github/halo - halo - https://git.xinac.net

Commit Graph

Author	SHA1	Message	Date
guqing	8d71fc3966	feat: add device management mechanism	2024-06-26 18:52:32 +08:00
guqing	ae6724a2b6	feat: implement persistent token based remember me mechanism (#6131 ) #### What type of PR is this? /kind feature /area core /milestone 2.17.x #### What this PR does / why we need it: 新增基于持久化 Token 的 RememberMe 机制本次更新引入了一种新的 RememberMe 机制，该机制基于持久化 Token，以增强安全性和管理灵活性。在此之前，RememberMe 功能通过以下方式生成 Token，并将其作为 cookie 发送回客户端： ``` username + ":" + expiryTime + ":" + algorithmName + ":" + algorithmHex(username + ":" + expiryTime + ":" + password + ":" + key) ``` 此方法的优点在于无需存储 Token 就可以进行验证，并且用户密码的更改会自动使 Token 失效。然而，它的主要缺点是缺乏管理能力，例如无法手动撤销 Token。鉴于最新的设备管理需求（见 PR #6100），我们需要一种支持设备撤销（revoke）的机制。因此，我们采用了持久化 Token 的方式，并通过随机生成的方法来提高安全性，而不将用户名和密码直接签名在 Token 中。新的 Token 格式如下： ``` base64(tokenValue:series) ``` 此更改将为系统带来更高的安全保障和更灵活的管理选项，特别是在需要高度控制和监管设备访问时。 #### Does this PR introduce a user-facing change? ```release-note 引入基于持久化 Token 的新 RememberMe 机制以增强安全性和管理灵活性，升级后需要重新登录 ```	2024-06-26 08:40:49 +00:00
John Niang	e4cce918f7	Refactor ExtensionGetter for enabling or disabling extensions (#6134 ) #### What type of PR is this? /kind improvement /kind api-change /area core #### What this PR does / why we need it: This PR refactors ExtensionGetter implementation to add a support of enabling extension point(s). Here is an example of data field of `system` config map: ```json { "data": { "extensionPointEnabled": "{ \"search-engine\": [\"search-engine-algolia\"]}" }, ``` > 1. The `search-engine` is a name of extension point definition. > 2. The `search-engine-algolia` is a name of extension definition. #### Does this PR introduce a user-facing change? ```release-note None ```	2024-06-25 07:46:45 +00:00
JohnNiang	ecc0a70249	Refactor api client using separated OpenAPI groups	2024-06-25 12:31:25 +08:00
guqing	c10862d6fe	refactor: index mechanism to enhance overall performance (#6039 ) #### What type of PR is this? /kind improvement /area core /milestone 2.17.x #### What this PR does / why we need it: 重构索引机制的查询和排序以提升整体性能 how to test it? 使用 postgre 数据库，初始化 Halo ，然后执行以下脚本创建 30w 文章数据进行测试: <details> <summary>点击展开查看 SQL</summary> ```sql DO $$ DECLARE i integer; postNameIndex integer; snapshotName varchar; totalRecords integer; BEGIN postNameIndex := 1; totalRecords := 300000; FOR i IN 1..3 LOOP INSERT INTO "public"."extensions" ("name", "data", "version") VALUES ( '/registry/content.halo.run/categories/category-'\|\|i, convert_to( jsonb_build_object( 'spec', jsonb_build_object( 'displayName', '分类-'\|\|i, 'slug', 'category-'\|\|i, 'description', '测试分类', 'cover', '', 'template', '', 'priority', 0, 'children', '[]'::jsonb ), 'status', jsonb_build_object( 'permalink', '/categories/category-'\|\|i, 'postCount', totalRecords, 'visiblePostCount', totalRecords ), 'apiVersion', 'content.halo.run/v1alpha1', 'kind', 'Category', 'metadata', jsonb_build_object( 'finalizers', jsonb_build_array('category-protection'), 'name', 'category-' \|\| i, 'annotations', jsonb_build_object( 'content.halo.run/permalink-pattern', 'categories' ), 'version', 0, 'creationTimestamp', '2024-06-12T03:56:40.315592Z' ) )::text, 'UTF8'), 0 ); END LOOP; FOR i IN 1..3 LOOP INSERT INTO "public"."extensions" ("name", "data", "version") VALUES ( '/registry/content.halo.run/tags/tag-' \|\| i, convert_to( jsonb_build_object( 'spec', jsonb_build_object( 'displayName', 'Halo tag ' \|\| i, 'slug', 'tag-'\|\|i, 'color', '#ffffff', 'cover', '' ), 'status', jsonb_build_object( 'permalink', '/tags/tag-' \|\| i, 'visiblePostCount', totalRecords, 'postCount', totalRecords, 'observedVersion', 0 ), 'apiVersion', 'content.halo.run/v1alpha1', 'kind', 'Tag', 'metadata', jsonb_build_object( 'finalizers', jsonb_build_array('tag-protection'), 'name', 'tag-'\|\|i, 'annotations', jsonb_build_object( 'content.halo.run/permalink-pattern', 'tags' ), 'version', 0, 'creationTimestamp', '2024-06-12T03:56:40.406407Z' ) )::text, 'UTF8'), 0); END LOOP; FOR i IN postNameIndex..totalRecords LOOP -- Generate snapshotName snapshotName := 'snapshot-' \|\| i; -- Insert post data INSERT INTO "public"."extensions" ("name", "data", "version") VALUES ( '/registry/content.halo.run/posts/post-' \|\| postNameIndex, convert_to( jsonb_build_object( 'spec', jsonb_build_object( 'title', 'title-' \|\| postNameIndex, 'slug', 'slug-' \|\| postNameIndex, 'releaseSnapshot', snapshotName, 'headSnapshot', snapshotName, 'baseSnapshot', snapshotName, 'owner', 'admin', 'template', '', 'cover', '', 'deleted', false, 'publish', true, 'pinned', false, 'allowComment', true, 'visible', 'PUBLIC', 'priority', 0, 'excerpt', jsonb_build_object( 'autoGenerate', true, 'raw', '' ), 'categories', ARRAY['category-kEvDb', 'category-XcRVk', 'category-adca'], 'tags', ARRAY['tag-RtKos', 'tag-vEsTR', 'tag-UBKCc'], 'htmlMetas', '[]'::jsonb ), 'status', jsonb_build_object( 'phase', 'PUBLISHED', 'conditions', ARRAY[ jsonb_build_object( 'type', 'PUBLISHED', 'status', 'TRUE', 'lastTransitionTime', '2024-06-11T10:16:15.617748Z', 'message', 'Post published successfully.', 'reason', 'Published' ), jsonb_build_object( 'type', 'DRAFT', 'status', 'TRUE', 'lastTransitionTime', '2024-06-11T10:16:15.457668Z', 'message', 'Drafted post successfully.', 'reason', 'DraftedSuccessfully' ) ], 'permalink', '/archives/slug-' \|\| postNameIndex, 'excerpt', '如果你看到了这一篇文章，那么证明你已经安装成功了，感谢使用 Halo 进行创作，希望能够使用愉快。', 'inProgress', false, 'contributors', ARRAY['admin'], 'lastModifyTime', '2024-06-11T10:16:15.421467Z', 'observedVersion', 0 ), 'apiVersion', 'content.halo.run/v1alpha1', 'kind', 'Post', 'metadata', jsonb_build_object( 'finalizers', ARRAY['post-protection'], 'name', 'post-' \|\| postNameIndex, 'labels', jsonb_build_object( 'content.halo.run/published', 'true', 'content.halo.run/deleted', 'false', 'content.halo.run/owner', 'admin', 'content.halo.run/visible', 'PUBLIC', 'content.halo.run/archive-year', '2024', 'content.halo.run/archive-month', '06', 'content.halo.run/archive-day', '11' ), 'annotations', jsonb_build_object( 'content.halo.run/permalink-pattern', '/archives/{slug}', 'content.halo.run/last-released-snapshot', snapshotName, 'checksum/config', '73e40d4115f5a7d1e74fcc9228861c53d2ef60468e1e606e367b01efef339309' ), 'version', 0, 'creationTimestamp', '2024-06-11T05:51:46.059292Z' ) )::text, 'UTF8'), 1 ); -- Insert content data INSERT INTO "public"."extensions" ("name", "data", "version") VALUES ( '/registry/content.halo.run/snapshots/' \|\| snapshotName, convert_to( jsonb_build_object( 'spec', jsonb_build_object( 'subjectRef', jsonb_build_object( 'group', 'content.halo.run', 'version', 'v1alpha1', 'kind', 'Post', 'name', 'post-' \|\| postNameIndex ), 'rawType', 'HTML', 'rawPatch', '<p style=\"\">测试内容</p>', 'contentPatch', '<p style=\"\">测试内容</p>', 'lastModifyTime', '2024-06-11T06:01:25.748755Z', 'owner', 'admin', 'contributors', ARRAY['admin'] ), 'apiVersion', 'content.halo.run/v1alpha1', 'kind', 'Snapshot', 'metadata', jsonb_build_object( 'name', snapshotName, 'annotations', jsonb_build_object( 'content.halo.run/keep-raw', 'true' ), 'creationTimestamp', '2024-06-11T06:01:25.748925Z' ) )::text, 'UTF8'), 1 ); postNameIndex := postNameIndex + 1; END LOOP; END $$; ``` </details> 使用以下 API 查询文章 ``` curl 'http://localhost:8090/apis/api.console.halo.run/v1alpha1/posts?page=1&size=20&labelSelector=content.halo.run%2Fdeleted%3Dfalse&labelSelector=content.halo.run%2Fpublished%3Dtrue&fieldSelector=spec.categories%3Dcategory-1&fieldSelector=spec.tags%3Dc33ceabb-d8f1-4711-8991-bb8f5c92ad7c&fieldSelector=status.contributors%3Dadmin&fieldSelector=spec.visible%3DPUBLIC' \ --header 'Authorization: Basic YWRtaW46YWRtaW4=' ``` Before: ![SCR-20240612-o20](https://github.com/halo-dev/halo/assets/38999863/fc27a265-6571-4361-a707-a683ea040837) After: ![SCR-20240612-q1c](https://github.com/halo-dev/halo/assets/38999863/c0a241b8-5ed4-4973-8dfc-c260ffccd727) #### Does this PR introduce a user-facing change? ```release-note 重构索引机制的查询和排序使整体性能提升 50% 以上 ```	2024-06-21 08:04:11 +00:00
