github
/
halo
mirror of https://github.com/halo-dev/halo
1
0
Fork 0
Code Issues Releases Wiki Activity
5,101 Commits
32 Branches
222 Tags
138 MiB
Commit Graph

380 Commits (eae83ae949f243daf3241d98a3c68370d173b98d)

Author SHA1 Message Date
John Niang eae83ae949
Fix the problem that plugins without jar file may not be deleted (#6334) 
#### What type of PR is this?

/kind bug
/area core
/area plugin
/milestone 2.18.x

#### What this PR does / why we need it:

This PR checks if the plugin is already unloaded while getting dependents to fix the problem that plugins without jar file may not be deleted or not be enabled or disabled.

#### Which issue(s) this PR fixes:

Fixes https://github.com/halo-dev/halo/issues/6072

#### Special notes for your reviewer:

1. Try to move plugins folder to another folder
2. Restart Halo
3. Try to change state of plugins or delete plugins directly
4. See the result

#### Does this PR introduce a user-facing change?

```release-note
修复在没有插件文件的情况下可能无法删除插件的问题
```
 2024-07-24 03:01:35 +00:00
John Niang 1992916ab6
Respond 404 for non-exist theme resources instead of 500 (#6340) 
#### What type of PR is this?

/kind bug
/area core
/milestone 2.18.x

#### What this PR does / why we need it:

This PR checks readable of theme resources while getting resources to prevent Halo from throwing FileNotFoundException.

#### Which issue(s) this PR fixes:

Fixes #6338 

#### Special notes for your reviewer:

1. Try to request <https://www.halo.run/themes/fake-theme/assets/favicons/favicon-32x32.png>
2. See the result

#### Does this PR introduce a user-facing change?

```release-note
修复访问不存在的主题资源时出现服务器异常的问题
```
 2024-07-22 04:35:32 +00:00
Shiina 2a807b748b
Improve timezone information in login notification (#6309) 
/area core
/kind improvement

Fixes #6256 

```release-note
格式化新设备登录邮件通知内的登录时间为系统时区
```
 2024-07-17 15:21:28 +00:00
John Niang 8795f873ca
Fix the problem where automatic login using remember-me token could fail (#6329) 
#### What type of PR is this?

/kind bug
/area core
/milestone 2.18.x

#### What this PR does / why we need it:

This PR prevent remember-me token from updating after auto login.

#### Which issue(s) this PR fixes:

Fixes #6290 

#### Does this PR introduce a user-facing change?

```release-note
修复“保持登录”可能失效的问题
```
 2024-07-15 09:59:27 +00:00
BugKing 2c0f0875ed
chore: bump preset plugins version (#6310) 
#### What type of PR is this?

/kind improvement
/area core

#### What this PR does / why we need it:

更新预设插件版本。

#### Does this PR introduce a user-facing change?

```release-note
None
```
 2024-07-15 05:31:26 +00:00
John Niang 6bc13552ee
Fix the problem of not being able to rebuild search index (#6323) 
#### What type of PR is this?

/kind bug
/area core
/milestone 2.18.x

#### What this PR does / why we need it:

This PR fixes the problem of not being able to rebuild search index due to null description and updateTimestamp.

#### Which issue(s) this PR fixes:

Fixes #6317 

#### Does this PR introduce a user-facing change?

```release-note
修复无法正常刷新搜索引擎的问题
```
 2024-07-15 03:39:26 +00:00
John Niang 45d0a475b5
Use AuthenticationWebFilter for remember-me mechanism (#6298) 
#### What type of PR is this?

/kind cleanup
/area core
/milestone 2.18.x

#### What this PR does / why we need it:

This PR simplifies RememberMeAuthenticationFilter by reusing AuthenticationWebFilter.

#### Does this PR introduce a user-facing change?

```release-note
None
```
 2024-07-09 14:07:24 +00:00
John Niang 9cdd8a5301
Add before and after security web filters (#6297) 
#### What type of PR is this?

/kind feature
/kind api-change
/area core
/area plugin

#### What this PR does / why we need it:

This PR adds `BeforeSecurityWebFilter` and `AfterSecurityWebFilter` extension points. See https://github.com/halo-sigs/plugin-page-cache/issues/4#issuecomment-2216677891 for more.

Now, we can do something before and after authenticating.

#### Does this PR introduce a user-facing change?

```release-note
添加认证授权的前置和后置处理器扩展点
```
 2024-07-09 14:05:24 +00:00
guqing 36bc461147
refactor: remove IP address judgment for device management (#6275) 
#### What type of PR is this?
/kind bug
/area core
/milestone 2.18.x

#### What this PR does / why we need it:
设备管理去除 IP 地址检查以避免频繁登录

#### Does this PR introduce a user-facing change?
```release-note
设备管理去除 IP 地址检查以避免频繁登录
```
 2024-07-05 09:33:07 +00:00
John Niang 708b8be792
Respond 409 for operation conflict instead of 500 (#6274) 
#### What type of PR is this?

