From 2bfefbe885e8596d88f63f0321ec019fda1d9690 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Yingyi=20/=20=E9=A2=96=E9=80=B8?= <49649786+Zuoqiu-Yingyi@users.noreply.github.com> Date: Tue, 29 Aug 2023 16:16:33 +0800 Subject: [PATCH 1/4] :art: Authentication supports query parameters `token` (#9069) --- kernel/model/session.go | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/kernel/model/session.go b/kernel/model/session.go index 4a5ebc65b..e1b5d53e2 100644 --- a/kernel/model/session.go +++ b/kernel/model/session.go @@ -195,7 +195,7 @@ func CheckAuth(c *gin.Context) { return } - // 通过 API token + // 通过 API token (header: Authorization) if authHeader := c.GetHeader("Authorization"); "" != authHeader { if strings.HasPrefix(authHeader, "Token ") { token := strings.TrimPrefix(authHeader, "Token ") @@ -210,6 +210,18 @@ func CheckAuth(c *gin.Context) { } } + // 通过 API token (query-params: token) + if token := c.Query("token"); "" != token { + if Conf.Api.Token == token { + c.Next() + return + } + + c.JSON(401, map[string]interface{}{"code": -1, "msg": "Auth failed"}) + c.Abort() + return + } + if "/check-auth" == c.Request.URL.Path { // 跳过访问授权页 c.Next() return From b0b7b6f17a882d87c9d07b6a526818bab90fc900 Mon Sep 17 00:00:00 2001 From: Jason Zhang <44888353+AnonymousMister@users.noreply.github.com> Date: Tue, 29 Aug 2023 21:01:36 +0800 Subject: [PATCH 2/4] Improve iCloud path checking (#9066) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * fix: icloud目录判断范围太广 icloud 目录匹配包含导致全局无法正常使用 * fix: 提交修复icloud判断问题 1.删除无用的else块 2.完善simpleCheckIcloudPath方法 添加 桌面 和文档的路径判断 --- app/electron/init.html | 44 +++++++++++++++++++++++++++++++++--------- 1 file changed, 35 insertions(+), 9 deletions(-) diff --git a/app/electron/init.html b/app/electron/init.html index ba010adf4..b689b6a8f 100644 --- a/app/electron/init.html +++ b/app/electron/init.html @@ -421,17 +421,45 @@ // macOS 端对工作空间放置在 iCloud 路径下做检查 https://github.com/siyuan-note/siyuan/issues/7747 const path = require('path') - const iCloudRoot = path.join(decodeURIComponent(getSearch('home')), 'Library', 'Mobile Documents') - const allFiles = walk(iCloudRoot) + const homePath = decodeURIComponent(getSearch('home')) const absPathLower = absPath.toLowerCase() - for (const file of allFiles) { - if (-1 < absPathLower.indexOf(file.toLowerCase())) { - return true + const iCloudRoot = path.join(homePath, 'Library', 'Mobile Documents') + if(!simpleCheckIcloudPath(absPath, homePath)){ + //简单判断无法通过则复杂验证 + const allFiles = walk(iCloudRoot) + for (const file of allFiles) { + if (-1 < absPathLower.indexOf(file.toLowerCase())) { + return true + } } - } + } return false } + //简单判断Icloud同步目录 + //不允许 为桌面 文档 和 icloud 文件夹 和软链接 + const simpleCheckIcloudPath =(absPath, homePath)=>{ + const fs = require('fs') + let stat = fs.lstatSync(absPath) + if(stat.isSymbolicLink()){ + return false + } + const path = require('path') + const absPathLower = absPath.toLowerCase() + const iCloudRoot = path.join(homePath, 'Library', 'Mobile Documents') + if(absPathLower.startsWith(iCloudRoot.toLowerCase())){ + return false + } + const documentsRoot = path.join(homePath, 'Documents') + if (absPathLower.startsWith(documentsRoot.toLowerCase())) { + return false + } + const desktopRoot = path.join(homePath, 'Desktop') + if (absPathLower.startsWith(desktopRoot.toLowerCase())) { + return false + } + return true + } const walk = (dir, files = []) => { let dirFiles; const fs = require('fs') @@ -440,7 +468,6 @@ console.log("dir [" + dir + "] not exists") return files } - dirFiles = fs.readdirSync(dir) } catch (e) { console.error("read dir [" + dir + "] failed: ", e) @@ -459,9 +486,8 @@ if (files.includes(dir + path.sep + f)) { continue } - walk(dir + path.sep + f, files) - } else { files.push(dir + path.sep + f) + walk(dir + path.sep + f, files) } } return