Commit graph

108 commits

Author SHA1 Message Date
Hayden
b3c41a4bd0
security: implement user lockout (#1552)
* add data-types required for login security

* implement user lockout checking at login

* cleanup legacy patterns

* expose passwords in test_user

* test user lockout after bad attempts

* test user service

* bump alembic version

* save increment to database

* add locked_at to datetime transformer on import

* do proper test cleanup

* implement scheduled task

* spelling

* document env variables

* implement context manager for session

* use context manager

* implement reset script

* cleanup generator

* run generator

* implement API endpoint for resetting locked users

* add button to reset all locked users

* add info when account is locked

* use ignore instead of expect-error
2022-08-13 13:18:12 -08:00
Hayden
e5bf7bce17
fix: case-sensitive-password-reset (#1545)
* make password reset case insensitive

* update test to check for case insensitive
2022-08-09 21:10:00 -08:00
Michael Genson
f45e2587a0
feat: category and tag filters to recipe pagination route (#1508)
* fixed incorrect response model

* added category and tag filters

* moved categories and tags params to route and
changed to query array param

* type fixes

* added category and tag tests
2022-08-09 14:01:59 -08:00
Philipp Fischbeck
34cd6eb687
fix: validate OpenAPI spec (#1528)
* init api check test

* Fix openAPI issues

Co-authored-by: Hayden <64056131+hay-kot@users.noreply.github.com>
2022-08-06 16:54:29 -08:00
Hayden
11478134a1
security: restrict backup file upload (#1522) 2022-08-02 12:53:58 -08:00
Hayden
13850cda1f
security: multiple reported CVE fixes (#1515)
* update out of date license

* update typing / refactor

* fix arbitrarty path injection

* use markdown sanatizer to prevent XSS CWE-79

* fix CWE-918 SSRF by validating url and mime type

* add security docs

* update recipe-scrapers

* resolve DOS from arbitrary url

* update changelog

* bump version

* add ref to #1506

* add #1511 to changelog

* use requests decoder

* actually fix encoding issue
2022-07-31 13:10:20 -08:00
Michael Genson
7f50071312
feat: advanced filtering API (#1468)
* created query filter classes

* extended pagination to include query filtering

* added filtering tests

* type improvements

* move type help to dev depedency

* minor type and perf fixes

* breakup test cases

Co-authored-by: Hayden <64056131+hay-kot@users.noreply.github.com>
2022-07-09 20:57:09 -08:00
Michael Genson
2809cef3b1
fix: mealplan pagination (#1464)
* added pagination to get_slice route

* updated mealplan tests

* renamed vars to match pagination query
2022-07-02 09:44:01 -08:00
Michael Genson
cb15db2d27
feat: re-write get all routes to use pagination (#1424)
rewrite get_all routes to use a pagination pattern to allow for better implementations of search, filter, and sorting on the frontend or by any client without fetching all the data. Additionally we added a CI check for running the Nuxt built to confirm that no TS errors were present. Finally, I had to remove the header support for the Shopping lists as the browser caching based off last_updated header was not allowing it to read recent updates due to how we're handling the updated_at property in the database with nested fields. This will have to be looked at in the future to reimplement. I'm unsure how many other routes have a similar issue. 

Co-authored-by: Hayden <64056131+hay-kot@users.noreply.github.com>
2022-06-25 11:39:38 -08:00
Michael Genson
292bf7068a
feat: added "last-modified" header to supported record types (#1379)
* fixed type error

* exposed created/updated timestamps to shopping list schema

* added custom route to mix in "last-modified" header when available in CRUD routes

* mixed in MealieCrudRoute to APIRouters

* added HEAD route for shopping lists/list-items

* replaced default serializer with FastAPI's
2022-06-21 09:41:14 -08:00
Hayden
5a053cdcd6
feat: mealplan-webhooks (#1403)
* fix type errors on event bus

