Merge branch 'dev'

This commit is contained in:
shamoon 2024-02-15 17:33:54 -08:00
commit 4fdb28c8d6
7 changed files with 57 additions and 9 deletions

View File

@ -5,7 +5,7 @@ export const environment = {
apiBaseUrl: document.baseURI + 'api/',
apiVersion: '5',
appTitle: 'Paperless-ngx',
version: '2.5.2',
version: '2.5.2-dev',
webSocketHost: window.location.host,
webSocketProtocol: window.location.protocol == 'https:' ? 'wss:' : 'ws:',
webSocketBaseUrl: base_url.pathname + 'ws/',

View File

@ -100,11 +100,9 @@ class BarcodePlugin(ConsumeTaskPlugin):
logger.info(f"Found tags in barcode: {tags}")
# Lastly attempt to split documents
if settings.CONSUMER_ENABLE_BARCODES:
separator_pages = self.get_separation_pages()
if not separator_pages:
return "No pages to split on!"
if settings.CONSUMER_ENABLE_BARCODES and (
separator_pages := self.get_separation_pages()
):
# We have pages to split against

View File

@ -15,6 +15,7 @@ from documents.data_models import ConsumableDocument
from documents.data_models import DocumentMetadataOverrides
from documents.data_models import DocumentSource
from documents.models import Tag
from documents.plugins.base import StopConsumeTaskError
from documents.tests.utils import DirectoriesMixin
from documents.tests.utils import DocumentConsumeDelayMixin
from documents.tests.utils import DummyProgressManager
@ -415,7 +416,10 @@ class TestBarcode(
test_file = self.SAMPLE_DIR / "simple.pdf"
with self.get_reader(test_file) as reader:
self.assertEqual("No pages to split on!", reader.run())
try:
reader.run()
except StopConsumeTaskError:
self.fail("Barcode reader split pages unexpectedly")
@override_settings(
CONSUMER_ENABLE_BARCODES=True,

View File

@ -1,4 +1,5 @@
from allauth.account.adapter import DefaultAccountAdapter
from allauth.core import context
from allauth.socialaccount.adapter import DefaultSocialAccountAdapter
from django.conf import settings
from django.urls import reverse
@ -10,6 +11,21 @@ class CustomAccountAdapter(DefaultAccountAdapter):
# Override with setting, otherwise default to super.
return getattr(settings, "ACCOUNT_ALLOW_SIGNUPS", allow_signups)
def is_safe_url(self, url):
# see https://github.com/paperless-ngx/paperless-ngx/issues/5780
from django.utils.http import url_has_allowed_host_and_scheme
# get_host already validates the given host, so no need to check it again
allowed_hosts = {context.request.get_host()} | set(settings.ALLOWED_HOSTS)
if "*" in allowed_hosts:
# dont allow wildcard to allow urls from any host
allowed_hosts.remove("*")
allowed_hosts.add(context.request.get_host())
return url_has_allowed_host_and_scheme(url, allowed_hosts=allowed_hosts)
return url_has_allowed_host_and_scheme(url, allowed_hosts=allowed_hosts)
class CustomSocialAccountAdapter(DefaultSocialAccountAdapter):
def is_open_for_signup(self, request, sociallogin):

View File

@ -586,8 +586,8 @@ def _parse_db_settings() -> dict:
options = {
"read_default_file": "/etc/mysql/my.cnf",
"charset": "utf8mb4",
"ssl_mode": os.getenv("PAPERLESS_DBSSLMODE", "PREFERRED"),
"ssl": {
"ssl_mode": os.getenv("PAPERLESS_DBSSLMODE", "PREFERRED"),
"ca": os.getenv("PAPERLESS_DBSSLROOTCERT", None),
"cert": os.getenv("PAPERLESS_DBSSLCERT", None),
"key": os.getenv("PAPERLESS_DBSSLKEY", None),

View File

@ -1,7 +1,12 @@
from unittest import mock
from allauth.account.adapter import get_adapter
from allauth.core import context
from allauth.socialaccount.adapter import get_adapter as get_social_adapter
from django.conf import settings
from django.http import HttpRequest
from django.test import TestCase
from django.test import override_settings
from django.urls import reverse
@ -17,6 +22,31 @@ class TestCustomAccountAdapter(TestCase):
settings.ACCOUNT_ALLOW_SIGNUPS = False
self.assertFalse(adapter.is_open_for_signup(None))
def test_is_safe_url(self):
request = HttpRequest()
request.get_host = mock.Mock(return_value="example.com")
with context.request_context(request):
adapter = get_adapter()
with override_settings(ALLOWED_HOSTS=["*"]):
# True because request host is same
url = "https://example.com"
self.assertTrue(adapter.is_safe_url(url))
url = "https://evil.com"
# False despite wildcard because request host is different
self.assertFalse(adapter.is_safe_url(url))
settings.ALLOWED_HOSTS = ["example.com"]
url = "https://example.com"
# True because request host is same
self.assertTrue(adapter.is_safe_url(url))
settings.ALLOWED_HOSTS = ["*", "example.com"]
url = "//evil.com"
# False because request host is not in allowed hosts
self.assertFalse(adapter.is_safe_url(url))
class TestCustomSocialAccountAdapter(TestCase):
def test_is_open_for_signup(self):

View File

@ -193,6 +193,7 @@ urlpatterns = [
RedirectView.as_view(
url=settings.STATIC_URL + "frontend/en-US/assets/%(path)s",
),
# TODO: with localization, this is even worse! :/
),
# App logo
re_path(
@ -200,7 +201,6 @@ urlpatterns = [
serve,
kwargs={"document_root": os.path.join(settings.MEDIA_ROOT, "logo")},
),
# TODO: with localization, this is even worse! :/
# login, logout
path("accounts/", include("allauth.urls")),
# Root of the Frontend