We were failing until now, but since the uid is sure to be unique,
we can just assume that if it's the same uid it's the same content.
This means we can just gracefully fail as the data is the same.
Until now, we were raising an error, but we now just do nothing
and consider it a success.
This is especially useful when a network error caused an item to
be uploaded but not updated on the client side.
ETEBASE_EASY_CONFIG_PATH is optional, the server serches for the
configurations files in this order:
- "ETEBASE_EASY_CONFIG_PATH"
- etebase-server.ini
- /etc/etebase-server/etebase-server.ini
Verifying the port was causing issues, and anyhow, this check is
paranoid and isn't strictly necessary for security.
The problem is that Django's `get_host()` and the equivalent on some
platforms returns it without the port, though on others (like e.g. the
library we use from JS) it returns with the port. This was inconsistent
and was causing authentication to fail.
We thus relaxed the test to not include the port when matching, which
should make it work consistently across all platforms.
Even with the previous check, there could still be a race condition where two
collections with the same UID are created. Adding this extra check after
will prevent that from happening.
Before this change we were returning all of the removed memberships that happened
after stoken. Though instead, we should just return the removed memberships that
happened after stoken and before the new stoken we are returning.
We only want to require that the account is authenticated, not the rest of
the permissions. As we want to be able to get a dashboard url for accounts
that aren't currently valid.
This lets servers share a dashboard url with clients so that they in
turn can present clients with a settings dashboard.
We currently use it on the main server, but self-hosted servers may
also benefit from it for letting users manage some of their settings
(e.g. 2FA).
Tom Hacohen