Merge tag '5.3.0' into 5.3-auth

.jshintignore

@@ -7,6 +7,7 @@ www/common/onlyoffice/v1
 www/common/onlyoffice/v2*
 www/common/onlyoffice/v4
 www/common/onlyoffice/v5
+www/common/onlyoffice/v*/
 
 www/scratch
 www/accounts

CHANGELOG.md

@@ -1,3 +1,74 @@
+# 5.3.0
+
+## Goals
+
+This release updates OnlyOffice applications to version 7.3.3. It improves the Form application and other areas of CryptPad with minor features and bug fixes. 
+
+## Features
+
+- Upgrade OnlyOffice applications (Sheet, Document, Presentation) to version 7.1
+
+- Forms
+  - New question type: Date [[#811](https://github.com/xwiki-labs/cryptpad/issues/811)]
+  - Add Condorcet voting results to ordered list responses
+
+- Default dark theme switch [[#759](https://github.com/xwiki-labs/cryptpad/issues/759)]: set dark theme as the default for the instance in `application_config.js`
+
+- New FreeBSD rc.d init script
+
+## Improvements
+
+- Auto-select document name on edit if it's still the default [thanks to [piemonkey](https://github.com/piemonkey)]
+
+- Forms
+  - Clarify button text to "Copy Public Link" [[#937](https://github.com/xwiki-labs/cryptpad/issues/937)]
+  - Clarify text on the document creation screen so that "Expiration date" (date at which the document will be destroyed) is not confused with the _closing date_ of the form [user feedback]
+  - Decimals are now allowed in text questions with type "number" [[Forum](https://forum.cryptpad.org/d/88-decimals-in-number-type-text-field)]
+
+- Rich Text
+  - Move width-toggle button out of the way of the text [[#957](https://github.com/xwiki-labs/cryptpad/issues/957)]
+
+- Deployment
+  - Systemd: Removed outdated logging directives and implemented sandboxing and other hardening best practices
+  - Nginx: Invert settings to forbid remote embedding by default
+
+- Removed unused dev dependencies
+
+## Bug Fixes
+
+- Forms and Kanban
+  - Fixed spacing issues with input fields
+
+- Forms
+  - Fixed ways to bypass "required" questions [[#1007](https://github.com/xwiki-labs/cryptpad/issues/1007) [#1014](https://github.com/xwiki-labs/cryptpad/issues/1014)]
+  - Fix missing notifications for responses
+  - Send response notifications to all owners
+
+- Rich Text
+  - Fix scroll issues when clicking on the table of contents 
+  - Fix double notification for mention + reply in a comment
+
+- Fix issues with deprecated cache 
+
+- Fix bug that kept certain documents from being "pinned" to the drive. This could lead them to be deleted for inactivity even though they were stored in the drive. Note that storage quotas may increase as a result
+
+## Update notes
+
+If you are upgrading from a version older than `5.2.0` please read the upgrade notes of all versions between yours and `5.3.0` to avoid configuration issues.
+
+To upgrade:
+
+1. Stop your server
+2. Get the latest code with git
+
+```bash
+git fetch origin --tags
+git checkout 5.3
+```
+
+1. Restart your server
+2. Review your instance's checkup page to ensure that you are passing all tests
+   
 # 5.2.1
 
 ## Goals

customize.dist/pages.js

@@ -95,7 +95,7 @@ define([
         return h('a', attrs, [icon, text]);
     };
 
-    Pages.versionString = "5.2.1";
+    Pages.versionString = "5.3.0";
 
     var customURLs = Pages.customURLs = {};
     (function () {

docs/cryptpad.service

@@ -2,7 +2,7 @@
 Description=CryptPad API server
 
 [Service]
-ExecStart=/home/cryptpad/.nvm/versions/node/v12.14.0/bin/node /home/cryptpad/cryptpad/server.js
+ExecStart=/home/cryptpad/.nvm/versions/node/v19.8.1/bin/node /home/cryptpad/cryptpad/server.js
 # modify to match the location of your cryptpad repository
 WorkingDirectory=/home/cryptpad/cryptpad
 