/kind improvement
/area core
/kind api-change
/milestone 2.18.x

#### What this PR does / why we need it:

This PR makes ConcurrencyFailureException respond http status code 409 instead of 500.

#### Which issue(s) this PR fixes:

Fixes #6254 

#### Does this PR introduce a user-facing change?

```release-note
None
```
 2024-07-05 09:02:38 +00:00
guqing 138d52e731
chore: keep the pluginWrapper bean for compatibility (#6271) 
#### What type of PR is this?
/area core
/milestone 2.18.x

#### What this PR does / why we need it:
为了平滑升级先保留 PluginWrapper 的 Bean

#### Does this PR introduce a user-facing change?
```release-note
None
```
 2024-07-05 04:08:37 +00:00
John Niang ad66247872
Support obtaining plugins root in plugins (#6269) 
#### What type of PR is this?

/kind feature
/kind api-change
/area core
/area plugin

#### What this PR does / why we need it:

This PR supports obtaining plugins root in plugins. Below is an example in plugin:

```java
@Component
class PluginsRootGetterDemo {

    private final PluginsRootGetter pluginsRootGetter;

    PluginsRootGetterDemo(PluginsRootGetter pluginsRootGetter) {
        this.pluginsRootGetter = pluginsRootGetter;
    }

}
```

Meanwhile, I remove the `PluginProperties#pluginsRoot` for a clear way to obtain plugins root.

#### Does this PR introduce a user-facing change?

```release-note
支持在插件中获取插件根目录
```
 2024-07-04 13:36:33 +00:00
John Niang 36fb44c8b7
Build and run using IntelliJ IDEA after building ui (#6261) 
#### What type of PR is this?

/kind improvement
/area core
/milestone 2.18.x

#### What this PR does / why we need it:

This PR treats `ui/build/dist` as resource dir for application module to adapt building and running using IntelliJ IDEA.

How to use?

1. Build ui project by executing command `./gradlew :ui:build -x :ui:check`.
1. Create a `Run/Debug Configuration` with arguments `--spring.profiles.active=dev --halo.console.proxy.enabled=false --halo.uc.proxy.enabled=false`.
1. Go to `Settings | Build, Execution, Deployment | Build Tools | Gradle` and select `IntelliJ IDEA` for `Build and run using:`
1. Run/Debug the configuration 

#### Does this PR introduce a user-facing change?

```release-note
None
```
 2024-07-04 03:22:32 +00:00
guqing b964c7bb00
chore: cleanup deprecated constructor for base plugin (#6243) 
#### What type of PR is this?
/kind cleanup
/area plugin
/milestone 2.17.x

#### What this PR does / why we need it:
移除 BasePlugin 中已经过时的构造方法

在 2.6.1 版本中将 `BasePlugin(PluginWrapper wrapper)` 标记为过时并使用 `BasePlugin(PluginContext pluginContext)` 代替,现在已经过了很多版本,是时候移除它了。

see also #4023
#### Does this PR introduce a user-facing change?
```release-note
开发者相关:移除 BasePlugin 中已经过时的构造方法
```
 2024-07-03 03:49:34 +00:00
guqing 484b5c1b74
chore: cleanup deprecated extension yaml (#6245) 
#### What type of PR is this?
/kind cleanup
/area core
/milestone 2.17.x

#### What this PR does / why we need it:
清理已经过时很久的 yaml extension 声明

#### Does this PR introduce a user-facing change?
```release-note
None
```
 2024-07-02 04:45:24 +00:00
guqing b9c500dc8d
fix: handle plugin entry file loading when cache temp directory is cleared (#6238) 
#### What type of PR is this?
/kind bug
/area plugin
/milestone 2.17.x

#### What this PR does / why we need it:
修复当插件入口文件的缓存目录被系统清理后会导致一直无法加载的问题

原问题复现步骤:
1. 登录后刷新页面,此时缓存目录被创建
2. 删除缓存目录后就会提示文件不存在然后导致插件入口文件一致无法加载直到重启 Halo

#### Which issue(s) this PR fixes:
Fixes #6226

#### Does this PR introduce a user-facing change?
```release-note
修复当插件入口文件的缓存目录被系统清理后会导致一直无法加载的问题
```
 2024-07-01 10:05:17 +00:00
John Niang cc3564bf82
Add support to disable two-factor authentication (#6242) 
#### What type of PR is this?

