Commit Graph

5431 Commits (156a30496c3d3e2f446a0987248ff12f6ecfc4f0)

Author SHA1 Message Date
Ryan Wang 156a30496c
fix: prevent data clearing on FormKit component unmount (#7122)
#### What type of PR is this?

/kind bug
/area ui
/milestone 2.20.x

#### What this PR does / why we need it:

Prevent data clearing on FormKit component unmount

#### Which issue(s) this PR fixes:

Fixes #7121 

#### Special notes for your reviewer:

#### Does this PR introduce a user-facing change?

```release-note
修复 FormKit 组件卸载时,对应数据值也被清除的问题
```
2024-12-17 07:06:08 +00:00
Ryan Wang 8f39266c8c
refactor: optimize axios interceptor text/html content type detection (#7142)
#### What type of PR is this?

/area ui
/kind improvement
/milestone 2.20.x

#### What this PR does / why we need it:

Optimize axios interceptor text/html content type detection

<img width="1461" alt="image" src="https://github.com/user-attachments/assets/6bb59a1d-81cc-4ea2-ac61-17e30eab4281" />

#### Does this PR introduce a user-facing change?

```release-note
None
```
2024-12-16 15:28:10 +00:00
Ryan Wang f9ddeebb1f
chore: bump vite version to 6.0.3 (#7123)
#### What type of PR is this?

/area ui
/kind improvement

#### What this PR does / why we need it:

Bump vite version to [6](https://vite.dev/guide/migration.html)

#### Does this PR introduce a user-facing change?

```release-note
None
```
2024-12-16 07:20:09 +00:00
Ryan Wang 41ea81cddd
feat: support display HTML format in API error responses (#7127)
#### What type of PR is this?

/kind feature
/area ui
/milestone 2.20.x

#### What this PR does / why we need it:

Add supports for display HTML format in API error responses

See #7115 

Examples:

<img width="917" alt="image" src="https://github.com/user-attachments/assets/1ab4531c-3238-4e7d-ba24-d2425184a757">

<img width="942" alt="image" src="https://github.com/user-attachments/assets/54621b31-0629-4772-95fd-8587a7704ca3">


#### Which issue(s) this PR fixes:

Fixes #7115 

#### Special notes for your reviewer:

Nginx mock example:

```nginx
server {
    listen 80;
    server_name localhost;

    error_page   500 502 503 504  /50x.html;

    location = /50x.html {
        root   /usr/share/nginx/html;
    }

    location / {
      proxy_pass http://localhost:8090;
      proxy_set_header HOST $host;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

    location ^~ /apis/content.halo.run/v1alpha1/posts/ {
        return 403;
    }
}
```

#### Does this PR introduce a user-facing change?

```release-note
支持显示来自反向代理或者 WAF 的请求错误信息
```
2024-12-16 02:46:08 +00:00
Ryan Wang 0e9466d29c
chore: inject Object.hasOwn polyfill for Console and UC (#7128)
#### What type of PR is this?

/area ui
/kind improvement
/milestone 2.20.x

#### What this PR does / why we need it:

Inject Object.hasOwn polyfill into the front-end projects of Console and UC to solve the problem that some features cannot be used normally in lower version browsers

See https://github.com/halo-dev/halo/issues?q=is%3Aissue%20state%3Aclosed%20hasOwn
See https://caniuse.com/?search=hasOwn

#### Does this PR introduce a user-facing change?

```release-note
修复在较低版本浏览器中无法使用默认编辑器和附件上传功能的问题。
```
2024-12-15 16:10:06 +00:00
cryptochecktool 0748ae4334
refactor: replace md5 with sha256 for commenter email hash (#7092)
#### What type of PR is this?

/kind feature
/kind improvement

#### What this PR does / why we need it:

本次PR对系统中用于电子邮件哈希的算法进行了升级。原先使用的是MD5算法,现在替换为了更安全的SHA-256算法。这一变更提高了数据的安全性,降低了电子邮件被破解的风险。

#### Which issue(s) this PR fixes:

未指定具体问题编号,但解决了潜在的安全隐患。

#### Special notes for your reviewer:

在替换哈希算法的过程中,我已经确保了代码的兼容性和性能。建议审查者在合并前进行全面的测试,以确保新算法的正确性和系统的稳定性。

#### Does this PR introduce a user-facing change?

```release-note
增强评论邮箱哈希算法(SHA256)
```
2024-12-09 01:23:32 +00:00
John Niang 348e7c906f
Fix failing checks of staging repository when releasing to Maven (#7114)
#### What type of PR is this?