@@ -10,10 +10,6 @@ Restart=always
 # Restart service after 10 seconds if node service crashes
 RestartSec=2
 
-# Output to syslog
-StandardOutput=syslog
-StandardError=syslog
-SyslogIdentifier=cryptpad
 User=cryptpad
 Group=cryptpad
 # modify to match your working directory
@@ -24,5 +20,42 @@ Environment='PWD="/home/cryptpad/cryptpad"'
 # or risk EMFILE errors.
 LimitNOFILE=1000000
 
+# hardening directives as per https://www.freedesktop.org/software/systemd/man/systemd.exec.html
+# check those with systemd-analyze security cryptpad.service for more information
+# Proc filesystem
+ProcSubset=all
+ProtectProc=invisible
+# Capabilities
+CapabilityBoundingSet=
+# Security
+NoNewPrivileges=true
+# Sandboxing
+ProtectSystem=strict
+PrivateTmp=true
+PrivateDevices=true
+ProtectHostname=true
+ProtectKernelLogs=true
+ProtectKernelModules=true
+ProtectKernelTunables=true
+ProtectControlGroups=true
+RestrictAddressFamilies=AF_INET
+RestrictAddressFamilies=AF_INET6
+RestrictAddressFamilies=AF_NETLINK
+RestrictAddressFamilies=AF_UNIX
+RestrictNamespaces=true
+LockPersonality=true
+RestrictRealtime=true
+RestrictSUIDSGID=true
+RemoveIPC=true
+PrivateMounts=true
+ProtectClock=true
+# System Call Filtering
+SystemCallArchitectures=native
+SystemCallFilter=~@cpu-emulation @debug @keyring @ipc @mount @obsolete @privileged @setuid
+SystemCallFilter=@chown
+SystemCallFilter=pipe
+SystemCallFilter=pipe2
+ReadWritePaths=/home/cryptpad/cryptpad
+
 [Install]
 WantedBy=multi-user.target

docs/example.nginx.conf

@@ -23,15 +23,12 @@ server {
     set $main_domain "your-main-domain.com";
     set $sandbox_domain "your-sandbox-domain.com";
 
-    # By default CryptPad allows remote domains to embed CryptPad documents in iframes.
-    # This behaviour can be blocked by changing $allowed_origins from "*" to the
-    # sandbox domain, which must be permitted to load content from the main domain
-    # in order for CryptPad to work as expected.
-    #
-    # An example is given below which can be uncommented if you want to block
-    # remote sites from including content from your server
-    set $allowed_origins "*";
-    # set $allowed_origins "https://${sandbox_domain}";
+    # By default CryptPad forbids remote domains from embedding CryptPad documents in iframes.
+    # The sandbox domain must always be permitted in order for the platform to function.
+    # If you wish to enable remote embedding you may change the value below to "*"
+    # as per the commented value.
+    set $allowed_origins "https://${sandbox_domain}";
+    #set $allowed_origins "*";
 
     # CryptPad's dynamic content (websocket traffic and encrypted blobs)
     # can be served over separate domains. Using dedicated domains (or subdomains)

