn before attempting to upload a file that is too large
* [#682](https://github.com/xwiki-labs/cryptpad/issues/682)
* disallow upload outside of the documents section of drives
* We've fixed a long list of minor stylistic inconsistencies following last release's introduction of dark mode:
* Text embedded in documents via media-tags now features the same background and text color as is applied to similar preformatted code blocks in markdown.
* The arrow portion of our tooltips had inherited an inconsistent background color from a parent element. It now uses the same color as the body of the tooltip.
* Our 404 page now correctly uses the theme's background color.
* We removed a number of unused color variables from our style sheets.
* The most recent user message of any thread on the admin panel's view of support tickets is no longer red. Since we now categorize messages according to their answered status and priority, this indicator was no longer necessary.
* We fixed some contrast issues on for pages with sidebars (settings, teams, admin, etc.) when hovering over items in the sidebar.
* Various items in the drive and pad type selection menu also had contrast issues when hovering over options.
* Links in the drive's info boxes and in the admin panel are now correctly styled with the same color as links throughout the rest of the platform.
* Race conditions between conflicting styles for autocomplete dropdowns caused them to be displayed behind other elements under certain circumstances.
* The "bell" icon which we use for the notifications menu in the toolbar now uses the same color as documents' titles, rather than the color of the editor's toolbar.
* Items in the filepicker modal which is opened by various apps' "Insert" menu now have a lighter grey background instead of the almost-black color applied in 4.1.0.
* The storage limit indicator shown in the bottom-left corner of user and team drives no longer has round corners.
* An insufficiently specific CSS selector caused the "spinner" animation to persist in the chat interface after it should have been hidden.
* The client will now check whether a file is larger than is allowed by the server before attempting to upload it, rather failing only when the server rejects the upload.
* The drive no longer allows files to be dragged and dropped into locations other than the "Documents" section, as it did not make sense for files to be displayed anywhere else.
* We identified and fixed a number of issues which caused shared folders that were protected with access lists to fail to load due to race conditions between loading the document and authenticating with the server as a user or member of a team. This could also result in a loss of access to documents stored exclusively in those shared folders.
* We've fixed a number of server issues:
1. A change in a function signature in late December caused the upload of unowned files to fail to complete.
2. Messages sent via websocket are no longer broadcast to other members of a session until they have been validated by the server and stored on the disk. This was not a security issue as clients validate messages anyway, however, it could cause inconsistencies in documents when some members of a session incorrectly believed that a message had been saved.
3. A subtle race condition in very specific circumstances could cause the server's in-memory index for a given session to become incorrect. This could cause one or two messages to be omitted when requesting the most recent history. We observed this in practice when some clients did not realize they had been kicked from a team. This is unlikely to have affected anyone in practice because it only occurred when reconnecting using cached messages for the document which records team membership, and this functionality is only being introduced in this release.
* We spent a lot of time improving our integration of OnlyOffice's sheet editor:
* The editor is now initialized with your CryptPad account's preferred language.
* We realized that our peer-to-peer locking system (which replaces the server-based system provided by OnlyOffice's document server) did not correctly handle multiple locks per user. This caused errors when filtering and sorting columns. We've improved our locking system so these features should now work as expected, but old clients will not understand the new format. As mentioned in the "Update notes" section, admins must follow the recommended update steps to ensure that all clients correctly update to the latest version.
* We've removed a restriction we imposed to ensure all users editing a sheet were using OnlyOffice's "fast mode", since we now support the alternative "strict mode". In strict mode, changes you make to the document are not sent until you choose to save (using a button or by pressing ctrl+s). This introduces some additional complexity into our integration, however, it enables support for undoing local changes as per [issue #195](https://github.com/xwiki-labs/cryptpad/issues/195).
# 4.1.0 (B)

