Commit graph

65 commits

Author SHA1 Message Date
John McLear
5e8704f8d8
feat(gdpr): pad deletion controls (PR1 of #6701) (#7546)
* docs: PR1 GDPR deletion-controls design spec

First of five GDPR PRs tracked in #6701. PR1 covers deletion controls:
one-time deletion token, allowPadDeletionByAllUsers flag, authorisation
matrix for handlePadDelete and the REST deletePad endpoint, a single
token-display modal for browser pad creators, and test coverage.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* docs: PR1 GDPR deletion-controls implementation plan

13 TDD-structured tasks covering PadDeletionManager unit tests, socket
+ REST three-way auth, clientVars wiring, one-time token modal,
delete-with-token UI, Playwright coverage, and PR handoff.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* feat(gdpr): scaffolding for pad deletion tokens

PadDeletionManager stores a sha256-hashed per-pad deletion token and
verifies it with timing-safe comparison. createPad / createGroupPad
return the plaintext token once on first creation, and Pad.remove()
cleans it up. Gated behind the new allowPadDeletionByAllUsers flag
which defaults to false to preserve existing behaviour.

Part of #6701 (GDPR PR1).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix+test(gdpr): lazy DB access in PadDeletionManager + unit tests

Capturing DB.db at module-load time was null until DB.init() ran, which
broke importing the module outside a live server (including from the
test runner). Switch to DB.db.* at call time and add unit tests
exercising create/verify/remove plus timing-safe comparison.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* feat(gdpr): three-way auth for socket PAD_DELETE

Creator cookie → valid deletion token → allowPadDeletionByAllUsers flag.
Anyone else still gets the existing refusal shout.

* feat(gdpr): optional deletionToken on programmatic deletePad

* feat(gdpr): advertise optional deletionToken on REST deletePad

* test(gdpr): cover deletePad authorisation matrix via REST

* feat(gdpr): surface padDeletionToken in clientVars for creators only

Revision-0 author on their first CLIENT_READY visit receives the
plaintext token; all subsequent CLIENT_READYs receive null because
createDeletionTokenIfAbsent is idempotent. Readonly sessions and any
other user never see the token.

* i18n(gdpr): strings for deletion-token modal and delete-with-token flow

* feat(gdpr): token modal + delete-with-token disclosure markup

* feat(gdpr): show deletion token once, allow delete via recovery token

* style(gdpr): modal + delete-with-token layout

* test(gdpr): Playwright coverage for deletion-token modal + delete-with-token

* fix(test): auto-dismiss deletion-token modal in goToNewPad helper

The token modal introduced in PR1 blocks clicks for every Playwright
test that creates a new pad via the shared helper. Add a one-line
dismissal so unrelated tests keep passing, and have the deletion-token
spec navigate inline via newPadKeepingModal() when it needs the modal
open to capture the token.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix(test): dismiss deletion-token modal without focus transfer

Clicking the ack button transferred focus out of the pad iframe, which
made subsequent keyboard-driven tests (Tab / Enter) silently miss the
editor. Swap the click for a page.evaluate() that hides the modal and
nulls clientVars.padDeletionToken directly, leaving focus where it was.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix(gdpr): PadDeletionManager race + document createPad/deletePad

Qodo review:
- createDeletionTokenIfAbsent() was a non-atomic read-then-write. Two
  concurrent callers for the same pad could both return different
  plaintext tokens while only the later hash was stored, leaving the
  first caller with an unusable recovery token. Serialise per-pad via a
  Promise chain and add a regression test that fires 8 concurrent
  calls and asserts exactly one plaintext is emitted and validates.
- doc/api/http_api.md now documents createPad returning deletionToken
  and deletePad accepting the optional deletionToken parameter.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix(gdpr): always render delete-with-token in settings popup

The rebase onto develop placed the delete-pad-with-token details inside
the pad-settings-section conditional, which is only rendered when
enablePadWideSettings is true AND the section is toggled visible.
Second-device recovery (typing the captured token on a fresh browser)
must work without pad-wide settings enabled, so move the details out
to sit alongside the existing pad_deletion_token.spec.ts expectations.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix(gdpr): require valid token when supplied, gate on auth, harden a11y/i18n

- PadMessageHandler: a supplied deletion token must validate; do not fall
  back to the creator-cookie path when the token is wrong (was deleting
  the pad anyway when the creator pasted a wrong token into the field).
- Skip token issuance + UI when requireAuthentication is on (creator
  identity is stable, recovery token is redundant noise).
- Server emits messageKey instead of hardcoded English; both shout
  handlers (inline alert and global gritter) localize via html10n.
- Suppress the global "Admin message" gritter for pad.deletionToken.*
  shouts to avoid the "Admin message: undefined" duplicate.
- Token-modal a11y: role=dialog, aria-modal, aria-labelledby/describedby,
  visually-hidden label on the token input, aria-live on Copy, focus to
  the token input on open and restore on dismiss.
- Style the "Delete Pad with Token" disclosure to match the Delete pad
  button; align the Copy/value row; pad the disclosure label.