docs/rc.d-cryptpad

@@ -0,0 +1,37 @@
+!/bin/sh
+# $FreeBSD$
+# PROVIDE: cryptpad
+# REQUIRE: DAEMON nginx
+# KEYWORD: shutdown
+
+. /etc/rc.subr
+
+name="cryptpad"
+start_cmd="start"
+stop_cmd="stop"
+rcvar=cryptpad_enable
+
+pidfile="/var/run/${name}.pid"
+
+desc="CryptPad Service"
+
+load_rc_config ${name}
+
+start() {
+
+/bin/mkdir -p /var/run/cryptpad
+/usr/sbin/chown cryptpad:cryptpad /var/run/cryptpad
+
+/usr/bin/su cryptpad -c "export PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:~/bin && cd /home/cryptpad/cryptpad && /usr/sbin/daemon -T ${name} -P /var/run/cryptpad/${name}_supervisor.pid -p  /var/run/cryptpad/${name}.pid -f -S -r /usr/local/bin/node server"
+
+}
+
+stop() {
+
+/bin/kill -9 `cat /var/run/cryptpad/${name}_supervisor.pid`
+/bin/kill -15 `cat /var/run/cryptpad/${name}.pid`
+
+}
+
+run_rc_command "$1"
+

lib/commands/channel.js

@@ -224,7 +224,7 @@ Channel.deleteMailboxMessage = function (Env, data, cb) {
     Env.msgStore.deleteChannelLine(channelId, hash, function (msg) {
         // Check if you're allowed to delete this hash
         try {
-            const mySecret = new Uint8Array(32);
+            const mySecret = Env.curvePrivate;
             const msgBytes = Nacl.util.decodeBase64(msg).subarray(64); // Remove signature
             const theirPublic = msgBytes.subarray(24,56); // 0-24 = nonce; 24-56=publickey (32 bytes)
             const hashBytes = Nacl.box.open(proofBytes, nonce, theirPublic, mySecret);

lib/env.js

@@ -14,6 +14,8 @@ const Package = require("../package.json");
 const Default = require("./defaults");
 const Path = require("path");
 
+const Nacl = require("tweetnacl/nacl-fast");
+
 var canonicalizeOrigin = function (s) {
     if (typeof(s) === 'undefined') { return; }
     return (s || '').trim().replace(/\/+$/, '');
@@ -74,6 +76,8 @@ module.exports.create = function (config) {
         permittedEmbedders = permittedEmbedders.trim();
     }
 
+    const curve = Nacl.box.keyPair();
+
     const Env = {
         logFeedback: Boolean(config.logFeedback),
         mainPages: config.mainPages || Default.mainPages(),
@@ -221,6 +225,8 @@ module.exports.create = function (config) {
 
         // initialized as undefined
         bearerSecret: void 0,
+        curvePrivate: curve.secretKey,
+        curvePublic: Nacl.util.encodeBase64(curve.publicKey),
     };
 
     (function () {

lib/hk-util.js

@@ -428,6 +428,7 @@ const getHistoryOffset = (Env, channelName, lastKnownHash, _cb) => {
 
     // lastKnownhash === -1 means we want the complete history
     if (lastKnownHash === -1) { return void cb(null, 0); }
+
     let offset = -1;
     nThen((waitFor) => {
         getIndex(Env, channelName, waitFor((err, index) => {
@@ -436,8 +437,16 @@ const getHistoryOffset = (Env, channelName, lastKnownHash, _cb) => {
             // check if the "hash" the client is requesting exists in the index
             const lkh = index.offsetByHash[lastKnownHash];
 
-            // fall through to the next block if the offset of the hash in question is not in memory
-            if (lastKnownHash && typeof(lkh) !== "number") { return; }
+            // lastKnownHash requested but not found in the index
+            if (lastKnownHash && typeof(lkh) !== "number") {
+                // No checkpoint: may be a non-chainpad channel
+                if (!index.cpIndex.length) {
+                    return;
+                }
+                // Hash too old or no longer exists, empty cache
+                waitFor.abort();
+                return void cb(new Error('EUNKNOWN'));
+            }
 
             // If we have a lastKnownHash or we didn't ask for one, we don't need the next blocks
             waitFor.abort();
@@ -465,18 +474,13 @@ const getHistoryOffset = (Env, channelName, lastKnownHash, _cb) => {
                 return void cb(new Error('EUNKNOWN'));
             }
 