/kind bug
/area core

#### What this PR does / why we need it:

When I tried to publish Maven publications into OSSHR <https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/>, I couldn't close and release the opening staging repository because our Maven publications didn't meet the requirements of OSSHR, for example, `Sign Files with GPG/PGP` and `Project Name, Description and URL`.

This PR tries to fix those problem and all checks will pass. You can check it from <https://central.sonatype.com/artifact/run.halo.app/api/overview>.

> https://central.sonatype.org/publish/requirements/

#### Does this PR introduce a user-facing change?

```release-note
None
```
2024-12-05 08:45:15 +00:00
John Niang 2cb10a5279
Bump Halo version to 2.20.11-SNAPSHOT (#7111)
#### What type of PR is this?

/kind cleanup
/area core

#### What this PR does / why we need it:

This PR bumps Halo version to 2.20.11-SNAPSHOT for next iteration.

#### Does this PR introduce a user-facing change?

```release-note
None
```
2024-12-04 09:51:11 +00:00
guqing ead667683c
feat: add system info getter for plugin (#7103)
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.20.x

#### What this PR does / why we need it:
为插件提供 SystemInfoGetter 用于获取站点基本信息

站点标题描述和系统版本这些信息对于插件来说是很有必要的避免插件要直接查询 system ConfigMap 来获取,如 RSS 和 通知器扩展等插件都会需要用到

```json
{
  "title" : "guqing's blog",
  "subtitle" : "副标题",
  "logo" : "/upload/myavatar.png",
  "favicon" : "/upload/myavatar.png",
  "url" : "http://localhost:8090",
  "version" : {
    "majorVersion" : 2,
    "minorVersion" : 20,
    "normalVersion" : "2.20.10",
    "preRelease" : true,
    "publicApiStable" : true,
    "patchVersion" : 10,
    "preReleaseVersion" : "SNAPSHOT",
    "buildMetadata" : "",
    "stable" : false
  },
  "seo" : {
    "blockSpiders" : false,
    "keywords" : "keyword1,keyword2",
    "description" : "站点描述"
  },
  "locale" : "zh_CN_#Hans",
  "timeZone" : "Asia/Shanghai",
  "activatedThemeName" : "theme-earth"
}
```

#### Does this PR introduce a user-facing change?

```release-note
开发者相关:为插件提供 SystemInfoGetter 用于获取站点基本信息
```
2024-12-04 07:53:10 +00:00
guqing fef06edcd8
fix: optional plugin dependencies not working correctly (#7094)
#### What type of PR is this?
/kind bug
/area core
/milestone 2.20.x

#### What this PR does / why we need it:
修复可选插件依赖功能无法正常工作的问题

#### Special notes for your reviewer:

使用以下两个插件测试可选依赖:

[测试插件集合.zip](https://github.com/user-attachments/files/17989250/default.zip)

使用以下测试用例进行测试:

测试用例1:plugin-feed 插件提供 RSS 扩展功能

- **前置条件:**  
    安装并启用 `plugin-feed` 插件。
- **操作步骤:**  
    访问 `http://localhost:8090/feed/rss.xml`。
- **期望结果:**  
    返回 `plugin-feed` 提供的 RSS 内容。

---

测试用例 2: plugin-moments 扩展了 plugin-feed 的 RSS 功能(依赖于 plugin-feed)

- **前置条件:**  
    安装并启用 `plugin-feed` 和 `plugin-moments` 插件。
- **操作步骤:**  
    访问 `http://localhost:8090/feed/moments/rss.xml`。
- **期望结果:**  
    返回 `plugin-moments` 提供的 RSS 内容。

---

测试用例 3: plugin-feed 启用时安装 plugin-moments

- **前置条件:**  
    启用 `plugin-feed` 插件。
- **操作步骤:**
    1. 安装 `plugin-moments` 插件。
    2. 访问 `http://localhost:8090/feed/moments/rss.xml`。
- **期望结果:**  
    `plugin-moments` 提供的 RSS 路由可访问,并返回正确内容。

