coquelicot.git
6 years agoturn Coquelicot into a gem
Lunar [Fri, 9 Mar 2012 16:24:17 +0000 (17:24 +0100)]
turn Coquelicot into a gem

6 years agoissue a warning when Depot.gc! is unable to read a file
Lunar [Fri, 9 Mar 2012 16:36:22 +0000 (17:36 +0100)]
issue a warning when Depot.gc! is unable to read a file

6 years agoadd helper for specs testing std{out,err}
Lunar [Sat, 10 Mar 2012 10:06:37 +0000 (11:06 +0100)]
add helper for specs testing std{out,err}

6 years agoproperly half-close both sides of the HTTP connection
Lunar [Wed, 29 Feb 2012 21:19:03 +0000 (22:19 +0100)]
properly half-close both sides of the HTTP connection

Half-closing the write part first and draining our input makes sure the client
will properly receive an error message instead of TCP RST (a.k.a. "Connection
reset by peer") when we interrupt it in the middle of a POST request.

6 years agodisplay nicer error messages for POST /upload
Lunar [Tue, 28 Feb 2012 23:20:26 +0000 (00:20 +0100)]
display nicer error messages for POST /upload

We factor out view helpers in Coquelicot::Helpers in order to make them
available from both Coquelicot::Application and Coquelicot::Rack::Upload.

6 years agoalso protect requests other than POST /upload from too much input
Lunar [Tue, 28 Feb 2012 22:40:22 +0000 (23:40 +0100)]
also protect requests other than POST /upload from too much input

6 years agounwrap Upr::InputWrapper to detect a rewindable input
Lunar [Mon, 27 Feb 2012 22:32:50 +0000 (23:32 +0100)]
unwrap Upr::InputWrapper to detect a rewindable input

6 years agosmall cosmetic improvements for progress bar
Lunar [Mon, 27 Feb 2012 22:15:13 +0000 (23:15 +0100)]
small cosmetic improvements for progress bar

6 years agoadd support for upload progress using 'upr' gem
Lunar [Mon, 27 Feb 2012 15:53:21 +0000 (16:53 +0100)]
add support for upload progress using 'upr' gem

6 years agoallow to limit file size through the max_file_size setting
Lunar [Tue, 28 Feb 2012 18:26:47 +0000 (19:26 +0100)]
allow to limit file size through the max_file_size setting

6 years agoproperly handle large file uploads
Lunar [Sun, 26 Feb 2012 19:44:43 +0000 (20:44 +0100)]
properly handle large file uploads

Previously we were using Sinatra::Request to process file uploads. This class
derives from Rack::Request which creates a temporary file for each file
appearing in a POST request. This can be seen as a privacy breach, as it means
uploaded files were first written in clear text before being stored encrypted.
This can be mitigated by storing the tempfile on a "ramdisk", but then, memory
can pretty quick be a limit to the maximum uploaded file size.

But wait, there's more: Rack specify that `rack.input` must be a
seakable/rewindable IO-like object. In order to implement that, Rack webserver
will either buffer the input in memory (Webrick) or in a temporary file
(Thin, Passenger or Mongrel). So in most cases we had not one, but at least two
temporary files for each uploads.

In order to properly process uploaded file content as it arrives, we 1. switch
to use the "Rainbows!" webserver and 2. handle the POST request directly.

Rainbows! has a unique feature of being able to provide a non-buffered input.
While this breaks Rack specification, our own dedicated handler is written
specifically with this in mind.

Handling the POST request as its input flows requires to be careful with the
order in which fields appear in the `<form/>` tag (HTML specification specify
that they will be sent in that particular order). As we want to know all
options before writing the StoredFile, we need to have the `<input
type="file"/>` field at the end of our form. Along the same lines, we ensure
in `coquelicot.js` that hidden fields for authentication values are laid at the
verify begining of the upload `<form/>`.

Coquelicot::Rack::MultipartParser offers a generic interface to parse
`multipart/form-data` requests. It offers a simple DSL to specify which field
is expected, and to run specific block when they shows up.

