richard
/
wiki
mirror of https://github.com/Requarks/wiki.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1935 Commits
3 Branches
121 Tags
48 MiB
Tree: 4e3281f657
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '4e3281f657'
${ noResults }
wiki/server/graph/resolvers/site.js

123 lines
5.0 KiB
Raw Normal View History

feat: admin general + verify account
6 years ago
fix: trim and auto-remove trailing slash for Site URL in Admin General
4 years ago
feat: admin general + verify account
6 years ago
feat: content license notice option
5 years ago
feat: katex + admin SSL UI (wip) + dev warning
5 years ago
feat: admin general + verify account
6 years ago
feat: mandatory password change on login + UI fixes
5 years ago
feat: uploads config + security admin page
4 years ago
feat: new login experience (#2139) * feat: multiple auth instances * fix: auth setup + strategy initialization * feat: admin auth - add strategy * feat: redirect on login - group setting * feat: oauth2 generic - props definitions * feat: new login UI (wip) * feat: new login UI (wip) * feat: admin security login settings * feat: tabset editor indicators + print view improvements * fix: code styling
4 years ago
feat: enforce 2fa admin setting + hide local on login screen
4 years ago
feat: login bg + bypass + hide local option
4 years ago
feat: new login experience (#2139) * feat: multiple auth instances * fix: auth setup + strategy initialization * feat: admin auth - add strategy * feat: redirect on login - group setting * feat: oauth2 generic - props definitions * feat: new login UI (wip) * feat: new login UI (wip) * feat: admin security login settings * feat: tabset editor indicators + print view improvements * fix: code styling
4 years ago
feat: uploads config + security admin page
4 years ago
fix: sanitize SVG uploads
3 years ago
fix: force download of unsafe extensions
3 years ago
feat: admin general + verify account
6 years ago
feat: uploads config + security admin page
4 years ago
fix: site config host slice
4 years ago
feat: uploads config + security admin page
4 years ago
feat: admin general + verify account
6 years ago
feat: uploads config + security admin page
4 years ago
feat: admin general + verify account
6 years ago
feat: uploads config + security admin page
4 years ago
feat: new login experience (#2139) * feat: multiple auth instances * fix: auth setup + strategy initialization * feat: admin auth - add strategy * feat: redirect on login - group setting * feat: oauth2 generic - props definitions * feat: new login UI (wip) * feat: new login UI (wip) * feat: admin security login settings * feat: tabset editor indicators + print view improvements * fix: code styling
4 years ago
feat: enforce 2fa admin setting + hide local on login screen
4 years ago
feat: login bg + bypass + hide local option
4 years ago
feat: new login experience (#2139) * feat: multiple auth instances * fix: auth setup + strategy initialization * feat: admin auth - add strategy * feat: redirect on login - group setting * feat: oauth2 generic - props definitions * feat: new login UI (wip) * feat: new login UI (wip) * feat: admin security login settings * feat: tabset editor indicators + print view improvements * fix: code styling
4 years ago
feat: admin general + verify account
6 years ago
feat: uploads config + security admin page
4 years ago
feat: admin general + verify account
6 years ago
feat: uploads config + security admin page
4 years ago
feat: mandatory password change on login + UI fixes
5 years ago
fix: Open Redirect Vulnerability Mitigation - CWE 601 (#1963) * Open redirect vulnerabilty mitigation * Refacted Open Redirect to user configurable and corrected incorrect security variable names. Co-authored-by: danallendds <daniel.allen@friends.dds.mil>
4 years ago
feat: uploads config + security admin page
4 years ago
fix: sanitize SVG uploads
3 years ago
fix: force download of unsafe extensions
3 years ago
feat: mandatory password change on login + UI fixes
5 years ago
feat: uploads config + security admin page
4 years ago
feat: new login experience (#2139) * feat: multiple auth instances * fix: auth setup + strategy initialization * feat: admin auth - add strategy * feat: redirect on login - group setting * feat: oauth2 generic - props definitions * feat: new login UI (wip) * feat: new login UI (wip) * feat: admin security login settings * feat: tabset editor indicators + print view improvements * fix: code styling
4 years ago
feat: admin general + verify account
6 years ago
feat: import content + x-forwarded toggle
5 years ago
feat: admin general + verify account
6 years ago
  1. const graphHelper = require('../../helpers/graph')
  2. const _ = require('lodash')
  4. /* global WIKI */
  6. module.exports = {
  7. Query: {
