Merge branch 'master' into Develop
# Conflicts: # test/Calibre-Web TestSummary_Linux.html
This commit is contained in:
commit
d9d6fb33ba
|
@ -29,6 +29,9 @@ To receive fixes for security vulnerabilities it is required to always upgrade t
|
|||
| V 0.6.15 | Cross-Site Scripting vulnerability on uploaded cover file names. Thanks to @ibarrionuevo ||
|
||||
| V 0.6.15 | Creating public shelfs is now denied if user is missing the edit public shelf right. Thanks to @ibarrionuevo ||
|
||||
| V 0.6.15 | Changed error message in case of trying to delete a shelf unauthorized. Thanks to @ibarrionuevo ||
|
||||
| V 0.6.16 | JavaScript could get executed on authors page. Thanks to @alicaz ||
|
||||
| V 0.6.16 | Localhost can no longer be used to upload covers. Thanks to @scara31 ||
|
||||
| V 0.6.16 | Another case where public shelfs could be created without permission is prevented. Thanks to @ibarrionuevo ||
|
||||
|
||||
|
||||
## Staement regarding Log4j (CVE-2021-44228 and related)
|
||||
|
|
|
@ -151,7 +151,7 @@ def selected_roles(dictionary):
|
|||
BookMeta = namedtuple('BookMeta', 'file_path, extension, title, author, cover, description, tags, series, '
|
||||
'series_id, languages, publisher')
|
||||
|
||||
STABLE_VERSION = {'version': '0.6.16 Beta'}
|
||||
STABLE_VERSION = {'version': '0.6.17 Beta'}
|
||||
|
||||
NIGHTLY_VERSION = {}
|
||||
NIGHTLY_VERSION[0] = '$Format:%H$'
|
||||
|
|
|
@ -270,7 +270,7 @@ if ($("body.book").length > 0) {
|
|||
|
||||
if (position + $("#add-to-shelves").width() > $(window).width()) {
|
||||
positionOff = position + $("#add-to-shelves").width() - $(window).width();
|
||||
adsPosition = position - positionOff - 5
|
||||
adsPosition = position - positionOff - 5;
|
||||
$("#add-to-shelves").attr("style", "left: " + adsPosition + "px !important; right: auto; top: " + topPos + "px");
|
||||
} else {
|
||||
$("#add-to-shelves").attr("style", "left: " + position + "px !important; right: auto; top: " + topPos + "px");
|
||||
|
@ -429,7 +429,7 @@ if($("body.advsearch").length > 0) {
|
|||
|
||||
if (position + $("#add-to-shelves").width() > $(window).width()) {
|
||||
positionOff = position + $("#add-to-shelves").width() - $(window).width();
|
||||
adsPosition = position - positionOff - 5
|
||||
adsPosition = position - positionOff - 5;
|
||||
$("#add-to-shelves").attr("style", "left: " + adsPosition + "px !important; right: auto; top: " + topPos + "px");
|
||||
} else {
|
||||
$("#add-to-shelves").attr("style", "left: " + position + "px !important; right: auto; top: " + topPos + "px");
|
||||
|
@ -479,12 +479,12 @@ if ($.trim($("#add-to-shelves").html()).length === 0) {
|
|||
$("#add-to-shelf").addClass("empty-ul");
|
||||
}
|
||||
|
||||
shelfLength = $("#add-to-shelves li").length
|
||||
emptyLength = 0
|
||||
shelfLength = $("#add-to-shelves li").length;
|
||||
emptyLength = 0;
|
||||
|
||||
$("#add-to-shelves").on("click", "li a", function () {
|
||||
console.log("#remove-from-shelves change registered");
|
||||
emptyLength++
|
||||
emptyLength++;
|
||||
|
||||
setTimeout(function () {
|
||||
if (emptyLength >= shelfLength) {
|
||||
|
|
|
@ -59,10 +59,10 @@ $("#archived_cb").on("change", function() {
|
|||
)
|
||||
};
|
||||
|
||||
$("#shelf-actions").on("click", "[data-shelf-action]", function (e) {
|
||||