* webhooks fields required for new implementation

* db migration

* wip: webhook query + tests and stub function

* ignore type checker error

* type and method cleanup

* datetime and time utc validator

* update testing code for utc scheduled time

* fix file cmp function call

* update version_number

* add support for translating "time" objects when restoring backup

* bump recipe-scrapers

* use specific import syntax

* generate frontend types

* utilize names exports

* use utc times

* add task to scheduler

* implement new scheduler functionality

* stub for type annotation

* implement meal-plan data getter

* add experimental banner
2022-06-17 13:25:47 -08:00
Michael Genson
754e77c9cb
feat: extend Apprise JSON notification functionality with programmatic data (#1355)
* Fixed incorrect generic deleted notification text

* Added custom "event_source" header for json notifs

* Added internal reference data to event notifs

* Added event listeners to shopping list items

* Fixed type issues

* moved JSON event source k:v pairs to message body

* added hook for all supported custom endpoints
fixed bug that excluded non-custom notification types

* created event_source class to replace loosely-typed dict

* fixed silent error when dispatching a null task

* moved url updates to static function

* added unit tests for event_source url manipulation

* removed array from event bus (it's unsupported)
2022-06-15 11:49:42 -08:00
Hayden
932f4a72df
refactor: remove depreciated repo call (#1370)
* ingredient parser hot fixes (float equality)

* remove `get` in favor of `get_one` & `multi_query`
2022-06-10 19:01:14 -08:00
Michael Genson
b904b161eb
fix: increased float rounding precision for CRF parser (#1369)
* increased float rounding precision for crf parser

* limited fractions to a max denominator of 32 to prevent weirdly specific values

* add test cases for 1/8 and 1/32

* add rounding to avoid more digits than necessary

Co-authored-by: Hayden <64056131+hay-kot@users.noreply.github.com>
2022-06-10 18:18:31 -08:00
Hayden
52fbf6b833
feat: add unit abbreviation support (#1332)
* add 'use-abbreviation' db column

* type generation

* add view and edit elements

* check for use_abbreviation to display

* fix: alembic version check

* test: add use_abbreviation prop tests
2022-06-01 11:59:50 -08:00
Hayden
4c594a48dc
wip: pagination-repository (#1316)
* bump mypy

* add pagination + refactor generic repo

* add pagination test

* remove all query object
2022-05-30 10:30:54 -08:00
Nick Kringle
6a88a59981
feat: extend email support for SSL/No Auth Email Support (#1235)
* Changes Settings to use new SMTP_AUTH_STRATEGY variable in place of SMTP_TLS with transition support

#1187

* Wires up default email client to use ssl or tls authentication if enabled in settings

* Updates the docs

* Update template file

* remove SMTP_TLS and use staticmethod for validate

* consolidate test cases with params

Co-authored-by: Hayden <64056131+hay-kot@users.noreply.github.com>
2022-05-21 11:15:14 -08:00
Miroito
7d498c5274
Remove obsolete default settings test (#1204) 2022-05-07 20:10:10 -08:00
Hayden
68f7efc177
fix #1144 (#1207)
* fix #1144

* fix type checks

* refactor test routes package

* fix #1208

* unify test routes into module
2022-05-07 20:08:04 -08:00
Hayden
7e4da3e5a4
feat: improved registration signup flow (#1188)
refactored signup flow for entire registration process. Utilized seed data option for optional seeding of Foods, Units, and Labels. Localized registration page.
2022-05-06 11:18:06 -08:00
Hayden
d6e2b4ab85
Feature/user seedable foods (#1176)
* remove odd ingredients

* UI Elements for food

* update translated percentage

* spek -> speck

* generate types

* seeder api endpoints + tests

* implement foods seeder UI

* localize some food strings
2022-05-01 12:45:50 -08:00
Hayden
c696dee320
Feature/import keywords as tags (#1170)
* feat: import original keywords as tags

* remove cached env

* Update frontend api types

* fix: Issues with previous tag scraping implementation

* Update category handling in backend

* Update backend tests to include group_id

* Correct type check

* Update create-url interface

* Improve tag cleaner list support

* remove builtin name shadowing

* update type annotations

* test include tags scraper

* implement scaper context for optional data

* readd cache venv

* use continue instead of break

* remove test callback

Co-authored-by: Miroito <alban.vachette@gmail.com>
2022-04-23 12:23:12 -08:00
Miroito
aff30adda6
Fix failed tests when env default email/password were changed (#1157)
* fix: failed tests when env default email/password changed

