Andre Staltz
ad5356d58b
replace panics with returning formatted errors
2021-02-24 18:02:52 +02:00
Andre Staltz
743cc074d7
implement pagination in allow-list overview
2021-02-24 15:54:36 +02:00
Andre Staltz
eaf4a4447c
new route "menu" that is accessible on mobile only
2021-02-24 12:08:21 +02:00
André Staltz
92ee332546
Merge pull request #36 from ssb-ngi-pointer/active-menu-item
...
highlight active menu item with current_page_is
2021-02-24 11:58:19 +02:00
Andre Staltz
622b01a854
highlight active menu item with current_page_is
2021-02-23 18:41:02 +02:00
André Staltz
f392dfbcf3
Merge pull request #32 from ssb-ngi-pointer/prettify-responsive
...
responsive design of admin menus
2021-02-23 14:48:12 +02:00
Andre Staltz
1dbc09a81a
responsive design of admin menus
2021-02-23 14:24:20 +02:00
Henry
fbdba34a1d
Merge pull request #31 from ssb-ngi-pointer/prettify-members
...
Prettify members page
2021-02-23 12:42:32 +01:00
Andre Staltz
ad0f025c4d
fix allow_list tests for new HTML structure
2021-02-23 12:56:28 +02:00
Andre Staltz
fee39ac3b7
format HTML templates with each attribute on its own line
2021-02-23 12:56:28 +02:00
Andre Staltz
90455ae34b
prettify the allow-list removal confirmation page
2021-02-23 12:24:12 +02:00
Andre Staltz
0aa8265cd4
prettify the allow-list main page
2021-02-23 12:23:16 +02:00
Henry
56ef07d9f2
Merge pull request #30 from ssb-ngi-pointer/bring-back-dev-mode
...
Bring back dev mode
2021-02-22 16:56:03 +01:00
Henry
67597d9f8a
turn template evaluation error fatal
...
this shouldn't just be logged and discarded as "not logged in"
2021-02-22 16:29:05 +01:00
Henry
af53bf71f5
comment broken back href
2021-02-22 16:25:13 +01:00
Henry
73471b5ff6
update http/render
2021-02-22 16:20:26 +01:00
Henry
9c0d4c9fd4
check for properly rendered error page
2021-02-22 16:13:20 +01:00
Henry
cea1e62207
fix template paths in sub-page tests
2021-02-22 16:02:55 +01:00
Henry
094ce57b9e
github actions: bump go version to 1.16
2021-02-22 15:55:59 +01:00
Henry
ccd3612124
add dev mode to i18n
2021-02-22 15:51:58 +01:00
Henry
d774056f29
establish old asset paths
2021-02-22 15:51:58 +01:00
Henry
8285c68417
remove -development falg from server cli
...
use -tags dev like we do in the rest of the code
2021-02-22 15:51:58 +01:00
Henry
f0e61e7189
add back dev build tag for local file access without embedding
2021-02-22 15:51:55 +01:00
Henry
b5330884ab
move inline style tag to seperate file
...
also the assets paths they are a little different after #26
2021-02-22 15:13:16 +01:00
Henry
abb4a0f627
leftover
2021-02-22 15:12:51 +01:00
Henry
1787a27898
Merge pull request #27 from ssb-ngi-pointer/prettify-templates
...
improve styles of template containers and sign-in
2021-02-22 15:09:24 +01:00
Andre Staltz
143b910f9f
improve styles of template containers and sign-in
2021-02-22 14:57:45 +01:00
Henry
9dc77132ab
Merge pull request #26 from ssb-ngi-pointer/go1.16-embed
...
Go1.16 embed (fixes #20 )
2021-02-22 14:51:40 +01:00
Henry
534691b639
change template paths for embed.FS
2021-02-22 14:49:11 +01:00
Henry
5829cb1197
migrate migrations
...
had to patch the upstream dependency, nothing too big though. Expecting
a merge after some small backwards compat discussion.
2021-02-22 14:49:11 +01:00
Henry
c0efc3d1fa
convert i18n defaults to embed
2021-02-22 14:49:11 +01:00
Henry
dd575aa0c7
use embed package of go1.16 for embedding assets ( fixes #20 )
2021-02-22 14:48:45 +01:00
Henry
448f681acb
Merge pull request #25 from ssb-ngi-pointer/csrf-and-csp
...
CSRF and CSP
2021-02-22 14:44:49 +01:00
Henry
6a4c1e54d9
add default CSP and some other browser mitigations
...
Though, CSP is primarily a tool against cross-site scripting and we
don't plan to host any user-generated or 3rd party content it's still a
good practice. The primary requirment with this rule is
to move all inline style tags to a seperate file.
2021-02-22 14:39:45 +01:00
Henry
aefa2a266c
update login test to do the csrf dance
...
also: use pre-release of http/tester with better header handling
2021-02-22 14:19:21 +01:00
Henry
56daccbb4b
fix session lifetime
2021-02-17 12:22:05 +01:00
Henry
f1f4e9dcb9
add CSRF protection
...
updates #14
2021-02-17 12:22:05 +01:00
Henry
c3286fb5da
Merge pull request #22 from ssb-ngi-pointer/allow-list
...
Allow list
2021-02-17 12:21:14 +01:00
Henry
60ca1bfb37
fix redirect
2021-02-16 12:33:25 +01:00
Henry
9b0c9580d1
Change userfacing term allow-list to member(s)
2021-02-16 11:56:11 +01:00
Henry
412545ac50
small fixes
...
* news/overview was still using PostID
* fix singular in testing {{ i18npl ... }}
2021-02-16 10:33:28 +01:00
Henry
cb0339c688
update templates
2021-02-15 18:59:44 +01:00
Henry
b82ff3051a
add test for remove
2021-02-15 18:54:00 +01:00
Henry
29d884b4fc
allow-list: add test for add
2021-02-15 18:26:20 +01:00
Henry
ae5f25a710
allow-list: add test for presence of remove link
2021-02-15 17:21:25 +01:00
Henry
a528002361
cleanup internal sqlite error
2021-02-15 17:21:06 +01:00
Henry
4ecee3739e
internal/broadcasts: fix test fluke
...
I'm not 100% sure how this ever passed so often. range over a map is
guaranteed to be random per the language spec. Not sure if this is
different for pointers but I'd be supprised.
Well, now this is testing the right things directly at least and doesn't
depend on the order of the output.
2021-02-15 15:26:50 +01:00
Henry
9dcab464cb
small cleanup
2021-02-15 15:08:34 +01:00
Henry
4d62c46e29
web/admin: update i18n labels
2021-02-15 14:44:00 +01:00
Henry
58f795d5e6
route with query params instead of named routers
...
Since we don't use the web/router through and through to setup handler
functions, accessing the named route varaibles doesn't work inside those
handler functions.
Since I dont find it acceptable to juggle two concepts here I switch the
url generation to classical get query paramters (route?varA=xyz&varB=2).
2021-02-15 14:43:55 +01:00