  8. async site() { return {} }
  9. },
  10. Mutation: {
  11. async site() { return {} }
  12. },
  13. SiteQuery: {
  14. async config(obj, args, context, info) {
  15. return {
  16. host: WIKI.config.host,
  17. title: WIKI.config.title,
  18. company: WIKI.config.company,
  19. contentLicense: WIKI.config.contentLicense,
  20. logoUrl: WIKI.config.logoUrl,
  21. ...WIKI.config.seo,
  22. ...WIKI.config.features,
  23. ...WIKI.config.security,
  24. authAutoLogin: WIKI.config.auth.autoLogin,
  25. authEnforce2FA: WIKI.config.auth.enforce2FA,
  26. authHideLocal: WIKI.config.auth.hideLocal,
  27. authLoginBgUrl: WIKI.config.auth.loginBgUrl,
  28. authJwtAudience: WIKI.config.auth.audience,
  29. authJwtExpiration: WIKI.config.auth.tokenExpiration,
  30. authJwtRenewablePeriod: WIKI.config.auth.tokenRenewal,
  31. uploadMaxFileSize: WIKI.config.uploads.maxFileSize,
  32. uploadMaxFiles: WIKI.config.uploads.maxFiles,
  33. uploadScanSVG: WIKI.config.uploads.scanSVG,
  34. uploadForceDownload: WIKI.config.uploads.forceDownload
  35. }
  36. }
  37. },
  38. SiteMutation: {
  39. async updateConfig(obj, args, context) {
  40. try {
  41. if (args.host) {
  42. let siteHost = _.trim(args.host)
  43. if (siteHost.endsWith('/')) {
  44. siteHost = siteHost.slice(0, -1)
  45. }
  46. WIKI.config.host = siteHost
  47. }
  49. if (args.title) {
  50. WIKI.config.title = _.trim(args.title)
  51. }
  53. if (args.company) {
  54. WIKI.config.company = _.trim(args.company)
  55. }
  57. if (args.contentLicense) {
  58. WIKI.config.contentLicense = args.contentLicense
  59. }
  61. if (args.logoUrl) {
  62. WIKI.config.logoUrl = _.trim(args.logoUrl)
  63. }
  65. WIKI.config.seo = {
  66. description: _.get(args, 'description', WIKI.config.seo.description),
  67. robots: _.get(args, 'robots', WIKI.config.seo.robots),
  68. analyticsService: _.get(args, 'analyticsService', WIKI.config.seo.analyticsService),
  69. analyticsId: _.get(args, 'analyticsId', WIKI.config.seo.analyticsId)
  70. }
  72. WIKI.config.auth = {
  73. autoLogin: _.get(args, 'authAutoLogin', WIKI.config.auth.autoLogin),
  74. enforce2FA: _.get(args, 'authEnforce2FA', WIKI.config.auth.enforce2FA),
  75. hideLocal: _.get(args, 'authHideLocal', WIKI.config.auth.hideLocal),
  76. loginBgUrl: _.get(args, 'authLoginBgUrl', WIKI.config.auth.loginBgUrl),
  77. audience: _.get(args, 'authJwtAudience', WIKI.config.auth.audience),
  78. tokenExpiration: _.get(args, 'authJwtExpiration', WIKI.config.auth.tokenExpiration),
  79. tokenRenewal: _.get(args, 'authJwtRenewablePeriod', WIKI.config.auth.tokenRenewal)
  80. }
  82. WIKI.config.features = {
  83. featurePageRatings: _.get(args, 'featurePageRatings', WIKI.config.features.featurePageRatings),
  84. featurePageComments: _.get(args, 'featurePageComments', WIKI.config.features.featurePageComments),
  85. featurePersonalWikis: _.get(args, 'featurePersonalWikis', WIKI.config.features.featurePersonalWikis)
  86. }
  88. WIKI.config.security = {
  89. securityOpenRedirect: _.get(args, 'securityOpenRedirect', WIKI.config.security.securityOpenRedirect),
  90. securityIframe: _.get(args, 'securityIframe', WIKI.config.security.securityIframe),
  91. securityReferrerPolicy: _.get(args, 'securityReferrerPolicy', WIKI.config.security.securityReferrerPolicy),
  92. securityTrustProxy: _.get(args, 'securityTrustProxy', WIKI.config.security.securityTrustProxy),
  93. securitySRI: _.get(args, 'securitySRI', WIKI.config.security.securitySRI),
  94. securityHSTS: _.get(args, 'securityHSTS', WIKI.config.security.securityHSTS),
  95. securityHSTSDuration: _.get(args, 'securityHSTSDuration', WIKI.config.security.securityHSTSDuration),
  96. securityCSP: _.get(args, 'securityCSP', WIKI.config.security.securityCSP),
  97. securityCSPDirectives: _.get(args, 'securityCSPDirectives', WIKI.config.security.securityCSPDirectives)
  98. }
  100. WIKI.config.uploads = {
  101. maxFileSize: _.get(args, 'uploadMaxFileSize', WIKI.config.uploads.maxFileSize),
  102. maxFiles: _.get(args, 'uploadMaxFiles', WIKI.config.uploads.maxFiles),
  103. scanSVG: _.get(args, 'uploadScanSVG', WIKI.config.uploads.scanSVG),
  104. forceDownload: _.get(args, 'uploadForceDownload', WIKI.config.uploads.forceDownload)
  105. }
  107. await WIKI.configSvc.saveToDb(['host', 'title', 'company', 'contentLicense', 'seo', 'logoUrl', 'auth', 'features', 'security', 'uploads'])
  109. if (WIKI.config.security.securityTrustProxy) {
  110. WIKI.app.enable('trust proxy')
  111. } else {
  112. WIKI.app.disable('trust proxy')
  113. }
  115. return {
  116. responseResult: graphHelper.generateSuccess('Site configuration updated successfully')
  117. }
  118. } catch (err) {
  119. return graphHelper.generateError(err)
  120. }
  121. }
  122. }
  123. }