$("#add-to-shelves, #remove-from-shelves").on("click", "[data-shelf-action]", function (e) {
|
||||
e.preventDefault();
|
||||
$.ajax({
|
||||
url: this.href,
|
||||
url: $(this).data('href'),
|
||||
method:"post",
|
||||
data: {csrf_token:$("input[name='csrf_token']").val()},
|
||||
})
|
||||
|
@ -72,7 +72,7 @@ $("#archived_cb").on("change", function() {
|
|||
case "add":
|
||||
$("#remove-from-shelves").append(
|
||||
templates.remove({
|
||||
add: this.href,
|
||||
add: $this.data('href'),
|
||||
remove: $this.data("remove-href"),
|
||||
content: $("<div>").text(this.textContent).html()
|
||||
})
|
||||
|
@ -82,7 +82,7 @@ $("#archived_cb").on("change", function() {
|
|||
$("#add-to-shelves").append(
|
||||
templates.add({
|
||||
add: $this.data("add-href"),
|
||||
remove: this.href,
|
||||
remove: $this.data('href'),
|
||||
content: $("<div>").text(this.textContent).html(),
|
||||
})
|
||||
);
|
||||
|
|
|
@ -260,7 +260,7 @@
|
|||
{% for shelf in g.shelves_access %}
|
||||
{% if not shelf.id in books_shelfs and ( not shelf.is_public or g.user.role_edit_shelfs() ) %}
|
||||
<li>
|
||||
<a href="{{ url_for('shelf.add_to_shelf', book_id=entry.id, shelf_id=shelf.id) }}"
|
||||
<a data-href="{{ url_for('shelf.add_to_shelf', book_id=entry.id, shelf_id=shelf.id) }}"
|
||||
data-remove-href="{{ url_for('shelf.remove_from_shelf', book_id=entry.id, shelf_id=shelf.id) }}"
|
||||
data-shelf-action="add"
|
||||
>
|
||||
|
@ -275,7 +275,7 @@
|
|||
{% if books_shelfs %}
|
||||
{% for shelf in g.shelves_access %}
|
||||
{% if shelf.id in books_shelfs %}
|
||||
<a href="{{ url_for('shelf.remove_from_shelf', book_id=entry.id, shelf_id=shelf.id) }}"
|
||||
<a data-href="{{ url_for('shelf.remove_from_shelf', book_id=entry.id, shelf_id=shelf.id) }}"
|
||||
data-add-href="{{ url_for('shelf.add_to_shelf', book_id=entry.id, shelf_id=shelf.id) }}"
|
||||
class="btn btn-sm btn-default" role="button" data-shelf-action="remove"
|
||||
>
|
||||
|
@ -309,13 +309,13 @@
|
|||
{% block js %}
|
||||
<script type="text/template" id="template-shelf-add">
|
||||
<li>
|
||||
<a href="<%= add %>" data-remove-href="<%= remove %>" data-shelf-action="add">
|
||||
<a data-href="<%= add %>" data-remove-href="<%= remove %>" data-shelf-action="add">
|
||||
<%= content %>
|
||||
</a>
|
||||
</li>
|
||||
</script>
|
||||
<script type="text/template" id="template-shelf-remove">
|
||||
<a href="<%= remove %>" data-add-href="<%= add %>" class="btn btn-sm btn-default" data-shelf-action="remove">
|
||||
<a data-href="<%= remove %>" data-add-href="<%= add %>" class="btn btn-sm btn-default" data-shelf-action="remove">
|
||||
<span class="glyphicon glyphicon-remove"></span> <%= content %>
|
||||
</a>
|
||||
</script>
|
||||
|
|
|
@ -9,6 +9,7 @@
|
|||
{% if g.user.is_authenticated %}
|
||||
{% if g.user.shelf.all() or g.shelves_access %}
|
||||
<div id="shelf-actions" class="btn-toolbar" role="toolbar">
|
||||
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}">
|
||||
<div class="btn-group" role="group" aria-label="Add to shelves">
|
||||
<button id="add-to-shelf" type="button" class="btn btn-primary btn-sm dropdown-toggle" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
|
||||
<span class="glyphicon glyphicon-list"></span> {{_('Add to shelf')}}
|
||||
|
|
Loading…
Reference in New Issue
Block a user