Tom Hacohen
374048f013
Fix disabling of browseable API when debug is off.
4 years ago
Tom Hacohen
00cf2d83a0
Only enable browsable API when debugging is on.
...
The reason for that is that the API may expose data that shouldn't be exposed,
such as the list of users on the service.
4 years ago
Tom Hacohen
3de1d48b9e
Browsable API: use input fields for relations.
4 years ago
Tom Hacohen
9c6a7e9428
Login: fix server error when trying to login to users without userinfo.
4 years ago
Tom Hacohen
a85e816810
User not found: return a 401 instead of a 404.
4 years ago
Tom Hacohen
d90931fbe5
Make access level an int instead of a string.
...
We started with a string because we thought it could maybe provide more
flexibility, though really, an int makes much more sense, especially on
all the platforms etebase runs nowadays.
4 years ago
Tom Hacohen
43569727f4
Signup: send a signal on account signup.
4 years ago
Tom Hacohen
42a72ce5c7
Serializers user signup: correctly handle EtebaseValidationErrors.
...
Don't coerce them to strings
4 years ago
Tom Hacohen
7ab9513e05
Serializers: rename message to detail to conform with the rest of the API.
...
This was a mistake in the previous commit.
4 years ago
Tom Hacohen
bf22b1676f
Serializers: improve field serialization errors.
4 years ago
Tom Hacohen
2327466113
Invitations: error when trying to invite oneself.
4 years ago
Tom Hacohen
8593ab1357
Login: add a user visible error on password failure.
4 years ago
Tom Hacohen
693a5ec778
Login: return an UNAUTHORIZED (401) error on bad username/password, not 400.
4 years ago
Tom Hacohen
5af2aeda7e
Add an endpoint to know if a server is an etebase server or not.
...
Very useful for when migrating people from legacy EteSync apps because
we can automatically know if they are running a self-hosted etesync or
etebase server.
4 years ago
Tom Hacohen
cf9b6f5904
Prefetch: change the type of value prefetch accept.
...
It's 'auto' by default, but can be changed to 'medium' and soon
another value.
4 years ago
Tom Hacohen
a613a32628
prefetch: fix handling of the prefetch param.
4 years ago
Tom Hacohen
e385aa8f20
Chunks: use a prefix of the chunk for a subdirectory.
...
Filesystems don't handle massive directories too well, so better to split.
Using the prefix of the chunk gives us a maximum of 64 * 64 = 4096 entries
in the main directory.
4 years ago
Tom Hacohen
393b85d3ca
Chunks: move to reside under the collection.
4 years ago
Tom Hacohen
1d5baece1e
Chunk uploading: implement properly using a custom Parser.
4 years ago
Tom Hacohen
11001ed62c
Chunk serializer: fix bad error invocation.
4 years ago
Tom Hacohen
f6af96ace6
Permissions: workaround DRF bug and expose exception code.
4 years ago
Tom Hacohen
c0575cb64c
Exceptions: have correct code/status_code for every error.
4 years ago
Tom Hacohen
04231ebfe5
Views: fix issue with iterators sometimes returning the wrong type.
4 years ago
Tom Hacohen
9c129e5731
Collection erializer: make the item a child instead of trying to merge them.
4 years ago
Tom Hacohen
a7268443ca
Add support for a modifying the chunk storage location
4 years ago
Tom Hacohen
c9463cadba
Add support for a custom user creation function.
4 years ago
Tom Hacohen
e41f8455f2
app settings: rename the get user queryset func setting name.
4 years ago
Tom Hacohen
46b4f08afa
Signup: use the get_user_queryset function when checking if user exists.
4 years ago
Tom Hacohen
af86d877f2
Signup: use the shorthand version of setting an unusable password.
...
It wasn't actually saving the unusable password before.
4 years ago
Tom Hacohen
a39617cf2e
Make sure usernames are case insensitive on lookup
4 years ago
Tom Hacohen
5c2f4d96ad
app settings: cache all the properties rather than recalc every time.
...
They never change during runtime anyway.
4 years ago
Tom Hacohen
f9add36f18
Add support for custom user filtering.
4 years ago
Tom Hacohen
3680bd53b1
Views: change according to DRF best practices.
4 years ago
Tom Hacohen
9ea01d4d93
CollectionMemberSerializer: change the user field to be read only.
4 years ago
Tom Hacohen
41a03e9d3b
Invitation: fix the checks making sure you can't invite yourself.
4 years ago
Tom Hacohen
9f1bfceda7
Increase token ttl to 30 days.
4 years ago
Tom Hacohen
7ec45434ba
User: make username case insensitive (and save original styling).
...
We want 'User' and 'UsEr' to mean the same user. Apparently that's not the default in
django. This normalizes the user to ensure we enforce this.
4 years ago
Tom Hacohen
9a518b3907
Chunks: add error handling for chunks having content or not existing.
...
If the chunk already has a content and we try to upload it again, we
assume the previous content was correct and this one is the same
(chunks are immutable). We can't actually ensure they are the same due
to the encryption, though they should be.
If a chunk is being uploaded for the first time and doesn't have a
content, throw a validation error rather than throwing an ugly error.
4 years ago
Tom Hacohen
fae15fe420
Views: clean up how we use serializers and remove integrity_errors catch-alls.
...
The integrity errors were a bad relic from the EteSync sources and needed
to be removed.
4 years ago
Tom Hacohen
86c5d711a6
Chunk upload: item.uid can never be None so use it directly.