* Remove default email exposition in docs
2022-04-20 10:07:46 -08:00
Hayden
045798e959
chore: drop-apscheduler (#1152)
* rewrite interval timer

* drop apscheduler

* fix type annotations
2022-04-10 18:13:38 -08:00
Hayden
7866f0f46e
Feature/improve localization (#1147)
* use locale to set language header

* rewrite i18n provider and drop dependency

* rename file

* rename CrudMixin to HttpRepo

* refactor: code-cleanup

* add crowdin source

* remove unused translations

* grab translations from dev branch

* add translation support for foods, units, and labels

* remove rich import
2022-04-10 14:07:35 -08:00
Hayden
db095656e1
add merge funcions for units (#1146) 2022-04-09 19:57:49 -08:00
Hayden
b93dae109e
feat: merge food into another (#1143)
* setup food repository

* add merge route and payloads

* remove type checking

* generate types

* implement merge dialog

* food repo tests

* split install from workflow

* bum dependencies

* revert changes

* update copy

* refactor URLs to avoid incorrect template being used

* stick advanced items under developer mode

* use utility component for advanced feature
2022-04-09 19:08:48 -08:00
Hayden
10784b6e24
feat: support require_all property for cookbooks (#1130)
* add direction prop for icon position

* add support for require_all properties on cookbook

* update type annotations

* add and - or filter support

* update cookbook API

* generate types

* implement editor for additional options

* update version number
2022-04-03 16:32:58 -08:00
Hayden
c988de1921
fix: group creation (#1126)
* fix: unify group creation - closes #1100

* tests: disable password hashing during testing

* tests: fix email config tests
2022-04-02 19:33:15 -08:00
Hayden
cfaac2e060
feat: additional cookbook features (tags, tools, and public) (#1116)
* migration: add public, tags, and tools

* generate frontend types

* add help icon

* start replacement for tool-tag-category selector

* add help icon utility

* use generator types

* add support for cookbook features

* add UI elements for cookbook features

* fix tests

* fix type error
2022-04-01 09:50:31 -08:00
Miroito
6f309d7a89
feat: keep original text on ingredient parse (#1102)
* Keep Original Text on Ingredient Parse
* Reorder migration and update test
2022-03-29 08:07:01 -08:00
Hayden
b57e42a3b3
Fix/incorrect quantity column (#1093)
* change database type

* database migration for changing type on PostgreSQL

* update revision

* add exclusion directory

* update recipe-scrapers
2022-03-27 09:18:34 -08:00
Hayden
11b4d2389a
chore: refactor base schema (#1098)
* remove dead backup code

* implmenet own base model

* refactor to use MealieModel instead of CamelModel

* cleanup deps
2022-03-25 10:56:49 -08:00
Hayden
7f102f513d
Feature/auto increment recipe name (#1088)
* auto-increment-recipe-name

* add test-case

* re-implement as try/except
2022-03-23 17:23:40 -08:00
Hayden
13e157827c
Fix/fix block registration (#1059)
* fix disable button

* add backend env for restricting registration

* update state management

* add allow_signup to app info

* move allow_signup to backend only

* cleanup docker-compose

* potential darkmode fix

* fix missing variable

* add banner on login page

* use random bools for tests

* fix initial state bug

* fix state reset
2022-03-15 17:34:53 -08:00
Hayden
3c2744a3da
improve developer tooling (backend) (#1051)
* add basic pre-commit file

* add flake8

* add isort

* add pep585-upgrade (typing upgrades)

* use namespace for import

* add mypy

* update ci for backend

* flake8 scope

* fix version format

* update makefile

* disable strict option (temporary)

* fix mypy issues

* upgrade type hints (pre-commit)