guqing	8bdde317e5	feat: add preventParentPostCascadeQuery option to control visibility of child category posts (#6083 ) #### What type of PR is this? /kind feature /area core /milestone 2.17.x #### What this PR does / why we need it: 此次变更为文章分类引入了一个新的 `preventParentPostCascadeQuery` 布尔属性，用于控制分类及其子分类下的文章显示方式。具体变更包括： - 在分类结构中增加了 `preventParentPostCascadeQuery` 属性。 - 当分类的 `preventParentPostCascadeQuery` 属性设置为 `true` 时，该分类的文章数量不会汇总到父分类中。 - 更新了树结构遍历逻辑，以支持对 `preventParentPostCascadeQuery` 属性的处理。 - 确保独立分类中的文章显示受控，不向上级分类进行聚合。 - 增加了相应的测试用例，以验证在不同树结构中 `preventParentPostCascadeQuery` 属性的功能性。 #### Which issue(s) this PR fixes: Fixes #5663 Fixes #4923 Fixes https://github.com/halo-dev/halo/issues/3418 #### Does this PR introduce a user-facing change? ```release-note 新增独立分类选项用于控制关联的子分类下的文章显示以提供更灵活的内容管理方式 ```	2024-06-21 04:08:10 +00:00
John Niang	c0ac2f37d7	Add support for patching extensions (#6031 ) #### What type of PR is this? /kind feature /area core /milestone 2.17.x #### What this PR does / why we need it: This PR adds patch method for all extensions API. Patch example: ```bash http -a admin:admin PATCH http://localhost:8090/apis/plugin.halo.run/v1alpha1/plugins/app-store-integration \ Content-Type:application/json-patch+json \ --raw='[{"op": "replace", "path": "/spec/enabled", "value": false}]' ``` #### Which issue(s) this PR fixes: Fixes #2311 #### Does this PR introduce a user-facing change? ```release-note None ```	2024-06-20 09:32:06 +00:00
guqing	b5f9010e60	feat: support setting rendering templates for related posts on category (#6106 ) #### What type of PR is this? /kind feature /area core /milestone 2.17.x #### What this PR does / why we need it: 支持在分类上为关联的文章统一设置渲染模板现在文章的模板生效顺序为： 1. 文章关联的分类上设置的文章模板，如果有多个则选择第一个 2. 文章上设置的自定义模板 3. 文章的默认模板 #### Which issue(s) this PR fixes: Fixes #6101 #### Does this PR introduce a user-facing change? ```release-note 支持在分类上为关联的文章统一设置渲染模板 ```	2024-06-20 08:12:07 +00:00
guqing	6d3a157d35	fix: a verified email can be reused (#6064 ) #### What type of PR is this? /kind bug /area core /milestone 2.17.x #### What this PR does / why we need it: 修复已验证邮箱可以重复的问题如果出现多个重复的已验证邮箱，则只保留一个其他的设置为未验证 #### Does this PR introduce a user-facing change? ```release-note 修复已验证邮箱可以重复的问题 ```	2024-06-20 08:10:07 +00:00
John Niang	a94596a9f8	Add support for publishing events among plugins (#6081 ) #### What type of PR is this? /kind feature /area core /area plugin #### What this PR does / why we need it: This PR enhance usage of SharedEvent annotation to add support for publishing events among plugins. #### How to test? 1. Clone repository https://github.com/halo-dev/plugin-starter 2. Change build.gradle as following: ```gradle dependencies { implementation platform('run.halo.tools.platform:plugin:2.17.0-SNAPSHOT') ``` 3. Change StarterPlugin as following: ```java @Component public class StarterPlugin extends BasePlugin { private final ApplicationContext appContext; public StarterPlugin(PluginContext pluginContext, ApplicationContext appContext) { super(pluginContext); this.appContext = appContext; } @Override public void start() { appContext.publishEvent(new PostDeletedEvent(this, "fake-plugin")); } @Override public void stop() { } @EventListener(PostDeletedEvent.class) public void onApplicationEvent(PostDeletedEvent event) { System.out.println("Post deleted event received in plugin: " + event.getName()); } } ``` 4. Add a listener to Halo core ```java @EventListener(PostDeletedEvent.class) public void onApplicationEvent(PostDeletedEvent event) { System.out.println("Post deleted event received in core: " + event.getName()); } ``` 5. Build plugin and install plugin 6. Enable the plugin and see the result #### Does this PR introduce a user-facing change? ```release-note None ```	2024-06-19 16:11:00 +00:00
John Niang	ebf1a1fe1b	Fix the problem that bundle files are not changed in development mode (#6073 ) #### What type of PR is this? /kind regression /area plugin /milestone 2.17.x #### What this PR does / why we need it: This PR reverts changes of generating bundle resource version in <https://github.com/halo-dev/halo/pull/6028>. Because the changes were adapted realtime change of bundle files for plugin developers in plugin development runtime mode, but I ignored it. #### Special notes for your reviewer: 1. Try to start Halo in plugin development mode 2. Change and rebuild ui resources 3. Refresh console and check the result #### Does this PR introduce a user-facing change? ```release-note None ```	2024-06-13 09:28:36 +00:00
