Tom Hacohen
c790b5f489
Reformat some files using black.
2020-12-01 12:45:38 +02:00
Tom Hacohen
d893d35c6f
Fix the host checks to only check against hostname.
...
Fixes https://github.com/etesync/etesync-web/issues/183
As discussed in #66
Continuation of 843b59a0ac
.
2020-11-20 18:11:35 +02:00
Tal Leibman
d8e5c37db1
Use black for code formatting and format the code
...
Merge #65
2020-11-14 17:04:41 +02:00
Tom Hacohen
843b59a0ac
Login/Changepassword: change to verifying the hostname without the part.
...
Verifying the port was causing issues, and anyhow, this check is
paranoid and isn't strictly necessary for security.
The problem is that Django's `get_host()` and the equivalent on some
platforms returns it without the port, though on others (like e.g. the
library we use from JS) it returns with the port. This was inconsistent
and was causing authentication to fail.
We thus relaxed the test to not include the port when matching, which
should make it work consistently across all platforms.
2020-11-02 10:16:06 +02:00
Tom Hacohen
422b62d5b2
Disallow creating new collections without a collection type set.
2020-11-01 11:29:01 +02:00
Tom Hacohen
46abeac2c0
Test reset: also reset memberships.
2020-10-25 12:15:13 +02:00
Tom Hacohen
409248d419
CollectionTypes: add backward compatibility adjustments until 2.0 is out.
2020-10-15 10:50:07 +03:00
Tom Hacohen
5d8a92f000
Collections: add support for collection types.
...
We also added the field for invitations, as it's needed for collections
to work.
2020-10-13 18:39:18 +03:00
Tom Hacohen
741b6d7c52
Collection removed memberships: only return removed memberships within our returned range.
...
Before this change we were returning all of the removed memberships that happened
after stoken. Though instead, we should just return the removed memberships that
happened after stoken and before the new stoken we are returning.
2020-10-13 13:50:06 +03:00
Tom Hacohen
aa7b049b62
Stoken: always return the stoken object, not the rev.
2020-10-13 13:49:29 +03:00
Tom Hacohen
c7bd01b2d1
Logout: allow any authenticated user (instead of normal permissions).
...
We should always allow users to log out if they are authenticated. This
doesn't need to use the global permissions.
2020-10-13 12:09:34 +03:00
Tom Hacohen
9cad5d62e1
Account: change Dashboard URL endpoint's permissions.
...
We only want to require that the account is authenticated, not the rest of
the permissions. As we want to be able to get a dashboard url for accounts
that aren't currently valid.
2020-10-09 13:10:41 +03:00
Tom Hacohen
74f40abc65
Account: add a dashboard url endpoint.
...
This lets servers share a dashboard url with clients so that they in
turn can present clients with a settings dashboard.
We currently use it on the main server, but self-hosted servers may
also benefit from it for letting users manage some of their settings
(e.g. 2FA).
2020-10-08 21:06:33 +03:00
Tom Hacohen
9152e6f42d
Fix bad stoken error.
...
We were calling the validation constructor wrong.
2020-10-08 21:01:45 +03:00
Tom Hacohen
06f2dd72a7
Exception: fix detail/code for exception.
2020-10-01 16:50:09 +03:00
Tom Hacohen
f5ced873ac
Lint: fix lint errors.
2020-09-23 16:27:20 +03:00
Tom Hacohen
7b8b0a5685
Login: make case insensitive.
2020-09-21 12:09:19 +03:00
Tom Hacohen
374048f013
Fix disabling of browseable API when debug is off.
2020-09-13 14:37:48 +03:00
Tom Hacohen
00cf2d83a0
Only enable browsable API when debugging is on.
...
The reason for that is that the API may expose data that shouldn't be exposed,
such as the list of users on the service.
2020-09-13 14:17:57 +03:00
Tom Hacohen
9c6a7e9428
Login: fix server error when trying to login to users without userinfo.
2020-09-10 13:31:54 +03:00
Tom Hacohen
a85e816810
User not found: return a 401 instead of a 404.
2020-09-09 17:07:32 +03:00
Tom Hacohen
43569727f4
Signup: send a signal on account signup.
2020-09-02 12:54:50 +03:00
Tom Hacohen
2327466113
Invitations: error when trying to invite oneself.
2020-08-28 13:55:15 +03:00
Tom Hacohen
8593ab1357
Login: add a user visible error on password failure.
