Merge branch 'development' into release

Author: ssddanbrown

.env.example.complete

@@ -297,6 +297,11 @@ RECYCLE_BIN_LIFETIME=30
 # Maximum file size, in megabytes, that can be uploaded to the system.
 FILE_UPLOAD_SIZE_LIMIT=50
 
+# Export Page Size
+# Primarily used to determine page size of PDF exports.
+# Can be 'a4' or 'letter'.
+EXPORT_PAGE_SIZE=a4
+
 # Allow <script> tags in page content
 # Note, if set to 'true' the page editor may still escape scripts.
 ALLOW_CONTENT_SCRIPTS=false

.github/workflows/phpstan.yml

@@ -3,10 +3,10 @@ name: phpstan
 on:
   push:
     branches-ignore:
-      - l10n_master
+      - l10n_development
   pull_request:
     branches-ignore:
-      - l10n_master
+      - l10n_development
 
 jobs:
   build:

.github/workflows/phpunit.yml

@@ -3,10 +3,10 @@ name: phpunit
 on:
   push:
     branches-ignore:
-      - l10n_master
+      - l10n_development
   pull_request:
     branches-ignore:
-      - l10n_master
+      - l10n_development
 
 jobs:
   build:

.github/workflows/test-migrations.yml

@@ -3,10 +3,10 @@ name: test-migrations
 on:
   push:
     branches-ignore:
-      - l10n_master
+      - l10n_development
   pull_request:
     branches-ignore:
-      - l10n_master
+      - l10n_development
 
 jobs:
   build:

app/Auth/Access/Oidc/OidcJwtSigningKey.php

@@ -60,8 +60,11 @@ protected function loadFromPath(string $path)
      */
     protected function loadFromJwkArray(array $jwk)
     {
-        if ($jwk['alg'] !== 'RS256') {
-            throw new OidcInvalidKeyException("Only RS256 keys are currently supported. Found key using {$jwk['alg']}");
+        // 'alg' is optional for a JWK, but we will still attempt to validate if
+        // it exists otherwise presume it will be compatible.
+        $alg = $jwk['alg'] ?? null;
+        if ($jwk['kty'] !== 'RSA' || !(is_null($alg) || $alg === 'RS256')) {
+            throw new OidcInvalidKeyException("Only RS256 keys are currently supported. Found key using {$alg}");
         }
 
         if (empty($jwk['use'])) {

app/Auth/Access/Oidc/OidcProviderSettings.php

@@ -164,7 +164,9 @@ protected function loadSettingsFromIssuerDiscovery(ClientInterface $httpClient):
     protected function filterKeys(array $keys): array
     {
         return array_filter($keys, function (array $key) {
-            return $key['kty'] === 'RSA' && $key['use'] === 'sig' && $key['alg'] === 'RS256';
+            $alg = $key['alg'] ?? null;
+
+            return $key['kty'] === 'RSA' && $key['use'] === 'sig' && (is_null($alg) || $alg === 'RS256');
         });
     }
 

app/Auth/User.php

@@ -146,7 +146,7 @@ public function hasSystemRole(string $roleSystemName): bool
      */
     public function attachDefaultRole(): void
     {
-        $roleId = setting('registration-role');
+        $roleId = intval(setting('registration-role'));
         if ($roleId && $this->roles()->where('id', '=', $roleId)->count() === 0) {
             $this->roles()->attach($roleId);
         }

app/Config/dompdf.php

@@ -7,6 +7,10 @@
  * Configuration should be altered via the `.env` file or environment variables.
  * Do not edit this file unless you're happy to maintain any changes yourself.
  */
+$dompdfPaperSizeMap = [
+    'a4'     => 'a4',
+    'letter' => 'letter',
+];
 
 return [
 
@@ -150,7 +154,7 @@
          *
          * @see CPDF_Adapter::PAPER_SIZES for valid sizes ('letter', 'legal', 'A4', etc.)
          */
-        'default_paper_size' => 'a4',
+        'default_paper_size' => $dompdfPaperSizeMap[env('EXPORT_PAGE_SIZE', 'a4')] ?? 'a4',
 
