IT4Change/gradido
3
0
Fork 0
mirror of https://github.com/IT4Change/gradido.git synced 2025-12-13 07:45:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into 1226-Text-nach-erster-Anmeldung-entfernen

Browse Source
This commit is contained in:
Hannes Heine 2022-01-14 08:08:26 +01:00 committed by GitHub
commit 47078a9a01
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
111 changed files with 1631 additions and 738 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/publish.yml vendored
View File

@ -248,7 +248,7 @@ jobs:
##########################################################################
- name: Nginx | Build `production` image
run: |
docker build -t "gradido/nginx:latest" -t "gradido/nginx:production" -t "gradido/nginx:${VERSION}" -t "gradido/nginx:${BUILD_VERSION}" -f ./nginx/Dockerfile ./
docker build -t "gradido/nginx:latest" -t "gradido/nginx:production" -t "gradido/nginx:${VERSION}" -t "gradido/nginx:${BUILD_VERSION}" nginx/
docker save "gradido/nginx" > /tmp/nginx.tar
- name: Upload Artifact
uses: actions/upload-artifact@v2

6
.github/workflows/test.yml vendored
View File

@ -199,7 +199,7 @@ jobs:
##########################################################################
- name: nginx | Build `test` image
run: |
docker build -t "gradido/nginx:test" -f ./nginx/Dockerfile ./
docker build -t "gradido/nginx:test" nginx/
docker save "gradido/nginx:test" > /tmp/nginx.tar
- name: Upload Artifact
uses: actions/upload-artifact@v2
@ -470,7 +470,7 @@ jobs:
report_name: Coverage Admin Interface
type: lcov
result_path: ./coverage/lcov.info
min_coverage: 76
min_coverage: 77
token: ${{ github.token }}
##############################################################################
@ -520,7 +520,7 @@ jobs:
report_name: Coverage Backend
type: lcov
result_path: ./backend/coverage/lcov.info
min_coverage: 40
min_coverage: 41
token: ${{ github.token }}
##############################################################################

4
.gitignore vendored
View File

@ -5,3 +5,7 @@ nbproject
.metadata
/.env
package-lock.json
/deployment/bare_metal/.env
/deployment/bare_metal/nginx/sites-available/gradido.conf
/deployment/bare_metal/nginx/sites-available/update-page.conf
/deployment/bare_metal/nginx/update-page/updating.html

4
README.md
View File

@ -67,7 +67,7 @@ We are currently restructuring the service to reduce dependencies and unify busi
### Open the wallet
Once you have `docker-compose` up and running, you can open [http://localhost/vue](http://localhost/vue) and create yourself a new wallet account.
Once you have `docker-compose` up and running, you can open [http://localhost/](http://localhost/) and create yourself a new wallet account.
## How to release
@ -90,7 +90,7 @@ Note: The Changelog will be regenerated with all tags on release on the external
| Problem | Issue | Solution | Description |
| ------- | ----- | -------- | ----------- |
| docker-compose raises database connection errors | [#1062](https://github.com/gradido/gradido/issues/1062) | End `ctrl+c` and restart the `docker-compose up` after a successful build | Several Database connection related errors occur in the docker-compose log. |
| Wallet page is empty | [#1063](https://github.com/gradido/gradido/issues/1063) | Accept Cookies and Local Storage in your Browser | The page stays empty when navigating to [http://localhost/vue](http://localhost/vue) |
| Wallet page is empty | [#1063](https://github.com/gradido/gradido/issues/1063) | Accept Cookies and Local Storage in your Browser | The page stays empty when navigating to [http://localhost/](http://localhost/) |
## Useful Links

3
admin/.env.dist
View File

@ -1,3 +1,4 @@
GRAPHQL_URI=http://localhost:4000/graphql
WALLET_AUTH_URL=http://localhost/vue/authenticate?token=$1
WALLET_AUTH_URL=http://localhost/authenticate?token=$1
WALLET_URL=http://localhost/login
DEBUG_DISABLE_AUTH=false

1
admin/package.json
View File

@ -33,6 +33,7 @@
"core-js": "^3.6.5",
"dotenv-webpack": "^7.0.3",
"graphql": "^15.6.1",
"express": "^4.17.1",
"identity-obj-proxy": "^3.0.0",
"jest": "26.6.3",
"moment": "^2.29.1",

20
admin/run/server.js
View File

@ -1,15 +1,21 @@
// Imports
const express = require('express')
const serveStatic = require('serve-static')
const path = require('path')
// Port
// Host & Port
const hostname = '127.0.0.1'
const port = process.env.PORT || 8080
// Express Server
const app = express()
// eslint-disable-next-line node/no-path-concat
app.use(serveStatic(__dirname + '/../dist'))
app.listen(port)
// Serve files
app.use(express.static(path.join(__dirname, '../dist')))
// Default to index.html
app.get('*', (req, res) => {
res.sendFile(path.join(__dirname, '../dist/index.html'))
})
// eslint-disable-next-line no-console
console.log(`http://admin:${port} server started.`)
app.listen(port, hostname, () => {
// eslint-disable-next-line no-console
console.log('Listening at http://%s:%s/', hostname, port)
})

8
admin/src/components/CreationTransactionListFormular.spec.js
View File

@ -8,7 +8,7 @@ const apolloQueryMock = jest.fn().mockResolvedValue({
transactionList: {
transactions: [
{
type: 'created',
type: 'creation',
balance: 100,
decayStart: 0,
decayEnd: 0,
@ -27,7 +27,7 @@ const apolloQueryMock = jest.fn().mockResolvedValue({
},
},
{
type: 'created',
type: 'creation',
balance: 200,
decayStart: 0,
decayEnd: 0,
@ -58,9 +58,7 @@ const mocks = {
query: apolloQueryMock,
},
$toasted: {
global: {
error: toastedErrorMock,
},
error: toastedErrorMock,
},
}

4
admin/src/components/CreationTransactionListFormular.vue
View File

@ -30,10 +30,10 @@ export default {
},
})
.then((result) => {
this.items = result.data.transactionList.transactions
this.items = result.data.transactionList.transactions.filter((t) => t.type === 'creation')
})
.catch((error) => {
this.$toasted.global.error(error.message)
this.$toasted.error(error.message)
})
},
},

8
admin/src/components/NavBar.spec.js
View File

@ -53,13 +53,17 @@ describe('NavBar', () => {
})
describe('logout', () => {
// const assignLocationSpy = jest.fn()
const windowLocationMock = jest.fn()
beforeEach(async () => {
delete window.location
window.location = {
assign: windowLocationMock,
}
await wrapper.findAll('a').at(6).trigger('click')
})
it('redirects to /logout', () => {
expect(routerPushMock).toBeCalledWith('/logout')
expect(windowLocationMock).toBeCalledWith('http://localhost/login')
})
it('dispatches logout to store', () => {

3
admin/src/components/NavBar.vue
View File

@ -33,8 +33,9 @@ export default {
name: 'navbar',
methods: {
logout() {
window.location.assign(CONFIG.WALLET_URL)
// window.location = CONFIG.WALLET_URL
this.$store.dispatch('logout')
this.$router.push('/logout')
},
wallet() {
window.location = CONFIG.WALLET_AUTH_URL.replace('$1', this.$store.state.token)

9
admin/src/components/UserTable.spec.js
View File

@ -3,6 +3,9 @@ import UserTable from './UserTable.vue'
const localVue = global.localVue
const apolloQueryMock = jest.fn()
apolloQueryMock.mockResolvedValue()
describe('UserTable', () => {
let wrapper
@ -114,6 +117,12 @@ describe('UserTable', () => {
}),
}
}),
$apollo: {
query: apolloQueryMock,
},
$store: {
commit: jest.fn(),
},
}
const Wrapper = (propsData) => {

3
admin/src/config/index.js
View File

@ -19,7 +19,8 @@ const environment = {
const endpoints = {
GRAPHQL_URI: process.env.GRAPHQL_URI || 'http://localhost:4000/graphql',
WALLET_AUTH_URL: process.env.WALLET_AUTH_URL || 'http://localhost/vue/authenticate?token=$1',
WALLET_AUTH_URL: process.env.WALLET_AUTH_URL || 'http://localhost/authenticate?token=$1',
WALLET_URL: process.env.WALLET_URL || 'http://localhost/login',
}
const debug = {

1
admin/src/graphql/verifyLogin.js
View File

@ -7,6 +7,7 @@ export const verifyLogin = gql`
lastName
isAdmin
id
language
}
}
`