---

测试用例 4: plugin-feed 未启用时安装 plugin-moments

- **前置条件:**  
    未安装或未启用 `plugin-feed` 插件。
- **操作步骤:**
    1. 安装并启用 `plugin-moments` 插件。
    2. 访问 `http://localhost:8090/feed/moments/rss.xml`。
- **期望结果:**
    - `plugin-moments` 的 RSS 路由不可访问,返回 404。
    - `plugin-moments` 的其他功能正常运行。

---

测试用例 5: plugin-moments 启用后安装 plugin-feed

- **前置条件:**  
    已安装并启用 `plugin-moments` 插件。
- **操作步骤:**
    1. 安装并启用 `plugin-feed` 插件。
    2. 访问 `http://localhost:8090/feed/moments/rss.xml`。
- **期望结果:**  
    `plugin-moments` 提供的 RSS 路由可访问,并返回正确内容。

---

测试用例 6: 停止 plugin-feed 后验证 RSS 路由

- **前置条件:**  
    已启用 `plugin-feed` 和 `plugin-moments` 插件。
- **操作步骤:**
    1. 停止 `plugin-feed` 插件。
    2. 访问 `http://localhost:8090/feed/moments/rss.xml`。
- **期望结果:**
    - `plugin-feed` 停止成功。
    - `plugin-moments` 提供的 RSS 路由不可访问,返回 404。

---

测试用例 7: 重启 Halo 后验证可选依赖插件的启动顺序

- **前置条件:**  
    已启用 `plugin-feed` 和 `plugin-moments` 插件。
- **操作步骤:**
    1. 重启 Halo 服务。
    2. 访问 `http://localhost:8090/feed/moments/rss.xml`。
- **期望结果:**
    - `plugin-moments` 提供的 RSS 路由**始终可访问**。

---

测试用例 8: 必选依赖插件验证

- **场景 1: 安装 seo 插件时未安装应用市场**
    
    - **前置条件:**  
        未安装 `app-store-integration` 插件。
    - **操作步骤:**  
        安装 `plugin-seo` 插件。
    - **期望结果:**  
        提示需要先安装 `app-store-integration` 插件。
- **场景 2: 停止应用市场插件时 seo 插件仍启用**
    
    - **前置条件:**  
        已启用 `app-store-integration` 和 `plugin-seo` 插件。
    - **操作步骤:**  
        停止 `app-store-integration` 插件。
    - **期望结果:**  
        提示需要先停止 `plugin-seo` 插件。

#### Does this PR introduce a user-facing change?

```release-note
修复可选插件依赖功能无法正常工作的问题
```
2024-12-04 07:13:10 +00:00
Ryan Wang d06b40cb0c
chore: remove vue devtools (#7108)
#### What type of PR is this?

/area ui
/kind cleanup

#### What this PR does / why we need it:

移除 UI 项目内置的 Vue Devtools,后续建议使用浏览器插件代替:https://chromewebstore.google.com/detail/vuejs-devtools/nhdogjmejiglipccpnnnanhbledajbpd

#### Does this PR introduce a user-facing change?

```release-note
None
```
2024-12-04 03:17:09 +00:00
guqing eb969122ff
perf: add caching for extension getter to enhance performance (#7102)
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.20.x

#### What this PR does / why we need it:
为扩展获取增加缓存以提高网站整体性能

在此之前,每个请求都要经过很多过滤器,而一些过滤器会获取扩展因此导致频繁查询扩展和扩展点定义拖慢了速度

**测试情况**

初始化一个全新环境,安装并启用以下插件和主题
- 已激活主题: [Earth 1.11.0](https://github.com/halo-dev/theme-earth)
- 已启动插件:
  - [SEO 工具集 1.0.1](https://github.com/f2ccloud/plugin-seo-tools)
  - [OAuth2 认证 1.5.0](https://github.com/halo-sigs/plugin-oauth2)
  - [Trailing Slash 1.0.0](https://github.com/halo-sigs/plugin-trailing-slash)
  - [评论组件 2.5.1](https://github.com/halo-dev/plugin-comment-widget)
  - [KaTeX 2.1.0](https://github.com/halo-sigs/plugin-katex)
  - [应用市场 1.9.0](https://www.halo.run/store/apps/app-VYJbF)

通过 Apache Benchmark (ab) 进行 1w 次请求并发 100 个,测试访问首页,得到以下测试结果:

