* feat: Put request rate limit at application server
This PR contains implementation for a blanket rate limiter at
application server level. Currently the allowed throughput is set high
only to be changed later as per the actual data gathered.
* Simplify implementation
1. Remove shutdown handler to purge rate limiter keys
2. Have separate keys for default and custom(route-based) rate limiters
3. Do not kill default rate limiter because it is not needed anymore due
to (2) above
* Set 60s as default for rate limiting window
* Fix env types
Fixes#3412
Previously the only way to restrict the domains for a Team were with the ALLOWED_DOMAINS environment variable for self hosted instances.
This PR migrates this to be a database backed setting on the Team object. This is done through the creation of a TeamDomain model that is associated with the Team and contains the domain name
This settings is updated on the Security Tab. Here domains can be added or removed from the Team.
On the server side, we take the code paths that previously were using ALLOWED_DOMAINS and switched them to use the Team allowed domains instead
* feat: Normalize logging
* Remove scattered console.error + Sentry.captureException
* Remove mention of debug
* cleanup dev output
* Edge cases, docs
* Refactor: Move logger, metrics, sentry under 'logging' folder.
Trying to reduce the amount of things under generic 'utils'
* cleanup, last few console calls
Updated the description of the SECRET_KEY variable in the .env.sample
file to clarify that the key needs to be 32 bytes long and hex-encoded.
The previous description of "32 character hexadecimal" was confusing
as it left open the possibility of a hex-encoded 16-byte key.
* fix: Add application/octet-stream as a valid mimetype for docx uploads
* fix: Include application/octet-stream in frontend filter
fix: Add file size and file type guards
* Validate .docx extension in files with application/octet-stream mimetype
* refactor: Move MAXIMUM_IMPORT_SIZE to an optional environment config
fix: Add file size check on server too
Co-authored-by: Saumya Pandey <sp160899@gmail.com>
* fix: Enforce single team when self hosting
* test: positive case
* refactor
* fix: Visible error message on login screen for max teams scenario
* Update Notices.js
* lint
* feat: i18n
* Changing language single source of truth from TEAM to USER
* Changes according to @tommoor comments on PR
* Changed package.json for build:i18n and translation label
* Finished 1st MVP of i18n for outline
* new translation labels & Portuguese from Portugal translation
* Fixes from PR request
* Described language dropdown as an experimental feature
* Set keySeparator to false in order to cowork with html keys
* Added useTranslation to Breadcrumb
* Repositioned <strong> element
* Removed extra space from TemplatesMenu
* Fortified the test suite for i18n
* Fixed trans component problematic
* Check if selected language is available
* Update yarn.lock
* Removed unused Trans
* Removing debug variable from i18n init
* Removed debug variable
* test: update snapshots
* flow: Remove decorator usage to get proper flow typing
It's a shame, but hopefully we'll move to Typescript in the next 6 months and we can forget this whole Flow mistake ever happened
* translate: Drafts
* More translatable strings
* Mo translation strings
* translation: Search
* async translations loading
* cache translations in client
* Revert "cache translations in client"
This reverts commit 08fb61ce36384ff90a704faffe4761eccfb76da1.
* Revert localStorage cache for cache headers
* Update Crowdin configuration file
* Moved translation files to locales folder and fixed english text
* Added CONTRIBUTING File for CrowdIn
* chore: Move translations again to please CrowdIn
* fix: loading paths
chore: Add strings for editor
* fix: Improve validation on documents.import endpoint
* test: mock bull
* fix: Unknown mimetype should fallback to Markdown parsing if markdown extension (#1678)
* closes#1675
* Update CONTRIBUTING
* chore: Add link to translation portal from app UI
* refactor: Centralize language config
* fix: Ensure creation of i18n directory in build
* feat: Add language prompt
* chore: Improve contributing guidelines, add link from README
* chore: Normalize tab header casing
* chore: More string externalization
* fix: Language prompt in dark mode
Co-authored-by: André Glatzl <andreglatzl@gmail.com>
* fix: Don't set cookie domain when not using multiple subdomains
* wip logging domain
* wip logging domain
* wip logging domain
* wip logging domain
* Revert "wip logging domain"
This reverts commit 325907e74962179e02cee0b1df364a3aedbe62e3.
* Revert "wip logging domain"
This reverts commit 6ee095a49e9c18999a20d5379234323d49d5e6c8.
* Revert "wip logging domain"
This reverts commit 813d8eb960cdf4dd6db4795739df3adf895600e2.
* Revert "wip logging domain"
This reverts commit f1ca81927626bbd0d46c1963510d115a003176d8.
* Remove SUBDOMAINS_ENABLED from documented env variables, no-one self hosting should need this – it just adds confusion to those looking to host on a single subdomain
fix: Account for server/client process.env parsing
Co-authored-by: Nan Yu <nanyu@Nans-MBP-2.lan>
Co-authored-by: Nan Yu <nan@getoutline.com>
* Improve performance in dev by running Node/Yarn outside of docker
* Transpose exposed port numbers by 100, so less likely conflict with host processes
* save images as private and serve via signed url from images.info api
* download private images to directory on export
* fix lint errors
* private s3 default, AWS.s3 module level scope, default s3 url expiry
* combine regex to one, and only replace when there are matches
* fix lint
* code not needed anymore, remove
* updates after pulling master
* revert the uploadToS3FromUrl url return
* use model gettr to compact code, rename to attachments api
* basic checking of document read permission to allow attachment viewing
* fix: Continue to upload avatars as public
fix: Allow redirect for non-private attachments
* add support for publicly shared documents
* catch errors which crash the app during zip export and user creation
* add tests
* enable AWS signature v4 for s3
* switch to use factories to build models for testing
* add isDocker flag for local serving of attachment redirect url
* fix redirect tests
Co-authored-by: Tom Moor <tom.moor@gmail.com>
* changes to support Plainhome
* changes to env sample
* changes to env variable names
* formatter fixes
* remove the content pages
* test fix
* lint fixes
* minor fixes
* removed unnesscary routes
* Apply suggestions from code review
Co-Authored-By: Tom Moor <tom.moor@gmail.com>
* removed team name from env