@ -92,6 +92,7 @@ define([
footLink('https://opencollective.com/cryptpad/contribute/', 'footer_donate'),
]),
footerCol('footer_aboutUs', [
footLink('https://blog.cryptpad.fr/', 'blog'),
footLink('/contact.html', 'contact'),
footLink('https://github.com/xwiki-labs/cryptpad/wiki/Contributors', 'footer_team'),
footLink('http://www.xwiki.com', null, 'XWiki SAS'),
@ -152,10 +153,9 @@ define([
]),
button,
h('div.collapse.navbar-collapse.justify-content-end#menuCollapse', [
h('a.nav-item.nav-link', { href: 'https://blog.cryptpad.fr/'}, Msg.blog),
h('a.nav-item.nav-link', { href: '/features.html'}, Msg.pricing),
h('a.nav-item.nav-link', { href: '/what-is-cryptpad.html'}, Msg.about),
h('a.nav-item.nav-link', { href: 'https://docs.cryptpad.fr'}, Msg.docs_link),
h('a.nav-item.nav-link', { href: '/features.html'}, Msg.pricing),
].concat(rightLinks))
);
};

@ -107,6 +107,9 @@ var setHeaders = (function () {
"Cross-Origin-Embedder-Policy": 'require-corp',
});
// Don't set CSP headers on /api/config because they aren't necessary and they cause problems
// when duplicated by NGINX in production environments
if (/^\/api\/config/.test(req.url)) { return; }
// targeted CSP, generic policies, maybe custom headers
const h = [
/^\/common\/onlyoffice\/.*\/index\.html.*/,

@ -836,12 +836,7 @@ define([
.text(Messages.propertiesButton))
.click(common.prepareFeedback(type))
.click(function () {
common.isPadStored(function (err, data) {
if (!data) {
return void UI.alert(Messages.autostore_notAvailable);
}
sframeChan.event('EV_PROPERTIES_OPEN');
});
sframeChan.event('EV_PROPERTIES_OPEN');
});
break;
case 'save': // OnlyOffice save
@ -1725,21 +1720,7 @@ define([
},
});
}
/*
if (AppConfig.surveyURL) {
options.push({
tag: 'a',
attributes: {
'class': 'cp-toolbar-survey fa fa-graduation-cap'
},
content: h('span', Messages.survey),
action: function () {
Common.openUnsafeURL(AppConfig.surveyURL);
Feedback.send('SURVEY_CLICKED');
},
});
}
*/
options.push({
tag: 'a',
attributes: {
@ -1796,6 +1777,20 @@ define([
});
}
if (AppConfig.surveyURL) {
options.push({
tag: 'a',
attributes: {
'class': 'cp-toolbar-survey fa fa-graduation-cap'
},
content: h('span', Messages.survey),
action: function () {
Common.openUnsafeURL(AppConfig.surveyURL);
Feedback.send('SURVEY_CLICKED');
},
});
}
options.push({ tag: 'hr' });
// Add login or logout button depending on the current status
if (priv.loggedIn) {

@ -269,9 +269,8 @@
Util.magnitudeOfBytes = function (bytes) {
if (bytes >= oneGigabyte) { return 'GB'; }
// smallest supported format is MB to preserve existing behaviour
else /* if (bytes >= oneMegabyte) */ { return 'MB'; }
//else { return 'KB'; }
else if (bytes >= oneMegabyte) { return 'MB'; }
else { return 'KB'; }
};
// given a path, asynchronously return an arraybuffer

@ -2271,6 +2271,7 @@ define([
var channelIsReady = waitFor();
updateLocalVersion();
var msgEv = Util.mkEvent();
var postMsg, worker;
@ -2504,7 +2505,6 @@ define([
AppConfig.afterLogin(common, waitFor());
}
}).nThen(function () {
updateLocalVersion();
f(void 0, env);
if (typeof(window.onhashchange) === 'function') { window.onhashchange(); }
});