核心指标对比

|指标|改进前|改进后|提升情况|
|---|---|---|---|
|**总耗时 (Time taken)**|27.030 秒|25.718 秒|减少约 **4.9%**|
|**每秒请求数 (RPS)**|369.96 req/sec|388.83 req/sec|提升约 **5.1%**|
|**单请求平均耗时**|270.298 ms|257.181 ms|减少约 **4.9%**|
|**传输速率 (Transfer Rate)**|6346.44 KB/s|6670.12 KB/s|提升约 **5.1%**|

综合分析
- 性能提升主要体现在:请求处理时间(Processing)、等待时间(Waiting)以及每秒请求数(RPS)均有 约5% 左右的提升。
- 传输效率更高:通过更快的处理时间,传输速率提高了 5.1%。
- 长尾请求优化显著:最大响应时间减少了约 14.9%,意味着极端情况下的性能更优。

#### Does this PR introduce a user-facing change?

```release-note
为扩展获取增加缓存使网站整体性能提升 5% 以上
```
2024-12-04 02:41:09 +00:00
guqing 2b4d1ab8d8
perf: add caching for system configuration fetcher to enhance performance (#7100)
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.20.x

#### What this PR does / why we need it:
为系统配置获取增加缓存以提高路由和主题模板渲染的速度

#### Special notes for your reviewer:
1. 系统能正确初始化
2. 测试修改系统配置后 http://localhost:8090/actuator/globalinfo 和主题端 `${site}` 是否都是新的
3. 更改了文章路由规则后能正确调整到新的规则

#### Does this PR introduce a user-facing change?

```release-note
为系统配置的获取增加缓存以提高路由和主题模板渲染的速度
```
2024-12-04 02:31:08 +00:00
guqing 7bd9408519
chore: standardize request parsing to use a single path handler (#7106)
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.20.x

#### What this PR does / why we need it:
统一使用同一个 RequestPath 来解析请求信息

#### Does this PR introduce a user-facing change?

```release-note
None
```
2024-12-03 11:39:06 +00:00
zly199 568c7d27e5
feat: show sending status of verification emails in signup form. (#7065)
What type of PR is this?
/kind feature

What this PR does / why we need it:
This PR modifies the behavior of the "Send" button for sending verification codes. Now, when the button is clicked, it immediately shows a "Sending..." state, improving user experience by providing instant feedback. After a successful request, a countdown is displayed. This makes the process clearer for users and reduces confusion during waiting time.

Which issue(s) this PR fixes:
Fixes #7064 

Special notes for your reviewer:
Please review the implementation for consistent UI behavior and ensure no race conditions occur if the button is clicked multiple times quickly.

Does this PR introduce a user-facing change?
Improved user experience for sending verification codes: the button now immediately shows "
2024-12-02 13:19:00 +00:00
John Niang f8be914038
Upgrade to PF4J 3.13.0 (#7099)
#### What type of PR is this?

/kind cleanup
/area core

#### What this PR does / why we need it:

This PR upgrades to [PF4J 3.13.0](https://github.com/pf4j/pf4j/releases/tag/release-3.13.0).

#### Does this PR introduce a user-facing change?

```release-note
升级依赖 PF4J 至 3.13.0
```
2024-12-02 07:42:59 +00:00
Ryan Wang 033a77e622
chore: add packageManager for corepack (#7081)
#### What type of PR is this?

/area ui
/kind improvement

#### What this PR does / why we need it:

为 UI 项目添加 packageManager 字段,以支持 [corepack](https://nodejs.org/api/corepack.html)。

#### Which issue(s) this PR fixes:

Fixes https://github.com/halo-dev/halo/issues/6635

#### Special notes for your reviewer:

#### Does this PR introduce a user-facing change?

```release-note
为 UI 项目添加 packageManager 字段,以支持 [corepack](https://nodejs.org/api/corepack.html)。
```
2024-11-26 03:58:28 +00:00
guqing 5cefefe130
fix: restrict thumbnail generation to images in the attachment library (#7079)
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.20.x

#### What this PR does / why we need it:
限制缩略图生成仅针对附件库中的图片,防止任意 URI 的生成行为带来的潜在攻击风险

先 merge #7077 后才能合并此 PR

#### Does this PR introduce a user-facing change?

```release-note
限制缩略图生成仅针对附件库中的图片,防止任意 URI 的生成行为带来的潜在攻击风险
```
2024-11-26 03:28:29 +00:00
guqing ec5c70f951
fix: resolve concurrency issue causing duplicate thumbnail generation (#7077)
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.20.x