2020-08-18 12:24:30 +03:00
Tom Hacohen
693a5ec778
Login: return an UNAUTHORIZED (401) error on bad username/password, not 400.
2020-08-18 12:04:42 +03:00
Tom Hacohen
5af2aeda7e
Add an endpoint to know if a server is an etebase server or not.
...
Very useful for when migrating people from legacy EteSync apps because
we can automatically know if they are running a self-hosted etesync or
etebase server.
2020-08-18 12:03:00 +03:00
Tom Hacohen
cf9b6f5904
Prefetch: change the type of value prefetch accept.
...
It's 'auto' by default, but can be changed to 'medium' and soon
another value.
2020-08-04 17:48:34 +03:00
Tom Hacohen
a613a32628
prefetch: fix handling of the prefetch param.
2020-08-04 17:39:33 +03:00
Tom Hacohen
393b85d3ca
Chunks: move to reside under the collection.
2020-08-04 17:39:33 +03:00
Tom Hacohen
1d5baece1e
Chunk uploading: implement properly using a custom Parser.
2020-08-04 14:15:25 +03:00
Tom Hacohen
c0575cb64c
Exceptions: have correct code/status_code for every error.
2020-07-30 10:13:24 +03:00
Tom Hacohen
04231ebfe5
Views: fix issue with iterators sometimes returning the wrong type.
2020-07-25 09:30:40 +03:00
Tom Hacohen
46b4f08afa
Signup: use the get_user_queryset function when checking if user exists.
2020-07-13 16:03:34 +03:00
Tom Hacohen
a39617cf2e
Make sure usernames are case insensitive on lookup
2020-07-13 15:39:08 +03:00
Tom Hacohen
f9add36f18
Add support for custom user filtering.
2020-07-13 15:39:04 +03:00
Tom Hacohen
3680bd53b1
Views: change according to DRF best practices.
2020-07-13 14:26:49 +03:00
Tom Hacohen
fae15fe420
Views: clean up how we use serializers and remove integrity_errors catch-alls.
...
The integrity errors were a bad relic from the EteSync sources and needed
to be removed.
2020-07-10 09:27:34 +03:00
Tom Hacohen
ee23707fff
Debug reset: put the whole request in a transaction.
2020-07-08 17:58:29 +03:00
Tom Hacohen
3dfceb63b1
Views: move the base64 encoding to the renderers.
...
Hard-coding the serialization encoding in the serializers is wrong.
This fix now enables us to change to easily change to msgpack as the
transport layer.
2020-06-29 15:39:40 +03:00
Tom Hacohen
2880673e27
drf_msgpack: add code to parse/serialise msgpack
...
It's not actually used by clients but it's there and can be used. It
works for receiving msgpack messages, but doesn't yet work for sending
because some of the types will be converted to base64.
2020-06-29 14:21:43 +03:00
Tom Hacohen
453275eadf
Authentication: move to msgpack for the encrypted parts.
2020-06-29 11:30:59 +03:00
Tom Hacohen
cbb1d81850
Rename inline to prefetch and have it on by default.
2020-06-24 15:55:36 +03:00
Tom Hacohen
c21c6af1d7
Filter by stoken: fix the done implementation for more functions
...
The done implementation wasn't great because it would indicate we are
not done even when we are when the last chunk returned is exactly the
size of limit.
2020-06-24 14:38:29 +03:00
Tom Hacohen
0ce2e8d996
Filter by stoken: cleanup and fix the done implementation
...
The done implementation wasn't great because it would indicate we are
not done even when we are when the last chunk returned is exactly the
size of limit.
2020-06-24 14:35:58 +03:00
Tom Hacohen
61383b9896
Stoken filtering: order by max_stoken to make sure we have a reliable order.
2020-06-24 13:39:59 +03:00
Tom Hacohen
caa84c2a96
Stoken filtering: clean up stoken filtering and annotation.
...
We are now querying the database less and simplified the queries.
2020-06-24 13:39:59 +03:00
Tom Hacohen
0a19cd7e2c
Stoken filtering: abstract getting the stoken id.
2020-06-24 11:30:37 +03:00
Tom Hacohen
f6ef514661
Collection members: order by id so order is consistent.
2020-06-24 10:58:27 +03:00
Tom Hacohen
2da49bb95e
Item revisions: don't exclude current, let the client decide.
2020-06-24 10:02:55 +03:00
Tom Hacohen
68365f5d75
Collection revision: support the inline parameter.
2020-06-23 18:35:09 +03:00