John Niang	b692db1f57	Move post events into api modules (#6052 ) Signed-off-by: JohnNiang <johnniang@foxmail.com>	2024-06-07 18:34:09 +08:00
John Niang	ccbe18567f	Fix the problem that theme assets could not be found after the first initialization (#6049 ) #### What type of PR is this? /kind bug /area core /milestone 2.17.x #### What this PR does / why we need it: When initialized for the first time, the folder `${halo.work-dir}/themes` does not exist, resulting in the `themes` path being ignored when invoking `themeRootResource.createRelative(themeName + "/templates/assets/");`. It works very well after restarting. This PR fixes the problem by resolving theme resource directly rather than delegating to PathResourceResolver. #### Which issue(s) this PR fixes: Fixes #6048 #### Does this PR introduce a user-facing change? ```release-note 修复首次初始化后无法正常访问主题资源的问题 ```	2024-06-07 03:32:22 +00:00
John Niang	e446054813	Fix concurrent issue during bundle file concurrent generation testing (#6043 ) #### What type of PR is this? /kind failing-test /area core /milestone 2.17.x #### What this PR does / why we need it: I wrongly invoked `Arraylist#add`(probes) method in multi threads. So the unit test was unstable and might encounter the problem as follows: ```java Expected :1 Actual :0 <Click to see difference> org.opentest4j.AssertionFailedError: expected: <1> but was: <0> at org.junit.jupiter.api.AssertionFailureBuilder.build(AssertionFailureBuilder.java:151) at org.junit.jupiter.api.AssertionFailureBuilder.buildAndThrow(AssertionFailureBuilder.java:132) at org.junit.jupiter.api.AssertEquals.failNotEqual(AssertEquals.java:197) at org.junit.jupiter.api.AssertEquals.assertEquals(AssertEquals.java:166) at org.junit.jupiter.api.AssertEquals.assertEquals(AssertEquals.java:161) at org.junit.jupiter.api.Assertions.assertEquals(Assertions.java:632) at run.halo.app.core.extension.service.impl.PluginServiceImplTest$BundleCacheTest.concurrentComputeBundleFileIfAbsent(PluginServiceImplTest.java:460) ``` See https://github.com/halo-dev/halo/actions/runs/9382059472/job/25832681545 for more. This PR moves the invocation outside thread tasks. #### Does this PR introduce a user-facing change? ```release-note None ```	2024-06-06 03:42:13 +00:00
Ryan Wang	2841ff8282	fix: missing default values for system settings (#6035 ) #### What type of PR is this? /kind bug /area core /milestone 2.16.x #### What this PR does / why we need it: 补充缺失的系统设置默认值。 #### Does this PR introduce a user-facing change? ```release-note 修复系统设置未保存导致无法正常注册的问题 ```	2024-06-05 02:31:18 +00:00
John Niang	ba96118b4e	Fix the problem that bundle files can be generated arbitrarily (#6028 ) #### What type of PR is this? /kind bug /area core /area plugin /milestone 2.16.0 #### What this PR does / why we need it: Before the PR, any user can generate bundle files by providing random query param `v` while requesting bundle files. This PR refactors the whole bundle file generation method. 1. Do nothing if users provide arbitrary bundle file version 2. Better lock for writing bundle files if not exist #### Special notes for your reviewer: 1. Request `http://localhost:8090/apis/api.console.halo.run/v1alpha1/plugins/-/bundle.js?v=xyz` 2. Check if the file `xyz.js` in folder `$TMPDIR/halo-plugin-bundle**` #### Does this PR introduce a user-facing change? ```release-note None ```	2024-06-03 02:42:13 +00:00
guqing	9f6a441288	refactor: use index mechanism to query extension point definitions (#6011 ) #### What type of PR is this? /kind improvement /area core /kind milestone 2.16.x #### What this PR does / why we need it: 使用索引机制来查询扩展点定义 #### Does this PR introduce a user-facing change? ```release-note None ```	2024-05-30 07:49:15 +00:00