* add vscode typing check

* add types to dev deps

* remote container draft

* update setup script

* update compose version

* run setup on create

* dev containers update

* remove unused pages

* update setup tips

* expose ports

* Update pre-commit to include flask8-print (#1053)

* Add in flake8-print to pre-commit

* pin version of flake8-print

* formatting

* update getting strated docs

* add mypy to pre-commit

* purge .mypy_cache on clean

* drop mypy

Co-authored-by: zackbcom <zackbcom@users.noreply.github.com>
2022-03-15 15:01:56 -08:00
Matthias Bilger
e109391e9a
Added validators for users and recipes (#1052)
* Added validators for users and recipes

provide a simple get api, allowing to test for existence of
- user by username
- recipe by slug
- group by name (not tested yet)

* updated formatting

* Use group_id+slug for recipes, use ValidationRespone

* Fixed Flake8 errors and warnings

* add missing field for TestUser init
2022-03-15 14:28:42 -08:00
Hayden
8eefa05393
Feature/database backups (#1040)
* add annotations to docs

* alchemy data dumper

* initial tests

* sourcery refactor

* db backups/restore

* potential postgres fix

* potential postgres fix

* this is terrible

* potential pg fix

* cleanup

* remove unused import

* fix comparison

* generate frontend types

* update timestamp and add directory filter

* rewrite to new admin-api

* update backup routers

* add file_token response helper

* update imports

* remove test_backup
2022-03-13 15:42:22 -08:00
Hayden
568a1a0015
Fix/multiple bug fixes (#1015)
* test-case for #1011

* revert regressions for #1011

* update cache key on new image

* lint

* fix #1012

* typing

* random_recipe fixture

* remove delete button when no listeners are present

* spacing

* update copy to match settings value
2022-02-27 12:48:21 -09:00
Philipp Fischbeck
fdfb5b1a5e
Set up alembic migration usage (#954)
* Set up alembic migration usage

* Fix import order, add isort as alembic hook

* Only run migrations if needed

* Include date as part of migration file name for better sorting

* Skip initial migrations if tables already exist
This eases the transition from a pre-alembic state

* Fix deprecation warning in alembic revision

* Add alembic test stubs
2022-02-21 11:44:23 -09:00
Hayden
602f248541
feature/multi-tenancy and move caddy server (#980)
* update to GUIDs

* fix cookbook id relationships

* update webhook keys

* cleanup naming and attribute orders

* remove old database tables

* fix meal-plan images

* remove dashbaord and events api

* use recipe-id instead of id

* cleanup documentation assets

* cleanup docs for v1 beta-release

* add depends_on for docker-compose

* use docker volumes for examples

* move caddy to frontend container
2022-02-20 14:17:51 -09:00
Hayden
14cc541f7a
fix #967 and test error to catch (#979)
* fix #967 and test error to catch

* add admin tests
2022-02-13 18:33:25 -09:00
Hayden
c617251f4c
feature: proper multi-tenant-support (#969)(WIP)
* update naming

* refactor tests to use shared structure

* shorten names

* add tools test case

* refactor to support multi-tenant

* set group_id on creation

* initial refactor for multitenant tags/cats

* spelling

* additional test case for same valued resources

* fix recipe update tests

* apply indexes to foreign keys

* fix performance regressions

* handle unknown exception

* utility decorator for function debugging

* migrate recipe_id to UUID

* GUID for recipes

* remove unused import

* move image functions into package

* move utilities to packages dir

* update import

* linter

* image image and asset routes

* update assets and images to use UUIDs

* fix migration base

* image asset test coverage

* use ids for categories and tag crud functions

* refactor recipe organizer test suite to reduce duplication

* add uuid serlization utility

* organizer base router

* slug routes testing and fixes

* fix postgres error

* adopt UUIDs

* move tags, categories, and tools under "organizers" umbrella

* update composite label

* generate ts types

* fix import error

* update frontend types

* fix type errors

* fix postgres errors

* fix #978

* add null check for title validation

* add note in docs on multi-tenancy
2022-02-13 12:23:42 -09:00
Hayden
9a82a172cb update foods and units for multitenant support 2022-02-08 14:55:18 -09:00
Hayden
fbc17b670d update env settings for production and testing 2022-02-08 13:38:12 -09:00
Hayden
d1024e272d
Feature/automated meal planner (#939)
* cleanup oversized buttons