Tests: Playwright now covers the creator-with-wrong-token path, asserts
no "Admin message" / "undefined" gritter on denial; backend API test
covers requireAuthentication suppressing the token.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-01 13:50:04 +01:00
Stefan Müller
8f16851373
Update versions in markdown files (#7465)
* Update versions in markdown files

* Update also adoc file
2026-04-12 12:27:03 +02:00
webzwo0i
8a76d2c680
chore: add docs how to obtain bearer token (#6328)
* chore: add docs how to obtain bearer token

* Added configurable ttl to settings

---------

Co-authored-by: SamTV12345 <40429738+samtv12345@users.noreply.github.com>
2024-04-29 17:04:00 +02:00
SamTV12345
d64924e9f5 Fixed http api grant type. 2024-04-20 11:19:31 +02:00
SamTV12345
8a66b04b68
chore: Added client credentials grant for API calling from services. (#6325)
* chore: Added client credentials grant for API calling from services.

* chore: Added authentication documentation
2024-04-13 10:32:23 +02:00
SamTV12345
d004d19dd7
Added vitepress for documentation. (#6270) 2024-03-23 20:58:05 +01:00
SamTV12345
dc0db68515
Added docs as asciidoctor with cross platform support. (#5733)
* Added docs as asciidoctor with cross platform support.

* Fixed release script with new doc building mechanism.
2023-06-21 13:13:31 +01:00
Robert Geislinger
58ec6a5c88 Update http_api.md
More information for public Staus HTTP API Calls
2022-02-24 19:45:36 -05:00
Robert Geislinger
4c53f76c25 Update http_api.md
The return Values of createGroupPad for success and error are not correct
2022-02-24 19:45:36 -05:00
Richard Hansen
aa286b7dbd API: Add optional authorId param to mutation functions 2022-02-19 14:55:42 -05:00
Robert Geislinger
10e2b09b96 Update http_api.md
The current version is 1.2.15 or bigger if you look at e.g. copyPadWithoutHistory
2021-12-14 01:16:38 -05:00
John McLear
0f16e518ff
api: drop JSONP (#4835)
* api: drop JSONP

* docs: drop JSONP

* tests: drop JSONP

* api: remove isValidJSONPName require
2021-02-22 09:10:02 +00:00
freddii
ea202e41f6 docs: fixed typos 2021-02-03 00:30:07 +01:00
John McLear
66df0a572f
Security: FEATURE REMOVAL: Remove all plain text password logic and ui (#4178)
This will be a breaking change for some people.  

We removed all internal password control logic.  If this affects you, you have two options:

1. Use a plugin for authentication and use session based pad access (recommended).
1. Use a plugin for password setting.

The reasoning for removing this feature is to reduce the overall security footprint of Etherpad.  It is unnecessary and cumbersome to keep this feature and with the thousands of available authentication methods available in the world our focus should be on supporting those and allowing more granual access based on their implementations (instead of half assed baking our own).
2020-10-07 13:43:54 +01:00
Joas Souza
8c04fe8775
Feature: Copy Pad without history (#4295)
New feature to copy a pad without copying entire history.  This is useful to perform a low CPU intensive operation while still copying current pad state.
2020-09-16 19:24:09 +01:00
Chocobozzz
82b919fc65 api: add getStats() function 2020-04-04 22:03:46 +02:00
Viljami Kuosmanen
e821bbcad8 openapi: add documentation, small optimisation 2020-04-03 01:03:11 +02:00
Ray Bellis
fc661ee13a core: allow URL parameters and POST bodies to co-exist.
Node 8.14.0 prohibits HTTP headers that exceed 8 KB (source:
https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/#denial-of-service-with-large-http-headers-cve-2018-12121).

This patch allows for the parameters within the body of an HTTP POST request to
be used in addition to those within the URL (and will override them).

Closes #3568.