-            // If we asked for a lastKnownHash but didn't find it AND if
-            // this channel has checkpoints, send EUNKNOWN so that the
-            // client can ask for normal history (without lastKnownHash)
-            if (lastKnownHash && !lkh && index.cpIndex.length) {
-                waitFor.abort();
-                return void cb(new Error('EUNKNOWN'));
-            }
-
             // Otherwise use our lastKnownHash
             cb(null, lkh);
         }));
     }).nThen((w) => {
+        // XXX entire block and getHashOffset to remove?
+
+
         // skip past this block if the offset is anything other than -1
         // this basically makes these first two nThen blocks behave like if-else
         if (offset !== -1) { return; }

package.json

@@ -1,7 +1,7 @@
 {
   "name": "cryptpad",
   "description": "realtime collaborative visual editor with zero knowlege server",
-  "version": "5.2.1",
+  "version": "5.3.0",
   "license": "AGPL-3.0+",
   "repository": {
     "type": "git",
@@ -35,9 +35,11 @@
   },
   "devDependencies": {
     "jshint": "^2.13.4",
-    "less": "3.7.1",
-    "lesshint": "6.3.7",
-    "selenium-webdriver": "^3.6.0"
+    "lesshint": "6.3.7"
+  },
+  "overrides": {
+    "glob-parent": "5.1.2",
+    "set-value": "4.0.1"
   },
   "scripts": {
     "start": "node server.js",

readme.md

@@ -81,6 +81,8 @@ We love Open Source and we love contribution. Learn more about [contributing](ht
 
 If you have any questions or comments, or if you're interested in contributing to CryptPad, come say hi in our [Matrix channel](https://app.element.io/#/room/#cryptpad:matrix.xwiki.com).
 
+This project is tested with [BrowserStack](https://www.browserstack.com/).
+
 # License
 
 ![AGPL logo](https://www.gnu.org/graphics/agplv3-155x51.png "GNU Affero General Public License")

scripts/translations/unused-translations.js

@@ -32,6 +32,7 @@ var grep = function (pattern, cb) {
         'www/common/onlyoffice/v2b*',
         'www/common/onlyoffice/v4*',
         'www/common/onlyoffice/v5*',
+        'www/common/onlyoffice/v6*',
         'www/common/onlyoffice/x2t/*',
         //'www/common/onlyoffice/build/*',
         'www/lib/*',

server.js

@@ -60,7 +60,7 @@ nThen(function (w) {
             message: "CryptPad is customizable, see customize.dist/readme.md for details",
         });
     }));
-}).nThen(function () {
+}).nThen(function (w) {
     // check that a valid origin was provided in the config
     try {
         var url = new URL('', Env.httpUnsafeOrigin).href;
@@ -80,7 +80,6 @@ nThen(function (w) {
         });
         process.exit(1);
     }
-}).nThen(function (w) {
     Env.httpServer = Http.createServer(app);
     Env.httpServer.listen(Env.websocketPort, 'localhost', w(function () {
         Env.Log.info('WEBSOCKET_LISTENING', {

www/common/application_config_internal.js

@@ -280,7 +280,7 @@ define(function() {
     // the driveless mode by changing the following value to "false"
     AppConfig.allowDrivelessMode = true;
 
-    AppConfig.emojiAvatars = '🙈 🦀 🐞 🦋 🐬 🐋 🐢 🦉 🦆 🐧 🦡 🦘 🦨 🦦 🦥 🐼 🐻 🦝 🦓 🐄 💮️ 🐙️ 🌸️ 🌻️ 🐝️ 🐐 🦙 🦒 🐘 🦏 🐁 🐹 🐰 🦫 🦔 🐨 🐱 🐺 👺 👹 👽 👾 🤖'.split(/\s+/);
+    AppConfig.emojiAvatars = '🐵 🐒 🐶 🐩 🐺 🐱 🐯 🐴 🐎 🐮 🐷 🐗 🐑 🐫 🐘 🐭 🐹 🐰 🐻 🐨 🐼 🐔 🐣 🐥 🐢 🐍 🐲 🐳 🐬 🐟 🐠 🐡 🐙 🐚 🐌 🐛 🐝 🐞 💐 🌸 💮 🌹 🌺 🌻 🌼 🌷 🌱 🌴 🌵 🌾 🌿 🍀 🍁 🍂 🍃 🍄 💫 🌛 ⛄ 🔥 💧 🌊 🎃 👹 👺 👻 👽 👾'.split(/\s+/);
 
