Merge pull request #1835 from hackmdio/release/2.5.0

Release 2.5.0

.buildpacks

@@ -1,2 +1,2 @@
-https://github.com/alex88/heroku-buildpack-vips
+https://github.com/Scalingo/apt-buildpack
 https://github.com/Scalingo/nodejs-buildpack

.devcontainer/Dockerfile

@@ -1,5 +1,5 @@
-# [Choice] Node.js version: 16, 14, 12
-ARG VARIANT=12-buster
+# [Choice] Node.js version: 16, 14
+ARG VARIANT=14-buster
 FROM mcr.microsoft.com/vscode/devcontainers/javascript-node:0-${VARIANT}
 
 # [Optional] Uncomment this section to install additional OS packages.

.devcontainer/docker-compose.yml

@@ -6,7 +6,7 @@ services:
  context: ..
  dockerfile: .devcontainer/Dockerfile
  args:
- VARIANT: 12-buster
+ VARIANT: 14-buster
  environment:
  - CMD_DB_URL=postgres:https://codimd:codimd@localhost/codimd
  - CMD_USECDN=false

.github/workflows/build.yml

@@ -10,7 +10,7 @@ jobs:
  runs-on: ubuntu-latest
  strategy:
  matrix:
- node-version: [10.x, 12.x]
+ node-version: [14.x, 16.x]
 
  steps:
  - uses: actions/checkout@v2
@@ -39,9 +39,9 @@ jobs:
  steps:
  - uses: actions/checkout@v2
  - uses: actions/setup-node@v2
- name: Use Node.js 12
+ name: Use Node.js 14
  with:
- node-version: 12
+ node-version: 14
  check-latest: true
  - name: Install doctoc-check
  run: |

.nvmrc

@@ -1 +1 @@
-v10.20.1
+v16.20.2

Aptfile

@@ -0,0 +1 @@
+libvips-dev

README.md

@@ -81,7 +81,7 @@ CodiMD is a service that runs on Node.js, while users use the service through br
 - <img src="https://raw.githubusercontent.com/alrra/browser-logos/master/src/chrome/chrome_48x48.png" alt="Chrome" width="24px" height="24px" /> Chrome >= 47, Chrome for Android >= 47
 - <img src="https://raw.githubusercontent.com/alrra/browser-logos/master/src/safari/safari_48x48.png" alt="Safari" width="24px" height="24px" /> Safari >= 9, iOS Safari >= 8.4
 - <img src="https://raw.githubusercontent.com/alrra/browser-logos/master/src/firefox/firefox_48x48.png" alt="Firefox" width="24px" height="24px" /> Firefox >= 44
-- <img src="https://raw.githubusercontent.com/alrra/browser-logos/master/src/edge/edge_48x48.png" alt="IE / Edge" width="24px" height="24px" /> IE >= 9, Edge >= 12
+- <img src="https://raw.githubusercontent.com/alrra/browser-logos/master/src/edge/edge_48x48.png" alt="Edge" width="24px" height="24px" /> Edge >= 12
 - <img src="https://raw.githubusercontent.com/alrra/browser-logos/master/src/opera/opera_48x48.png" alt="Opera" width="24px" height="24px" /> Opera >= 34, Opera Mini not supported
 - Android Browser >= 4.4
 

app.json

@@ -80,6 +80,14 @@
  "description": "GitHub API client secret",
  "required": false
  },
+ "CMD_GITHUB_ORGANIZATIONS": {
+ "description": "GitHub whitelist of orgs",
+ "required": false
+ },
+ "CMD_GITHUB_SCOPES": {
+ "description": "GitHub OAuth API scopes",
+ "required": false
+ },
  "CMD_BITBUCKET_CLIENTID": {
  "description": "Bitbucket API client id",
  "required": false

config.json.example

@@ -53,7 +53,9 @@
  },
  "github": {
  "clientID": "change this",
- "clientSecret": "change this"
+ "clientSecret": "change this",
+ "organizations": ["names of github organizations allowed, optional"],
+ "scopes": ["defaults to 'read:user' scope for auth user"]
  },
  "gitlab": {
  "baseURL": "change this",

lib/auth/github/index.js

@@ -1,12 +1,17 @@
 'use strict'
 
 const Router = require('express').Router
+const request = require('request')
 const passport = require('passport')
 const GithubStrategy = require('passport-github').Strategy
+const { InternalOAuthError } = require('passport-oauth2')
 const config = require('../../config')
 const response = require('../../response')
 const { setReturnToFromReferer, passportGeneralCallback } = require('../utils')
 const { URL } = require('url')
+const { promisify } = require('util')
+
+const rp = promisify(request)
 
 const githubAuth = module.exports = Router()
 