2
admin/src/locales/de.json
View File

@ -2,7 +2,7 @@
"bookmark": "bookmark",
"confirmed": "bestätigt",
"creation_form": {
"creation_for": "Schöpfung für ",
"creation_for": "Schöpfung für",
"enter_text": "Text eintragen",
"form": "Schöpfungsformular",
"min_characters": "Mindestens 10 Zeichen eingeben",

2
admin/src/locales/en.json
View File

@ -2,7 +2,7 @@
"bookmark": "Remember",
"confirmed": "confirmed",
"creation_form": {
"creation_for": "Creation for ",
"creation_for": "Creation for",
"enter_text": "Enter text",
"form": "Creation form",
"min_characters": "Enter at least 10 characters",

2
admin/src/main.js
View File

@ -42,7 +42,7 @@ Vue.use(Toasted, {
},
})
addNavigationGuards(router, store, apolloProvider.defaultClient)
addNavigationGuards(router, store, apolloProvider.defaultClient, i18n)
new Vue({
moment,

22
admin/src/pages/Creation.spec.js
View File

@ -8,14 +8,14 @@ const apolloQueryMock = jest.fn().mockResolvedValue({
data: {
searchUsers: [
{
id: 1,
userId: 1,
firstName: 'Bibi',
lastName: 'Bloxberg',
email: 'bibi@bloxberg.de',
creation: [200, 400, 600],
},
{
id: 2,
userId: 2,
firstName: 'Benjamin',
lastName: 'Blümchen',
email: 'benjamin@bluemchen.de',
@ -71,7 +71,7 @@ describe('Creation', () => {
it('sets the data of itemsList', () => {
expect(wrapper.vm.itemsList).toEqual([
{
id: 1,
userId: 1,
firstName: 'Bibi',
lastName: 'Bloxberg',
email: 'bibi@bloxberg.de',
@ -79,7 +79,7 @@ describe('Creation', () => {
showDetails: false,
},
{
id: 2,
userId: 2,
firstName: 'Benjamin',
lastName: 'Blümchen',
email: 'benjamin@bluemchen.de',
@ -100,7 +100,7 @@ describe('Creation', () => {
wrapper.findComponent({ name: 'UserTable' }).vm.$emit(
'update-item',
{
id: 2,
userId: 2,
firstName: 'Benjamin',
lastName: 'Blümchen',
email: 'benjamin@bluemchen.de',
@ -114,7 +114,7 @@ describe('Creation', () => {
it('removes the pushed item from itemsList', () => {
expect(wrapper.vm.itemsList).toEqual([
{
id: 1,
userId: 1,
firstName: 'Bibi',
lastName: 'Bloxberg',
email: 'bibi@bloxberg.de',
@ -127,7 +127,7 @@ describe('Creation', () => {
it('adds the pushed item to itemsMassCreation', () => {
expect(wrapper.vm.itemsMassCreation).toEqual([
{
id: 2,
userId: 2,
firstName: 'Benjamin',
lastName: 'Blümchen',
email: 'benjamin@bluemchen.de',
@ -142,7 +142,7 @@ describe('Creation', () => {
wrapper.findComponent({ name: 'UserTable' }).vm.$emit(
'update-item',
{
id: 2,
userId: 2,
firstName: 'Benjamin',
lastName: 'Blümchen',
email: 'benjamin@bluemchen.de',
@ -160,7 +160,7 @@ describe('Creation', () => {
it('adds the item to itemsList', () => {
expect(wrapper.vm.itemsList).toEqual([
{
id: 1,
userId: 1,
firstName: 'Bibi',
lastName: 'Bloxberg',
email: 'bibi@bloxberg.de',
@ -168,7 +168,7 @@ describe('Creation', () => {
showDetails: false,
},
{
id: 2,
userId: 2,
firstName: 'Benjamin',
lastName: 'Blümchen',
email: 'benjamin@bluemchen.de',
@ -206,7 +206,7 @@ describe('Creation', () => {
await wrapper.findComponent({ name: 'UserTable' }).vm.$emit(
'update-item',
{
id: 2,
userId: 2,
firstName: 'Benjamin',
lastName: 'Blümchen',
email: 'benjamin@bluemchen.de',

8
admin/src/pages/Creation.vue
View File

@ -133,16 +133,16 @@ export default {
switch (event) {
case 'push':
findArr = this.itemsList.find((arr) => arr.id === e.id)
findArr = this.itemsList.find((item) => e.userId === item.userId)
index = this.itemsList.indexOf(findArr)
this.itemsList.splice(index, 1)
this.itemsMassCreation.push(e)
this.itemsMassCreation.push(findArr)
break
case 'remove':
findArr = this.itemsMassCreation.find((arr) => arr.id === e.id)
findArr = this.itemsMassCreation.find((item) => e.userId === item.userId)
index = this.itemsMassCreation.indexOf(findArr)
this.itemsMassCreation.splice(index, 1)
this.itemsList.push(e)
this.itemsList.push(findArr)
break
default:
throw new Error(event)

2
admin/src/pages/UserSearch.spec.js
View File

@ -61,7 +61,7 @@ describe('UserSearch', () => {
})
it('filters the users by unconfirmed emails', () => {
expect(wrapper.vm.searchResult).toHaveLength(0)
expect(wrapper.vm.searchResult).toHaveLength(1)
})
})

14
admin/src/pages/UserSearch.vue
View File

@ -42,15 +42,13 @@ export default {
{ key: 'lastName', label: this.$t('lastname') },
{
key: 'creation',
// label: this.$t('open_creation') + 'Jan | Feb | März',
label:
this.$moment().subtract(2, 'month').format('MMM') +
' | ' +
this.$moment().subtract(1, 'month').format('MMM') +
' | ' +
label: [
this.$moment().subtract(2, 'month').format('MMM'),
this.$moment().subtract(1, 'month').format('MMM'),
this.$moment().format('MMM'),
].join(' | '),
formatter: (value, key, item) => {
return String(value[0]) + ` | ` + String(value[1]) + ` | ` + String(value[2])
return value.join(' | ')
},
},
{ key: 'show_details', label: this.$t('details') },
@ -75,7 +73,7 @@ export default {
methods: {
unconfirmedRegisterMails() {
this.searchResult = this.searchResult.filter((user) => {
return user.emailChecked
return !user.emailChecked
})
},
getUsers() {

3
admin/src/router/guards.js
View File

@ -1,7 +1,7 @@
import { verifyLogin } from '../graphql/verifyLogin'
import CONFIG from '../config'
const addNavigationGuards = (router, store, apollo) => {
const addNavigationGuards = (router, store, apollo, i18n) => {
// store token on `authenticate`
router.beforeEach(async (to, from, next) => {
if (to.path === '/authenticate' && to.query && to.query.token) {
@ -14,6 +14,7 @@ const addNavigationGuards = (router, store, apollo) => {
.then((result) => {
const moderator = result.data.verifyLogin
if (moderator.isAdmin) {
i18n.locale = moderator.language
store.commit('moderator', moderator)
next({ path: '/' })
} else {

24
admin/src/router/guards.test.js
View File

@ -6,9 +6,11 @@ const apolloQueryMock = jest.fn().mockResolvedValue({
data: {
verifyLogin: {
isAdmin: true,
language: 'de',
},
},
})
const i18nLocaleMock = jest.fn()
const store = {
commit: storeCommitMock,
@ -21,7 +23,11 @@ const apollo = {
query: apolloQueryMock,
}
addNavigationGuards(router, store, apollo)
const i18n = {
locale: i18nLocaleMock,
}
addNavigationGuards(router, store, apollo, i18n)
describe('navigation guards', () => {
beforeEach(() => {
@ -33,19 +39,23 @@ describe('navigation guards', () => {
const next = jest.fn()
describe('with valid token and as admin', () => {
beforeEach(() => {
navGuard({ path: '/authenticate', query: { token: 'valid-token' } }, {}, next)
beforeEach(async () => {
await navGuard({ path: '/authenticate', query: { token: 'valid-token' } }, {}, next)
})
it('commits the token to the store', async () => {
it('commits the token to the store', () => {
expect(storeCommitMock).toBeCalledWith('token', 'valid-token')
})
it('commits the moderator to the store', () => {
expect(storeCommitMock).toBeCalledWith('moderator', { isAdmin: true })
it.skip('sets the locale', () => {
expect(i18nLocaleMock).toBeCalledWith('de')
})
it('redirects to /', async () => {
it('commits the moderator to the store', () => {
expect(storeCommitMock).toBeCalledWith('moderator', { isAdmin: true, language: 'de' })
})
it('redirects to /', () => {
expect(next).toBeCalledWith({ path: '/' })
})
})