         /**
          * The default font family.

app/Config/snappy.php

@@ -7,14 +7,19 @@
  * Configuration should be altered via the `.env` file or environment variables.
  * Do not edit this file unless you're happy to maintain any changes yourself.
  */
+$snappyPaperSizeMap = [
+    'a4'     => 'A4',
+    'letter' => 'Letter',
+];
 
 return [
     'pdf' => [
         'enabled' => true,
         'binary'  => file_exists(base_path('wkhtmltopdf')) ? base_path('wkhtmltopdf') : env('WKHTMLTOPDF', false),
         'timeout' => false,
         'options' => [
-            'outline' => true,
+            'outline'   => true,
+            'page-size' => $snappyPaperSizeMap[env('EXPORT_PAGE_SIZE', 'a4')] ?? 'A4',
         ],
         'env'     => [],
     ],

app/Console/Commands/CreateAdmin.php

@@ -3,8 +3,10 @@
 namespace BookStack\Console\Commands;
 
 use BookStack\Auth\UserRepo;
+use BookStack\Exceptions\NotFoundException;
 use Illuminate\Console\Command;
 use Illuminate\Support\Facades\Validator;
+use Illuminate\Support\Str;
 use Illuminate\Validation\Rules\Password;
 use Illuminate\Validation\Rules\Unique;
 use Symfony\Component\Console\Command\Command as SymfonyCommand;
@@ -19,7 +21,8 @@ class CreateAdmin extends Command
     protected $signature = 'bookstack:create-admin
                             {--email= : The email address for the new admin user}
                             {--name= : The name of the new admin user}
-                            {--password= : The password to assign to the new admin user}';
+                            {--password= : The password to assign to the new admin user}
+                            {--external-auth-id= : The external authentication system id for the new admin user (SAML2/LDAP/OIDC)}';
 
     /**
      * The console command description.
@@ -42,28 +45,35 @@ public function __construct(UserRepo $userRepo)
     /**
      * Execute the console command.
      *
-     * @throws \BookStack\Exceptions\NotFoundException
+     * @throws NotFoundException
      *
      * @return mixed
      */
     public function handle()
     {
-        $details = $this->options();
+        $details = $this->snakeCaseOptions();
 
         if (empty($details['email'])) {
             $details['email'] = $this->ask('Please specify an email address for the new admin user');
         }
+
         if (empty($details['name'])) {
             $details['name'] = $this->ask('Please specify a name for the new admin user');
         }
+
         if (empty($details['password'])) {
-            $details['password'] = $this->ask('Please specify a password for the new admin user (8 characters min)');
+            if (empty($details['external_auth_id'])) {
+                $details['password'] = $this->ask('Please specify a password for the new admin user (8 characters min)');
+            } else {
+                $details['password'] = Str::random(32);
+            }
         }
 
         $validator = Validator::make($details, [
-            'email'    => ['required', 'email', 'min:5', new Unique('users', 'email')],
-            'name'     => ['required', 'min:2'],
-            'password' => ['required', Password::default()],
+            'email'            => ['required', 'email', 'min:5', new Unique('users', 'email')],
+            'name'             => ['required', 'min:2'],
+            'password'         => ['required_without:external_auth_id', Password::default()],
+            'external_auth_id' => ['required_without:password'],
         ]);
 
         if ($validator->fails()) {
@@ -84,4 +94,14 @@ public function handle()
 
         return SymfonyCommand::SUCCESS;
     }
+
+    protected function snakeCaseOptions(): array
+    {
+        $returnOpts = [];
+        foreach ($this->options() as $key => $value) {
+            $returnOpts[str_replace('-', '_', $key)] = $value;
+        }
+
+        return $returnOpts;
+    }
 }