/kind improvement
/area core
/milestone 2.17.0

#### What this PR does / why we need it:

This PR provides a configuration property to control whether two-factor authentication is disabled. e.g.:

```yaml
halo:
  security:
    two-factor-auth:
      disabled: true | false # Default is false.
```

#### Which issue(s) this PR fixes:

Fixes #5640 

#### Special notes for your reviewer:

1. Enable 2FA and configure TOTP
2. Disable 2FA by configuring property above
3. Restart Halo and try to login

#### Does this PR introduce a user-facing change?

```release-note
支持通过配置的方式全局禁用二步验证
```
 2024-07-01 09:57:17 +00:00
guqing f5ebd9fe43
feat: add TemplateFooterProcessor extension point for extending footer tag content in theme (#6191) 
#### What type of PR is this?
/kind feature
/area core
/milestone 2.17.x

#### What this PR does / why we need it:
提供对模板中 halo footer 标签内容的扩展点以支持扩展页脚内容

#### Which issue(s) this PR fixes:
Fixes #6189 

#### Does this PR introduce a user-facing change?
```release-note
提供对模板中 halo footer 标签内容的扩展点以支持扩展页脚内容
```
 2024-07-01 09:49:17 +00:00
guqing 1f4bf8ea47
feat: enhance PluginFinder to support check plugin availability by version (#6236) 
#### What type of PR is this?
/kind feature
/area core
/area theme
/milestone 2.17.x

#### What this PR does / why we need it:
支持在主题中检查已启动的插件是否符合指定的版本要求,以便可以在某些功能可以正常工作时才渲染

示例
```html
<p th:if="${pluginFinder.available('plugin-search-widget', '>=2.3.0')}>
<!-- do something -->
</p>
```

#### Does this PR introduce a user-facing change?
```release-note
支持在主题中检查已启动的插件是否符合指定的版本要求
```
 2024-07-01 09:45:17 +00:00
John Niang bbc6f23b2d
Fix the problem of null type of search result (#6241) 
#### What type of PR is this?

/kind bug
/area core
/milestone 2.17.0

#### What this PR does / why we need it:

This PR adds missed type to HaloDocument while converting.

#### Which issue(s) this PR fixes:

Fixes https://github.com/halo-dev/halo/issues/6235

#### Does this PR introduce a user-facing change?

```release-note
None
```
 2024-07-01 09:25:17 +00:00
John Niang 4ea4bdf8b5
Expose search service for plugin (#6239) 
#### What type of PR is this?

/kind feature
/kind api-change
/area core
/area plugin
/milestone 2.17.0

#### What this PR does / why we need it:

This PR creates a SearchService and makes it invokable for plugins.

#### Special notes for your reviewer:

1. Create a plugin
2. Publish all publication into Maven local repository by executing `./gradlew publishAllPublicationsToMavenLocalRepository`
3. Use `2.17.0-SNAPSHOT` as dependency version and refresh dependencies
4. Try to use the SearchService to search something.

#### Does this PR introduce a user-facing change?

```release-note
为插件提供全文搜索服务
```
 2024-07-01 09:11:17 +00:00
John Niang 3875251d97
Allow plugin to listen the event the plugin has started (#6234) 
#### What type of PR is this?

/kind feature
/area core
/milestone 2.17.x

#### What this PR does / why we need it:

This PR add support for allowing plugin to listen the event that the plugin has started. Below is an example of listening the event in plugin:

```java
    @EventListener
    void onPluginStartedEvent(PluginStartedEvent event) {
        // do something.
    }
```

See https://github.com/halo-dev/halo/issues/5339#issuecomment-2199220068 for more.

#### Which issue(s) this PR fixes:

Fixes https://github.com/halo-dev/halo/issues/5339#issuecomment-2199220068

#### Special notes for your reviewer:

1. Create a plugin, add the listener above and write some logs
2. Build and install the plugin
3. Start plugin and see the logs you wrote

#### Does this PR introduce a user-facing change?

```release-note
支持在插件中监听已启动事件
```
 2024-07-01 07:31:17 +00:00
guqing e7f4419131
chore: compatibility support for null for sort parameter of listAll (#6230) 
#### What type of PR is this?
/area core
/milestone 2.17.x

#### What this PR does / why we need it:
由于2.17.0 修改了 listAll 的实现导致出现了不兼容 Sort 参数为 null 的情况,考虑到给开发者适应的时间因此先兼容并给出警告日志

see also #6219

#### Which issue(s) this PR fixes:
Fixes #6219

#### Does this PR introduce a user-facing change?
```release-note
None
```
 2024-07-01 06:59:17 +00:00
guqing 967eaa21e1
feat: add LoginHandlerEnhancer for enhanced login processing (#6176) 
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.17.x

#### What this PR does / why we need it:
新增 LoginHandlerEnhancer 用于 Halo 扩展登录成功或失败后的处理逻辑如 RememberMe 和设备管理等

#### Does this PR introduce a user-facing change?
```release-note
None
```
 2024-07-01 06:49:16 +00:00
Ryan Wang 9e1cd02c41
chore: bump preset plugins version (#6225) 
#### What type of PR is this?