2
backend/.env.dist
View File

@ -19,7 +19,7 @@ DB_DATABASE=gradido_community
#RESEND_TIME=
RESEND_TIME=10
#EMAIL_LINK_VERIFICATION=http://localhost/vue/checkEmail/$1
#EMAIL_LINK_VERIFICATION=http://localhost/checkEmail/$1
#KLICKTIPP_USER=
#KLICKTIPP_PASSWORD=

1
backend/package.json
View File

@ -21,7 +21,6 @@
"apollo-server-express": "^2.25.2",
"apollo-server-testing": "^2.25.2",
"axios": "^0.21.1",
"body-parser": "^1.19.0",
"class-validator": "^0.13.1",
"cors": "^2.8.5",
"dotenv": "^10.0.0",

10
backend/src/config/index.ts
View File

@ -31,8 +31,8 @@ const klicktipp = {
const community = {
COMMUNITY_NAME: process.env.COMMUNITY_NAME || 'Gradido Entwicklung',
COMMUNITY_URL: process.env.COMMUNITY_URL || 'http://localhost/vue/',
COMMUNITY_REGISTER_URL: process.env.COMMUNITY_REGISTER_URL || 'http://localhost/vue/register',
COMMUNITY_URL: process.env.COMMUNITY_URL || 'http://localhost/',
COMMUNITY_REGISTER_URL: process.env.COMMUNITY_REGISTER_URL || 'http://localhost/register',
COMMUNITY_DESCRIPTION:
process.env.COMMUNITY_DESCRIPTION || 'Die lokale Entwicklungsumgebung von Gradido.',
}
@ -50,13 +50,13 @@ const email = {
EMAIL_PASSWORD: process.env.EMAIL_PASSWORD || 'xxx',
EMAIL_SMTP_URL: process.env.EMAIL_SMTP_URL || 'gmail.com',
EMAIL_SMTP_PORT: process.env.EMAIL_SMTP_PORT || '587',
EMAIL_LINK_VERIFICATION:
process.env.EMAIL_LINK_VERIFICATION || 'http://localhost/vue/checkEmail/$1',
EMAIL_LINK_SETPASSWORD: process.env.EMAIL_LINK_SETPASSWORD || 'http://localhost/vue/reset/$1',
EMAIL_LINK_VERIFICATION: process.env.EMAIL_LINK_VERIFICATION || 'http://localhost/checkEmail/$1',
EMAIL_LINK_SETPASSWORD: process.env.EMAIL_LINK_SETPASSWORD || 'http://localhost/reset/$1',
RESEND_TIME: isNaN(resendTime) ? 10 : resendTime,
}
const webhook = {
// Elopage
WEBHOOK_ELOPAGE_SECRET: process.env.WEBHOOK_ELOPAGE_SECRET || 'secret',
}

7
backend/src/graphql/resolver/AdminResolver.ts
View File

@ -1,3 +1,6 @@
/* eslint-disable @typescript-eslint/no-explicit-any */
/* eslint-disable @typescript-eslint/explicit-module-boundary-types */
import { Resolver, Query, Arg, Args, Authorized, Mutation, Ctx } from 'type-graphql'
import { getCustomRepository, Raw } from 'typeorm'
import { UserAdmin } from '../model/UserAdmin'
@ -62,9 +65,9 @@ export class AdminResolver {
loginPendingTaskAdmin.memo = memo
loginPendingTaskAdmin.moderator = moderator
loginPendingTasksAdminRepository.save(loginPendingTaskAdmin)
await loginPendingTasksAdminRepository.save(loginPendingTaskAdmin)
}
return await getUserCreations(user.id)
return getUserCreations(user.id)
}
@Authorized([RIGHTS.CREATE_PENDING_CREATION])

16
backend/src/graphql/resolver/CommunityResolver.test.ts
View File

@ -53,8 +53,8 @@ describe('CommunityResolver', () => {
getCommunityInfo: {
name: 'Gradido Entwicklung',
description: 'Die lokale Entwicklungsumgebung von Gradido.',
url: 'http://localhost/vue/',
registerUrl: 'http://localhost/vue/register',
url: 'http://localhost/',
registerUrl: 'http://localhost/register',
},
},
})
@ -75,22 +75,22 @@ describe('CommunityResolver', () => {
id: 1,
name: 'Gradido Entwicklung',
description: 'Die lokale Entwicklungsumgebung von Gradido.',
url: 'http://localhost/vue/',
registerUrl: 'http://localhost/vue/register-community',
url: 'http://localhost/',
registerUrl: 'http://localhost/register-community',
},
{
id: 2,
name: 'Gradido Staging',
description: 'Der Testserver der Gradido-Akademie.',
url: 'https://stage1.gradido.net/vue/',
registerUrl: 'https://stage1.gradido.net/vue/register-community',
url: 'https://stage1.gradido.net/',
registerUrl: 'https://stage1.gradido.net/register-community',
},
{
id: 3,
name: 'Gradido-Akademie',
description: 'Freies Institut für Wirtschaftsbionik.',
url: 'https://gradido.net',
registerUrl: 'https://gdd1.gradido.com/vue/register-community',
registerUrl: 'https://gdd1.gradido.com/register-community',
},
],
},
@ -112,7 +112,7 @@ describe('CommunityResolver', () => {
name: 'Gradido-Akademie',
description: 'Freies Institut für Wirtschaftsbionik.',
url: 'https://gradido.net',
registerUrl: 'https://gdd1.gradido.com/vue/register-community',
registerUrl: 'https://gdd1.gradido.com/register-community',
},
],
},

12
backend/src/graphql/resolver/CommunityResolver.ts
View File

@ -29,7 +29,7 @@ export class CommunityResolver {
name: 'Gradido-Akademie',
description: 'Freies Institut für Wirtschaftsbionik.',
url: 'https://gradido.net',
registerUrl: 'https://gdd1.gradido.com/vue/register-community',
registerUrl: 'https://gdd1.gradido.com/register-community',
}),
]
return [
@ -37,22 +37,22 @@ export class CommunityResolver {
id: 1,
name: 'Gradido Entwicklung',
description: 'Die lokale Entwicklungsumgebung von Gradido.',
url: 'http://localhost/vue/',
registerUrl: 'http://localhost/vue/register-community',
url: 'http://localhost/',
registerUrl: 'http://localhost/register-community',
}),
new Community({
id: 2,
name: 'Gradido Staging',
description: 'Der Testserver der Gradido-Akademie.',
url: 'https://stage1.gradido.net/vue/',
registerUrl: 'https://stage1.gradido.net/vue/register-community',
url: 'https://stage1.gradido.net/',
registerUrl: 'https://stage1.gradido.net/register-community',
}),
new Community({
id: 3,
name: 'Gradido-Akademie',
description: 'Freies Institut für Wirtschaftsbionik.',
url: 'https://gradido.net',
registerUrl: 'https://gdd1.gradido.com/vue/register-community',
registerUrl: 'https://gdd1.gradido.com/register-community',
}),
]
}

27
backend/src/graphql/resolver/TransactionResolver.ts
View File

@ -6,7 +6,7 @@ import { Resolver, Query, Args, Authorized, Ctx, Mutation } from 'type-graphql'
import { getCustomRepository, getConnection, QueryRunner } from 'typeorm'
import CONFIG from '../../config'
import { sendEMail } from '../../util/sendEMail'
import { sendTransactionReceivedEmail } from '../../mailer/sendTransactionReceivedEmail'
import { Transaction } from '../model/Transaction'
import { TransactionList } from '../model/TransactionList'
@ -503,7 +503,7 @@ export class TransactionResolver {
email: userEntity.email,
})
if (!resultGDTSum.success) throw new Error(resultGDTSum.data)
transactions.gdtSum = resultGDTSum.data.sum || 0
transactions.gdtSum = Number(resultGDTSum.data.sum / 100) || 0
// get balance
const balanceRepository = getCustomRepository(BalanceRepository)
@ -651,21 +651,14 @@ export class TransactionResolver {
}
// send notification email
// TODO: translate
await sendEMail({
from: `Gradido (nicht antworten) <${CONFIG.EMAIL_SENDER}>`,
to: `${recipiantUser.firstName} ${recipiantUser.lastName} <${recipiantUser.email}>`,
subject: 'Gradido Überweisung',
text: `Hallo ${recipiantUser.firstName} ${recipiantUser.lastName}
Du hast soeben ${amount} GDD von ${senderUser.firstName} ${senderUser.lastName} erhalten.
${senderUser.firstName} ${senderUser.lastName} schreibt:
${memo}
Bitte antworte nicht auf diese E-Mail!
Mit freundlichen Grüßen,
dein Gradido-Team`,
await sendTransactionReceivedEmail({
senderFirstName: senderUser.firstName,
senderLastName: senderUser.lastName,
recipientFirstName: recipiantUser.firstName,
recipientLastName: recipiantUser.lastName,
email: recipiantUser.email,
amount,
memo,
})
return 'success'

