mirrors/wallabag
1
0
Fork 0
mirror of https://github.com/wallabag/wallabag.git synced 2024-06-10 01:09:23 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #7006 from wallabag/release/2.6.7

Browse source 
Prepare 2.6.7 release
This commit is contained in:
Jérémy Benoist 2023-10-02 14:21:29 +02:00 committed by GitHub
parent 0cfdddc2eb fa107116cc
commit 60623246ae
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 77 additions and 67 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
CHANGELOG.md
View file

@ -1,5 +1,16 @@
# Changelog # Changelog
## [2.6.7](https://github.com/wallabag/wallabag/tree/2.6.7)
[Full Changelog](https://github.com/wallabag/wallabag/compare/2.6.6...2.6.7)
### Security fix
* A user can disable her 2FA unintentionally by @kdecherf in https://github.com/wallabag/wallabag/commit/0cfdddc2eb0aee5ffb69bf499d377d75655ba157
### Fixes
* Fix deprecated null tag parameter by @Simounet in https://github.com/wallabag/wallabag/pull/6985
* Full clickable card on mass action by @Simounet in https://github.com/wallabag/wallabag/pull/6991
* Add tag form submit button always displayed by @Simounet in https://github.com/wallabag/wallabag/pull/6986
## [2.6.6](https://github.com/wallabag/wallabag/tree/2.6.6) ## [2.6.6](https://github.com/wallabag/wallabag/tree/2.6.6)
[Full Changelog](https://github.com/wallabag/wallabag/compare/2.6.5...2.6.6) [Full Changelog](https://github.com/wallabag/wallabag/compare/2.6.5...2.6.6)

2
app/config/wallabag.yml
View file

@ -1,5 +1,5 @@
wallabag_core: wallabag_core:
version: 2.6.6 version: 2.6.7
paypal_url: "https://liberapay.com/wallabag/donate" paypal_url: "https://liberapay.com/wallabag/donate"
languages: languages:
en: 'English' en: 'English'

12
composer.lock generated
View file

@ -4604,16 +4604,16 @@
}, },
{ {
"name": "j0k3r/graby-site-config", "name": "j0k3r/graby-site-config",
"version": "1.0.176", "version": "1.0.177",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/j0k3r/graby-site-config.git", "url": "https://github.com/j0k3r/graby-site-config.git",
"reference": "77359be61295e15f08ad503c2ac37af6c9ff464c" "reference": "cce11a0d0ec6fc06cebda65c340fcfb7c63ce78a"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/j0k3r/graby-site-config/zipball/77359be61295e15f08ad503c2ac37af6c9ff464c", "url": "https://api.github.com/repos/j0k3r/graby-site-config/zipball/cce11a0d0ec6fc06cebda65c340fcfb7c63ce78a",
"reference": "77359be61295e15f08ad503c2ac37af6c9ff464c", "reference": "cce11a0d0ec6fc06cebda65c340fcfb7c63ce78a",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
@ -4642,9 +4642,9 @@
"description": "Graby site config files", "description": "Graby site config files",
"support": { "support": {
"issues": "https://github.com/j0k3r/graby-site-config/issues", "issues": "https://github.com/j0k3r/graby-site-config/issues",
"source": "https://github.com/j0k3r/graby-site-config/tree/1.0.176" "source": "https://github.com/j0k3r/graby-site-config/tree/1.0.177"
}, },
"time": "2023-09-07T07:14:18+00:00" "time": "2023-10-01T02:12:17+00:00"
}, },
{ {
"name": "j0k3r/httplug-ssrf-plugin", "name": "j0k3r/httplug-ssrf-plugin",

2
phpstan-baseline.neon
View file

@ -62,5 +62,5 @@ parameters:
- -
message: "#^Method FOS\\\\UserBundle\\\\Model\\\\UserManagerInterface\\:\\:updateUser()#" message: "#^Method FOS\\\\UserBundle\\\\Model\\\\UserManagerInterface\\:\\:updateUser()#"
count: 7 count: 6
path: src/Wallabag/CoreBundle/Controller/ConfigController.php path: src/Wallabag/CoreBundle/Controller/ConfigController.php