     return AppConfig;
 });

www/common/boot2.js

@@ -1,40 +1,50 @@
-(function () {
-try {
-    var isDarkOS = function () {
-        try {
-            return window.matchMedia('(prefers-color-scheme: dark)').matches;
-        } catch (e) { return false; }
-    };
-    var flush = window.CryptPad_flushCache = function () {
-        Object.keys(localStorage).forEach(function (k) {
-            if (k.indexOf('CRYPTPAD_CACHE|') !== 0 && k.indexOf('LESS_CACHE') !== 0) { return; }
-            delete localStorage[k];
-        });
-    };
-    var os = isDarkOS() ? 'dark' : 'light';
-    var key = 'CRYPTPAD_STORE|colortheme';
-    window.CryptPad_theme = localStorage[key] || os;
-    if (!localStorage[key]) {
-        // We're using OS theme, check if we need to change
-        if (os !== localStorage[key+'_default']) {
-            console.warn('New OS theme, flush cache');
-            flush();
-            localStorage[key+'_default'] = os;
-        }
-    }
-    if (window.CryptPad_theme === 'dark') {
-        var s = document.createElement('style');
-        s.innerHTML = 'body { background: black; }';
-        document.body.appendChild(s);
-    }
-} catch (e) { console.error(e); }
-})();
-
-// This is stage 1, it can be changed but you must bump the version of the project.
 define([
-    '/common/requireconfig.js'
-], function (RequireConfig) {
+    '/common/requireconfig.js', 
+    '/customize/application_config.js'
+], function (RequireConfig, AppConfig) {
 
+    // if an AppConfig.defaultDarkTheme variable is added to application_config.js and set to true, this sets the theme to dark by default irrespective of browser settings
+    var checkDefaultDarkTheme = function () {
+        if (AppConfig.defaultDarkTheme) {
+            return 'dark';
+        }
+        var isDarkOS = function () {
+            try {
+                return window.matchMedia('(prefers-color-scheme: dark)').matches;
+            } catch (e) { return false; }
+        };
+        return isDarkOS() ? 'dark' : 'light';
+    };
+    var os = checkDefaultDarkTheme();
+
+    try {
+        var flush = window.CryptPad_flushCache = function () {
+            Object.keys(localStorage).forEach(function (k) {
+                if (k.indexOf('CRYPTPAD_CACHE|') !== 0 && k.indexOf('LESS_CACHE') !== 0) { return; }
+                delete localStorage[k];
+            });
+        };
+
+        var key = 'CRYPTPAD_STORE|colortheme';
+        window.CryptPad_theme = localStorage[key] || os;
+        if (!localStorage[key]) {
+            // We're using OS theme, check if we need to change
+            if (os !== localStorage[key+'_default']) {
+                console.warn('New OS theme, flush cache');
+                flush();
+                localStorage[key+'_default'] = os;
+            }
+        }
+        if (window.CryptPad_theme === 'dark') {
+            var s = document.createElement('style');
+            s.innerHTML = 'body { background: black; }';
+            document.body.appendChild(s);
+        }
+    } catch (e) { console.error(e); }
+
+
+
+    // This is stage 1, it can be changed but you must bump the version of the project.
     require.config(RequireConfig());
 