* add get all by category function to reciep repos

* fix shopping-list can_merge logic

* use randomized data for testing

* add random getter to repository for meal-planner

* add stub route for random meals

* cleanup global namespace

* add rules database type

* fix type

* add plan rules schema

* test plan rules methods

* add mealplan rules controller

* add new repository

* update frontend types

* formatting

* fix regression

* update autogenerated types

* add api class for mealplan rules

* add tests and fix bugs

* fix data returns

* proof of concept rules editor

* add tag support

* remove old group categories

* add tag support

* implement random by rules api

* change snack to sides

* remove incorrect typing

* split repo for custom methods

* fix query and use and_ clause

* use repo function

* remove old test

* update changelog
2022-02-07 19:03:11 -09:00
Hayden
92cf97e401
Feature/shopping lists second try (#927)
* generate types

* use generated types

* ui updates

* init button link for common styles

* add links

* setup label views

* add delete confirmation

* reset when not saved

* link label to foods and auto set when adding to shopping list

* generate types

* use inheritence to manage exception handling

* fix schema generation and add test for open_api generation

* add header to api docs

* move list consilidation to service

* split list and list items controller

* shopping list/list item tests - PARTIAL

* enable recipe add/remove in shopping lists

* generate types

* linting

* init global utility components

* update types and add list item api

* fix import cycle and database error

* add container and border classes

* new recipe list component

* fix tests

* breakout item editor

* refactor item editor

* update bulk actions

* update input / color contrast

* type generation

* refactor controller dependencies

* include food/unit editor

* remove console.logs

* fix and update type generation

* fix incorrect type for column

* fix postgres error

* fix delete by variable

* auto remove refs

* fix typo
2022-01-16 15:24:24 -09:00
Hayden
c4540f1395
Refactor/conver to controllers (#923)
* add dependency injection for get_repositories

* convert events api to controller

* update generic typing

* add abstract controllers

* update test naming

* migrate admin services to controllers

* add additional admin route tests

* remove print

* add public shared dependencies

* add types

* fix typo

* add static variables for recipe json keys

* add coverage gutters config

* update controller routers

* add generic success response

* add category/tag/tool tests

* add token refresh test

* add coverage utilities

* covert comments to controller

* add todo

* add helper properties

* delete old service

* update test notes

* add unit test for pretty_stats

* remove dead code from post_webhooks

* update group routes to use controllers

* add additional group test coverage

* abstract common permission checks

* convert ingredient parser to controller

* update recipe crud to use controller

* remove dead-code

* add class lifespan tracker for debugging

* convert bulk export to controller

* migrate tools router to controller

* update recipe share to controller

* move customer router to _base

* ignore prints in flake8

* convert units and foods to new controllers

* migrate user routes to controllers

* centralize error handling

* fix invalid ref

* reorder fields

* update routers to share common handling

* update tests

* remove prints

* fix cookbooks delete

* fix cookbook get

* add controller for mealplanner

* cover report routes to controller

* remove __future__ imports

* remove dead code

* remove all base_http children and remove dead code
2022-01-13 13:06:52 -09:00
Hayden
190773c5d7
Feature/group based notifications (#918)
* fix group page

* setup group notification for backend

* update type generators

* script to auto-generate schema exports

* setup frontend CRUD interface

* remove old notifications UI

* drop old events api

* add test functionality

* update naming for fields

* add event dispatcher functionality

* bump to python 3.10

* bump python version

* purge old event code

* use-async apprise

* set mealie logo as image

* unify styles for buttons rows

* add links to banners
2022-01-09 21:04:24 -09:00
Hayden
74e13682cb
Refactor/define repository layer (#883)
* move data access layer

* rename dal -> repo
2021-12-18 20:52:36 -09:00