2
src/Wallabag/CoreBundle/Controller/ConfigController.php
View file

@ -373,7 +373,7 @@ class ConfigController extends AbstractController
* Cancelling 2FA using OTP app. * Cancelling 2FA using OTP app.
* *
* @Route("/config/otp/app/cancel", name="config_otp_app_cancel") * @Route("/config/otp/app/cancel", name="config_otp_app_cancel")
* *
* XXX: commented until we rewrite 2fa with a real two-steps activation * XXX: commented until we rewrite 2fa with a real two-steps activation
*/ */
/*public function otpAppCancelAction() /*public function otpAppCancelAction()

1
src/Wallabag/CoreBundle/Form/Type/UserInformationType.php
View file

@ -4,7 +4,6 @@ namespace Wallabag\CoreBundle\Form\Type;
use FOS\UserBundle\Form\Type\RegistrationFormType; use FOS\UserBundle\Form\Type\RegistrationFormType;
use Symfony\Component\Form\AbstractType; use Symfony\Component\Form\AbstractType;
use Symfony\Component\Form\Extension\Core\Type\CheckboxType;
use Symfony\Component\Form\Extension\Core\Type\EmailType; use Symfony\Component\Form\Extension\Core\Type\EmailType;
use Symfony\Component\Form\Extension\Core\Type\SubmitType; use Symfony\Component\Form\Extension\Core\Type\SubmitType;
use Symfony\Component\Form\Extension\Core\Type\TextType; use Symfony\Component\Form\Extension\Core\Type\TextType;

108
src/Wallabag/CoreBundle/Resources/views/Config/index.html.twig
View file

@ -210,65 +210,65 @@
{{ form_widget(form.user.save, {'attr': {'class': 'btn waves-effect waves-light'}}) }} {{ form_widget(form.user.save, {'attr': {'class': 'btn waves-effect waves-light'}}) }}
{{ form_widget(form.user._token) }} {{ form_widget(form.user._token) }}
{{ form_end(form.user) }} {{ form_end(form.user) }}
<br/> <br/>
<br/> <br/>
<div class="row"> <div class="row">
<h5>{{ 'config.otp.page_title'|trans }}</h5> <h5>{{ 'config.otp.page_title'|trans }}</h5>
<p>{{ 'config.form_user.two_factor_description'|trans }}</p> <p>{{ 'config.form_user.two_factor_description'|trans }}</p>
<table> <table>
<thead> <thead>
<tr> <tr>
<th>{{ 'config.form_user.two_factor.table_method'|trans }}</th> <th>{{ 'config.form_user.two_factor.table_method'|trans }}</th>
<th>{{ 'config.form_user.two_factor.table_state'|trans }}</th> <th>{{ 'config.form_user.two_factor.table_state'|trans }}</th>
<th>{{ 'config.form_user.two_factor.table_action'|trans }}</th> <th>{{ 'config.form_user.two_factor.table_action'|trans }}</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<tr> <tr>
<td>{{ 'config.form_user.two_factor.emailTwoFactor_label'|trans }}</td> <td>{{ 'config.form_user.two_factor.emailTwoFactor_label'|trans }}</td>
<td>{% if app.user.isEmailTwoFactor %}<b>{{ 'config.form_user.two_factor.state_enabled'|trans }}</b>{% else %}{{ 'config.form_user.two_factor.state_disabled'|trans }}{% endif %}</td> <td>{% if app.user.isEmailTwoFactor %}<b>{{ 'config.form_user.two_factor.state_enabled'|trans }}</b>{% else %}{{ 'config.form_user.two_factor.state_disabled'|trans }}{% endif %}</td>
<td> <td>
<form action="{{ path('config_otp_email') }}" method="post" name="config_otp_email"> <form action="{{ path('config_otp_email') }}" method="post" name="config_otp_email">
<input type="hidden" name="token" value="{{ csrf_token('otp') }}" /> <input type="hidden" name="token" value="{{ csrf_token('otp') }}" />
<button class="waves-effect waves-light btn{% if app.user.isEmailTwoFactor %} disabled{% endif %}" type="submit">{{ 'config.form_user.two_factor.action_email'|trans }}</button> <button class="waves-effect waves-light btn{% if app.user.isEmailTwoFactor %} disabled{% endif %}" type="submit">{{ 'config.form_user.two_factor.action_email'|trans }}</button>
</form> </form>
{% if app.user.isEmailTwoFactor %} {% if app.user.isEmailTwoFactor %}
<form action="{{ path('disable_otp_email') }}" method="post" name="disable_otp_email"> <form action="{{ path('disable_otp_email') }}" method="post" name="disable_otp_email">
<input type="hidden" name="token" value="{{ csrf_token('otp') }}" /> <input type="hidden" name="token" value="{{ csrf_token('otp') }}" />
<button class="waves-effect waves-light btn red" type="submit">Disable</button> <button class="waves-effect waves-light btn red" type="submit">Disable</button>
</form> </form>
{% endif %} {% endif %}
</td> </td>
</tr> </tr>
<tr> <tr>
<td>{{ 'config.form_user.two_factor.googleTwoFactor_label'|trans }}</td> <td>{{ 'config.form_user.two_factor.googleTwoFactor_label'|trans }}</td>
<td>{% if app.user.isGoogleTwoFactor %}<b>{{ 'config.form_user.two_factor.state_enabled'|trans }}</b>{% else %}{{ 'config.form_user.two_factor.state_disabled'|trans }}{% endif %}</td> <td>{% if app.user.isGoogleTwoFactor %}<b>{{ 'config.form_user.two_factor.state_enabled'|trans }}</b>{% else %}{{ 'config.form_user.two_factor.state_disabled'|trans }}{% endif %}</td>
<td> <td>
<form action="{{ path('config_otp_app') }}" method="post" name="config_otp_app"> <form action="{{ path('config_otp_app') }}" method="post" name="config_otp_app">
<input type="hidden" name="token" value="{{ csrf_token('otp') }}" /> <input type="hidden" name="token" value="{{ csrf_token('otp') }}" />
<button class="waves-effect waves-light btn{% if app.user.isGoogleTwoFactor %} disabled{% endif %}" type="submit">{{ 'config.form_user.two_factor.action_app'|trans }}</button> <button class="waves-effect waves-light btn{% if app.user.isGoogleTwoFactor %} disabled{% endif %}" type="submit">{{ 'config.form_user.two_factor.action_app'|trans }}</button>
</form> </form>
{% if app.user.isGoogleTwoFactor %} {% if app.user.isGoogleTwoFactor %}
<form action="{{ path('disable_otp_app') }}" method="post" name="disable_otp_app"> <form action="{{ path('disable_otp_app') }}" method="post" name="disable_otp_app">
<input type="hidden" name="token" value="{{ csrf_token('otp') }}" /> <input type="hidden" name="token" value="{{ csrf_token('otp') }}" />
<button class="waves-effect waves-light btn red" type="submit">Disable</button> <button class="waves-effect waves-light btn red" type="submit">Disable</button>
</form> </form>
{% endif %} {% endif %}
</td> </td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
</div> </div>
</div> </div>
<div id="set4" class="col s12"> <div id="set4" class="col s12">