John Niang	e881ee9a89	Refactor cache control for static resources (#6015 ) #### What type of PR is this? /kind improvement /area core #### What this PR does / why we need it: This PR unifies cache control for static resources. Example configuration of cache control: ```yaml spring: web: resources: cache: cachecontrol: no-cache: true no-store: true use-last-modified: false ``` #### Which issue(s) this PR fixes: Fixes https://github.com/halo-dev/halo/issues/6003 #### Special notes for your reviewer: 1. Run with `default` and `dev` profiles respectively. 2. See the difference of the `Cache-Control` header in HTTP response #### Does this PR introduce a user-facing change? ```release-note 优化 HTTP 缓存控制 ```	2024-05-30 07:05:15 +00:00
guqing	6d3ba969ab	refactor: refine i18n prompts for themes (#6020 ) #### What type of PR is this? /kind improvement /area core /milestone 2.16.x #### What this PR does / why we need it: 优化主题安装时的中文提示 <img width="493" alt="image" src="https://github.com/halo-dev/halo/assets/38999863/cd5250ea-8438-4867-89bc-0ab7bc8485e4"> #### Does this PR introduce a user-facing change? ```release-note None ```	2024-05-30 05:31:14 +00:00
John Niang	08ff7e6e00	Fix the problem where extension point might not be obtained when the plugin was started (#6006 ) #### What type of PR is this? /kind bug /area plugin /area core #### What this PR does / why we need it: This PR refactors SpringComponentsFinder to prevent unexpected cleanup, which might lead to not be able to obtain plugin extension when the plugin was started. The real reason is that entries is initialized by AttachmentReconciler during initialization of some plugins. Please note the problem cannot be reproduced stably. Refs: - `e3125f2998/pf4j/src/main/java/org/pf4j/AbstractExtensionFinder.java (L229-L249)` - `e3125f2998/pf4j/src/main/java/org/pf4j/AbstractExtensionFinder.java (L312-L316)` #### Which issue(s) this PR fixes: Fixes https://github.com/halo-dev/halo/issues/5999 #### Does this PR introduce a user-facing change? ```release-note 修复插件启动成功但仍然可能无法获取扩展点导致页面无法访问的问题 ```	2024-05-29 06:35:10 +00:00
John Niang	608f2bbca3	Fix the problem the PAT could not be created or restored while logging in with remember-me (#6007 ) #### What type of PR is this? /kind bug /area core /milestone 2.16.0 #### What this PR does / why we need it: PAT could not be created or restored while logging in with remember-me due to lack of RememberMeAuthenticationToken check. #### Which issue(s) this PR fixes: Fixes https://github.com/halo-dev/halo/issues/6000 #### Special notes for your reviewer: 1. Log in with remember-me 2. Create a PAT or restore a PAT 3. See the result #### Does this PR introduce a user-facing change? ```release-note None ```	2024-05-29 03:13:10 +00:00
John Niang	dad6610cce	Add support for serializing or deserializing HaloUser and 2FA (#6005 ) #### What type of PR is this? /kind improvement /area core /milestone 2.16.x #### What this PR does / why we need it: This PR adds support for serializing HaloUser and 2FA. 1. Refactor delegate of HaloUser using `org.springframework.security.core.userdetails.User`. 2. Add `HaloSecurityJackson2Module` to enable serialization/deserialization of Halo security module. Below is code snippet of integration: ```java this.objectMapper = Jackson2ObjectMapperBuilder.json() .modules(SecurityJackson2Modules.getModules(this.getClass().getClassLoader())) .modules(modules -> modules.add(new HaloSecurityJackson2Module())) .indentOutput(true) .build(); ``` #### Does this PR introduce a user-facing change? ```release-note None ```	2024-05-28 09:13:06 +00:00
John Niang	5df51bb715	Refactor plugin reconciliation for dependency mechanism (#5900 ) #### What type of PR is this? /kind improvement /area core /area plugin #### What this PR does / why we need it: This PR wholly refactors plugin reconciliation to implement dependency mechanism. Currently, - If we disable plugin which has dependents, the plugin must wait for dependents to be disabled. - If we enable plugin which has dependencies , the plugin must wait for dependencies to be enabled. - If we upgrade plugin which has dependents, the plugin must request dependents to be unloaded. After the plugin is unloaded, the plugin must cancel unload request for dependents. #### Which issue(s) this PR fixes: Fixes #5872 #### Special notes for your reviewer: #### Does this PR introduce a user-facing change? ```release-note 优化被依赖的插件的升级，启用和禁用 ```	2024-05-27 08:16:56 +00:00