@ -18,6 +18,16 @@ define([
opts = opts || {};
var $d = $('<div>');
if (!data) { return void cb(void 0, $d); }
data = Util.clone(data);
var privateData = common.getMetadataMgr().getPrivateData();
if (privateData.propChannels) {
var p = privateData.propChannels;
data.channel = data.channel || p.channel;
data.rtChannel = data.rtChannel || p.rtChannel;
data.lastVersion = data.lastVersion || p.lastVersion;
data.lastCpHash = data.lastCpHash || p.lastCpHash;
}
if (data.channel) {
$('<label>', { 'for': 'cp-app-prop-id'}).text(Messages.documentID).appendTo($d);
@ -26,18 +36,20 @@ define([
}));
}
if (data.href) {
$('<label>', {'for': 'cp-app-prop-link'}).text(Messages.editShare).appendTo($d);
$d.append(UI.dialog.selectable(data.href, {
id: 'cp-app-prop-link',
}));
}
if (!data.fakeHref) {
if (data.href) {
$('<label>', {'for': 'cp-app-prop-link'}).text(Messages.editShare).appendTo($d);
$d.append(UI.dialog.selectable(data.href, {
id: 'cp-app-prop-link',
}));
}
if (data.roHref && !opts.noReadOnly) {
$('<label>', {'for': 'cp-app-prop-rolink'}).text(Messages.viewShare).appendTo($d);
$d.append(UI.dialog.selectable(data.roHref, {
id: 'cp-app-prop-rolink',
}));
if (data.roHref && !opts.noReadOnly) {
$('<label>', {'for': 'cp-app-prop-rolink'}).text(Messages.viewShare).appendTo($d);
$d.append(UI.dialog.selectable(data.roHref, {
id: 'cp-app-prop-rolink',
}));
}
}
if (data.tags && Array.isArray(data.tags)) {
@ -54,7 +66,6 @@ define([
if (!common.isLoggedIn()) { return void cb(void 0, $d); }
var privateData = common.getMetadataMgr().getPrivateData();
if (privateData.offline) { return void cb(void 0, $d); }
// File and history size...
@ -179,6 +190,7 @@ define([
Properties.getPropertiesModal = function (common, opts, cb) {
cb = cb || function () {};
opts = opts || {};
opts.access = true;
var tabs = [{
getTab: getPadProperties,
title: Messages.fc_prop,

@ -26,6 +26,10 @@ define([
obj.ooVersionHash = version;
obj.ooForceVersion = localStorage.CryptPad_ooVersion || "";
};
var channels = {};
var getPropChannels = function () {
return channels;
};
var addRpc = function (sframeChan, Cryptpad, Utils) {
sframeChan.on('Q_OO_SAVE', function (data, cb) {
var chanId = Utils.Hash.hrefToHexChannelId(data.url);
@ -38,14 +42,17 @@ define([
Cryptpad.pinPads([chanId], function (e) {
if (e) { return void cb(e); }
Cryptpad.setPadAttribute('lastVersion', data.url, cb);
channels.lastVersion = data.url;
});
Cryptpad.setPadAttribute('lastCpHash', data.hash, cb);
channels.lastCpHash = data.hash;
});
sframeChan.on('Q_OO_OPENCHANNEL', function (data, cb) {
Cryptpad.getPadAttribute('rtChannel', function (err, res) {
// If already stored, don't pin it again
if (res && res === data.channel) { return; }
Cryptpad.pinPads([data.channel], function () {
channels.rtChannel = data.channel;
Cryptpad.setPadAttribute('rtChannel', data.channel, function () {});
});
});
@ -144,6 +151,7 @@ define([
useCreationScreen: true,
addData: addData,
addRpc: addRpc,
getPropChannels: getPropChannels,
messaging: true
});
});