20
backend/src/graphql/resolver/UserResolver.test.ts
View File

@ -12,12 +12,12 @@ import { LoginUserBackup } from '@entity/LoginUserBackup'
import { LoginEmailOptIn } from '@entity/LoginEmailOptIn'
import { User } from '@entity/User'
import CONFIG from '../../config'
import { sendEMail } from '../../util/sendEMail'
import { sendAccountActivationEmail } from '../../mailer/sendAccountActivationEmail'
jest.mock('../../util/sendEMail', () => {
jest.mock('../../mailer/sendAccountActivationEmail', () => {
return {
__esModule: true,
sendEMail: jest.fn(),
sendAccountActivationEmail: jest.fn(),
}
})
@ -62,7 +62,6 @@ describe('UserResolver', () => {
let result: any
let emailOptIn: string
let newUser: User
beforeAll(async () => {
result = await mutate({ mutation, variables })
@ -90,7 +89,6 @@ describe('UserResolver', () => {
loginEmailOptIn = await getRepository(LoginEmailOptIn)
.createQueryBuilder('login_email_optin')
.getMany()
newUser = user[0]
emailOptIn = loginEmailOptIn[0].verificationCode.toString()
})
@ -165,13 +163,11 @@ describe('UserResolver', () => {
describe('account activation email', () => {
it('sends an account activation email', () => {
const activationLink = CONFIG.EMAIL_LINK_VERIFICATION.replace(/\$1/g, emailOptIn)
expect(sendEMail).toBeCalledWith({
from: `Gradido (nicht antworten) <${CONFIG.EMAIL_SENDER}>`,
to: `${newUser.firstName} ${newUser.lastName} <${newUser.email}>`,
subject: 'Gradido: E-Mail Überprüfung',
text:
expect.stringContaining(`Hallo ${newUser.firstName} ${newUser.lastName},`) &&
expect.stringContaining(activationLink),
expect(sendAccountActivationEmail).toBeCalledWith({
link: activationLink,
firstName: 'Peter',
lastName: 'Lustig',
email: 'peter@lustig.de',
})
})
})

63
backend/src/graphql/resolver/UserResolver.ts
View File

@ -20,7 +20,8 @@ import { UserRepository } from '../../typeorm/repository/User'
import { LoginUser } from '@entity/LoginUser'
import { LoginUserBackup } from '@entity/LoginUserBackup'
import { LoginEmailOptIn } from '@entity/LoginEmailOptIn'
import { sendEMail } from '../../util/sendEMail'
import { sendResetPasswordEmail } from '../../mailer/sendResetPasswordEmail'
import { sendAccountActivationEmail } from '../../mailer/sendAccountActivationEmail'
import { LoginElopageBuysRepository } from '../../typeorm/repository/LoginElopageBuys'
import { signIn } from '../../apis/KlicktippController'
import { RIGHTS } from '../../auth/RIGHTS'
@ -450,12 +451,12 @@ export class UserResolver {
/\$1/g,
emailOptIn.verificationCode.toString(),
)
const emailSent = await this.sendAccountActivationEmail(
activationLink,
const emailSent = await sendAccountActivationEmail({
link: activationLink,
firstName,
lastName,
email,
)
})
// In case EMails are disabled log the activation link for the user
if (!emailSent) {
@ -472,29 +473,6 @@ export class UserResolver {
return 'success'
}
private sendAccountActivationEmail(
activationLink: string,
firstName: string,
lastName: string,
email: string,
): Promise<boolean> {
return sendEMail({
from: `Gradido (nicht antworten) <${CONFIG.EMAIL_SENDER}>`,
to: `${firstName} ${lastName} <${email}>`,
subject: 'Gradido: E-Mail Überprüfung',
text: `Hallo ${firstName} ${lastName},
Deine EMail wurde soeben bei Gradido registriert.
Klicke bitte auf diesen Link, um die Registrierung abzuschließen und dein Gradido-Konto zu aktivieren:
${activationLink}
oder kopiere den obigen Link in dein Browserfenster.
Mit freundlichen Grüßen,
dein Gradido-Team`,
})
}
@Mutation(() => Boolean)
async sendActivationEmail(@Arg('email') email: string): Promise<boolean> {
const loginUserRepository = getCustomRepository(LoginUserRepository)
@ -512,12 +490,12 @@ export class UserResolver {
emailOptIn.verificationCode.toString(),
)
const emailSent = await this.sendAccountActivationEmail(
activationLink,
loginUser.firstName,
loginUser.lastName,
const emailSent = await sendAccountActivationEmail({
link: activationLink,
firstName: loginUser.firstName,
lastName: loginUser.lastName,
email,
)
})
// In case EMails are disabled log the activation link for the user
if (!emailSent) {
@ -549,18 +527,11 @@ export class UserResolver {
optInCode.verificationCode.toString(),
)
const emailSent = await sendEMail({
from: `Gradido (nicht antworten) <${CONFIG.EMAIL_SENDER}>`,
to: `${loginUser.firstName} ${loginUser.lastName} <${email}>`,
subject: 'Gradido: Reset Password',
text: `Hallo ${loginUser.firstName} ${loginUser.lastName},
Du oder jemand anderes hat für dieses Konto ein Zurücksetzen des Passworts angefordert.
Wenn du es warst, klicke bitte auf den Link: ${link}
oder kopiere den obigen Link in Dein Browserfenster.
Mit freundlichen Grüßen,
dein Gradido-Team`,
const emailSent = await sendResetPasswordEmail({
link,
firstName: loginUser.firstName,
lastName: loginUser.lastName,
email,
})
// In case EMails are disabled log the activation link for the user
@ -738,7 +709,7 @@ export class UserResolver {
if (password && passwordNew) {
// TODO: This had some error cases defined - like missing private key. This is no longer checked.
const oldPasswordHash = SecretKeyCryptographyCreateKey(loginUser.email, password)
if (loginUser.password !== oldPasswordHash[0].readBigUInt64LE()) {
if (BigInt(loginUser.password.toString()) !== oldPasswordHash[0].readBigUInt64LE()) {
throw new Error(`Old password is invalid`)
}
@ -748,7 +719,7 @@ export class UserResolver {
const encryptedPrivkey = SecretKeyCryptographyEncrypt(privKey, newPasswordHash[1])
// Save new password hash and newly encrypted private key
loginUser.password = newPasswordHash[0].readBigInt64LE()
loginUser.password = newPasswordHash[0].readBigUInt64LE()
loginUser.privKey = encryptedPrivkey
}

2
backend/src/index.ts
View File

@ -13,7 +13,7 @@ async function main() {
console.log(`Server is running at http://localhost:${CONFIG.PORT}`)
if (CONFIG.GRAPHIQL) {
// eslint-disable-next-line no-console
console.log(`GraphIQL available at http://localhost:${CONFIG.PORT}/graphql`)
console.log(`GraphIQL available at http://localhost:${CONFIG.PORT}`)
}
})
}

29
backend/src/mailer/sendAccountActivationEmail.test.ts Normal file
View File

@ -0,0 +1,29 @@
import { sendAccountActivationEmail } from './sendAccountActivationEmail'
import { sendEMail } from './sendEMail'
jest.mock('./sendEMail', () => {
return {
__esModule: true,
sendEMail: jest.fn(),
}
})
describe('sendAccountActivationEmail', () => {
beforeEach(async () => {
await sendAccountActivationEmail({
link: 'activationLink',
firstName: 'Peter',
lastName: 'Lustig',
email: 'peter@lustig.de',
})
})
it('calls sendEMail', () => {
expect(sendEMail).toBeCalledWith({
to: `Peter Lustig <peter@lustig.de>`,
subject: 'Gradido: E-Mail Überprüfung',
text:
expect.stringContaining('Hallo Peter Lustig') && expect.stringContaining('activationLink'),
})
})
})