guqing	cb2138580c	chore: provide post content retrieval bean for plugins (#5981 ) #### What type of PR is this? /kind improvement /area core /area plugin /milestone 2.16.x #### What this PR does / why we need it: 为插件提供文章内容获取的 bean 以简化文章内容获取 #### Which issue(s) this PR fixes: Fixes # #### Does this PR introduce a user-facing change? ```release-note 为插件提供文章内容获取的 Bean ```	2024-05-24 06:46:51 +00:00
guqing	9ec608be3b	feat: add remember-me mechanism to enhance user login experience (#5929 ) #### What type of PR is this? /kind feature /area core /milestone 2.16.x #### What this PR does / why we need it: 为登录增加记住我机制以优化登录体验 how to test it? 1. 勾选记住密码选项后登录 2. 退出浏览器后打开 console 期望依然可以访问而不需要登录 3. 测试修改密码功能，期望修改密码后所有会话需要重新登录包括当前设备和其他设备 #### Which issue(s) this PR fixes: Fixes #2362 #### Does this PR introduce a user-facing change? ```release-note 为登录增加记住我机制以优化登录体验 ```	2024-05-24 06:20:50 +00:00
guqing	c1e8bdb568	feat: add scheduled post publishing feature (#5940 ) #### What type of PR is this? /kind feature /area core /milestone 2.16.x #### What this PR does / why we need it: 新增文章定时发布功能 #### Which issue(s) this PR fixes: Fixes #4602 #### Does this PR introduce a user-facing change? ```release-note 新增文章定时发布功能 ```	2024-05-24 04:58:51 +00:00
John Niang	de85156067	Refactor CryptoService for simplifying RSA key generation (#5978 ) #### What type of PR is this? /kind cleanup /area core /milestone 2.16.x #### What this PR does / why we need it: This PR removes PatJwkSupplier interface, scheduled RSA key generation, and move some of them into CryptoService. Currently, we only use `pat_id_rsa` as private key for authentication modules instead of `id_rsa`(deprecated). #### Does this PR introduce a user-facing change? ```release-note None ```	2024-05-24 04:32:50 +00:00
Ryan Wang	f3c3c91ca4	refactor: improve method name of api client (#5980 ) #### What type of PR is this? /area ui /kind cleanup /milestone 2.16.x #### What this PR does / why we need it: 规范 api client 的方法名，之前生成的 api client 的方法名没有完全遵循驼峰命名。 #### Which issue(s) this PR fixes: Close https://github.com/halo-dev/halo/issues/5716 #### Special notes for your reviewer: CI 通过即可。 #### Does this PR introduce a user-facing change? ```release-note None ```	2024-05-24 04:04:50 +00:00
John Niang	bbc5c979b7	Unify security configurations into one (#5961 ) #### What type of PR is this? /kind improvement /area core /milestone 2.16.x #### What this PR does / why we need it: This PR unifies api and portal security configurations into one for a better maintenance. Meanwhile, removing `HaloAnonymousAuthenticationWebFilter` introduced by <https://github.com/halo-dev/halo/pull/3152> may fix <https://github.com/halo-dev/halo/issues/4047>. #### Which issue(s) this PR fixes: Fixes https://github.com/halo-dev/halo/issues/4047 #### Special notes for your reviewer: #### Does this PR introduce a user-facing change? ```release-note 修复登录成功后立即出现登录失效的问题 ```	2024-05-22 03:00:46 +00:00
John Niang	2feaa20d05	Ignore includeSubdomains for hsts header (#5956 ) #### What type of PR is this? /kind improvement /area core /milestone 2.16.x #### What this PR does / why we need it: This PR ignores `includeSubdomains` for HSTS header. See https://github.com/halo-dev/halo/issues/4943 for more. #### Which issue(s) this PR fixes: Fixes https://github.com/halo-dev/halo/issues/4943 #### Does this PR introduce a user-facing change? ```release-note 修复开启 HSTS 可能会导致未开启 HSTS 的子域名站点无法访问的问题 ```	2024-05-21 04:22:44 +00:00
guqing	d2a9c804ce	refactor: email notifications are now sent only to verified email addresses (#5905 ) #### What type of PR is this? /kind improvement /area core /milestone 2.16.x #### What this PR does / why we need it: 邮件通知功能现在只向经过验证的邮箱地址发送通知匿名用户除外 #### Which issue(s) this PR fixes: Fixes #5722 #### Does this PR introduce a user-facing change? ```release-note 邮件通知功能现在只向经过验证的邮箱地址发送通知匿名用户除外 ```	2024-05-20 09:22:42 +00:00
guqing	c22b4e9ef4	refactor: optimize auth provider sorting with drag-and-drop support (#5914 ) #### What type of PR is this? /kind feature /area core /area ui /milestone 2.16.x #### What this PR does / why we need it: 优化认证方式的排序并支持拖动 #### Which issue(s) this PR fixes: Fixes #5813 #### Does this PR introduce a user-facing change? ```release-note 优化认证方式的排序并支持拖动 ```	2024-05-20 08:30:42 +00:00