Coquelicot::Rack::Upload replaces our old `post '/upload'` method. It handles
the request as a bare Rack middleware to be laid on top of the stack. Its code
borrows part of Sinatra's internals in order to get consistent coding
interface.

Huge kudos to Eric Wong for Rainbows! and Daniel Abrahamsson for
multipart-parser which both made this possible.

6 years agoenable Sinatra request logging in development config
Lunar [Sun, 18 Mar 2012 12:57:27 +0000 (13:57 +0100)]
enable Sinatra request logging in development config

6 years agoimplement file format 2.0
Lunar [Tue, 6 Mar 2012 23:30:26 +0000 (00:30 +0100)]
implement file format 2.0

We want to be able to write files for which we will not be sure of the size
before all its content has been written. Easiest way to achieve this is two
have two files instead of one: the first for the encrypted file content, and
the second with metadata (in clear and encrypted, as before).

StoredFile is still able to read files with format 1.0. New files will be
written using the 2.0 format.

6 years agodisplay the README in 'get /README'
Lunar [Tue, 28 Feb 2012 15:15:19 +0000 (16:15 +0100)]
display the README in 'get /README'

We introduce a dependency on maruku to parse Markdown and display the README.

This new (trivial) feature is spec'd in the new `spec/coquelicot/app_sec.rb`
which is the canonical file location.

We also introduce a new dependency on Capybara: its interface is so much nicer,
and ideally, most of the specs in `spec/coquelicot_spec.rb` will be rewriten
to use it instead of Rack::Test::Methods and Hpricot.

6 years agoimprove README
Lunar [Tue, 28 Feb 2012 15:14:11 +0000 (16:14 +0100)]
improve README

7 years agospec for different reference StoredFile with a new shiny helper
Lunar [Tue, 6 Mar 2012 21:37:32 +0000 (22:37 +0100)]
spec for different reference StoredFile with a new shiny helper

7 years agoalso return BadKey when OpenSSL raises a CipherError
Lunar [Sat, 17 Mar 2012 11:29:37 +0000 (12:29 +0100)]
also return BadKey when OpenSSL raises a CipherError

7 years agofactor out shared context for specs which needs a depot
Lunar [Mon, 12 Mar 2012 15:42:06 +0000 (16:42 +0100)]
factor out shared context for specs which needs a depot

7 years agoremove links in Depot#gc! when there is a link but no associated file
Lunar [Tue, 6 Mar 2012 16:03:47 +0000 (17:03 +0100)]
remove links in Depot#gc! when there is a link but no associated file

7 years agocosmetic rewrite of Depot#read_link
Lunar [Tue, 6 Mar 2012 15:27:10 +0000 (16:27 +0100)]
cosmetic rewrite of Depot#read_link

7 years agospecify and implement behaviour of Depot#get_file when there is a link with no matchi...
Lunar [Tue, 6 Mar 2012 16:03:00 +0000 (17:03 +0100)]
specify and implement behaviour of Depot#get_file when there is a link with no matching file

We modify callers in Coquelicot::Application to match the new behaviour.

7 years agospecify and implement behaviour of Depot#file_exists? when there is a link with no...
Lunar [Tue, 6 Mar 2012 15:41:51 +0000 (16:41 +0100)]
specify and implement behaviour of Depot#file_exists? when there is a link with no matching file

7 years agoproperly handle the case where we generate the same name than an already existing...
Lunar [Tue, 6 Mar 2012 15:23:11 +0000 (16:23 +0100)]
properly handle the case where we generate the same name than an already existing link

7 years agoadd some specs for Coquelicot::Depot
Lunar [Mon, 5 Mar 2012 18:25:23 +0000 (19:25 +0100)]
add some specs for Coquelicot::Depot

7 years agoproperly empty and remove files when Depot#gc! has not been called for a while
Lunar [Tue, 6 Mar 2012 16:05:34 +0000 (17:05 +0100)]
properly empty and remove files when Depot#gc! has not been called for a while

7 years agoadd Depot#size to get current files count
Lunar [Sat, 17 Mar 2012 10:41:41 +0000 (11:41 +0100)]
add Depot#size to get current files count

7 years agoDepot#files now returns an empty array for empty depots
Lunar [Tue, 28 Feb 2012 11:21:31 +0000 (12:21 +0100)]
Depot#files now returns an empty array for empty depots

In a brand new depot, there will not be any `.links` file. Instead of raising
an error, let's return an empty array instead, better reflecting the current
state of the depot.