#### What this PR does / why we need it:
修复可能为因为并发调用缩略图生成导致多次创建缩略图的问题

此 PR 为 #7031 的补充,并且会清理以前重复生成的缩略图记录和文件

#### Does this PR introduce a user-facing change?

```release-note
修复可能为因为并发调用缩略图生成导致多次重复缩略图记录的问题
```
2024-11-26 03:26:28 +00:00
Ryan Wang 2ed3bb6838
feat: add empty state for restore by backups (#7078)
#### What type of PR is this?

/area ui
/kind improvement
/milestone 2.20.x

#### What this PR does / why we need it:

为通过备份文件恢复的界面添加空状态提示。

<img width="1192" alt="image" src="https://github.com/user-attachments/assets/2267e61d-9886-408a-a13f-e986f2172203">

#### Does this PR introduce a user-facing change?

```release-note
为通过备份文件恢复的界面添加空状态提示。
```
2024-11-25 09:30:25 +00:00
Ryan Wang e5be856a06
fix: post annotations form layout issues in Chrome browser (#7076) 2024-11-25 10:45:36 +08:00
Ryan Wang ecec5eeb7c
feat: improve role template i18n (#7075) 2024-11-25 10:45:22 +08:00
John Niang d985b7a768
Upgrade to SpringDoc 2.7.0 (#7072)
* Upgrade to SpringDoc 2.7.0

Signed-off-by: John Niang <johnniang@foxmail.com>
2024-11-25 10:45:05 +08:00
guqing 0b505a9050
refactor: add uniqueness check for local thumbnail original links and dimensions to avoid duplication (#7031)
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.20.x

#### What this PR does / why we need it:
对本地缩略图的原图链接和尺寸增加唯一性检查避免重复

#### Does this PR introduce a user-facing change?

```release-note
对本地缩略图的原图链接和尺寸增加唯一性检查避免重复
```
2024-11-24 15:50:22 +00:00
Ryan Wang 391aac62d3
feat: add multi-role assignment support for users (#7037)
#### What type of PR is this?

/area ui
/kind feature
/milestone 2.20.x

#### What this PR does / why we need it:

支持为用户分配多个角色。

<img width="634" alt="image" src="https://github.com/user-attachments/assets/caa40327-518a-4bef-afc3-75a020018d3d">
<img width="764" alt="image" src="https://github.com/user-attachments/assets/8b4b807e-6c72-45d9-9368-75e70bb12dcc">

TODO:

- [x] Console / UC 侧边栏显示多个角色
- [x] 支持在管理端查看用户聚合的角色模板列表,或者在分配时显示所选角色其下的角色模板列表,能够让管理员清楚的知道用户具体权限。

#### Which issue(s) this PR fixes:

Fixes #

#### Special notes for your reviewer:

#### Does this PR introduce a user-facing change?

```release-note
支持为用户分配多个角色。
```
2024-11-24 15:48:21 +00:00
Ryan Wang 964bc28052
chore: bump tiptap version to 2.10.x (#7069)
#### What type of PR is this?

/area ui
/milestone 2.20.x

#### What this PR does / why we need it:

升级 Tiptap 的依赖至 [2.10.x](https://github.com/ueberdosis/tiptap/releases)。

#### Does this PR introduce a user-facing change?

```release-note
升级 Tiptap 的依赖至 2.10.x。
```
2024-11-24 08:02:19 +00:00
John Niang 201afcae31
Upgrade to Gradle 8.11 (#7062)
#### What type of PR is this?

/kind cleanup
/area core

#### What this PR does / why we need it:

This PR upgrades to [Gradle 8.11](https://github.com/gradle/gradle/releases/tag/v8.11.1) because Spring Boot 3.4.0 is using that version.

#### Does this PR introduce a user-facing change?

```release-note
升级至 Gradle 8.11
```
2024-11-22 04:16:12 +00:00
John Niang 7d8f30a337
Upgrade to Spring Boot 3.4.0 (#7060)
This PR upgrades to [Spring Boot 3.4.0](https://github.com/spring-projects/spring-boot/releases/tag/v3.4.0).