guqing	94d625fbb0	refactor: automatically approve comments or replies after admin replied it (#5903 ) #### What type of PR is this? /kind improvement /area core /milestone 2.16.x #### What this PR does / why we need it: 管理员回复评论或回复后自动通过审核 #### Which issue(s) this PR fixes: Fixes #5870 #### Does this PR introduce a user-facing change? ```release-note 管理员回复评论或回复后自动通过审核 ```	2024-05-20 08:10:41 +00:00
guqing	9c98d0a54c	refactor: original should be removed when session id changed (#5931 ) #### What type of PR is this? /kind improvement /area core #### What this PR does / why we need it: 当 session id 改变时清除原来的 session id 记录 #### Does this PR introduce a user-facing change? ```release-note None ```	2024-05-16 08:32:35 +00:00
guqing	f24b08c7db	feat: add an API to invalidate theme template cache (#5906 ) #### What type of PR is this? /kind feature /area core /area theme /milestone 2.16.x #### What this PR does / why we need it: 为主题管理增加在线清理缓存功能 #### Which issue(s) this PR fixes: Fixes #5440 #### Does this PR introduce a user-facing change? ```release-note 为主题管理增加在线清理缓存功能 ```	2024-05-16 02:36:36 +00:00
Takagi	e5bc699fb2	feat: support filtering attachments in the library by file media type (#5893 ) #### What type of PR is this? /kind feature /area core /area ui #### What this PR does / why we need it: 为 `/apis/api.console.halo.run/v1alpha1/attachments` 接口增加了 `accepts` 可选参数，用于根据附件的 `MediaType` 进行筛选。为附件库增加通过文件的 MediaType 类型进行筛选的筛选项。同时支持使用了 `CoreSelectorProvider` 组件的文件选择框的筛选。现在只会显示 `accepts` 所支持的文件。 #### How to test it? 测试 ui 端文件选择框的类型筛选是否正确有效。测试使用了 `CoreSelectorProvider` 组件的 `accepts` 是否有效。 #### Which issue(s) this PR fixes: Fixes #5054 #### Does this PR introduce a user-facing change? ```release-note 附件库支持按文件类型进行过滤 ```	2024-05-16 02:32:35 +00:00
guqing	983e70d50d	fix: secret data cannot be used in YAML (#5917 ) #### What type of PR is this? /kind bug /area core /milestone 2.16.x #### What this PR does / why we need it: 修复 Secret 的 data 字段无法在 YAML 使用的问题 #### Does this PR introduce a user-facing change? ```release-note None ```	2024-05-15 07:32:34 +00:00
John Niang	2341905323	Fix the problem where extensions were not changed but still updated (#5887 ) #### What type of PR is this? /kind improvement /area core /milestone 2.16.x #### What this PR does / why we need it: This PR fixes the problem where extensions were not changed but still updated. What we want is to not update the extension if it has not changed. Before that, we update the version of extension manually while getting the latest extension, this will lead to change the type of metadata.version from int to long.See the code snippet below: `a629961e8d/application/src/main/java/run/halo/app/extension/JSONExtensionConverter.java (L83)` Now, we force update the versions using type Long. #### Does this PR introduce a user-facing change? ```release-note None ```	2024-05-15 07:14:34 +00:00
John Niang	a629961e8d	Fix the problem of not being able to initialize preset plugins (#5874 ) #### What type of PR is this? /kind bug /area core /area plugin /milestone 2.16.x #### What this PR does / why we need it: This PR refactors plugin running state change method to resolve the problem of not being able to initialize preset plugins due to too small gap between installation and enabling. #### Which issue(s) this PR fixes: Fixes https://github.com/halo-dev/halo/issues/5867 #### Does this PR introduce a user-facing change? ```release-note 解决初始化时无法正常启用插件的问题 ```	2024-05-10 05:46:26 +00:00
guqing	dc451e2629	fix: changes to Unstructured metadata do not take effect (#5880 ) #### What type of PR is this? /kind bug /area core /milestone 2.16.x #### What this PR does / why we need it: 修复对 Unstructured 的 metadata 进行更改不会被应用的问题 #### Does this PR introduce a user-facing change? ```release-note 修复插件定义的权限没有在插件详情页显示的问题 ```	2024-05-10 04:32:24 +00:00