7 years agoensure that StoredFile is providing correct content for small files
Lunar [Tue, 6 Mar 2012 10:11:31 +0000 (11:11 +0100)]
ensure that StoredFile is providing correct content for small files

7 years agoproperly delete file in case of errors in StoredFile.create
Lunar [Tue, 6 Mar 2012 16:14:29 +0000 (17:14 +0100)]
properly delete file in case of errors in StoredFile.create

This means that Depot.add_file does not have to care about removing leftover
files.

7 years agodisplay 'not found' when a bad password is given in URL
Lunar [Fri, 16 Mar 2012 19:13:17 +0000 (20:13 +0100)]
display 'not found' when a bad password is given in URL

7 years agoraise BadKey in StoredFile#each if file has been opened without a password
Lunar [Tue, 6 Mar 2012 09:50:45 +0000 (10:50 +0100)]
raise BadKey in StoredFile#each if file has been opened without a password

7 years agouse File::EXCL|File::CREAT instead of locking when adding a new file to the depot
Lunar [Mon, 5 Mar 2012 16:31:12 +0000 (17:31 +0100)]
use File::EXCL|File::CREAT instead of locking when adding a new file to the depot

7 years agoadd specs for StoredFile
Lunar [Mon, 5 Mar 2012 15:52:36 +0000 (16:52 +0100)]
add specs for StoredFile

7 years agofactor out spec initialization in spec_helper
Lunar [Sat, 25 Feb 2012 09:17:53 +0000 (10:17 +0100)]
factor out spec initialization in spec_helper

This is an usual convention on how to use RSpec.

7 years agoimprove parsing of encrypted meta data for small files
Lunar [Sun, 4 Mar 2012 09:43:43 +0000 (10:43 +0100)]
improve parsing of encrypted meta data for small files

7 years agosmall style adjustments in StoredFile
Lunar [Sat, 17 Mar 2012 10:37:27 +0000 (11:37 +0100)]
small style adjustments in StoredFile

7 years agochange StoredFile.create interface
Lunar [Sat, 17 Mar 2012 10:26:17 +0000 (11:26 +0100)]
change StoredFile.create interface

What matters is actually how the caller will feed the file content, and not
where or how the StoredFile is written.

7 years agodo not hardcode key and IV length in StoredFile.get_cipher
Lunar [Mon, 5 Mar 2012 13:56:07 +0000 (14:56 +0100)]
do not hardcode key and IV length in StoredFile.get_cipher

7 years agoinstall 'sass' gem explicitly
Lunar [Tue, 28 Feb 2012 11:26:00 +0000 (12:26 +0100)]
install 'sass' gem explicitly

As said by Haml warning:

  Sass is in the process of being separated from Haml,
  and will no longer be bundled at all in Haml 3.2.0.
  Please install the 'sass' gem if you want to use Sass.

7 years agoremove useless url setting and base_href helper
Lunar [Tue, 28 Feb 2012 23:27:53 +0000 (00:27 +0100)]
remove useless url setting and base_href helper

Sinatra offers an `uri` helper which is there to properly compute
URLs for the application. We now use it instead of computing the `base_href` by
hand. We also remove the `url` setting as system administrators should properly
configure their `config.ru` and proxy to allow Sinatra to compute the right URL
for the application.

7 years agoMerge remote branch 'nadir/translations/de'
Lunar [Fri, 24 Feb 2012 20:52:50 +0000 (21:52 +0100)]
Merge remote branch 'nadir/translations/de'

7 years agoupdate main copyright in layout
Lunar [Fri, 24 Feb 2012 20:49:10 +0000 (21:49 +0100)]
update main copyright in layout

7 years agoUpdated german translation
Jake Santee [Fri, 24 Feb 2012 20:48:58 +0000 (21:48 +0100)]
Updated german translation

7 years agofix redirect after successful upload
Lunar [Fri, 24 Feb 2012 20:44:29 +0000 (21:44 +0100)]
fix redirect after successful upload

7 years agoimprove some strings after native speakers review
Lunar [Fri, 24 Feb 2012 20:13:23 +0000 (21:13 +0100)]
improve some strings after native speakers review

Many thanks to them!