/area core
/kind improvement
/milestone 2.17.x

#### What this PR does / why we need it:

更新预设插件的版本。

#### Does this PR introduce a user-facing change?

```release-note
None
```
 2024-07-01 02:55:16 +00:00
John Niang 9410006659
Fix the problem of fetching old value from plugin setting fetcher (#6216) 
#### What type of PR is this?

/kind bug
/area core
/area plugin
/milestone 2.17.x

#### What this PR does / why we need it:

This PR  makes sure the method `cache#put` is called before the event is published to avoid the event listener to fetch the old value from the cache.

The problem was introduced by <https://github.com/halo-dev/halo/pull/6141>.

#### Which issue(s) this PR fixes:

Fixes #6213 

#### Does this PR introduce a user-facing change?

```release-note
修复在插件配置变更监听器中始终获取到旧数据的问题
```
 2024-06-30 02:57:11 +00:00
guqing 8e97814018
fix: causing API to be pending when plugin startup encounters an error (#6207) 
#### What type of PR is this?
/kind improvement
/area core
/area plugin

#### What this PR does / why we need it:
修复当启动插件遇到 Error 级别的错误时会导致 API 被挂起无法终止的问题

```
- Throwable
    - Error
    - Exception
```
see #6192 for more details

#### Which issue(s) this PR fixes:
Fixes #6192

#### Does this PR introduce a user-facing change?
```release-note
修复当启动插件遇到 Error 级别的错误时会导致 API 被挂起无法终止的问题
```
 2024-06-29 16:39:10 +00:00
guqing d2a03dc849
fix: incorrect post display when linking or unlinking hidden categories (#6204) 
#### What type of PR is this?
/kind bug
/area core
/milestone 2.17.x

#### What this PR does / why we need it:
修复文章关联或取消关联隐藏分类后显示不正确的问题

#### Which issue(s) this PR fixes:
Fixes #6194
Fixes #6195

#### Does this PR introduce a user-facing change?
```release-note
修复文章关联或取消关联隐藏分类后显示不正确的问题
```
 2024-06-28 13:51:00 +00:00
Ryan Wang f0445f4e51
refactor: remove page cache feature (#6108) 
#### What type of PR is this?

/area core
/kind api-change
/milestone 2.17.x

#### What this PR does / why we need it:

移除内置的页面静态缓存功能,后续将由 https://github.com/halo-sigs/plugin-page-cache 插件提供。

#### Which issue(s) this PR fixes:

Fixes #5639 

#### Special notes for your reviewer:

#### Does this PR introduce a user-facing change?

```release-note
移除内置的页面静态缓存功能,后续由 https://github.com/halo-sigs/plugin-page-cache 插件提供。
```
 2024-06-28 10:08:59 +00:00
guqing 4cafdb5a72
fix: breadcrumbs for hidden category can not be displayed (#6200) 
#### What type of PR is this?
/kind bug
/area core
/area theme
/milestone 2.17.x

#### What this PR does / why we need it:
修复获取隐藏分类的面包屑路径不正确的问题

#### Which issue(s) this PR fixes:
Fixes #6197

#### Does this PR introduce a user-facing change?
```release-note
修复获取隐藏分类的面包屑路径不正确的问题
```
 2024-06-28 10:02:59 +00:00
John Niang c7bf87b361
Rectify role templates about PAT and 2FA endpoints (#6201) 
#### What type of PR is this?

/kind bug
/area core
/milestone 2.17.x

#### What this PR does / why we need it:

In PR <https://github.com/halo-dev/halo/pull/6130>, I changed the api group of PAT and 2FA endpoints, but I forgot to change the corresponding role templates. So other users except admin will encounter 403 error like <https://github.com/halo-dev/halo/issues/6199>.

#### Which issue(s) this PR fixes:

Fixes https://github.com/halo-dev/halo/issues/6199

#### Does this PR introduce a user-facing change?

```release-note
None
```
 2024-06-28 07:24:58 +00:00
Ryan Wang 2ed117042a
refactor: translate extension point descriptions to simplified chinese (#6190) 
#### What type of PR is this?

/area core
/kind improvement
/milestone 2.17.x

#### What this PR does / why we need it:

将扩展点定义和扩展点的描述文件改为简体中文。

#### Does this PR introduce a user-facing change?

```release-note
None
```
 2024-06-28 04:08:57 +00:00
John Niang f936e131c4
Remove deprecated ExtensionComponentsFinder (#6185) 
#### What type of PR is this?

/kind cleanup
/area core
/milestone 2.17.x

#### What this PR does / why we need it:

In <https://github.com/halo-dev/halo/pull/5386>, I marked ExtensionComponentsFinder as deprecated. Four months have passed, it's time to remove it.