@ -1146,18 +1146,10 @@ define([
obj.userObject.setHref(channel, null, href);
});
// Pads owned by us ("us" can be a user or a team) that are not in our "main" drive
// (meaning they are stored in a shared folder) must be added to the "main" drive.
// This is to make sure owners always have control over owned data.
var edPublic = data.teamId ?
Util.find(store.proxy, ['teams', data.teamId, 'keys', 'edPublic']) :
store.proxy.edPublic;
var ownedByMe = Array.isArray(owners) && owners.indexOf(edPublic) !== -1;
// Add the pad if it does not exist in our drive
if (!contains) { // || (ownedByMe && !inMyDrive)) {
var autoStore = Util.find(store.proxy, ['settings', 'general', 'autostore']);
if (autoStore !== 1 && !data.forceSave && !data.path && !ownedByMe) {
if (autoStore !== 1 && !data.forceSave && !data.path) {
// send event to inner to display the corner popup
postMessage(clientId, "AUTOSTORE_DISPLAY_POPUP", {
autoStore: autoStore
@ -2687,7 +2679,8 @@ define([
// every user object should have a persistent, random number
if (typeof(proxy.loginToken) !== 'number') {
proxy[Constants.tokenKey] = Math.floor(Math.random()*Number.MAX_SAFE_INTEGER);
proxy[Constants.tokenKey] = store.data.localToken ||
Math.floor(Math.random()*Number.MAX_SAFE_INTEGER);
}
returned[Constants.tokenKey] = proxy[Constants.tokenKey];
@ -2847,12 +2840,15 @@ define([
if (store.ready) { return; } // the store is already ready, it is a reconnection
store.driveMetadata = info.metadata;
if (!rt.proxy.drive || typeof(rt.proxy.drive) !== 'object') { rt.proxy.drive = {}; }
/*
// deprecating localStorage migration as of 4.2.0
var drive = rt.proxy.drive;
// Creating a new anon drive: import anon pads from localStorage
if ((!drive[Constants.oldStorageKey] || !Array.isArray(drive[Constants.oldStorageKey]))
&& !drive['filesData']) {
drive[Constants.oldStorageKey] = [];
}
*/
// Drive already exist: return the existing drive, don't load data from legacy store
if (store.manager) {
// If a cache is loading, make sure it is complete before calling onReady

@ -1378,6 +1378,14 @@ define([
// Secure modal
var SecureModal = {};
// Create or display the iframe and modal
var getPropChannels = function () {
var channels = {};
if (cfg.getPropChannels) {
channels = Utils.Util.clone(cfg.getPropChannels());
}
channels.channel = secret.channel;
return channels;
};
var initSecureModal = function (type, cfg, cb) {
cfg.modal = type;
SecureModal.cb = cb;
@ -1397,7 +1405,8 @@ define([
app: parsed.type,
hashes: hashes,
password: password,
isTemplate: isTemplate
isTemplate: isTemplate,
getPropChannels: getPropChannels
};
config.addCommonRpc = addCommonRpc;
config.modules = {

@ -33,7 +33,7 @@ define([
var metadataMgr = common.getMetadataMgr();
var sframeChan = common.getSframeChannel();
var $body = $('body');
var displayed;
var displayed;
var hideIframe = function () {
if (!displayed) { return; }

@ -103,6 +103,7 @@ define([
feedbackAllowed: Utils.Feedback.state,
hashes: config.data.hashes,
password: config.data.password,
propChannels: config.data.getPropChannels(),
isTemplate: isTemplate,
file: config.data.file,
secureIframe: true,

@ -487,7 +487,7 @@ define([
$button.click(function() {
$spinner.show();
UI.confirm(Messages.settings_deleteConfirm, function(yes) {
if (!yes) { return; }
if (!yes) { return void $spinner.hide(); }
sframeChan.query("Q_SETTINGS_DELETE_ACCOUNT", null, function(err, data) {
// Owned drive
if (data.state === true) {
@ -1568,6 +1568,7 @@ define([
.appendTo(APP.$leftside);
APP.$usage = $('<div>', { 'class': 'usage' }).appendTo(APP.$leftside);
var active = privateData.category || 'account';
if (!categories[active]) { active = 'account'; }
Object.keys(categories).forEach(function(key) {
var $category = $('<div>', {
'class': 'cp-sidebarlayout-category',

Loading…
Cancel
Save