6
tests/Wallabag/CoreBundle/Controller/ConfigControllerTest.php
View file

@ -1215,7 +1215,7 @@ class ConfigControllerTest extends WallabagCoreTestCase
$client->submit($form); $client->submit($form);
$this->assertSame(302, $client->getResponse()->getStatusCode()); $this->assertSame(302, $client->getResponse()->getStatusCode());
$this->assertStringContainsString('flashes.config.notice.otp_disabled', $client->getContainer()->get(SessionInterface::class)->getFlashBag()->get('notice')[0]); $this->assertStringContainsString('flashes.config.notice.otp_disabled', $client->getContainer()->get(SessionInterface::class)->getFlashBag()->get('notice')[0]);
// restore user // restore user
@ -1264,7 +1264,7 @@ class ConfigControllerTest extends WallabagCoreTestCase
->getRepository(User::class) ->getRepository(User::class)
->findOneByUsername('admin'); ->findOneByUsername('admin');
$user->setGoogleAuthenticatorSecret("Google2FA"); $user->setGoogleAuthenticatorSecret('Google2FA');
$em->persist($user); $em->persist($user);
$em->flush(); $em->flush();
@ -1274,7 +1274,7 @@ class ConfigControllerTest extends WallabagCoreTestCase
$client->submit($form); $client->submit($form);
$this->assertSame(302, $client->getResponse()->getStatusCode()); $this->assertSame(302, $client->getResponse()->getStatusCode());
$this->assertStringContainsString('flashes.config.notice.otp_disabled', $client->getContainer()->get(SessionInterface::class)->getFlashBag()->get('notice')[0]); $this->assertStringContainsString('flashes.config.notice.otp_disabled', $client->getContainer()->get(SessionInterface::class)->getFlashBag()->get('notice')[0]);
// restore user // restore user