7 years agoremove obsolete cruft in migrate_jyraphe
Lunar [Fri, 24 Feb 2012 19:37:46 +0000 (20:37 +0100)]
remove obsolete cruft in migrate_jyraphe

7 years agoimprove settings documentation
Lunar [Fri, 24 Feb 2012 19:33:16 +0000 (20:33 +0100)]
improve settings documentation

7 years agofix extra '/' appearing when using base_href
Lunar [Fri, 24 Feb 2012 19:13:00 +0000 (20:13 +0100)]
fix extra '/' appearing when using base_href

7 years agospec and document the 'url' setting
Lunar [Fri, 24 Feb 2012 18:55:03 +0000 (19:55 +0100)]
spec and document the 'url' setting

7 years agoMerge remote branch 'sarava/master'
Lunar [Fri, 24 Feb 2012 18:44:12 +0000 (19:44 +0100)]
Merge remote branch 'sarava/master'

7 years agoadd license headers on source files
Lunar [Fri, 24 Feb 2012 18:29:28 +0000 (19:29 +0100)]
add license headers on source files

7 years agoprevent password generator link from moving to another page
Lunar [Fri, 24 Feb 2012 18:01:41 +0000 (19:01 +0100)]
prevent password generator link from moving to another page

7 years agoproperly separate functions in javascript
Lunar [Fri, 24 Feb 2012 17:58:57 +0000 (18:58 +0100)]
properly separate functions in javascript

7 years agocosmetic improvements
Lunar [Fri, 24 Feb 2012 17:48:11 +0000 (18:48 +0100)]
cosmetic improvements

7 years agoswitch to FastGettext for translations
Lunar [Fri, 24 Feb 2012 16:25:20 +0000 (17:25 +0100)]
switch to FastGettext for translations

Using the 'po' backend of FastGettext gets us rid of having to manually build
'.mo' files upon installation.

7 years agoadd simple spec for translations
Lunar [Fri, 24 Feb 2012 16:11:37 +0000 (17:11 +0100)]
add simple spec for translations

This does not cover all features we'd like for translations but it'll be enough
to switch to FastGettext without breaking too much.

7 years agorefresh and improve translation catalog
Lunar [Fri, 24 Feb 2012 15:47:22 +0000 (16:47 +0100)]
refresh and improve translation catalog

7 years agouse haml-magic-translations instead of ad-hoc and outdated solution
Lunar [Fri, 24 Feb 2012 15:37:31 +0000 (16:37 +0100)]
use haml-magic-translations instead of ad-hoc and outdated solution

7 years agoallow specs to work even when it's between 23:00 and 00:00
Lunar [Tue, 14 Feb 2012 22:38:31 +0000 (23:38 +0100)]
allow specs to work even when it's between 23:00 and 00:00

7 years agoimprove UI and labels regarding 'one time download' feature
Lunar [Tue, 14 Feb 2012 22:29:28 +0000 (23:29 +0100)]
improve UI and labels regarding 'one time download' feature

7 years agoonly show about_text once
Lunar [Tue, 14 Feb 2012 22:01:36 +0000 (23:01 +0100)]
only show about_text once

For the same reason as the previous commit, it is better if about_text is not
shown twice. It also reduces some clutter once authentication is done when
Javascript is enabled.

7 years agodo not add an extra submit button in text browsers
Lunar [Tue, 14 Feb 2012 21:57:35 +0000 (22:57 +0100)]
do not add an extra submit button in text browsers

Using style="display: none" for Javascript specific DOM elements leads to extra
widgets or text showing up in pure text browser. So let's use Javascript to
populate interface elements that only appear when Javascript is enabled.