15
backend/src/mailer/sendAccountActivationEmail.ts Normal file
View File

@ -0,0 +1,15 @@
import { sendEMail } from './sendEMail'
import { accountActivation } from './text/accountActivation'
export const sendAccountActivationEmail = (data: {
link: string
firstName: string
lastName: string
email: string
}): Promise<boolean> => {
return sendEMail({
to: `${data.firstName} ${data.lastName} <${data.email}>`,
subject: accountActivation.de.subject,
text: accountActivation.de.text(data),
})
}

92
backend/src/mailer/sendEMail.test.ts Normal file
View File

@ -0,0 +1,92 @@
import { sendEMail } from './sendEMail'
import { createTransport } from 'nodemailer'
import CONFIG from '../config'
CONFIG.EMAIL = false
CONFIG.EMAIL_SMTP_URL = 'EMAIL_SMTP_URL'
CONFIG.EMAIL_SMTP_PORT = '1234'
CONFIG.EMAIL_USERNAME = 'user'
CONFIG.EMAIL_PASSWORD = 'pwd'
jest.mock('nodemailer', () => {
return {
__esModule: true,
createTransport: jest.fn(() => {
return {
sendMail: jest.fn(() => {
return {
messageId: 'message',
}
}),
}
}),
}
})
describe('sendEMail', () => {
let result: boolean
describe('config email is false', () => {
// eslint-disable-next-line no-console
const consoleLog = console.log
const consoleLogMock = jest.fn()
// eslint-disable-next-line no-console
console.log = consoleLogMock
beforeEach(async () => {
result = await sendEMail({
to: 'receiver@mail.org',
subject: 'Subject',
text: 'Text text text',
})
})
afterAll(() => {
// eslint-disable-next-line no-console
console.log = consoleLog
})
it('logs warining to console', () => {
expect(consoleLogMock).toBeCalledWith('Emails are disabled via config')
})
it('returns false', () => {
expect(result).toBeFalsy()
})
})
describe('config email is true', () => {
beforeEach(async () => {
CONFIG.EMAIL = true
result = await sendEMail({
to: 'receiver@mail.org',
subject: 'Subject',
text: 'Text text text',
})
})
it('calls the transporter', () => {
expect(createTransport).toBeCalledWith({
host: 'EMAIL_SMTP_URL',
port: 1234,
secure: false,
requireTLS: true,
auth: {
user: 'user',
pass: 'pwd',
},
})
})
it('calls sendMail of transporter', () => {
expect((createTransport as jest.Mock).mock.results[0].value.sendMail).toBeCalledWith({
from: `Gradido (nicht antworten) <${CONFIG.EMAIL_SENDER}>`,
to: 'receiver@mail.org',
subject: 'Subject',
text: 'Text text text',
})
})
it('returns true', () => {
expect(result).toBeTruthy()
})
})
})

6
backend/src/util/sendEMail.ts → backend/src/mailer/sendEMail.ts
View File

@ -3,7 +3,6 @@ import { createTransport } from 'nodemailer'
import CONFIG from '../config'
export const sendEMail = async (emailDef: {
from: string
to: string
subject: string
text: string
@ -23,7 +22,10 @@ export const sendEMail = async (emailDef: {
pass: CONFIG.EMAIL_PASSWORD,
},
})
const info = await transporter.sendMail(emailDef)
const info = await transporter.sendMail({
...emailDef,
from: `Gradido (nicht antworten) <${CONFIG.EMAIL_SENDER}>`,
})
if (!info.messageId) {
throw new Error('error sending notification email, but transaction succeed')
}

28
backend/src/mailer/sendResetPasswordEmail.test.ts Normal file
View File

@ -0,0 +1,28 @@
import { sendResetPasswordEmail } from './sendResetPasswordEmail'
import { sendEMail } from './sendEMail'
jest.mock('./sendEMail', () => {
return {
__esModule: true,
sendEMail: jest.fn(),
}
})
describe('sendResetPasswordEmail', () => {
beforeEach(async () => {
await sendResetPasswordEmail({
link: 'resetLink',
firstName: 'Peter',
lastName: 'Lustig',
email: 'peter@lustig.de',
})
})
it('calls sendEMail', () => {
expect(sendEMail).toBeCalledWith({
to: `Peter Lustig <peter@lustig.de>`,
subject: 'Gradido: Passwort zurücksetzen',
text: expect.stringContaining('Hallo Peter Lustig') && expect.stringContaining('resetLink'),
})
})
})

15
backend/src/mailer/sendResetPasswordEmail.ts Normal file
View File

@ -0,0 +1,15 @@
import { sendEMail } from './sendEMail'
import { resetPassword } from './text/resetPassword'
export const sendResetPasswordEmail = (data: {
link: string
firstName: string
lastName: string
email: string
}): Promise<boolean> => {
return sendEMail({
to: `${data.firstName} ${data.lastName} <${data.email}>`,
subject: resetPassword.de.subject,
text: resetPassword.de.text(data),
})
}

35
backend/src/mailer/sendTransactionReceivedEmail.test.ts Normal file
View File

@ -0,0 +1,35 @@
import { sendTransactionReceivedEmail } from './sendTransactionReceivedEmail'
import { sendEMail } from './sendEMail'
jest.mock('./sendEMail', () => {
return {
__esModule: true,
sendEMail: jest.fn(),
}
})
describe('sendTransactionReceivedEmail', () => {
beforeEach(async () => {
await sendTransactionReceivedEmail({
senderFirstName: 'Bibi',
senderLastName: 'Bloxberg',
recipientFirstName: 'Peter',
recipientLastName: 'Lustig',
email: 'peter@lustig.de',
amount: 42.0,
memo: 'Vielen herzlichen Dank für den neuen Hexenbesen!',
})
})
it('calls sendEMail', () => {
expect(sendEMail).toBeCalledWith({
to: `Peter Lustig <peter@lustig.de>`,
subject: 'Gradido Überweisung',
text:
expect.stringContaining('Hallo Peter Lustig') &&
expect.stringContaining('42,00 GDD') &&
expect.stringContaining('Bibi Bloxberg') &&
expect.stringContaining('Vielen herzlichen Dank für den neuen Hexenbesen!'),
})
})
})

18
backend/src/mailer/sendTransactionReceivedEmail.ts Normal file
View File

@ -0,0 +1,18 @@
import { sendEMail } from './sendEMail'
import { transactionReceived } from './text/transactionReceived'
export const sendTransactionReceivedEmail = (data: {
senderFirstName: string
senderLastName: string
recipientFirstName: string
recipientLastName: string
email: string
amount: number
memo: string
}): Promise<boolean> => {
return sendEMail({
to: `${data.recipientFirstName} ${data.recipientLastName} <${data.email}>`,
subject: transactionReceived.de.subject,
text: transactionReceived.de.text(data),
})
}

16
backend/src/mailer/text/accountActivation.ts Normal file
View File

@ -0,0 +1,16 @@
export const accountActivation = {
de: {
subject: 'Gradido: E-Mail Überprüfung',
text: (data: { link: string; firstName: string; lastName: string; email: string }): string =>
`Hallo ${data.firstName} ${data.lastName},
Deine EMail wurde soeben bei Gradido registriert.
Klicke bitte auf diesen Link, um die Registrierung abzuschließen und dein Gradido-Konto zu aktivieren:
${data.link}
oder kopiere den obigen Link in dein Browserfenster.
Mit freundlichen Grüßen,
dein Gradido-Team`,
},
}

14
backend/src/mailer/text/resetPassword.ts Normal file
View File

@ -0,0 +1,14 @@
export const resetPassword = {
de: {
subject: 'Gradido: Passwort zurücksetzen',
text: (data: { link: string; firstName: string; lastName: string; email: string }): string =>
`Hallo ${data.firstName} ${data.lastName},
Du oder jemand anderes hat für dieses Konto ein Zurücksetzen des Passworts angefordert.
Wenn du es warst, klicke bitte auf den Link: ${data.link}
oder kopiere den obigen Link in Dein Browserfenster.
Mit freundlichen Grüßen,
dein Gradido-Team`,
},
}

27
backend/src/mailer/text/transactionReceived.ts Normal file
View File

@ -0,0 +1,27 @@
export const transactionReceived = {
de: {
subject: 'Gradido Überweisung',
text: (data: {
senderFirstName: string
senderLastName: string
recipientFirstName: string
recipientLastName: string
email: string
amount: number
memo: string
}): string =>
`Hallo ${data.recipientFirstName} ${data.recipientLastName}
Du hast soeben ${data.amount.toFixed(2).replace('.', ',')} GDD von ${data.senderFirstName} ${
data.senderLastName
} erhalten.
${data.senderFirstName} ${data.senderLastName} schreibt:
${data.memo}
Bitte antworte nicht auf diese E-Mail!
Mit freundlichen Grüßen,
dein Gradido-Team`,
},
}

