| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Therefore, username and password are no longer needed
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
Allow to have global clients, auth through direct token or auth code and bring scopes
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
fix review
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
remove redirect uri requirement on specific clients
add back password and depreciate it
enforce state
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
Allow apps to register themselves
A handful of changes
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
change timeout values
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
set access_token lifetime to 1 year and double for refresh_token
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Listing entries can now be filtered by “public”.
Creating or patching an entry can now set is to public or remove the public.
Entry response now include “is_public” boolean field
|
| | |
|
| |
|
|
|
|
|
|
| |
While creating a new user using the API, we also create a new client for the current user.
So the app which just create the user can use its newly created client to configure the app.
That new client is only return after creating the user.
When calling the endpoint /api/user to get user information, the new client information won’t be return.
|
| |\
| |
| | |
Add ability to patch an entry with more fields
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Like when we create an entry, we can now patch an entry with new fields:
- content
- language
- preview_picture
- published_at
- authors
|
| | | |
|
| | | |
|
| |/
|
|
|
|
|
|
| |
I've added a toggle feature (in internal settings) so that user api creation can be disabled while form registration still can be enabled.
Also, the /api/user endpoint shouldn't require authentication. Even if we check the authentication when sending a GET request, to retrieve current user information.
I've moved all the internal settings definition to config to avoid duplicated place to define them.
I don't know why we didn't did that earlier.
|
| | |
|
| |
|
|
|
|
| |
Objects are always passed by reference, so it doesn't make sense to
return an object which is passed by reference as it will always be the
same object. This change makes the code a bit more readable.
|
| |
|
|
| |
Add adding more tests for forced content
|
| | |
|
| |
|
|
| |
It might be better to re-use some graby functionalities to clean html instead of building a new system.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Entry API can now have these new fields:
- content
- language
- preview_picture
- published_at
Re-use the ContentProxy to be able to do the same using the web UI (in the future).
htmLawed is used to clean stuff from content, I hope it’ll be enough to avoid security breach.
Lower content validation when we want to update an entry with content already defined. Before, language & content_type were required. If there weren’t provided, we re-fetched the content using graby. I think these fields aren’t required for an entry to be created. So I removed them.
Which means some import from the v1 export won’t be re-fetched since they provide content, url & title.
Also, remove liberation link from Readability import to avoid overlaping import (from wallabag v1, which had the same link)
|
| |
|
|
|
|
| |
The only ugly things is how we handle error by generating the view and then parse the content to retrieve all errors…
Fix exposition fields in User entity
|
| |
|
|
| |
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
|
| |
|
|
| |
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
|
| |\ |
|
| | |\
| | |
| | | |
Create a new entry via API even when its content can't be retrieved
|
| | | |
| | |
| | |
| | | |
Fix #2988
|
| | | |
| | |
| | |
| | |
| | | |
It allows to request to delete a tag using query string instead of body parameter (which seems to be the standard).
Instead of breaking the previous behavior, I used a generic way to retrieve parameter (which looks into request attributes, query parameters and request parameters)
|
| |\| | |
|
| | |/
| |
| |
| | |
Fix #2720
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Use `property_path` form option to map underscored form fields
to object properties
@see https://github.com/symfony/symfony/issues/9162#issuecomment-25431148
Fix #3067
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
By passing an array, you can add / delete URL in mass (bulk request)
|
| | | |
|
| | | |
|
| | | |
|
| |/ |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Previously it was a 400 but this is more related to a real error.
Using the API user should only know the content got reloaded or not.
If reloaded: 200 otherwise: 304.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |\ |
|
| | | |
|
| | |
| |
| |
| | |
Fix #2503
|
| | | |
|