---
Muxator 2019-10-19:
- this commit was cherry-picked from 882b93487f
- it was modified to include the necessary changes in the documentation
2019-06-27 00:52:53 +02:00
muxator
705cc6f5e4 Change everywhere the link to https://etherpad.org (it was plain http) 2019-04-16 00:54:54 +02:00
HairyFotr
fce55df2b7 Fix typos 2019-01-16 11:14:04 +01:00
muxator
e9fb63f426 docs: "``js" -> "``json" in Markdown of some json blocks 2018-08-09 22:27:56 +02:00
HairyFotr
c7548450c0
Typos and minor fixes in bin, doc, and root 2017-09-14 13:33:27 +02:00
Alexander Lorz
cd7f01f40a minor changes in docs
- correct link to doc generation tool.
 - fixed incomplete sentence regarding API client libraries
2016-12-26 20:18:34 +01:00
Luc Didry
2341d09807 Add undocumented API function restoreRevision to doc
This commit is dedicated to Schoumi. Thx for supporting me on Tipeee :-)
2016-11-16 10:36:18 +01:00
Ted Mielczarek
c70d655b96 Add appendText API (from #2810) to docs. 2016-01-13 07:26:20 -05:00
Stefan
c8d7e6e0b8 Add appendChatMessage API to docs 2015-08-15 22:41:09 +02:00
John McLear
1d44490dc4 Merge pull request #2599 from Gared/doc_api_fix
Fix documentation for deleteSession api method
2015-04-11 15:07:18 +01:00
Stefan
a842eb4f5c Fix documentation for deleteSession api method 2015-04-11 16:05:41 +02:00
John McLear
84b3f1728f Merge pull request #2597 from Gared/increase_api_version
increase http api version to latest version
2015-04-11 14:56:47 +01:00
Stefan
d26c3d5f7e increase http api version 2015-04-11 13:45:59 +02:00
Stefan
601be46993 Add docs for new error message for createPad api method 2015-04-11 13:16:03 +02:00
Luc Didry
845788c39d Add a saveRevision API function
Calling saveRevision create an author which name is "API"
2015-02-25 01:04:27 +01:00
Luc Didry
a08c50a77d Fixes #1870
Add two functions to API :
 * getSavedRevisionsCount
 * listSavedRevisions
2015-02-24 23:42:35 +01:00
Luc Didry
4166f19078 Set correct API version in doc
The doc says current version is 1.2.9, but there is getPadID which uses 1.2.10 API.
2015-02-22 22:32:18 +01:00
Stephan Jauernick
bbd50dfc62 Added documentation for the newly added API method getPadID 2014-06-02 20:25:16 +02:00
Marcel Klehr
a7671a690b docs: update api version 2014-03-30 15:10:29 +02:00
Lennart Brinkmann
7dd29454e9 Remove duplicate doc entry for setHTML() 2013-12-14 21:11:37 +01:00
John McLear
58bbfd8a65 resolve merge conflict 2013-12-09 21:55:04 +00:00
s1341
5409cdaa3f add some documentation for move/copy 2013-11-18 14:38:44 +02:00
Luc Didry
b769acaee0 Forgot to bump the API version 2013-11-07 23:28:07 +01:00
Luc Didry
5bccfdf060 Forgot a small chunck of documentation for getRevisionChangeset 2013-11-07 22:46:35 +01:00
Luc Didry
a4194efaf1 Fixed #1981 - uncomplete HTTP API documentation 2013-11-07 22:22:37 +01:00
Eric Schrijver
b34224559d ‘Etherpad Lite’ -> ‘Etherpad’ 2013-09-29 13:57:37 +02:00
neurolit
e96baf6ef1 API documentation: listAllPads() returns {padIDs: [...]} instead of [...] 2013-03-26 16:37:57 +01:00
John McLear
9e1dfc9487 docs for setHTML 2013-02-12 23:44:09 +00:00
Manuel Knitza
fde10052ca Update doc/api/http_api.md
Updated
2013-02-12 21:57:01 +01:00
John McLear
a19ad983f1 docs for api change 2013-01-29 16:48:56 +00:00
mluto
cb2b93b133 Added getChatHistory and getChatHead (api+code+doc) 2013-01-26 14:35:26 +01:00
John McLear
654654b4e1 Merge pull request #1342 from spcsser/feature/padlisting
API & backend to list pads on epl instance
2013-01-14 08:13:57 -08:00
spcsser
062dbff738 Added listAllPads api docu 2013-01-11 12:59:02 +01:00