18
backend/src/server/createServer.ts
View File

@ -6,7 +6,6 @@ import 'module-alias/register'
import { ApolloServer } from 'apollo-server-express'
import express from 'express'
import bodyParser from 'body-parser'
// database
import connection from '../typeorm/connection'
@ -54,8 +53,19 @@ const createServer = async (context: any = serverContext): Promise<any> => {
// cors
app.use(cors)
// bodyparser
app.use(bodyParser.json())
// bodyparser json
app.use(express.json())
// bodyparser text for elopage
app.use(express.text())
// Log every request
/*
app.use((req, res, next) => {
// eslint-disable-next-line no-console
console.log(req)
next()
})
*/
// Elopage Webhook
app.post('/hook/elopage/' + CONFIG.WEBHOOK_ELOPAGE_SECRET, elopageWebhook)
@ -67,7 +77,7 @@ const createServer = async (context: any = serverContext): Promise<any> => {
context,
plugins,
})
apollo.applyMiddleware({ app })
apollo.applyMiddleware({ app, path: '/' })
return { apollo, app, con }
}

6
backend/src/server/plugins.ts
View File

@ -8,7 +8,11 @@ const plugins = [
willSendResponse(requestContext: any) {
const { setHeaders = [] } = requestContext.context
setHeaders.forEach(({ key, value }: { [key: string]: string }) => {
requestContext.response.http.headers.append(key, value)
if (requestContext.response.http.headers.get(key)) {
requestContext.response.http.headers.set(key, value)
} else {
requestContext.response.http.headers.append(key, value)
}
})
return requestContext
},

5
backend/src/typeorm/repository/UserTransaction.ts
View File

@ -1,6 +1,7 @@
import { EntityRepository, Repository } from 'typeorm'
import { Order } from '../../graphql/enum/Order'
import { UserTransaction } from '@entity/UserTransaction'
import { TransactionTypeId } from '../../graphql/enum/TransactionTypeId'
@EntityRepository(UserTransaction)
export class UserTransactionRepository extends Repository<UserTransaction> {
@ -14,7 +15,9 @@ export class UserTransactionRepository extends Repository<UserTransaction> {
if (onlyCreation) {
return this.createQueryBuilder('userTransaction')
.where('userTransaction.userId = :userId', { userId })
.andWhere('userTransaction.type = "creation"')
.andWhere('userTransaction.transactionTypeId = :transactionTypeId', {
transactionTypeId: TransactionTypeId.CREATION,
})
.orderBy('userTransaction.balanceDate', order)
.limit(limit)
.offset(offset)

21
backend/src/webhook/elopage.ts
View File

@ -28,19 +28,23 @@
*/
import { LoginElopageBuys } from '@entity/LoginElopageBuys'
import { LoginUser } from '@entity/LoginUser'
import { getCustomRepository } from 'typeorm'
import { UserResolver } from '../graphql/resolver/UserResolver'
import { LoginElopageBuysRepository } from '../typeorm/repository/LoginElopageBuys'
import { LoginUserRepository } from '../typeorm/repository/LoginUser'
export const elopageWebhook = async (req: any, res: any): Promise<void> => {
// eslint-disable-next-line no-console
console.log('Elopage Hook received')
res.status(200).end() // Responding is important
const loginElopgaeBuyRepository = await getCustomRepository(LoginElopageBuysRepository)
const loginElopgaeBuy = new LoginElopageBuys()
let firstName = ''
let lastName = ''
const entries = req.body.split('&')
entries.foreach((entry: string) => {
entries.forEach((entry: string) => {
const keyVal = entry.split('=')
if (keyVal.length !== 2) {
if (keyVal.length > 2) {
throw new Error(`Error parsing entry '${entry}'`)
}
const key = keyVal[0]
@ -88,8 +92,10 @@ export const elopageWebhook = async (req: any, res: any): Promise<void> => {
lastName = val
break
default:
// this is too spammy
// eslint-disable-next-line no-console
console.log(`Unknown Elopage Value '${entry}'`)
// console.log(`Unknown Elopage Value '${entry}'`)
break
}
})
@ -101,7 +107,7 @@ export const elopageWebhook = async (req: any, res: any): Promise<void> => {
}
// Save the hook data
await loginElopgaeBuy.save()
await loginElopgaeBuyRepository.save(loginElopgaeBuy)
// create user for certain products
/*
@ -133,7 +139,8 @@ export const elopageWebhook = async (req: any, res: any): Promise<void> => {
}
// Do we already have such a user?
if ((await LoginUser.count({ email })) !== 0) {
const loginUserRepository = await getCustomRepository(LoginUserRepository)
if ((await loginUserRepository.count({ email })) !== 0) {
// eslint-disable-next-line no-console
console.log(`Did not create User - already exists with email: ${email}`)
return

2
backend/yarn.lock
View File

@ -1552,7 +1552,7 @@ binary-extensions@^2.0.0:
resolved "https://registry.yarnpkg.com/binary-extensions/-/binary-extensions-2.2.0.tgz#75f502eeaf9ffde42fc98829645be4ea76bd9e2d"
integrity sha512-jDctJ/IVQbZoJykoeHbhXpOlNBqGNcwXJKJog42E5HDPUwQTSdjCHdihjj0DlnheQ7blbT6dHOafNAiS8ooQKA==
body-parser@1.19.0, body-parser@^1.18.3, body-parser@^1.19.0:
body-parser@1.19.0, body-parser@^1.18.3:
version "1.19.0"
resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-1.19.0.tgz#96b2709e57c9c4e09a6fd66a8fd979844f69f08a"
integrity sha512-dhEPs72UPbDnAQJ9ZKMNTP6ptJaionhP5cBb541nXPlW60Jepo9RV/a4fX4XWW9CuFNK22krhrj1+rgzifNCsw==

2
community_server/src/Template/Pages/js.ctp
View File

@ -37,5 +37,5 @@
</div>
<!-- built files will be auto injected -->
<script type="text/javascript">csfr = "<?= $this->request->getParam('_csrfToken') ?>";</script>
<script type="text/javascript" src="/vue/app.js"></script></body>
<script type="text/javascript" src="/app.js"></script></body>
</html>

2
database/src/factories/login-user.factory.ts
View File

@ -19,7 +19,7 @@ define(LoginUser, (faker: typeof Faker, context?: LoginUserContext) => {
user.privKey = context.privKey ? context.privKey : randomBytes(80)
user.emailHash = context.emailHash ? context.emailHash : randomBytes(32)
user.createdAt = context.createdAt ? context.createdAt : faker.date.recent()
user.emailChecked = context.emailChecked ? context.emailChecked : true
user.emailChecked = context.emailChecked === undefined ? false : context.emailChecked
user.passphraseShown = context.passphraseShown ? context.passphraseShown : false
user.language = context.language ? context.language : 'en'
user.disabled = context.disabled ? context.disabled : false

2
database/src/index.ts
View File

@ -6,6 +6,7 @@ import { CreatePeterLustigSeed } from './seeds/users/peter-lustig.admin.seed'
import { CreateBibiBloxbergSeed } from './seeds/users/bibi-bloxberg.seed'
import { CreateRaeuberHotzenplotzSeed } from './seeds/users/raeuber-hotzenplotz.seed'
import { CreateBobBaumeisterSeed } from './seeds/users/bob-baumeister.seed'
import { CreateGarrickOllivanderSeed } from './seeds/users/garrick-ollivander.seed'
import { DecayStartBlockSeed } from './seeds/decay-start-block.seed'
import { resetDB, pool, migration } from './helpers'
@ -44,6 +45,7 @@ const run = async (command: string) => {
await runSeeder(CreateBibiBloxbergSeed)
await runSeeder(CreateRaeuberHotzenplotzSeed)
await runSeeder(CreateBobBaumeisterSeed)
await runSeeder(CreateGarrickOllivanderSeed)
break
default:
throw new Error(`Unsupported command ${command}`)

2
database/src/interface/UserContext.ts
View File

@ -23,7 +23,7 @@ export interface LoginUserContext {
language?: string
disabled?: boolean
groupId?: number
publisherId?: number | null
publisherId?: number
}
export interface LoginUserBackupContext {