@@ -15,20 +20,48 @@ function githubUrl (path) {
 }
 
 passport.use(new GithubStrategy({
+ scope: (config.github.organizations ? config.github.scopes.concat(['read:org']) : config.github.scope),
  clientID: config.github.clientID,
  clientSecret: config.github.clientSecret,
  callbackURL: config.serverURL + '/auth/github/callback',
  authorizationURL: githubUrl('login/oauth/authorize'),
  tokenURL: githubUrl('login/oauth/access_token'),
  userProfileURL: githubUrl('api/v3/user')
-}, passportGeneralCallback))
+}, async (accessToken, refreshToken, profile, done) => {
+ if (!config.github.organizations) {
+ return passportGeneralCallback(accessToken, refreshToken, profile, done)
+ }
+ const { statusCode, body: data } = await rp({
+ url: `https://api.github.com/user/orgs`,
+ method: 'GET',
+ json: true,
+ timeout: 2000,
+ headers: {
+ Authorization: `token ${accessToken}`,
+ 'User-Agent': 'nodejs-http'
+ }
+ })
+ if (statusCode !== 200) {
+ return done(InternalOAuthError(
+ `Failed to query organizations for user: ${profile.username}`
+ ))
+ }
+ const orgs = data.map(({ login }) => login)
+ for (const org of orgs) {
+ if (config.github.organizations.includes(org)) {
+ return passportGeneralCallback(accessToken, refreshToken, profile, done)
+ }
+ }
+ return done(InternalOAuthError(
+ `User orgs not whitelisted: ${profile.username} (${orgs.join(',')})`
+ ))
+}))
 
 githubAuth.get('/auth/github', function (req, res, next) {
  setReturnToFromReferer(req)
  passport.authenticate('github')(req, res, next)
 })
 
-// github auth callback
 githubAuth.get('/auth/github/callback',
  passport.authenticate('github', {
  successReturnToOrRedirect: config.serverURL + '/',

lib/auth/index.js

@@ -49,10 +49,14 @@ if (config.isEmailEnable) authRouter.use(require('./email'))
 if (config.isOpenIDEnable) authRouter.use(require('./openid'))
 
 // logout
-authRouter.get('/logout', function (req, res) {
+authRouter.get('/logout', function (req, res, next) {
  if (config.debug && req.isAuthenticated()) {
  logger.debug('user logout: ' + req.user.id)
  }
- req.logout()
- res.redirect(config.serverURL + '/')
+
+ req.logout((err) => {
+ if (err) { return next(err) }
+
+ res.redirect(config.serverURL + '/')
+ })
 })

lib/auth/oauth2/strategy.js

@@ -4,6 +4,7 @@ const { Strategy, InternalOAuthError } = require('passport-oauth2')
 const config = require('../../config')
 
 function parseProfile (data) {
+ const id = extractProfileAttribute(data, config.oauth2.userProfileIdAttr)
  const username = extractProfileAttribute(data, config.oauth2.userProfileUsernameAttr)
  const displayName = extractProfileAttribute(data, config.oauth2.userProfileDisplayNameAttr)
  const email = extractProfileAttribute(data, config.oauth2.userProfileEmailAttr)
@@ -14,7 +15,7 @@ function parseProfile (data) {
  }
 
  return {
- id: username,
+ id: id || username,
  username: username,
  displayName: displayName,
  email: email,
@@ -41,6 +42,16 @@ function extractProfileAttribute (data, path) {
  return data
 }
 