#### Does this PR introduce a user-facing change?

```release-note
None
```
 2024-06-28 02:40:57 +00:00
John Niang c524ee4340
Fix the unstable integration test of Lucene search engine (#6187) 
#### What type of PR is this?

/kind failing-test
/area core
/milestone 2.17.x

#### What this PR does / why we need it:

This PR allows retrying to operate on posts when optimistic locking errors occur.

#### Which issue(s) this PR fixes:

Fixes #6186 

#### Does this PR introduce a user-facing change?

```release-note
None
```
 2024-06-28 01:56:58 +00:00
guqing 68d94f6653
refactor: optimize the extension watch parameters to always be of real type (#6180) 
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.17.x

#### What this PR does / why we need it:
优化触发 Extension Watch 方法(onAdd/onUpdate/onDelete)时的参数始终为真实类型避免使用时进行类型转换

#### Does this PR introduce a user-facing change?
```release-note
None
```
 2024-06-27 10:16:54 +00:00
guqing 0cdd043d1f
feat: add method to find path of a specified node in a category tree (#6135) 
#### What type of PR is this?
/kind feature
/area core
/milestone 2.17.x

#### What this PR does / why we need it:
为分类 Finder 提供获取指定节点的面包屑路径方法

#### Which issue(s) this PR fixes:
Fixes #3374

#### Does this PR introduce a user-facing change?
```release-note
为分类 Finder 提供获取指定节点的面包屑路径方法
```
 2024-06-27 10:13:05 +00:00
John Niang 556e65a618
Fix the problem of enabling 2FA unexpectedly (#6174) 
#### What type of PR is this?

/kind bug
/area core
/milestone 2.17.x

#### What this PR does / why we need it:

Some users encountered 2FA required issue after upgrading Halo 2.16, because they enabled 2FA but didn't configure TOTP before. The issue was introduced by <https://github.com/halo-dev/halo/pull/6005>.

This PR checks if TOTP configured to determine whether 2FA is required.

#### Does this PR introduce a user-facing change?

```release-note
修复在没有配置 TOTP 验证器的情况下仍被要求二步验证的问题
```
 2024-06-27 09:40:54 +00:00
guqing 4d6450d065
fix: spelling errors in sorting criteria for query categories (#6173) 
#### What type of PR is this?
/kind bug
/area core
/milestone 2.17.x

#### What this PR does / why we need it:
修复查询分类的排序条件拼写错误导致的错误

#### Which issue(s) this PR fixes:
Fixes #6171

#### Does this PR introduce a user-facing change?
```release-note
修复查询分类的排序条件拼写错误导致的错误
```
 2024-06-27 09:02:54 +00:00
John Niang 54cd1c82f4
Use top-level interface of session repository (#6160) 
#### What type of PR is this?

/kind improvement
/area core
/milestone 2.17.x

#### What this PR does / why we need it:

Use top-level interface `org.springframework.session.ReactiveFindByIndexNameSessionRepository` for being compatible with other session repositories.

#### Which issue(s) this PR fixes:

Fixes https://github.com/halo-dev/halo/issues/6159

#### Does this PR introduce a user-facing change?

```release-note
None
```
 2024-06-27 03:32:53 +00:00
John Niang 47157ddd3f
Fix the problem of not being able to autowire settingFetcher bean in plugin (#6156) 
#### What type of PR is this?

/kind bug
/area core
/area plugin

#### What this PR does / why we need it:

The problem was introduced by PR <https://github.com/halo-dev/halo/pull/6141>. That PR wrongly registered `settingFetcher` singleton bean.

#### Which issue(s) this PR fixes:

<img width="1920" alt="image" src="https://github.com/halo-dev/halo/assets/16865714/ecc67064-3506-49b8-8114-a145da549126">

#### Does this PR introduce a user-facing change?

```release-note
None
```
 2024-06-26 15:46:50 +00:00
John Niang 632bb69dfe
Refactor search engine and improve document extensibility (#6082) 
#### What type of PR is this?

/kind improvement
/kind api-change
/area core

#### What this PR does / why we need it:

See https://github.com/JohnNiang/halo/blob/refactor/search/docs/extension-points/search-engine.md for more

#### Which issue(s) this PR fixes:

Fixes https://github.com/halo-dev/halo/issues/5202
Fixes https://github.com/halo-dev/halo/issues/5339
Fixes https://github.com/halo-dev/halo/issues/5613
Fixes https://github.com/halo-dev/halo/issues/5172
Fixes https://github.com/halo-dev/halo/issues/4796
Fixes https://github.com/halo-dev/halo/issues/5625
Fixes https://github.com/halo-dev/halo/issues/5805

#### Special notes for your reviewer:

#### Does this PR introduce a user-facing change?

```release-note
重构搜索引擎并提高可扩展性。
```
 2024-06-26 15:22:51 +00:00
Ryan Wang 5eabce7544
feat: add management and view pages for extension points (#6137) 
#### What type of PR is this?