2
database/src/interface/UserInterface.ts
View File

@ -15,7 +15,7 @@ export interface UserInterface {
language?: string
disabled?: boolean
groupId?: number
publisherId?: number | null
publisherId?: number
// from login user backup
passphrase?: string
mnemonicType?: number

1
database/src/seeds/users/bibi-bloxberg.ts
View File

@ -17,7 +17,6 @@ export const bibiBloxberg = {
language: 'de',
disabled: false,
groupId: 1,
publisherId: null,
passphrase:
'knife normal level all hurdle crucial color avoid warrior stadium road bachelor affair topple hawk pottery right afford immune two ceiling budget glance hour ',
mnemonicType: 2,

1
database/src/seeds/users/bob-baumeister.ts
View File

@ -17,7 +17,6 @@ export const bobBaumeister = {
language: 'de',
disabled: false,
groupId: 1,
publisherId: null,
passphrase:
'detail master source effort unable waste tilt flush domain orchard art truck hint barrel response gate impose peanut secret merry three uncle wink resource ',
mnemonicType: 2,

9
database/src/seeds/users/garrick-ollivander.seed.ts Normal file
View File

@ -0,0 +1,9 @@
import { Factory, Seeder } from 'typeorm-seeding'
import { garrickOllivander } from './garrick-ollivander'
import { userSeeder } from '../helpers/user-helpers'
export class CreateGarrickOllivanderSeed implements Seeder {
public async run(factory: Factory): Promise<void> {
await userSeeder(factory, garrickOllivander)
}
}

21
database/src/seeds/users/garrick-ollivander.ts Normal file
View File

@ -0,0 +1,21 @@
export const garrickOllivander = {
email: 'garrick@ollivander.com',
firstName: 'Garrick',
lastName: 'Ollivander',
username: 'garrick',
description: `Curious ... curious ...
Renowned wandmaker Mr Ollivander owns the wand shop Ollivanders: Makers of Fine Wands Since 382 BC in Diagon Alley. His shop is widely considered the best place to purchase a wand.`,
password: BigInt('0'),
emailHash: Buffer.from('91e358000e908146342789979d62a7255b2b88a71dad0c6a10e32af44be57886', 'hex'),
createdAt: new Date('2022-01-10T10:23:17'),
emailChecked: false,
passphraseShown: false,
language: 'en',
disabled: false,
groupId: 1,
passphrase:
'human glide theory clump wish history other duty door fringe neck industry ostrich equal plate diesel tornado neck people antenna door category moon hen ',
mnemonicType: 2,
isAdmin: false,
addBalance: false,
}

1
database/src/seeds/users/peter-lustig.ts
View File

@ -17,7 +17,6 @@ export const peterLustig = {
language: 'de',
disabled: false,
groupId: 1,
publisherId: null,
passphrase:
'okay property choice naive calm present weird increase stuff royal vibrant frame attend wood one else tribe pull hedgehog woman kitchen hawk snack smart ',
mnemonicType: 2,

1
database/src/seeds/users/raeuber-hotzenplotz.ts
View File

@ -17,7 +17,6 @@ export const raeuberHotzenplotz = {
language: 'de',
disabled: false,
groupId: 1,
publisherId: null,
passphrase:
'gospel trip tenant mouse spider skill auto curious man video chief response same little over expire drum display fancy clinic keen throw urge basket ',
mnemonicType: 2,

14
deployment/bare_metal/.env.dist Normal file
View File

@ -0,0 +1,14 @@
NGINX_SERVER_NAME=_
#Example data
#DEPLOY_SEED_DATA=true
#
#NGINX_REWRITE_LEGACY_URLS=true
#NGINX_SSL=true
#NGINX_SERVER_NAME=stage1.gradido.net
#NGINX_SSL_CERTIFICATE=/etc/letsencrypt/live/stage1.gradido.net/fullchain.pem
#NGINX_SSL_CERTIFICATE_KEY=/etc/letsencrypt/live/stage1.gradido.net/privkey.pem
#NGINX_SSL_DHPARAM=/etc/letsencrypt/ssl-dhparams.pem
#NGINX_SSL_INCLUDE=/etc/letsencrypt/options-ssl-nginx.conf
#NGINX_UPDATE_PAGE_ROOT=/home/gradido/gradido/deployment/bare_metal/nginx/update-page

29
deployment/bare_metal/build_and_start_login_server.sh
View File

@ -1,29 +0,0 @@
#!/bin/bash
# stop login_server running in screen
screen -XS login quit
# rebuild login-server
cd ../../login_server
if [ ! -d "./build" ] ; then
cd scripts
./prepare_build.sh
cd ..
fi
cd build
cmake ..
make -j$(nproc) Gradido_LoginServer
# rebuild locales
cd ../scripts
./compile_pot.sh
cd ../src/LOCALE
cp *.mo *.po /etc/grd_login/LOCALE/
cd ../../build/bin
# start login-server
screen -dmS 'login_server' bash -c './Gradido_LoginServer'

155
deployment/bare_metal/install.sh Executable file
View File

@ -0,0 +1,155 @@
#!/bin/bash
# This install script requires the minimum requirements already installed.
# How to do this is described in detail in [setup.md](./setup.md)
# Load .env or .env.dist if not present
set -o allexport
if [ -f ".env" ]; then
source .env
else
source .env.dist
fi
set +o allexport
# Install mariadb
sudo apt-get install -y mariadb-server
sudo mysql_secure_installation
# Enter current password for root (enter for none): enter
# Switch to unix_socket authentication [Y/n] Y
# Change the root password? [Y/n] n
# Remove anonymous users? [Y/n] Y
# Disallow root login remotely? [Y/n] Y
# Remove test database and access to it? [Y/n] Y
# Reload privilege tables now? [Y/n] Y
# create db user
DB_USER=gradido
DB_PASSWORD=$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c${1:-32};echo);
# create table
#create database gradido_community
# DEFAULT CHARACTER SET utf8mb4
# DEFAULT COLLATE utf8mb4_unicode_ci;
# GRANT ALL PRIVILEGES ON gradido_community.* TO '$DB_USER'@'localhost';
sudo mysql <<EOFMYSQL
CREATE USER '$DB_USER'@'localhost' IDENTIFIED BY '$DB_PASSWD';
GRANT ALL PRIVILEGES ON *.* TO '$DB_USER'@'localhost';
FLUSH PRIVILEGES;
EOFMYSQL
# TODO generate .env
echo $DB_PASSWORD
#TODO go to database
#TODO generate this
#TODO database setup
cp .env.dist .env
#TODO go to backend
#TODO generate this
#TODO database setup
#TODOchange jwt secret
#TODO change email releated stuff
cp .env.dist .env
#TODO go to frontend
#TODO generate this
#TODO backend url
#TODO admin url
cp .env.dist .env
#TODO go to admin
#TODO generate this
#TODO change graphqlurl
#TODO change wallet url
cp .env.dist .env
#TODO import old database
# Install nginx
sudo apt-get install -y nginx
sudo rm /etc/nginx/sites-enabled/default
sudo ln -s /home/gradido/gradido/deployment/bare_metal/nginx/sites-available/gradido.conf /etc/nginx/sites-available
sudo ln -s /etc/nginx/sites-available/gradido.conf /etc/nginx/sites-enabled
sudo ln -s /home/gradido/gradido/deployment/bare_metal/nginx/sites-available/update-page.conf /etc/nginx/sites-available
cd /etc/nginx
sudo ln -s /home/gradido/gradido/deployment/bare_metal/nginx/common common
# Install yarn
sudo apt-get install -y curl
sudo apt-get install -y gnupg
curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -
echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
sudo apt-get update
sudo apt-get install -y yarn
# Install node 16.x
curl -sL https://deb.nodesource.com/setup_16.x | sudo -E bash -
sudo apt-get install -y nodejs
sudo apt-get install -y build-essential
# Install pm2
sudo yarn global add pm2
# Install certbot
sudo apt-get install -y certbot
sudo apt-get install -y python3-certbot-nginx
sudo certbot --certonly
> Enter email address (used for urgent renewal and security notices) > support@gradido.net
> Please read the Terms of Service at > Y
> Would you be willing, once your first certificate is successfully issued, to > N
> No names were found in your configuration files. Please enter in your domain > stage1.gradido.net
git config pull.ff only
# Allow nginx configuration and restart for gradido
sudo nano /etc/sudoers.d/gradido
> gradido ALL=(ALL) NOPASSWD: /etc/init.d/nginx start,/etc/init.d/nginx stop,/etc/init.d/nginx restart
sudo chmod a+rw /etc/nginx/sites-enabled
# Webhooks (optional)
sudo apt install webhook
nano ~/hooks.json
```
[
{
"id": "github",
"execute-command": "/home/gradido/gradido/deployment/bare_metal/start.sh",
"pass-arguments-to-command": [
{
"source": "string",
"name": "new_deployment"
},
],
"command-working-directory": "/home/gradido/gradido/deployment/bare_metal",
"trigger-rule": {
"and": [
{
"match": {
"type": "payload-hash-sha1",
"secret": "secret",
"parameter": {
"source": "header",
"name": "X-Hub-Signature"
}
}
},
{
"match": {
"type": "value",
"value": "refs/heads/new_deployment",
"parameter": {
"source": "payload",
"name": "ref"
}
}
}
]
}
}
]
```
webhook -hooks ~/hooks.json &
# or for debugging
webhook -hooks ~/hooks.json -verbose