files From 6f42ac392e0f51120b953159e42990ec7e052d57 Mon Sep 17 00:00:00 2001 From: Daniel <845765@qq.com> Date: Tue, 29 Aug 2023 21:05:01 +0800 Subject: [PATCH 3/4] :art: Clean code Improve iCloud path checking https://github.com/siyuan-note/siyuan/pull/9066 --- app/electron/init.html | 26 +++++++++++++++----------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/app/electron/init.html b/app/electron/init.html index b689b6a8f..3e9c6c9f3 100644 --- a/app/electron/init.html +++ b/app/electron/init.html @@ -421,45 +421,49 @@ // macOS 端对工作空间放置在 iCloud 路径下做检查 https://github.com/siyuan-note/siyuan/issues/7747 const path = require('path') - const homePath = decodeURIComponent(getSearch('home')) + const homePath = decodeURIComponent(getSearch('home')) const absPathLower = absPath.toLowerCase() const iCloudRoot = path.join(homePath, 'Library', 'Mobile Documents') - if(!simpleCheckIcloudPath(absPath, homePath)){ - //简单判断无法通过则复杂验证 + if (!simpleCheckIcloudPath(absPath, homePath)) { + // 简单判断无法通过则复杂验证 const allFiles = walk(iCloudRoot) for (const file of allFiles) { if (-1 < absPathLower.indexOf(file.toLowerCase())) { return true } } - } + } return false } - //简单判断Icloud同步目录 - //不允许 为桌面 文档 和 icloud 文件夹 和软链接 - const simpleCheckIcloudPath =(absPath, homePath)=>{ + + // 简单判断 iCloud 同步目录 + // 不允许 为桌面 文档 和 iCloud 文件夹 和软链接 + const simpleCheckIcloudPath = (absPath, homePath) => { const fs = require('fs') let stat = fs.lstatSync(absPath) - if(stat.isSymbolicLink()){ + if (stat.isSymbolicLink()) { return false } + const path = require('path') const absPathLower = absPath.toLowerCase() const iCloudRoot = path.join(homePath, 'Library', 'Mobile Documents') - if(absPathLower.startsWith(iCloudRoot.toLowerCase())){ + if (absPathLower.startsWith(iCloudRoot.toLowerCase())) { return false } + const documentsRoot = path.join(homePath, 'Documents') if (absPathLower.startsWith(documentsRoot.toLowerCase())) { return false } + const desktopRoot = path.join(homePath, 'Desktop') if (absPathLower.startsWith(desktopRoot.toLowerCase())) { return false } - return true - + return true } + const walk = (dir, files = []) => { let dirFiles; const fs = require('fs') From 00d58cb4dc73155f16e5619c74db46aa6b034d8c Mon Sep 17 00:00:00 2001 From: Vanessa Date: Tue, 29 Aug 2023 23:02:10 +0800 Subject: [PATCH 4/4] =?UTF-8?q?:bug:=20windows=20=E4=B8=8B=E5=9B=9E?= =?UTF-8?q?=E8=BD=A6=E6=96=B0=E5=BB=BA=E5=9D=97=E8=BE=93=E5=85=A5abc?= =?UTF-8?q?=EF=BC=8C=E9=80=89=E4=B8=AD=20bc=20ctrl+m=20=E5=90=8E=E5=85=89?= =?UTF-8?q?=E6=A0=87=E9=94=99=E8=AF=AF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/src/protyle/wysiwyg/index.ts | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/app/src/protyle/wysiwyg/index.ts b/app/src/protyle/wysiwyg/index.ts index fa2539635..e1cec17ae 100644 --- a/app/src/protyle/wysiwyg/index.ts +++ b/app/src/protyle/wysiwyg/index.ts @@ -21,7 +21,8 @@ import {isLocalPath, pathPosix} from "../../util/pathName"; import {genEmptyElement} from "../../block/util"; import {previewImage} from "../preview/image"; import { - contentMenu, enterBack, + contentMenu, + enterBack, fileAnnotationRefMenu, imgMenu, linkMenu, @@ -1527,7 +1528,8 @@ export class WYSIWYG { (!event.isComposing || (event.isComposing && range.toString() !== "")) // https://github.com/siyuan-note/siyuan/issues/4341 ) { // 搜狗输入法不走 keydown,需重新记录历史状态 - if (nodeElement && typeof protyle.wysiwyg.lastHTMLs[nodeElement.getAttribute("data-node-id")] === "undefined") { + if (range.toString() === "" && // windows 下回车新建块输入abc,选中 bc ctrl+m 后光标错误 + nodeElement && typeof protyle.wysiwyg.lastHTMLs[nodeElement.getAttribute("data-node-id")] === "undefined") { range.insertNode(document.createElement("wbr")); protyle.wysiwyg.lastHTMLs[nodeElement.getAttribute("data-node-id")] = nodeElement.outerHTML; nodeElement.querySelector("wbr").remove();