/area ui
/kind feature
/milestone 2.17.x

#### What this PR does / why we need it:

添加扩展点的查看和设置页面。

<img width="1414" alt="image" src="https://github.com/halo-dev/halo/assets/21301288/4dd4660f-540f-46b5-8250-b4f011ebaae6">

#### Which issue(s) this PR fixes:

Fixes https://github.com/halo-dev/halo/issues/3206

#### Does this PR introduce a user-facing change?

```release-note
添加系统扩展点的查看和设置页面。
```
 2024-06-26 13:58:51 +00:00
guqing 0196315228 feat: support hide categories and posts from the list 2024-06-26 19:24:47 +08:00
guqing 68d428aa29
refactor: enhance cache management in plugin setting config (#6141) 
#### What type of PR is this?
/kind feature
/area plugin
/area core
/milestone 2.17.x

#### What this PR does / why we need it:
增强插件配置的缓存管理

1. 通过 SettingFetcher/ReactiveSettingFetcher 获取插件配置可以不在考虑获取数据的性能问题,当数据变更后会自动更新缓存
2. 现在你可以通过在插件中监听 `PluginConfigUpdatedEvent` 事件来做一些处理,它会在用户更改插件配置后被触发

#### Does this PR introduce a user-facing change?
```release-note
增强插件配置的缓存管理并支持通过监听 `PluginConfigUpdatedEvent` 事件做一些特殊处理
```
 2024-06-26 11:20:51 +00:00
guqing 8d71fc3966 feat: add device management mechanism 2024-06-26 18:52:32 +08:00
guqing ae6724a2b6
feat: implement persistent token based remember me mechanism (#6131) 
#### What type of PR is this?
/kind feature
/area core
/milestone 2.17.x

#### What this PR does / why we need it:
新增基于持久化 Token 的 RememberMe 机制

本次更新引入了一种新的 RememberMe 机制,该机制基于持久化 Token,以增强安全性和管理灵活性。在此之前,RememberMe 功能通过以下方式生成 Token,并将其作为 cookie 发送回客户端:
```
 username + ":" + expiryTime + ":" + algorithmName + ":"
   + algorithmHex(username + ":" + expiryTime + ":" + password + ":" + key)
```
此方法的优点在于无需存储 Token 就可以进行验证,并且用户密码的更改会自动使 Token 失效。然而,它的主要缺点是缺乏管理能力,例如无法手动撤销 Token。

鉴于最新的设备管理需求(见 PR #6100),我们需要一种支持设备撤销(revoke)的机制。因此,我们采用了持久化 Token 的方式,并通过随机生成的方法来提高安全性,而不将用户名和密码直接签名在 Token 中。新的 Token 格式如下:
```
base64(tokenValue:series)
```
此更改将为系统带来更高的安全保障和更灵活的管理选项,特别是在需要高度控制和监管设备访问时。

#### Does this PR introduce a user-facing change?
```release-note
引入基于持久化 Token 的新 RememberMe 机制以增强安全性和管理灵活性,升级后需要重新登录
```
 2024-06-26 08:40:49 +00:00
John Niang e4cce918f7
Refactor ExtensionGetter for enabling or disabling extensions (#6134) 
#### What type of PR is this?

/kind improvement
/kind api-change
/area core

#### What this PR does / why we need it:

This PR refactors ExtensionGetter implementation to add a support of enabling extension point(s). Here is an example of data field of `system` config map:

```json
{
  "data": {
    "extensionPointEnabled": "{  \"search-engine\": [\"search-engine-algolia\"]}"
  },
```

> 1. The `search-engine` is a name of extension point definition.
> 2. The `search-engine-algolia` is a name of extension definition.

#### Does this PR introduce a user-facing change?

```release-note
None
```
 2024-06-25 07:46:45 +00:00
JohnNiang ecc0a70249 Refactor api client using separated OpenAPI groups 2024-06-25 12:31:25 +08:00
guqing c10862d6fe
refactor: index mechanism to enhance overall performance (#6039) 
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.17.x