/kind cleanup
/area core

```release-note
升级依赖至 Spring Boot 3.4.0
```
2024-11-22 03:12:11 +00:00
John Niang d75bb09267
Remove template engine after upgrading theme (#7057)
#### What type of PR is this?

/kind bug
/area core
/milestone 2.20.x

#### What this PR does / why we need it:

This PR removes template engine instead of clearing cache of template engine after upgrading theme to resolve incomplete cache clear.

#### Which issue(s) this PR fixes:

Fixes https://github.com/halo-dev/halo/issues/7056

#### Special notes for your reviewer:

1. Try to install the theme `theme-earth 1.12.0`
2. Request index page and you will see the `上一页` which should be `下一页`
3. Try to upgrade to the theme `theme-earth 1.12.1`
4. Request index page and you should see the `下一页` directly. 

#### Does this PR introduce a user-facing change?

```release-note
修复升级主题后语言包未更新的问题
```
2024-11-21 09:52:10 +00:00
guqing 7cef55b51f
fix: new tags showing null post count on theme (#7049)
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.20.x

#### What this PR does / why we need it:
修复新创建的标签在主题端展示关联文章数量为 null 的问题

#### Which issue(s) this PR fixes:

Fixes #7042

#### Does this PR introduce a user-facing change?

```release-note
修复新创建的标签在主题端展示关联文章数量为 null 的问题
```
2024-11-19 06:32:05 +00:00
Anye 2c8f6f5009
feat: add support for OpenHarmony in device OS detection (#7045)
#### What type of PR is this?
/kind feature 

#### What this PR does / why we need it:
This PR adds support for detecting OpenHarmony as a device operating system.

#### Which issue(s) this PR fixes:
Fixes #7039

#### Special notes for your reviewer:
This PR introduces minor changes in the device OS detection logic.

#### Does this PR introduce a user-facing change?
```release-note
新设备登录通知的操作系统名支持展示鸿蒙替代 Unknown
```
2024-11-18 14:52:04 +00:00
Ryan Wang 06f3c289e8
chore: bump preset plugins version (#7024)
Signed-off-by: Ryan Wang <i@ryanc.cc>
2024-11-12 06:35:20 +08:00
BugKing a744b7d6f9
docs: Update README.md (#7010)
#### What type of PR is this?

/kind documentation

#### What this PR does / why we need it:

增加专业版简要说明。

#### Which issue(s) this PR fixes:

Fixes #

#### Special notes for your reviewer:

#### Does this PR introduce a user-facing change?

```release-note
None
```
2024-11-08 07:21:21 +00:00
John Niang 85b615e66d
Use task list for issue and pr checks (#7011)
#### What type of PR is this?

/kind cleanup

#### What this PR does / why we need it:

This PR use task list for issue and pr checks.

See https://github.com/orgs/halo-dev/discussions/7001 for more.

#### Which issue(s) this PR fixes:

Fixes https://github.com/orgs/halo-dev/discussions/7001

#### Does this PR introduce a user-facing change?

```release-note
None
```
2024-11-08 05:53:21 +00:00
John Niang 8e23b6d45a
Bump version to 2.20.9-SNAPSHOT (#6982)
#### What type of PR is this?

/kind cleanup

#### What this PR does / why we need it:

This PR bumps version to 2.20.9-SNAPSHOT.

#### Does this PR introduce a user-facing change?

```release-note
None
```
2024-10-31 09:17:07 +00:00
John Niang 4dbfb930bf
Support customizing CORS configuration (#6981)
#### What type of PR is this?

/kind improvement
/area core
/milestone 2.20.x

#### What this PR does / why we need it:

This PR adds CorsOptions into SecurityProperties to let users customize their own CORS configuration. e.g.:

```yaml
halo:
  security:
    cors-options:
      disabled: false
      configs:
        - pathPattern: /apis/first.api.halo.run/v1alpha1/**
          config:
            allowedOrigins: [ "*" ]
            allowedHeaders: [ "*" ]
            allowedMethods: [ "*" ]
            exposedHeaders: [ "*" ]
            allowCredentials: true
            maxAge: 30m
        - pathPattern: /apis/second.api.halo.run/v1alpha1/**
          config:
            allowedOrigins: [ "www.halo.run", "www.lxware.cn" ]
            allowedHeaders: [ "Content-Type", "Authorization" ]
            allowedMethods: [ "GET, POST, PUT, DELETE" ]
            allowedCredentials: false
            maxAge: 1h
```

