gitit 0.15.0.0 → 0.15.1.0
raw patch · 6 files changed
+45/−11 lines, 6 filesdep ~aesondep ~pandocdep ~skylightingPVP ok
version bump matches the API change (PVP)
Dependency ranges changed: aeson, pandoc, skylighting
API changes (from Hackage documentation)
+ Network.Gitit.Framework: mkSessionCookie :: SessionKey -> Cookie
Files
- CHANGES +20/−0
- gitit.cabal +4/−4
- src/Network/Gitit/Authentication.hs +3/−3
- src/Network/Gitit/Authentication/Github.hs +1/−1
- src/Network/Gitit/Framework.hs +13/−3
- src/Network/Gitit/Util.hs +4/−0
CHANGES view
@@ -1,3 +1,23 @@+Version 0.15.1.0 released 10 Dec 2021++ * Set the portable flag on sendfile to avoid an error+ on Windows builds (#651).++ * Fix Windows stack build (mintty issue).++ * Update dependencies to use latest released pandoc.++ * Update CI and add a Windows build.++ * Use `mkSessionCookie` to fix a regression introduced in+ 0.15.0.0 which made user sessions unreadable, breaking+ user authentication (#674).++ * Network.Gitit.Framework: export `mkSessionCookie` [API change].++ * Fix build for pandoc <= 2.12.0 (#676, Stephen Paul Weber).++ Version 0.15.0.0 released 12 Aug 2021 * Remove the Export feature entirely.
gitit.cabal view
@@ -1,6 +1,6 @@ cabal-version: 2.0 name: gitit-version: 0.15.0.0+version: 0.15.1.0 build-type: Simple synopsis: Wiki using happstack, git or darcs, and pandoc. description: Gitit is a wiki backed by a git, darcs, or mercurial@@ -133,9 +133,9 @@ mtl, old-time, temporary,- pandoc >= 2.9 && < 2.15,+ pandoc >= 2.9 && < 2.17, pandoc-types >= 1.20 && < 1.23,- skylighting >= 0.8.2.3 && < 0.12,+ skylighting >= 0.8.2.3 && < 0.13, bytestring, text, random,@@ -166,7 +166,7 @@ xml-conduit >= 1.5 && < 1.10, http-conduit >= 2.1.6 && < 2.4, http-client-tls >= 0.2.2 && < 0.4,- aeson >= 0.7 && < 1.6,+ aeson >= 0.7 && < 2.1, uuid >= 1.3 && < 1.4, network-uri >= 2.6, network >= 2.6 && < 3.2,
src/Network/Gitit/Authentication.hs view
@@ -395,7 +395,7 @@ if allowed then do key <- newSession (sessionData uname)- addCookie (MaxAge $ sessionTimeout cfg) (mkCookie "sid" (show key))+ addCookie (MaxAge $ sessionTimeout cfg) (mkSessionCookie key) seeOther (encUrl destination) $ toResponse $ p << ("Welcome, " ++ renderHtmlFragment (stringToHtml uname)) else@@ -478,7 +478,7 @@ addUser (uUsername user) user key <- newSession (sessionData userEmail) cfg <- getConfig- addCookie (MaxAge $ sessionTimeout cfg) (mkCookie "sid" (show key))+ addCookie (MaxAge $ sessionTimeout cfg) (mkSessionCookie key) seeOther (encUrl destination) $ toResponse () Left err -> do liftIO $ logM "gitit" WARNING $ "Login Failed: " ++ ghUserMessage err ++ maybe "" (". Github response" ++) (ghDetails err)@@ -543,7 +543,7 @@ user <- liftIO $ mkUser (fromMaybe userId email) (fromMaybe "" email) "none" updateGititState $ \s -> s { users = M.insert userId user (users s) } key <- newSession (sessionData userId)- addCookie (MaxAge $ sessionTimeout cfg) (mkCookie "sid" (show key))+ addCookie (MaxAge $ sessionTimeout cfg) (mkSessionCookie key) see $ fromJust $ rDestination params where prop pname info = lookup pname $ R.userData info
src/Network/Gitit/Authentication/Github.hs view
@@ -36,7 +36,7 @@ let destination = pDestination params `orIfNull` (base' ++ "/") key <- newSession $ sessionDataGithubStateUrl state destination cfg <- getConfig- addCookie (MaxAge $ sessionTimeout cfg) (mkCookie "sid" (show key))+ addCookie (MaxAge $ sessionTimeout cfg) (mkSessionCookie key) let usingOrg = isJust $ org $ githubAuth cfg let scopes = "user:email" ++ if usingOrg then ",read:org" else "" let url = appendQueryParams [("state", BS.pack state), ("scope", BS.pack scopes)] $ authorizationUrl githubKey
src/Network/Gitit/Framework.hs view
@@ -53,6 +53,7 @@ , getMimeTypeForExtension , validate , filestoreFromConfig+ , mkSessionCookie ) where import Safe@@ -81,6 +82,7 @@ authenticate :: AuthenticationLevel -> Handler -> Handler authenticate = authenticateUserThat (const True) + -- | Like 'authenticate', but with a predicate that the user must satisfy. authenticateUserThat :: (User -> Bool) -> AuthenticationLevel -> Handler -> Handler authenticateUserThat predicate level handler = do@@ -100,13 +102,17 @@ -- | Run the handler after setting @REMOTE_USER@ with the user from -- the session. withUserFromSession :: Handler -> Handler-withUserFromSession handler = withData $ \(sk :: Maybe SessionKey) -> do- mbSd <- maybe (return Nothing) getSession sk+withUserFromSession handler = withData $ \(mbsk :: Maybe SessionKey) -> do+ mbSd <- maybe (return Nothing) getSession mbsk cfg <- getConfig mbUser <- case mbSd of Nothing -> return Nothing Just sd -> do- addCookie (MaxAge $ sessionTimeout cfg) (mkCookie "sid" (show $ fromJust sk)) -- refresh timeout+ case mbsk of+ Nothing -> return ()+ Just sk ->+ addCookie (MaxAge $ sessionTimeout cfg) -- refresh timeout+ (mkSessionCookie sk) case sessionUser sd of Nothing -> return Nothing Just user -> getUser user@@ -356,3 +362,7 @@ Git -> gitFileStore $ repositoryPath conf Darcs -> darcsFileStore $ repositoryPath conf Mercurial -> mercurialFileStore $ repositoryPath conf++-- Create a cookie with the session key.+mkSessionCookie :: SessionKey -> Cookie+mkSessionCookie (SessionKey key) = mkCookie "sid" (show key)
src/Network/Gitit/Util.hs view
@@ -42,6 +42,10 @@ import Text.Pandoc (Extension(..), Extensions, getDefaultExtensions, enableExtension) import Network.URL (encString) +#if !MIN_VERSION_pandoc(2,12,0)+import qualified Data.Text as T+#endif+ -- | Read file as UTF-8 string. Encode filename as UTF-8. readFileUTF8 :: FilePath -> IO Text #if MIN_VERSION_pandoc(2,12,0)