7 years agouse same indentation in auth views
Lunar [Tue, 14 Feb 2012 21:09:08 +0000 (22:09 +0100)]
use same indentation in auth views

7 years agoimprove user feedback for AJAX authentication
Lunar [Tue, 14 Feb 2012 19:06:17 +0000 (20:06 +0100)]
improve user feedback for AJAX authentication

We now differenciate between bad credentials and issues arising while
performing the authentication. This allows us to properly notify users
when the IMAP server is not reachable.

7 years agorework javascript interface for authentication modules
Lunar [Tue, 14 Feb 2012 18:08:22 +0000 (19:08 +0100)]
rework javascript interface for authentication modules

7 years agouse consistent indentation accross javascript files
Lunar [Tue, 14 Feb 2012 17:41:07 +0000 (18:41 +0100)]
use consistent indentation accross javascript files

7 years agoAdd 'thin' to development environment
Lunar [Tue, 14 Feb 2012 17:37:00 +0000 (18:37 +0100)]
Add 'thin' to development environment

To start the webapp localy using thin, one can now issue:

  bin/rackup -s thin config-development.ru

Thin handles streaming when Webrick does not.

7 years agosimplify parameters handling in authentication modules
Lunar [Tue, 14 Feb 2012 17:28:17 +0000 (18:28 +0100)]
simplify parameters handling in authentication modules

Previously authentication data was either given through:
 - an Hash in 'upload_token' serialized by jQuery.ajax();
 - a JSON blob in 'upload_token' after the initial Javascript authentication;
 - directly through POST parameters when Javascript is disabled.

We simplify all this and always pass those fields as POST paraters in those
three cases. We thus get rid of the 'upload_token' intermediate field
completely.

Form fiels are also properly reset when authentication fails.

7 years agorefactor specs related to AJAX password verification
Lunar [Tue, 14 Feb 2012 12:35:43 +0000 (13:35 +0100)]
refactor specs related to AJAX password verification

7 years agoproperly use Bundler in rackup files
Lunar [Tue, 14 Feb 2012 11:45:20 +0000 (12:45 +0100)]
properly use Bundler in rackup files

7 years agoscrap home made config system to use Sinatra::ConfigFile
Lunar [Tue, 14 Feb 2012 11:43:17 +0000 (12:43 +0100)]
scrap home made config system to use Sinatra::ConfigFile

This adds a dependency to sinatra-contrib (>= 1.3).

7 years agomove requires where they belong
Lunar [Mon, 13 Feb 2012 19:33:52 +0000 (20:33 +0100)]
move requires where they belong

7 years agomerge StoredFile app specific methods with the rest of the class definition
Lunar [Mon, 13 Feb 2012 19:30:01 +0000 (20:30 +0100)]
merge StoredFile app specific methods with the rest of the class definition

There is not much added value in spreading the code. Separating concerns is
nice, but there is no problem if another consumer calls these methods anyway.

7 years agomove Coquelicot::Depot to its own file
Lunar [Mon, 13 Feb 2012 19:21:56 +0000 (20:21 +0100)]
move Coquelicot::Depot to its own file

7 years agomove Coquelicot::StoredFile to its own file
Lunar [Mon, 13 Feb 2012 19:21:00 +0000 (20:21 +0100)]
move Coquelicot::StoredFile to its own file

7 years agomove coquelicot_app.rb to lib/coquelicot/app.rb
Lunar [Mon, 13 Feb 2012 19:18:48 +0000 (20:18 +0100)]
move coquelicot_app.rb to lib/coquelicot/app.rb

7 years agoadd spec for imap authentication
Lunar [Mon, 13 Feb 2012 19:04:10 +0000 (20:04 +0100)]
add spec for imap authentication

7 years agogroup specs using simpleauth authentication
Lunar [Mon, 13 Feb 2012 19:03:55 +0000 (20:03 +0100)]
group specs using simpleauth authentication

7 years agouse app.set and not apply_configuration
Lunar [Mon, 13 Feb 2012 18:43:37 +0000 (19:43 +0100)]
use app.set and not apply_configuration

7 years agouse an around block instead of before/after to create temporary depot in specs
Lunar [Mon, 13 Feb 2012 17:31:13 +0000 (18:31 +0100)]
use an around block instead of before/after to create temporary depot in specs

7 years agorework part of configure mechanism
Lunar [Sun, 29 Jan 2012 17:57:42 +0000 (18:57 +0100)]
rework part of configure mechanism

We can now use `app.set :authentication_method, ...` which is useful for
tests.

