1
0
mirror of https://github.com/etesync/server synced 2024-12-01 13:08:10 +00:00
Commit Graph

128 Commits

Author SHA1 Message Date
Tom Hacohen
4dbdb3d7cf Invitations: gracefully error when trying to invite an already invited user. 2020-09-20 19:33:55 +03:00
Tom Hacohen
374048f013 Fix disabling of browseable API when debug is off. 2020-09-13 14:37:48 +03:00
Tom Hacohen
00cf2d83a0 Only enable browsable API when debugging is on.
The reason for that is that the API may expose data that shouldn't be exposed,
such as the list of users on the service.
2020-09-13 14:17:57 +03:00
Tom Hacohen
3de1d48b9e Browsable API: use input fields for relations. 2020-09-13 14:17:57 +03:00
Tom Hacohen
9c6a7e9428 Login: fix server error when trying to login to users without userinfo. 2020-09-10 13:31:54 +03:00
Tom Hacohen
a85e816810 User not found: return a 401 instead of a 404. 2020-09-09 17:07:32 +03:00
Tom Hacohen
d90931fbe5 Make access level an int instead of a string.
We started with a string because we thought it could maybe provide more
flexibility, though really, an int makes much more sense, especially on
all the platforms etebase runs nowadays.
2020-09-07 11:02:53 +03:00
Tom Hacohen
43569727f4 Signup: send a signal on account signup. 2020-09-02 12:54:50 +03:00
Tom Hacohen
42a72ce5c7 Serializers user signup: correctly handle EtebaseValidationErrors.
Don't coerce them to strings
2020-09-02 12:50:51 +03:00
Tom Hacohen
7ab9513e05 Serializers: rename message to detail to conform with the rest of the API.
This was a mistake in the previous commit.
2020-09-02 11:11:20 +03:00
Tom Hacohen
bf22b1676f Serializers: improve field serialization errors. 2020-09-02 11:07:43 +03:00
Tom Hacohen
2327466113 Invitations: error when trying to invite oneself. 2020-08-28 13:55:15 +03:00
Tom Hacohen
8593ab1357 Login: add a user visible error on password failure. 2020-08-18 12:24:30 +03:00
Tom Hacohen
693a5ec778 Login: return an UNAUTHORIZED (401) error on bad username/password, not 400. 2020-08-18 12:04:42 +03:00
Tom Hacohen
5af2aeda7e Add an endpoint to know if a server is an etebase server or not.
Very useful for when migrating people from legacy EteSync apps because
we can automatically know if they are running a self-hosted etesync or
etebase server.
2020-08-18 12:03:00 +03:00
Tom Hacohen
cf9b6f5904 Prefetch: change the type of value prefetch accept.
It's 'auto' by default, but can be changed to 'medium' and soon
another value.
2020-08-04 17:48:34 +03:00
Tom Hacohen
a613a32628 prefetch: fix handling of the prefetch param. 2020-08-04 17:39:33 +03:00
Tom Hacohen
e385aa8f20 Chunks: use a prefix of the chunk for a subdirectory.
Filesystems don't handle massive directories too well, so better to split.
Using the prefix of the chunk gives us a maximum of 64 * 64 = 4096 entries
in the main directory.
2020-08-04 17:39:33 +03:00
Tom Hacohen
393b85d3ca Chunks: move to reside under the collection. 2020-08-04 17:39:33 +03:00
Tom Hacohen
1d5baece1e Chunk uploading: implement properly using a custom Parser. 2020-08-04 14:15:25 +03:00
Tom Hacohen
11001ed62c Chunk serializer: fix bad error invocation. 2020-08-04 13:17:48 +03:00
Tom Hacohen
f6af96ace6 Permissions: workaround DRF bug and expose exception code. 2020-07-30 10:17:33 +03:00
Tom Hacohen
c0575cb64c Exceptions: have correct code/status_code for every error. 2020-07-30 10:13:24 +03:00
Tom Hacohen
04231ebfe5 Views: fix issue with iterators sometimes returning the wrong type. 2020-07-25 09:30:40 +03:00
Tom Hacohen
9c129e5731 Collection erializer: make the item a child instead of trying to merge them. 2020-07-22 11:31:08 +03:00
Tom Hacohen
a7268443ca Add support for a modifying the chunk storage location 2020-07-13 17:08:36 +03:00
Tom Hacohen
c9463cadba Add support for a custom user creation function. 2020-07-13 16:20:46 +03:00
Tom Hacohen
e41f8455f2 app settings: rename the get user queryset func setting name. 2020-07-13 16:08:46 +03:00
Tom Hacohen
46b4f08afa Signup: use the get_user_queryset function when checking if user exists. 2020-07-13 16:03:34 +03:00
Tom Hacohen
af86d877f2 Signup: use the shorthand version of setting an unusable password.