#### What this PR does / why we need it:
重构索引机制的查询和排序以提升整体性能

**how to test it?**
使用 postgre 数据库,初始化 Halo ,然后执行以下脚本创建 30w 文章数据进行测试:
<details>
<summary>点击展开查看 SQL</summary>

```sql
DO $$
DECLARE
    i integer;
    postNameIndex integer;
    snapshotName varchar;
    totalRecords integer;
BEGIN
    postNameIndex := 1;
    totalRecords := 300000;

    FOR i IN 1..3 LOOP
      INSERT INTO "public"."extensions" ("name", "data", "version")
      VALUES (
          '/registry/content.halo.run/categories/category-'||i,
          convert_to(
              jsonb_build_object(
                  'spec', jsonb_build_object(
                      'displayName', '分类-'||i,
                      'slug', 'category-'||i,
                      'description', '测试分类',
                      'cover', '',
                      'template', '',
                      'priority', 0,
                      'children', '[]'::jsonb
                  ),
                  'status', jsonb_build_object(
                      'permalink', '/categories/category-'||i,
                      'postCount', totalRecords,
                      'visiblePostCount', totalRecords
                  ),
                  'apiVersion', 'content.halo.run/v1alpha1',
                  'kind', 'Category',
                  'metadata', jsonb_build_object(
                      'finalizers', jsonb_build_array('category-protection'),
                      'name', 'category-' || i,
                      'annotations', jsonb_build_object(
                          'content.halo.run/permalink-pattern', 'categories'
                      ),
                      'version', 0,
                      'creationTimestamp', '2024-06-12T03:56:40.315592Z'
                  )
          )::text, 'UTF8'),
          0
      );
    END LOOP;


    FOR i IN 1..3 LOOP
      INSERT INTO "public"."extensions" ("name", "data", "version")
        VALUES (
            '/registry/content.halo.run/tags/tag-' || i,
            convert_to(
               jsonb_build_object(
               'spec', jsonb_build_object(
                   'displayName', 'Halo tag ' || i,
                   'slug', 'tag-'||i,
                   'color', '#ffffff',
                   'cover', ''
               ),
               'status', jsonb_build_object(
                   'permalink', '/tags/tag-' || i,
                   'visiblePostCount', totalRecords,
                   'postCount', totalRecords,
                   'observedVersion', 0
               ),
               'apiVersion', 'content.halo.run/v1alpha1',
               'kind', 'Tag',
               'metadata', jsonb_build_object(
                   'finalizers', jsonb_build_array('tag-protection'),
                   'name', 'tag-'||i,
                   'annotations', jsonb_build_object(
                       'content.halo.run/permalink-pattern', 'tags'
                   ),
                   'version', 0,
                   'creationTimestamp', '2024-06-12T03:56:40.406407Z'
               )
       )::text, 'UTF8'),
       0);
    END LOOP;

    FOR i IN postNameIndex..totalRecords LOOP
        -- Generate snapshotName
        snapshotName := 'snapshot-' || i;

        -- Insert post data
        INSERT INTO "public"."extensions" ("name", "data", "version")
        VALUES (
            '/registry/content.halo.run/posts/post-' || postNameIndex,
            convert_to(
                jsonb_build_object(
                    'spec', jsonb_build_object(
                        'title', 'title-' || postNameIndex,
                        'slug', 'slug-' || postNameIndex,
                        'releaseSnapshot', snapshotName,
                        'headSnapshot', snapshotName,
                        'baseSnapshot', snapshotName,
                        'owner', 'admin',
                        'template', '',
                        'cover', '',
                        'deleted', false,
                        'publish', true,
                        'pinned', false,
                        'allowComment', true,
                        'visible', 'PUBLIC',
                        'priority', 0,
                        'excerpt', jsonb_build_object(
                            'autoGenerate', true,
                            'raw', ''
                        ),
                        'categories', ARRAY['category-kEvDb', 'category-XcRVk', 'category-adca'],
                        'tags', ARRAY['tag-RtKos', 'tag-vEsTR', 'tag-UBKCc'],
                        'htmlMetas', '[]'::jsonb
                    ),
                    'status', jsonb_build_object(
                        'phase', 'PUBLISHED',
                        'conditions', ARRAY[
                            jsonb_build_object(
                                'type', 'PUBLISHED',
                                'status', 'TRUE',
                                'lastTransitionTime', '2024-06-11T10:16:15.617748Z',
                                'message', 'Post published successfully.',
                                'reason', 'Published'
                            ),
                            jsonb_build_object(
                                'type', 'DRAFT',
                                'status', 'TRUE',
                                'lastTransitionTime', '2024-06-11T10:16:15.457668Z',
                                'message', 'Drafted post successfully.',
                                'reason', 'DraftedSuccessfully'
                            )
                        ],
                        'permalink', '/archives/slug-' || postNameIndex,
                        'excerpt', '如果你看到了这一篇文章,那么证明你已经安装成功了,感谢使用 Halo 进行创作,希望能够使用愉快。',
                        'inProgress', false,
                        'contributors', ARRAY['admin'],
                        'lastModifyTime', '2024-06-11T10:16:15.421467Z',
                        'observedVersion', 0
                    ),
                    'apiVersion', 'content.halo.run/v1alpha1',
                    'kind', 'Post',
                    'metadata', jsonb_build_object(
                        'finalizers', ARRAY['post-protection'],
                        'name', 'post-' || postNameIndex,
                        'labels', jsonb_build_object(
                            'content.halo.run/published', 'true',
                            'content.halo.run/deleted', 'false',
                            'content.halo.run/owner', 'admin',
                            'content.halo.run/visible', 'PUBLIC',
                            'content.halo.run/archive-year', '2024',
                            'content.halo.run/archive-month', '06',
                            'content.halo.run/archive-day', '11'
                        ),
                        'annotations', jsonb_build_object(
                            'content.halo.run/permalink-pattern', '/archives/{slug}',
                            'content.halo.run/last-released-snapshot', snapshotName,
                            'checksum/config', '73e40d4115f5a7d1e74fcc9228861c53d2ef60468e1e606e367b01efef339309'
                        ),
                        'version', 0,
                        'creationTimestamp', '2024-06-11T05:51:46.059292Z'
                    )
                )::text, 'UTF8'),
            1
        );

        -- Insert content data
        INSERT INTO "public"."extensions" ("name", "data", "version")
        VALUES (
            '/registry/content.halo.run/snapshots/' || snapshotName,
            convert_to(
                jsonb_build_object(
                    'spec', jsonb_build_object(
                        'subjectRef', jsonb_build_object(
                            'group', 'content.halo.run',
                            'version', 'v1alpha1',
                            'kind', 'Post',
                            'name', 'post-' || postNameIndex
                        ),
                        'rawType', 'HTML',
                        'rawPatch', '<p style=\"\">测试内容</p>',
                        'contentPatch', '<p style=\"\">测试内容</p>',
                        'lastModifyTime', '2024-06-11T06:01:25.748755Z',
                        'owner', 'admin',
                        'contributors', ARRAY['admin']
                    ),
                    'apiVersion', 'content.halo.run/v1alpha1',
                    'kind', 'Snapshot',
                    'metadata', jsonb_build_object(
                        'name', snapshotName,
                        'annotations', jsonb_build_object(
                            'content.halo.run/keep-raw', 'true'
                        ),
                        'creationTimestamp', '2024-06-11T06:01:25.748925Z'
                    )
                )::text, 'UTF8'),
            1
        );

        postNameIndex := postNameIndex + 1;
    END LOOP;
END $$;
```