4 years ago
Tom Hacohen
ee23707fff
Debug reset: put the whole request in a transaction.
4 years ago
Tom Hacohen
f69c3a327c
Revert "django_etebase: make migration generic and not depend on myauth."
...
This reverts commit 925dcac0fb99204e3373251e12f8496721879361.
4 years ago
Tom Hacohen
f147f4ae58
Serializers: allow encryptionKey to be null.
4 years ago
Tom Hacohen
3dfceb63b1
Views: move the base64 encoding to the renderers.
...
Hard-coding the serialization encoding in the serializers is wrong.
This fix now enables us to change to easily change to msgpack as the
transport layer.
4 years ago
Tom Hacohen
2880673e27
drf_msgpack: add code to parse/serialise msgpack
...
It's not actually used by clients but it's there and can be used. It
works for receiving msgpack messages, but doesn't yet work for sending
because some of the types will be converted to base64.
4 years ago
Tom Hacohen
fbf5552a62
Modify binary64 field to support binary renderers/parsers
...
Fixes 39c1dfc53c30e65bcbff9e0ba0bb07bfc8bfc577
4 years ago
Tom Hacohen
453275eadf
Authentication: move to msgpack for the encrypted parts.
4 years ago
Tom Hacohen
85de674ee2
Move the etebase urls configuration to django_etebase.
4 years ago
Tom Hacohen
4948e91c65
django_etebase: make migration generic and not depend on myauth.
4 years ago
Tom Hacohen
785e4fae97
Merge the uidvalidator with the base64url validator and set a min length.
4 years ago
Tom Hacohen
c00cf50163
Revision: remove salt field.
...
It's not really needed. More information in the respective change
in the js client.
4 years ago
Tom Hacohen
2b52eec41f
Allow chunk UIDs to be longer.
4 years ago
Tom Hacohen
625df22989
Make item encryption key optional for collections/items
...
Collections still have a unique encryption key (their collection key), and items
just have a unique key per item in a collection that's derived from the main key
and if we ever want to share items across collections or do something fancy like
that we can just add an encrypted key in there.
4 years ago
Tom Hacohen
cbb1d81850
Rename inline to prefetch and have it on by default.
4 years ago
Tom Hacohen
c21c6af1d7
Filter by stoken: fix the done implementation for more functions
...
The done implementation wasn't great because it would indicate we are
not done even when we are when the last chunk returned is exactly the
size of limit.
4 years ago
Tom Hacohen
0ce2e8d996
Filter by stoken: cleanup and fix the done implementation
...
The done implementation wasn't great because it would indicate we are
not done even when we are when the last chunk returned is exactly the
size of limit.
4 years ago
Tom Hacohen
61383b9896
Stoken filtering: order by max_stoken to make sure we have a reliable order.
4 years ago
Tom Hacohen
caa84c2a96
Stoken filtering: clean up stoken filtering and annotation.
...
We are now querying the database less and simplified the queries.
4 years ago
Tom Hacohen
0a19cd7e2c
Stoken filtering: abstract getting the stoken id.
4 years ago
Tom Hacohen
f6ef514661
Collection members: order by id so order is consistent.
4 years ago
Tom Hacohen
1bed39af9d
Collection/item uid: allow base64-url not just base62.
4 years ago
Tom Hacohen
2da49bb95e
Item revisions: don't exclude current, let the client decide.
4 years ago
Tom Hacohen
68365f5d75
Collection revision: support the inline parameter.
4 years ago
Tom Hacohen
7183b97541
Collection revision: implement iteration.
4 years ago
Tom Hacohen
786948c456
Item revisions: never return the current revision, only old ones.
4 years ago
Tom Hacohen
317c492688
CollectionItem: add support for filtering collections' main items.
...
This used to be the default, so it still is.
It only affects the list endpoint, the rest all support withCollection
anyway, because IDs are passed directly.
4 years ago
Tom Hacohen
291ebaa3f7
Items must have a uid now (not null).
...
This is due to the previous change.
4 years ago
Tom Hacohen
267d749c45
Collection: change collections to be an extension of items
...
Each collection now has an item and the item's UID is the collections
UID. This lets us manipulate collections just like items, and as part of
transactions. This is significant because it lets us change them as part
of transactions!
4 years ago
Tom Hacohen
37bae63a46
Invitations: add support for fetching using an iterator
4 years ago
Tom Hacohen
d5300a76d8
Members: add support for iterators when listing members
4 years ago
Tom Hacohen
b4db35bca1
List APIs: add done to APIs that didn't have it.
4 years ago
Tom Hacohen
fcb58f0f4c
List APIs: fix the stoken calculation for collections.
...
I'm not sure why it just wouldn't work with aggregate. I also couldn't get it
to work with annotate then aggregate or any other alternative.
4 years ago
Tom Hacohen
6117cac111
List APIs: return a done field to indicate the fetch is done.
4 years ago
Tom Hacohen
2d7b90e848
Collection items: also show deleted items.
...
This was a mistake. We want deleted items to show because we want to
know when things have been deleted when we ask for updates.
4 years ago
Tom Hacohen
ab0d85c84f
Change password: change to require a signed request, just like login.
...
Without this, it would be sufficient to steal an auth token to render the account
unusable because it would be possible to just reset the encrypted content
of the account. With this change we require the user to actually know
the account password in order to do it.
5 years ago
Tom Hacohen
54268ac027
Login: add an action indicator to know the user signed a login request.
5 years ago
Tom Hacohen
d1017aac76
Rename django_etesync to django_etebase.
5 years ago