     // most of CryptPad breaks if you don't support isArray

www/common/common-ui-elements.js

@@ -2591,14 +2591,12 @@ define([
                     icon: h('span.cptools.cptools-new-template')
                 });
             }*/
-            if (!privateData.newTemplate) {
-                allData.unshift({
-                    name: Messages.creation_noTemplate,
-                    id: 0,
-                    //icon: h('span.fa.fa-file')
-                    icon: UI.getFileIcon({type: type})
-                });
-            }
+            allData.unshift({
+                name: Messages.creation_noTemplate,
+                id: 0,
+                //icon: h('span.fa.fa-file')
+                icon: UI.getFileIcon({type: type})
+            });
             var redraw = function (index) {
                 if (index < 0) { i = 0; }
                 else if (index > allData.length - 1) { return; }

www/common/cryptpad-common.js

@@ -219,10 +219,12 @@ define([
             var n = Nthen;
             var nacl, theirs;
             n = n(function (waitFor) {
-                require(['/bower_components/tweetnacl/nacl-fast.min.js'], waitFor(function () {
+                require([
+                    '/api/broadcast?'+ (+new Date()),
+                    '/bower_components/tweetnacl/nacl-fast.min.js'
+                ], waitFor(function (Broadcast) {
                     nacl = window.nacl;
-                    var s = new Uint8Array(32);
-                    theirs = nacl.box.keyPair.fromSecretKey(s);
+                    theirs = nacl.util.decodeBase64(Broadcast.curvePublic);
                 }));
             }).nThen;
             var toDelete = [];
@@ -236,7 +238,7 @@ define([
                     var curve = answer.curvePrivate;
                     var mySecret = nacl.util.decodeBase64(curve);
                     var nonce = nacl.randomBytes(24);
-                    var proofBytes = nacl.box(h, nonce, theirs.publicKey, mySecret);
+                    var proofBytes = nacl.box(h, nonce, theirs, mySecret);
                     var proof = nacl.util.encodeBase64(nonce) +'|'+ nacl.util.encodeBase64(proofBytes);
                     var lineData = {
                         channel: data.channel,

www/common/onlyoffice/inner.js

@@ -61,7 +61,7 @@ define([
     var CHECKPOINT_INTERVAL = 100;
     var FORCE_CHECKPOINT_INTERVAL = 10000;
     var DISPLAY_RESTORE_BUTTON = false;
-    var NEW_VERSION = 5; // version of the .bin, patches and ChainPad formats
+    var NEW_VERSION = 6; // version of the .bin, patches and ChainPad formats
     var PENDING_TIMEOUT = 30000;
     var CURRENT_VERSION = X2T.CURRENT_VERSION;
 
@@ -1349,6 +1349,8 @@ define([
                 type: "saveChanges",
                 changes: parseChanges(JSON.stringify(aRes)),
                 changesIndex: ooChannel.cpIndex || 0,
+                startSaveChanges: true,
+                endSaveChanges: true,
                 locks: getUserLock(getId(), true),
                 excelAdditionalInfo: null
             };
@@ -2941,6 +2943,23 @@ Uncaught TypeError: Cannot read property 'calculatedType' of null
                     }
                     readOnly = true;
                 }
+            } else if (content && content.version <= 5) {
+                version = 'v5/';
+                APP.migrate = true;
+                // Registedred ~~users~~ editors can start the migration
+                if (common.isLoggedIn() && !readOnly) {
+                    content.migration = true;
+                    APP.onLocal();
+                } else {
+                    msg = h('div.alert.alert-warning.cp-burn-after-reading', Messages.oo_sheetMigration_anonymousEditor);
+                    if (APP.helpMenu) {
+                        $(APP.helpMenu.menu).after(msg);
+                    } else {
+                        $('#cp-app-oo-editor').prepend(msg);
+                    }
+                    readOnly = true;
+                }
+
             }
             // NOTE: don't forget to also update the version in 'EV_OOIFRAME_REFRESH'