It wasn't actually saving the unusable password before.
2020-07-13 15:40:29 +03:00
Tom Hacohen
a39617cf2e Make sure usernames are case insensitive on lookup 2020-07-13 15:39:08 +03:00
Tom Hacohen
5c2f4d96ad app settings: cache all the properties rather than recalc every time.
They never change during runtime anyway.
2020-07-13 15:39:08 +03:00
Tom Hacohen
f9add36f18 Add support for custom user filtering. 2020-07-13 15:39:04 +03:00
Tom Hacohen
3680bd53b1 Views: change according to DRF best practices. 2020-07-13 14:26:49 +03:00
Tom Hacohen
9ea01d4d93 CollectionMemberSerializer: change the user field to be read only. 2020-07-13 11:15:42 +03:00
Tom Hacohen
41a03e9d3b Invitation: fix the checks making sure you can't invite yourself. 2020-07-12 13:23:45 +03:00
Tom Hacohen
9f1bfceda7 Increase token ttl to 30 days. 2020-07-12 11:27:47 +03:00
Tom Hacohen
7ec45434ba User: make username case insensitive (and save original styling).
We want 'User' and 'UsEr' to mean the same user. Apparently that's not the default in
django. This normalizes the user to ensure we enforce this.
2020-07-12 11:11:33 +03:00
Tom Hacohen
9a518b3907 Chunks: add error handling for chunks having content or not existing.
If the chunk already has a content and we try to upload it again, we
assume the previous content was correct and this one is the same
(chunks are immutable). We can't actually ensure they are the same due
to the encryption, though they should be.

If a chunk is being uploaded for the first time and doesn't have a
content, throw a validation error rather than throwing an ugly error.
2020-07-10 09:29:21 +03:00
Tom Hacohen
fae15fe420 Views: clean up how we use serializers and remove integrity_errors catch-alls.
The integrity errors were a bad relic from the EteSync sources and needed
to be removed.
2020-07-10 09:27:34 +03:00
Tom Hacohen
86c5d711a6 Chunk upload: item.uid can never be None so use it directly. 2020-07-10 09:09:11 +03:00
Tom Hacohen
ee23707fff Debug reset: put the whole request in a transaction. 2020-07-08 17:58:29 +03:00
Tom Hacohen
f69c3a327c Revert "django_etebase: make migration generic and not depend on myauth."
This reverts commit 925dcac0fb99204e3373251e12f8496721879361.
2020-07-05 13:15:42 +03:00
Tom Hacohen
f147f4ae58 Serializers: allow encryptionKey to be null. 2020-06-29 15:39:40 +03:00
Tom Hacohen
3dfceb63b1 Views: move the base64 encoding to the renderers.
Hard-coding the serialization encoding in the serializers is wrong.
This fix now enables us to change to easily change to msgpack as the
transport layer.
2020-06-29 15:39:40 +03:00
Tom Hacohen
2880673e27 drf_msgpack: add code to parse/serialise msgpack
It's not actually used by clients but it's there and can be used. It
works for receiving msgpack messages, but doesn't yet work for sending
because some of the types will be converted to base64.
2020-06-29 14:21:43 +03:00
Tom Hacohen
fbf5552a62 Modify binary64 field to support binary renderers/parsers
Fixes 39c1dfc53c30e65bcbff9e0ba0bb07bfc8bfc577
2020-06-29 13:36:37 +03:00
Tom Hacohen
453275eadf Authentication: move to msgpack for the encrypted parts. 2020-06-29 11:30:59 +03:00
Tom Hacohen
85de674ee2 Move the etebase urls configuration to django_etebase. 2020-06-28 17:11:20 +03:00
Tom Hacohen
4948e91c65 django_etebase: make migration generic and not depend on myauth. 2020-06-28 16:52:14 +03:00
Tom Hacohen
785e4fae97 Merge the uidvalidator with the base64url validator and set a min length. 2020-06-26 12:14:06 +03:00
Tom Hacohen
c00cf50163 Revision: remove salt field.
It's not really needed. More information in the respective change
in the js client.