7 years agoimplement pluggable authentication using classes instead of modules
Lunar [Mon, 13 Feb 2012 23:17:22 +0000 (00:17 +0100)]
implement pluggable authentication using classes instead of modules

It will be less hacky pocky and work better for testing. Otherwise, switching
from one authentication mechanism to another during the same test suite does
not really work well.

7 years agoupdate sinatra to version 1.3
Lunar [Tue, 14 Feb 2012 11:42:03 +0000 (12:42 +0100)]
update sinatra to version 1.3

Adjustments needed:

 * Update reference value for the Content-type header in specs.

7 years agoAdding missing Debian dependency on README
Silvio Rhatto [Sun, 5 Feb 2012 16:54:43 +0000 (14:54 -0200)]
Adding missing Debian dependency on README

7 years agoSupport for url config paramenter
Silvio Rhatto [Sun, 5 Feb 2012 16:44:56 +0000 (14:44 -0200)]
Support for url config paramenter

Adds a "url" parameter to the config file to enforce a custom
address.

7 years agoadd some more notes about development in README
Lunar [Sun, 29 Jan 2012 16:47:47 +0000 (17:47 +0100)]
add some more notes about development in README

7 years agoupdate test suite for RSpec 2.x and Bundler
Lunar [Sun, 29 Jan 2012 16:36:46 +0000 (17:36 +0100)]
update test suite for RSpec 2.x and Bundler

7 years agomove RSpec tests to more idiomatic location
Lunar [Sun, 29 Jan 2012 15:55:04 +0000 (16:55 +0100)]
move RSpec tests to more idiomatic location

7 years agoreword some parts of the README
Lunar [Sun, 29 Jan 2012 15:48:33 +0000 (16:48 +0100)]
reword some parts of the README

7 years agodisplay a nicer 'Not found' message
Lunar [Sun, 29 Jan 2012 15:25:00 +0000 (16:25 +0100)]
display a nicer 'Not found' message

8 years agofixing em vs. px problem on chrome
mh [Thu, 11 Aug 2011 11:07:27 +0000 (13:07 +0200)]
fixing em vs. px problem on chrome

8 years agoimprove css to work properly on more browsers
mh [Thu, 11 Aug 2011 10:55:14 +0000 (12:55 +0200)]
improve css to work properly on more browsers

8 years agoignore 3rd party layouts
mh [Thu, 11 Aug 2011 10:53:19 +0000 (12:53 +0200)]
ignore 3rd party layouts

8 years agodisplay about text also on the js login, hide submit button for jslogin on non js...
mh [Wed, 10 Aug 2011 18:15:26 +0000 (20:15 +0200)]
display about text also on the js login, hide submit button for jslogin on non js browsers

8 years agoadd info that upload is forbidden
mh [Wed, 10 Aug 2011 18:03:35 +0000 (20:03 +0200)]
add info that upload is forbidden

8 years agodocument gc
mh [Tue, 9 Aug 2011 07:32:01 +0000 (09:32 +0200)]
document gc

8 years agorequire bundle/setup so bundler gets loaded
mh [Tue, 9 Aug 2011 07:23:50 +0000 (09:23 +0200)]
require bundle/setup so bundler gets loaded

8 years agomake gc executable
mh [Tue, 9 Aug 2011 07:01:57 +0000 (09:01 +0200)]
make gc executable

8 years agojson is also required
mh [Tue, 9 Aug 2011 06:40:47 +0000 (08:40 +0200)]
json is also required

8 years agomove jquery into the repo, depending on your os the link can be different
mh [Tue, 9 Aug 2011 06:38:57 +0000 (08:38 +0200)]
move jquery into the repo, depending on your os the link can be different