#### Does this PR introduce a user-facing change?

```release-note
支持自定义跨域配置
```
2024-10-31 08:53:07 +00:00
BugKing 0c1849fdd5
docs: Update README.md (#6978)
<!--  Thanks for sending a pull request!  Here are some tips for you:
1. 如果这是你的第一次,请阅读我们的贡献指南:<https://github.com/halo-dev/halo/blob/main/CONTRIBUTING.md>。
1. If this is your first time, please read our contributor guidelines: <https://github.com/halo-dev/halo/blob/main/CONTRIBUTING.md>.
2. 请根据你解决问题的类型为 Pull Request 添加合适的标签。
2. Please label this pull request according to what type of issue you are addressing, especially if this is a release targeted pull request.
3. 请确保你已经添加并运行了适当的测试。
3. Ensure you have added or ran the appropriate tests for your PR.
-->

#### What type of PR is this?
/kind documentation
<!--
添加其中一个类别:
Add one of the following kinds:

/kind bug
/kind cleanup
/kind documentation
/kind feature
/kind improvement

适当添加其中一个或多个类别(可选):
Optionally add one or more of the following kinds if applicable:

/kind api-change
/kind deprecation
/kind failing-test
/kind flake
/kind regression
-->

#### What this PR does / why we need it:
增加部署至阿里云图标


<!--
如果当前 Pull Request 的修改不会造成用户侧的任何变更,在 `release-note` 代码块儿中填写 `NONE`。
否则请填写用户侧能够理解的 Release Note。如果当前 Pull Request 包含破坏性更新(Break Change),
Release Note 需要以 `action required` 开头。
If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
Enter your extended release note in the block below. If the PR requires additional action from users switching to the new release, include the string "action required".
-->

```release-note
```
2024-10-31 07:43:06 +00:00
guqing 0d1a099223
refactor: hide essential notifications to prevent accidental disabling (#6972)
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.20.x

#### What this PR does / why we need it:
隐藏关键通知项设置以避免用户意外禁用而无法收到通知

#### Which issue(s) this PR fixes:
Fixes #6967

#### Does this PR introduce a user-facing change?
```release-note
隐藏关键通知项设置以避免用户意外禁用而无法收到通知

```
2024-10-30 06:14:39 +00:00
Nancy 2c4e85f40b
feat: add grant permission and user deletion features to user detail page (#6963)
What type of PR is this?

/area ui
/kind improvement
/milestone 2.20.x

What this PR does / why we need it:

期望支持在用户详情页面支持变更用户角色及删除用户 。

Which issue(s) this PR fixes:

Fixes https://github.com/halo-dev/halo/issues/6944

Special notes for your reviewer:

Does this PR introduce a user-facing change?
```release-note
支持在用户详情页面支持变更用户角色及删除用户 。
```
2024-10-30 04:50:39 +00:00
Nancy 77548ec5a7
feat: add name existence check before creating attachment group and storage policy (#6959)
#### What type of PR is this?

/area ui
/kind improvement
/milestone 2.20.x

#### What this PR does / why we need it:

在创建附件分组或者存储策略时,支持检查是否有已存在的名称。

#### Which issue(s) this PR fixes:

Fixes #6946

#### Special notes for your reviewer:

#### Does this PR introduce a user-facing change?

```release-note
在创建附件分组或者存储策略时,支持检查是否有已存在的名称。
```
2024-10-30 03:30:38 +00:00
Ryan Wang fdc90aff5c
fix: prevent undefined key name when creating Secret (#6964)
#### What type of PR is this?

/area ui
/kind bug
/milestone 2.20.x

#### What this PR does / why we need it:

修复使用 Secret 输入框创建 Secret 时,stringData 的 key 可能为 undefined 的问题。

#### Which issue(s) this PR fixes:

See https://github.com/halo-sigs/plugin-alist/issues/23#issuecomment-2443499980 for more

#### Special notes for your reviewer:

#### Does this PR introduce a user-facing change?

```release-note
修复使用 Secret 输入框创建 Secret 时,stringData 的 key 可能为 undefined 的问题。
```
2024-10-29 15:50:13 +00:00
John Niang 25086ee3e6
Rearrange order of security configurers (#6939)
#### What type of PR is this?