2020-06-26 11:21:53 +03:00
Tom Hacohen
2b52eec41f Allow chunk UIDs to be longer. 2020-06-26 11:05:01 +03:00
Tom Hacohen
625df22989 Make item encryption key optional for collections/items
Collections still have a unique encryption key (their collection key), and items
just have a unique key per item in a collection that's derived from the main key
and if we ever want to share items across collections or do something fancy like
that we can just add an encrypted key in there.
2020-06-26 10:31:03 +03:00
Tom Hacohen
cbb1d81850 Rename inline to prefetch and have it on by default. 2020-06-24 15:55:36 +03:00
Tom Hacohen
c21c6af1d7 Filter by stoken: fix the done implementation for more functions
The done implementation wasn't great because it would indicate we are
not done even when we are when the last chunk returned is exactly the
size of limit.
2020-06-24 14:38:29 +03:00
Tom Hacohen
0ce2e8d996 Filter by stoken: cleanup and fix the done implementation
The done implementation wasn't great because it would indicate we are
not done even when we are when the last chunk returned is exactly the
size of limit.
2020-06-24 14:35:58 +03:00
Tom Hacohen
61383b9896 Stoken filtering: order by max_stoken to make sure we have a reliable order. 2020-06-24 13:39:59 +03:00
Tom Hacohen
caa84c2a96 Stoken filtering: clean up stoken filtering and annotation.
We are now querying the database less and simplified the queries.
2020-06-24 13:39:59 +03:00
Tom Hacohen
0a19cd7e2c Stoken filtering: abstract getting the stoken id. 2020-06-24 11:30:37 +03:00
Tom Hacohen
f6ef514661 Collection members: order by id so order is consistent. 2020-06-24 10:58:27 +03:00
Tom Hacohen
1bed39af9d Collection/item uid: allow base64-url not just base62. 2020-06-24 10:48:47 +03:00
Tom Hacohen
2da49bb95e Item revisions: don't exclude current, let the client decide. 2020-06-24 10:02:55 +03:00
Tom Hacohen
68365f5d75 Collection revision: support the inline parameter. 2020-06-23 18:35:09 +03:00
Tom Hacohen
7183b97541 Collection revision: implement iteration. 2020-06-23 18:25:23 +03:00
Tom Hacohen
786948c456 Item revisions: never return the current revision, only old ones. 2020-06-23 18:04:49 +03:00
Tom Hacohen
317c492688 CollectionItem: add support for filtering collections' main items.
This used to be the default, so it still is.

It only affects the list endpoint, the rest all support withCollection
anyway, because IDs are passed directly.
2020-06-23 13:50:09 +03:00
Tom Hacohen
291ebaa3f7 Items must have a uid now (not null).
This is due to the previous change.
2020-06-23 13:05:34 +03:00
Tom Hacohen
267d749c45 Collection: change collections to be an extension of items
Each collection now has an item and the item's UID is the collections
UID. This lets us manipulate collections just like items, and as part of
transactions. This is significant because it lets us change them as part
of transactions!
2020-06-23 13:03:46 +03:00
Tom Hacohen
37bae63a46 Invitations: add support for fetching using an iterator 2020-06-22 18:26:32 +03:00
Tom Hacohen
d5300a76d8 Members: add support for iterators when listing members 2020-06-22 17:52:00 +03:00
Tom Hacohen
b4db35bca1 List APIs: add done to APIs that didn't have it. 2020-06-22 17:27:07 +03:00
Tom Hacohen
fcb58f0f4c List APIs: fix the stoken calculation for collections.
I'm not sure why it just wouldn't work with aggregate. I also couldn't get it
to work with annotate then aggregate or any other alternative.
2020-06-22 14:20:30 +03:00
Tom Hacohen
6117cac111 List APIs: return a done field to indicate the fetch is done. 2020-06-22 13:03:58 +03:00
Tom Hacohen
2d7b90e848 Collection items: also show deleted items.
This was a mistake. We want deleted items to show because we want to
know when things have been deleted when we ask for updates.
2020-06-18 16:14:55 +03:00
Tom Hacohen
ab0d85c84f Change password: change to require a signed request, just like login.
Without this, it would be sufficient to steal an auth token to render the account
unusable because it would be possible to just reset the encrypted content
of the account. With this change we require the user to actually know
the account password in order to do it.
2020-06-17 14:38:02 +03:00
Tom Hacohen
54268ac027 Login: add an action indicator to know the user signed a login request. 2020-06-17 14:08:08 +03:00
Tom Hacohen
d1017aac76 Rename django_etesync to django_etebase. 2020-06-16 17:14:53 +03:00