</details>

使用以下 API 查询文章
```
curl 'http://localhost:8090/apis/api.console.halo.run/v1alpha1/posts?page=1&size=20&labelSelector=content.halo.run%2Fdeleted%3Dfalse&labelSelector=content.halo.run%2Fpublished%3Dtrue&fieldSelector=spec.categories%3Dcategory-1&fieldSelector=spec.tags%3Dc33ceabb-d8f1-4711-8991-bb8f5c92ad7c&fieldSelector=status.contributors%3Dadmin&fieldSelector=spec.visible%3DPUBLIC' \
--header 'Authorization: Basic YWRtaW46YWRtaW4='
```
Before:

![SCR-20240612-o20](https://github.com/halo-dev/halo/assets/38999863/fc27a265-6571-4361-a707-a683ea040837)
After:

![SCR-20240612-q1c](https://github.com/halo-dev/halo/assets/38999863/c0a241b8-5ed4-4973-8dfc-c260ffccd727)

#### Does this PR introduce a user-facing change?
```release-note
重构索引机制的查询和排序使整体性能提升 50% 以上
```
 2024-06-21 08:04:11 +00:00
guqing 8bdde317e5
feat: add preventParentPostCascadeQuery option to control visibility of child category posts (#6083) 
#### What type of PR is this?
/kind feature
/area core
/milestone 2.17.x

#### What this PR does / why we need it:
此次变更为文章分类引入了一个新的 `preventParentPostCascadeQuery` 布尔属性,用于控制分类及其子分类下的文章显示方式。具体变更包括:

- 在分类结构中增加了 `preventParentPostCascadeQuery` 属性。
- 当分类的 `preventParentPostCascadeQuery` 属性设置为 `true` 时,该分类的文章数量不会汇总到父分类中。
- 更新了树结构遍历逻辑,以支持对 `preventParentPostCascadeQuery` 属性的处理。
- 确保独立分类中的文章显示受控,不向上级分类进行聚合。
- 增加了相应的测试用例,以验证在不同树结构中 `preventParentPostCascadeQuery` 属性的功能性。

#### Which issue(s) this PR fixes:
Fixes #5663 
Fixes #4923
Fixes https://github.com/halo-dev/halo/issues/3418

#### Does this PR introduce a user-facing change?
```release-note
新增独立分类选项用于控制关联的子分类下的文章显示以提供更灵活的内容管理方式
```
 2024-06-21 04:08:10 +00:00