/kind improvement
/area core
/milestone 2.20.x

#### What this PR does / why we need it:

This PR rearranges order of security configurers. Especially, SecurityWebFiltersConfigurer has lower priority to configure than other security configurers.

So we can catch internal authentication in plugins.

#### Does this PR introduce a user-facing change?

```release-note
None
```
2024-10-27 10:02:01 +00:00
Nancy d44fa5f6d8
feat: add support for creating a new group when uploading attachments (#6951)
#### What type of PR is this?

/kind improvement
/area ui
/milestone 2.20.x

#### What this PR does / why we need it:

支持在附件上传界面创建新分组。

#### Which issue(s) this PR fixes:

Fixes #6942 

#### Special notes for your reviewer:

#### Does this PR introduce a user-facing change?

```release-note
支持在附件上传界面创建新分组。
```
2024-10-27 09:52:01 +00:00
LuijpCN 65808c8c6f
feat: add supports for displaying jpeg icon in attachments list (#6956)
#### What type of PR is this?

/kind improvement


#### What this PR does / why we need it:

在附件,列表模式中,为 jpeg 后缀文件添加图标。

#### Which issue(s) this PR fixes:

Fixes #

#### Special notes for your reviewer:

#### Does this PR introduce a user-facing change?


```release-note
为 jpeg 后缀文件添加图标
```
2024-10-27 08:26:01 +00:00
John Niang edfb230008
Upgrade to Spring Boot 3.4.0-RC1 (#6952)
#### What type of PR is this?

/kind improvement
/area core
/milestone 2.20.x

#### What this PR does / why we need it:

This PR upgrades to Spring Boot [3.4.0-RC1](https://github.com/spring-projects/spring-boot/releases/tag/v3.4.0-RC1).

#### Does this PR introduce a user-facing change?

```release-note
升级 Spring Boot 至 3.4.0-RC1
```
2024-10-27 03:52:01 +00:00
John Niang a0b352ac2d
Support hooking user creation (#6945)
#### What type of PR is this?

/kind feature
/area core
/milestone 2.20.x

#### What this PR does / why we need it:

This PR adds support for hooking user creating. Plugin developers can define extension points of `UserPreCreatingHandler` and `UserPostCreatingHandler` to do something else.

#### Does this PR introduce a user-facing change?

```release-note
支持在插件中定义用户创建的前置和后置处理器
```
2024-10-25 07:55:54 +00:00
John Niang 180b6b2b87
Update version to 2.20.8-SNAPSHOT (#6940) 2024-10-25 12:49:32 +08:00
guqing 17e9f2be1f
fix: leading zeroes incorrect for index key comparator (#6934)
#### What type of PR is this?
/kind bug
/area core
/milestone 2.20.x

#### What this PR does / why we need it:
修复索引比较会因为全是 0 的字符串与其他字符串可能相等的问题

原因是遇到了全是 0 的字符串会因为跳过前导 0 的逻辑导致全部忽略了

#### Does this PR introduce a user-facing change?
```release-note
None
```
2024-10-23 12:32:20 +00:00
guqing 2c234ab3eb
fix: prioritize login page route to prevent single page override (#6926)
#### What type of PR is this?
/kind bug
/area core
/milestone 2.20.x

#### What this PR does / why we need it:
修复登录页面路由会被自定义页面覆盖导致无法登录的问题

#### Which issue(s) this PR fixes:
Fixes #6893

#### Does this PR introduce a user-facing change?
```release-note
修复登录页面路由会被自定义页面路由覆盖导致无法登录的问题
```
2024-10-23 08:42:20 +00:00
guqing 17ec34c75e
fix: ignore conversion exceptions for plugin configuration to prevent program errors (#6924)
#### What type of PR is this?
/kind bug
/area plugin
/milestone 2.20.x

#### What this PR does / why we need it:
修复插件配置可能因为缺少校验导致使用时类型转换失败从而影响 Halo 使用的问题

#### Which issue(s) this PR fixes:
Fixes #6899

#### Does this PR introduce a user-facing change?
```release-note
修复插件配置可能因为缺少校验导致使用时类型转换失败从而影响 Halo 使用的问题
```
2024-10-23 08:40:20 +00:00