mirror of
https://github.com/paperless-ngx/paperless-ngx.git
synced 2025-04-09 09:58:20 -05:00
Merge branch 'dev'
This commit is contained in:
commit
4fdb28c8d6
@ -5,7 +5,7 @@ export const environment = {
|
||||
apiBaseUrl: document.baseURI + 'api/',
|
||||
apiVersion: '5',
|
||||
appTitle: 'Paperless-ngx',
|
||||
version: '2.5.2',
|
||||
version: '2.5.2-dev',
|
||||
webSocketHost: window.location.host,
|
||||
webSocketProtocol: window.location.protocol == 'https:' ? 'wss:' : 'ws:',
|
||||
webSocketBaseUrl: base_url.pathname + 'ws/',
|
||||
|
@ -100,11 +100,9 @@ class BarcodePlugin(ConsumeTaskPlugin):
|
||||
logger.info(f"Found tags in barcode: {tags}")
|
||||
|
||||
# Lastly attempt to split documents
|
||||
if settings.CONSUMER_ENABLE_BARCODES:
|
||||
|
||||
separator_pages = self.get_separation_pages()
|
||||
if not separator_pages:
|
||||
return "No pages to split on!"
|
||||
if settings.CONSUMER_ENABLE_BARCODES and (
|
||||
separator_pages := self.get_separation_pages()
|
||||
):
|
||||
|
||||
# We have pages to split against
|
||||
|
||||
|
@ -15,6 +15,7 @@ from documents.data_models import ConsumableDocument
|
||||
from documents.data_models import DocumentMetadataOverrides
|
||||
from documents.data_models import DocumentSource
|
||||
from documents.models import Tag
|
||||
from documents.plugins.base import StopConsumeTaskError
|
||||
from documents.tests.utils import DirectoriesMixin
|
||||
from documents.tests.utils import DocumentConsumeDelayMixin
|
||||
from documents.tests.utils import DummyProgressManager
|
||||
@ -415,7 +416,10 @@ class TestBarcode(
|
||||
test_file = self.SAMPLE_DIR / "simple.pdf"
|
||||
|
||||
with self.get_reader(test_file) as reader:
|
||||
self.assertEqual("No pages to split on!", reader.run())
|
||||
try:
|
||||
reader.run()
|
||||
except StopConsumeTaskError:
|
||||
self.fail("Barcode reader split pages unexpectedly")
|
||||
|
||||
@override_settings(
|
||||
CONSUMER_ENABLE_BARCODES=True,
|
||||
|
@ -1,4 +1,5 @@
|
||||
from allauth.account.adapter import DefaultAccountAdapter
|
||||
from allauth.core import context
|
||||
from allauth.socialaccount.adapter import DefaultSocialAccountAdapter
|
||||
from django.conf import settings
|
||||
from django.urls import reverse
|
||||
@ -10,6 +11,21 @@ class CustomAccountAdapter(DefaultAccountAdapter):
|
||||
# Override with setting, otherwise default to super.
|
||||
return getattr(settings, "ACCOUNT_ALLOW_SIGNUPS", allow_signups)
|
||||
|
||||
def is_safe_url(self, url):
|
||||
# see https://github.com/paperless-ngx/paperless-ngx/issues/5780
|
||||
from django.utils.http import url_has_allowed_host_and_scheme
|
||||
|
||||
# get_host already validates the given host, so no need to check it again
|
||||
allowed_hosts = {context.request.get_host()} | set(settings.ALLOWED_HOSTS)
|
||||
|
||||
if "*" in allowed_hosts:
|
||||
# dont allow wildcard to allow urls from any host
|
||||
allowed_hosts.remove("*")
|
||||
allowed_hosts.add(context.request.get_host())
|
||||
return url_has_allowed_host_and_scheme(url, allowed_hosts=allowed_hosts)
|
||||
|
||||
return url_has_allowed_host_and_scheme(url, allowed_hosts=allowed_hosts)
|
||||
|
||||
|
||||
class CustomSocialAccountAdapter(DefaultSocialAccountAdapter):
|
||||
def is_open_for_signup(self, request, sociallogin):
|
||||
|
@ -586,8 +586,8 @@ def _parse_db_settings() -> dict:
|
||||
options = {
|
||||
"read_default_file": "/etc/mysql/my.cnf",
|
||||
"charset": "utf8mb4",
|
||||
"ssl_mode": os.getenv("PAPERLESS_DBSSLMODE", "PREFERRED"),
|
||||
"ssl": {
|
||||
"ssl_mode": os.getenv("PAPERLESS_DBSSLMODE", "PREFERRED"),
|
||||
"ca": os.getenv("PAPERLESS_DBSSLROOTCERT", None),
|
||||
"cert": os.getenv("PAPERLESS_DBSSLCERT", None),
|
||||
"key": os.getenv("PAPERLESS_DBSSLKEY", None),
|
||||
|
@ -1,7 +1,12 @@
|
||||
from unittest import mock
|
||||
|
||||
from allauth.account.adapter import get_adapter
|
||||
from allauth.core import context
|
||||
from allauth.socialaccount.adapter import get_adapter as get_social_adapter
|
||||
from django.conf import settings
|
||||
from django.http import HttpRequest
|
||||
from django.test import TestCase
|
||||
from django.test import override_settings
|
||||
from django.urls import reverse
|
||||
|
||||
|
||||
@ -17,6 +22,31 @@ class TestCustomAccountAdapter(TestCase):
|
||||
settings.ACCOUNT_ALLOW_SIGNUPS = False
|
||||
self.assertFalse(adapter.is_open_for_signup(None))
|
||||
|
||||
def test_is_safe_url(self):
|
||||
request = HttpRequest()
|
||||
request.get_host = mock.Mock(return_value="example.com")
|
||||
with context.request_context(request):
|
||||
adapter = get_adapter()
|
||||
with override_settings(ALLOWED_HOSTS=["*"]):
|
||||
|
||||
# True because request host is same
|
||||
url = "https://example.com"
|
||||
self.assertTrue(adapter.is_safe_url(url))
|
||||
|
||||
url = "https://evil.com"
|
||||
# False despite wildcard because request host is different
|
||||
self.assertFalse(adapter.is_safe_url(url))
|
||||
|
||||
settings.ALLOWED_HOSTS = ["example.com"]
|
||||
url = "https://example.com"
|
||||
# True because request host is same
|
||||
self.assertTrue(adapter.is_safe_url(url))
|
||||
|
||||
settings.ALLOWED_HOSTS = ["*", "example.com"]
|
||||
url = "//evil.com"
|
||||
# False because request host is not in allowed hosts
|
||||
self.assertFalse(adapter.is_safe_url(url))
|
||||
|
||||
|
||||
class TestCustomSocialAccountAdapter(TestCase):
|
||||
def test_is_open_for_signup(self):
|
||||
|
@ -193,6 +193,7 @@ urlpatterns = [
|
||||
RedirectView.as_view(
|
||||
url=settings.STATIC_URL + "frontend/en-US/assets/%(path)s",
|
||||
),
|
||||
# TODO: with localization, this is even worse! :/
|
||||
),
|
||||
# App logo
|
||||
re_path(
|
||||
@ -200,7 +201,6 @@ urlpatterns = [
|
||||
serve,
|
||||
kwargs={"document_root": os.path.join(settings.MEDIA_ROOT, "logo")},
|
||||
),
|
||||
# TODO: with localization, this is even worse! :/
|
||||
# login, logout
|
||||
path("accounts/", include("allauth.urls")),
|
||||
# Root of the Frontend
|
||||
|
Loading…
x
Reference in New Issue
Block a user