+function checkAuthorization (data, done) {
+ const roles = extractProfileAttribute(data, config.oauth2.rolesClaim)
+
+ if (config.oauth2.accessRole && roles) {
+ if (!roles.includes(config.oauth2.accessRole)) {
+ return done('Permission denied', null)
+ }
+ }
+}
+
 class OAuth2CustomStrategy extends Strategy {
  constructor (options, verify) {
  options.customHeaders = options.customHeaders || {}
@@ -59,6 +70,7 @@ class OAuth2CustomStrategy extends Strategy {
  let profile, json
  try {
  json = JSON.parse(body)
+ checkAuthorization(json, done)
  profile = parseProfile(json)
  } catch (ex) {
  return done(new InternalOAuthError('Failed to parse user profile' + ex.toString()))

lib/config/default.js

@@ -115,7 +115,9 @@ module.exports = {
  github: {
  enterpriseURL: undefined, // if you use github.com, not need to specify
  clientID: undefined,
- clientSecret: undefined
+ clientSecret: undefined,
+ organizations: [],
+ scopes: ['read:user']
  },
  gitlab: {
  baseURL: undefined,

lib/config/environment.js

@@ -69,7 +69,9 @@ module.exports = {
  github: {
  enterpriseURL: process.env.CMD_GITHUB_ENTERPRISE_URL,
  clientID: process.env.CMD_GITHUB_CLIENTID,
- clientSecret: process.env.CMD_GITHUB_CLIENTSECRET
+ clientSecret: process.env.CMD_GITHUB_CLIENTSECRET,
+ organizations: toArrayConfig(process.env.CMD_GITHUB_ORGANIZATIONS),
+ scopes: toArrayConfig(process.env.CMD_GITHUB_SCOPES)
  },
  bitbucket: {
  clientID: process.env.CMD_BITBUCKET_CLIENTID,
@@ -96,6 +98,9 @@ module.exports = {
  userProfileURL: process.env.CMD_OAUTH2_USER_PROFILE_URL,
  scope: process.env.CMD_OAUTH2_SCOPE,
  state: process.env.CMD_OAUTH2_STATE,
+ rolesClaim: process.env.CMD_OAUTH2_ROLES_CLAIM,
+ accessRole: process.env.CMD_OAUTH2_ACCESS_ROLE,
+ userProfileIdAttr: process.env.CMD_OAUTH2_USER_PROFILE_ID_ATTR,
  userProfileUsernameAttr: process.env.CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR,
  userProfileDisplayNameAttr: process.env.CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR,
  userProfileEmailAttr: process.env.CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR,

lib/imageRouter/index.js

@@ -16,37 +16,42 @@ const response = require('../response')
 const imageRouter = module.exports = Router()
 
 function checkImageValid (filepath) {
- const buffer = readChunk.sync(filepath, 0, 12)
- /** @type {{ ext: string, mime: string } | null} */
- const mimetypeFromBuf = imageType(buffer)
- const mimeTypeFromExt = mime.lookup(path.extname(filepath))
+ try {
+ const buffer = readChunk.sync(filepath, 0, 12)
+ /** @type {{ ext: string, mime: string } | null} */
+ const mimetypeFromBuf = imageType(buffer)
+ const mimeTypeFromExt = mime.lookup(path.extname(filepath))
 
- return mimetypeFromBuf && config.allowedUploadMimeTypes.includes(mimetypeFromBuf.mime) &&
- mimeTypeFromExt && config.allowedUploadMimeTypes.includes(mimeTypeFromExt)
+ return mimetypeFromBuf && config.allowedUploadMimeTypes.includes(mimetypeFromBuf.mime) &&
+ mimeTypeFromExt && config.allowedUploadMimeTypes.includes(mimeTypeFromExt)
+ } catch (err) {
+ logger.error(err)
+ return false
+ }
 }
 
 // upload image
 imageRouter.post('/uploadimage', function (req, res) {
- var form = new formidable.IncomingForm()
-
- form.keepExtensions = true
+ var form = new formidable.IncomingForm({
+ keepExtensions: true
+ })
 
  form.parse(req, function (err, fields, files) {
- if (err || !files.image || !files.image.path) {
+ if (err || !files.image || !files.image.filepath) {
  response.errorForbidden(req, res)
  } else {
  if (config.debug) {
  logger.info('SERVER received uploadimage: ' + JSON.stringify(files.image))
  }
 