John Niang	fe809c10a1	Fix the problem that some plugins could not be used after upgrading dependent plugin (#5855 ) #### What type of PR is this? /kind bug /area plugin /area core #### What this PR does / why we need it: This PR resolves the problem that some plugins could not be used after upgrading dependent plugin. #### Which issue(s) this PR fixes: Fixes https://github.com/halo-dev/halo/issues/5615 #### Special notes for your reviewer: 1. Install plugin [app-store](https://www.halo.run/store/apps/app-VYJbF) 2. Install plugin [backup](https://www.halo.run/store/apps/app-dHakX) and activate it 3. Disable plugin app-store 4. Check the features of plugin backup 5. Enable plugin app-store 6. Check the features of plugin backup 7. Upgrade plugin app-store with the any versions 8. Check the features of plugin backup #### Does this PR introduce a user-facing change? ```release-note 修复因升级应用市场插件导致部分插件意外停止的问题 ```	2024-05-07 03:25:58 +00:00
guqing	9b3f00dab0	fix: extension resources weren't deleted as expected on initialization (#5859 ) #### What type of PR is this? /kind improvement /area core /milestone 2.16.x #### What this PR does / why we need it: 修复初始化时未按预期删除自定义资源 #### Does this PR introduce a user-facing change? ```release-note 修复初始化时未按预期删除自定义资源 ```	2024-05-06 08:21:34 +00:00
guqing	5770ad4c55	fix: update post with retry (#5823 ) #### What type of PR is this? /kind improvement /area core /milestone 2.15.x #### What this PR does / why we need it: 修复重试更新文章的错误写法 #### Does this PR introduce a user-facing change? ```release-note None ```	2024-04-29 09:48:35 +00:00
guqing	d86ddf4a04	fix: permissions for post content versions (#5819 ) #### What type of PR is this? /kind bug /area core /milestone 2.15.x #### What this PR does / why we need it: 修复拥有文章管理权限的用户无法正常使用版本历史的问题 #### Which issue(s) this PR fixes: Fixes #5815 #### Does this PR introduce a user-facing change? ```release-note 修复拥有文章管理权限的用户无法正常使用版本历史的问题 ```	2024-04-28 05:50:11 +00:00
Takagi	3916d5b8e5	fix: the post admin does not have tag list permissions (#5818 ) #### What type of PR is this? /kind bug /area ui #### What this PR does / why we need it: 补充 #5593 中缺少的 `api.console.halo.run` 权限。用于解决具有文章列表权限的用户，访问标签列表时提示无权限的问题 #### How to test it? 创建一个具有文章列表查看权限的用户，是否能够访问到标签列表。 #### Which issue(s) this PR fixes: Fixes #5814 #### Does this PR introduce a user-facing change? ```release-note None ```	2024-04-28 03:22:11 +00:00
guqing	0e17d53ede	feat: subscription support for expression-based subscribing (#5705 ) #### What type of PR is this? /kind feature /area core /milestone 2.15.x #### What this PR does / why we need it: 通知订阅支持基于表达式订阅 see #5632 for more details how to test it? 1. 测试系统通知功能的文章、页面有新评论通知和评论有新回复通知的功能是否正常 2. 测试 2.14 创建的文章、评论和回复升级到此版本后是否能继续收到相应通知，如文章有新评论 #### Which issue(s) this PR fixes: Fixes #5632 #### Does this PR introduce a user-facing change? ```release-note 通知订阅支持基于表达式订阅避免订阅随数据量增长同时自动优化之前的订阅数据 ```	2024-04-26 10:26:41 +00:00
Ryan Wang	58f82d2cc2	feat: add features for view post history snapshots (#5787 ) * Add snapshots related api * feat: add features for view post history snapshots --------- Co-authored-by: guqing <i@guqing.email>	2024-04-26 18:10:06 +08:00
guqing	1ade8493da	feat: require password verification for email updates (#5780 ) #### What type of PR is this? /kind feature /milestone 2.15.x /area core #### What this PR does / why we need it: 增加了在用户尝试更新邮箱地址时进行密码验证的步骤。此举提高了安全性，确保邮箱修改操作由经过身份验证的用户执行。 #### Which issue(s) this PR fixes: Fixes #5750 #### Does this PR introduce a user-facing change? ```release-note 更新邮箱地址时需进行密码验证 ```	2024-04-26 10:06:32 +00:00
guqing	c0de807b9e	refactor: optimize comment and reply deletion (#5777 ) #### What type of PR is this? /kind improvement /area core /milestone 2.15.x #### What this PR does / why we need it: 优化评论和回复删除，只有删除第一页后才会再次查询避免数据堆积 #### Does this PR introduce a user-facing change? ```release-note None ```	2024-04-26 09:49:26 +00:00
John Niang	a635881d34	Add WebSocket support in plugins (#5662 ) #### What type of PR is this? /kind feature /area core /area plugin #### What this PR does / why we need it: This PR allows plugin developers defining WebSocket endpoints in plugins. #### Which issue(s) this PR fixes: Fixes #5285 #### Does this PR introduce a user-facing change? ```release-note 支持在插件中实现 WebSocket ```	2024-04-25 08:19:14 +00:00

1 2 3 4 5 ...

306 Commits (8d71fc39668157dbb2b7d345c2ec85a43a8135d4)