- if (!checkImageValid(files.image.path)) {
+ if (!checkImageValid(files.image.filepath)) {
  return response.errorForbidden(req, res)
  }
 
  const uploadProvider = require('./' + config.imageUploadType)
- uploadProvider.uploadImage(files.image.path, function (err, url) {
+ uploadProvider.uploadImage(files.image.filepath, function (err, url) {
  // remove temporary upload file, and ignore any error
- fs.unlink(files.image.path, () => {})
+ fs.unlink(files.image.filepath, () => {})
  if (err !== null) {
  logger.error(err)
  return res.status(500).end('upload image error')

lib/imageRouter/s3.js

@@ -48,13 +48,16 @@ exports.uploadImage = function (imagePath, callback) {
  const command = new PutObjectCommand(params)
 
  s3.send(command).then(data => {
- let s3Endpoint = 's3.amazonaws.com'
+ // default scheme settings to https
+ let s3Endpoint = 'https://s3.amazonaws.com'
+ if (config.s3.region && config.s3.region !== 'us-east-1') {
+ s3Endpoint = `s3-${config.s3.region}.amazonaws.com`
+ }
+ // rewrite endpoint from config
  if (config.s3.endpoint) {
  s3Endpoint = config.s3.endpoint
- } else if (config.s3.region && config.s3.region !== 'us-east-1') {
- s3Endpoint = `s3-${config.s3.region}.amazonaws.com`
  }
- callback(null, `https://${s3Endpoint}/${config.s3bucket}/${params.Key}`)
+ callback(null, `${s3Endpoint}/${config.s3bucket}/${params.Key}`)
  }).catch(err => {
  if (err) {
  callback(new Error(err), null)

lib/note/index.js

@@ -309,7 +309,7 @@ const updateNote = async (req, res) => {
  }
 
  if (req.isAuthenticated()) {
- updateHistory(req.user.id, noteId, content)
+ updateHistory(req.user.id, Note.encodeNoteId(noteId), content)
  }
 
  Revision.saveNoteRevision(note, (err, revision) => {

lib/note/noteActions.js

@@ -132,14 +132,17 @@ async function actionPandoc (req, res, note) {
  var path = config.tmpPath + '/' + Date.now()
  content = content.replace(/\]\(\//g, '](' + url + '/')
 
- // TODO: check export type
  const { exportType } = req.query
+ const contentType = outputFormats[exportType]
 
  try {
  // TODO: timeout rejection
+ if (!contentType) {
+ return res.sendStatus(400)
+ }
 
  await pandoc.convertToFile(content, 'markdown', exportType, path, [
- '--metadata', `title=${title}`
+ '--metadata', `title=${title}`, '--sandbox'
  ])
 
  var stream = fs.createReadStream(path)
@@ -149,7 +152,7 @@ async function actionPandoc (req, res, note) {
  // Ideally this should strip them
  res.setHeader('Content-disposition', `attachment; filename="${filename}.${exportType}"`)
  res.setHeader('Cache-Control', 'private')
- res.setHeader('Content-Type', `${outputFormats[exportType]}; charset=UTF-8`)
+ res.setHeader('Content-Type', `${contentType}; charset=UTF-8`)
  res.setHeader('X-Robots-Tag', 'noindex, ') // prevent crawling
  stream.pipe(res)
  } catch (err) {

locales/fr.json

@@ -28,7 +28,7 @@
  "No history": "Pas d'historique",
  "Import from browser": "Importer depuis le navigateur",
  "Releases": "Versions",
- "Are you sure?": "Ëtes-vous sûr ?",
+ "Are you sure?": "Êtes-vous sûr ?",
  "Do you really want to delete this note?": "Voulez-vous vraiment supprimer cette note ?",
  "All users will lose their connection.": "Tous les utilisateurs perdront leur connexion.",
  "Cancel": "Annuler",
@@ -73,7 +73,7 @@
  "Syntax": "Syntaxe",
  "Header": "En-tête",
  "Unordered List": "Liste à puce",
- "Ordered List": "List numérotée",
+ "Ordered List": "Liste numérotée",
  "Todo List": "Liste de tâches",
  "Blockquote": "Citation",
  "Bold font": "Gras",
@@ -84,7 +84,7 @@
  "Link": "Lien",
  "Image": "Image",
  "Code": "Code",
- "Externals": "Externes",
+ "Externals": "Contenus externes",
  "This is a alert area.": "Ceci est un texte d'alerte.",
  "Revert": "Revenir en arrière",
  "Import from clipboard": "Importer depuis le presse-papier",
@@ -116,4 +116,4 @@
  "Source Code": "Code source",
  "Register": "S'enregistrer",
  "Powered by %s": "Propulsé par %s"
-}
+}