9
deployment/bare_metal/maintenance.sh Executable file
View File

@ -0,0 +1,9 @@
#!/bin/bash
# update system
sudo apt-get update
sudo apt-get upgrade
# update pm2
sudo yarn global add pm2
pm2 update

54
deployment/bare_metal/nginx/common/protect.conf Normal file
View File

@ -0,0 +1,54 @@
# Deny access to readme.(txt|html) or license.(txt|html) or example.(txt|html) and other common git related files
location ~* "/(^$|readme|license|example|README|LEGALNOTICE|INSTALLATION|CHANGELOG)\.(txt|html|md)" {
deny all;
}
# Deny access to backup extensions & log files
location ~* "\.(old|orig|original|php#|php~|php_bak|save|swo|aspx?|tpl|sh|bash|bak?|cfg|cgi|dll|exe|git|hg|ini|jsp|log|mdb|out|sql|svn|swp|tar|rdf)$" {
deny all;
}
# deny access to hidden files and directories
location ~ /\.(?!well-known\/) {
deny all;
}
# deny access to base64 encoded urls
location ~* "(base64_encode)(.*)(\()" {
deny all;
}
# deny access to url with the javascript eval() function
location ~* "(eval\()" {
deny all;
}
# deny access to url which include \"127.0.0.1\"
location ~* "(127\.0\.0\.1)" {
deny all;
}
location ~* "(GLOBALS|REQUEST)(=|\[|%)" {
deny all;
}
location ~* "(<|%3C).*script.*(>|%3)" {
deny all;
}
location ~ "(\\|\.\.\.|\.\./|~|`|<|>|\|)" {
deny all;
}
location ~* "(\'|\")(.*)(drop|insert|md5|select|union)" {
deny all;
}
location ~* "(https?|ftp|php):/" {
deny all;
}
location ~* "(=\\\'|=\\%27|/\\\'/?)\." {
deny all;
}
location ~ "(\{0\}|\(/\(|\.\.\.|\+\+\+|\\\"\\\")" {
deny all;
}
location ~ "(~|`|<|>|:|;|%|\\|\s|\{|\}|\[|\]|\|)" {
deny all;
}
location ~* "(&pws=0|_vti_|\(null\)|\{\$itemURL\}|echo(.*)kae|boot\.ini|etc/passwd|eval\(|self/environ|(wp-)?config\.|cgi-|muieblack)" {
deny all;
}
location ~* "/(^$|mobiquo|phpinfo|shell|sqlpatch|thumb|thumb_editor|thumbopen|timthumb|webshell|config|configuration)\.php" {
deny all;
}

9
deployment/bare_metal/nginx/common/protect_add_header.conf Normal file
View File

@ -0,0 +1,9 @@
# Prevent browsers from incorrectly detecting non-scripts as scripts
# https://infosec.mozilla.org/guidelines/web_security#x-content-type-options
add_header X-Content-Type-Options "nosniff";
# prevent clickjacking: https://www.owasp.org/index.php/Clickjacking
# https://geekflare.com/add-x-frame-options-nginx/
# https://infosec.mozilla.org/guidelines/web_security#x-frame-options
add_header Content-Security-Policy "frame-ancestors 'none'";
add_header X-Frame-Options "DENY";

73
deployment/bare_metal/nginx/sites-available/gradido
View File

@ -1,73 +0,0 @@
server {
server_name _;
listen 80;
listen [::]:80;
include /etc/nginx/common/protect.conf;
include /etc/nginx/common/protect_add_header.conf;
root /var/www/html/gradido/community_server/webroot;
index index.php;
gzip_static on;
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
}
location ~ /\.ht {
deny all;
}
location /vue {
alias /var/www/html/gradido/frontend/dist;
index index.html;
location ~* \.(png)$ {
expires 39d;
}
try_files $uri $uri/ /index.html = 404;
}
location /account {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
rewrite /account/(.*) /$1 break;
proxy_pass http://127.0.0.1:1200;
proxy_redirect off;
}
location /login_api {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
rewrite /login_api/(.*) /$1 break;
proxy_pass http://127.0.0.1:1201;
proxy_redirect off;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
access_log /var/log/nginx/access.log main;
}

103
deployment/bare_metal/nginx/sites-available/gradido.conf.ssl.template Normal file
View File

@ -0,0 +1,103 @@
server {
if ($host = $NGINX_SERVER_NAME) {
return 301 https://$host$request_uri;
}
server_name $NGINX_SERVER_NAME;
listen 80;
listen [::]:80;
return 404;
}
server {
server_name $NGINX_SERVER_NAME;
listen [::]:443 ssl ipv6only=on;
listen 443 ssl;
ssl_certificate $NGINX_SSL_CERTIFICATE;
ssl_certificate_key $NGINX_SSL_CERTIFICATE_KEY;
include $NGINX_SSL_INCLUDE;
ssl_dhparam $NGINX_SSL_DHPARAM;
include /etc/nginx/common/protect.conf;
include /etc/nginx/common/protect_add_header.conf;
#include /etc/nginx/common/ssl.conf;
#gzip_static on;
# Legacy URLS
set $REWRITE_LEGACY_URLS "$NGINX_REWRITE_LEGACY_URLS";
if ($REWRITE_LEGACY_URLS = 'true') {
rewrite ^/vue/?(.*)$ /$1 permanent;
}
# Frontend (default)
location / {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:3000;
proxy_redirect off;
}
# Backend
location /graphql {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:4000;
proxy_redirect off;
}
# Backend webhooks
location /hook {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:4000/hook;
proxy_redirect off;
}
# Webhook reverse proxy
location /hooks/ {
proxy_pass http://127.0.0.1:9000/hooks/;
}
# Admin Frontend
location /admin {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:8080/;
proxy_redirect off;
}
# TODO this could be a performance optimization
#location /vue {
# alias /var/www/html/gradido/frontend/dist;
# index index.html;
#
# location ~* \.(png)$ {
# expires 39d;
# }
# try_files $uri $uri/ /index.html = 404;
#}
#access_log /var/log/nginx/access.log main;
}

89
deployment/bare_metal/nginx/sites-available/gradido.conf.template Normal file
View File

@ -0,0 +1,89 @@
server {
server_name $NGINX_SERVER_NAME;
listen 80;
listen [::]:80;
include /etc/nginx/common/protect.conf;
include /etc/nginx/common/protect_add_header.conf;
#include /etc/nginx/common/ssl.conf;
#gzip_static on;
# Legacy URLS
set $REWRITE_LEGACY_URLS "$NGINX_REWRITE_LEGACY_URLS";
if ($REWRITE_LEGACY_URLS = 'true') {
rewrite ^/vue/?(.*)$ /$1 permanent;
}
# Frontend (default)
location / {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:3000;
proxy_redirect off;
}
# Backend
location /graphql {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:4000;
proxy_redirect off;
}
# Backend webhooks
location /hook {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
# no trailing slash to keep the hook/ prefix
proxy_pass http://127.0.0.1:4000/hook;
proxy_redirect off;
}
# Webhook reverse proxy
location /hooks/ {
proxy_pass http://127.0.0.1:9000/hooks/;
}
# Admin Frontend
location /admin {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:8080/;
proxy_redirect off;
}
# TODO this could be a performance optimization
#location /vue {
# alias /var/www/html/gradido/frontend/dist;
# index index.html;
#
# location ~* \.(png)$ {
# expires 39d;
# }
# try_files $uri $uri/ /index.html = 404;
#}
#access_log /var/log/nginx/access.log main;
}

29
deployment/bare_metal/nginx/sites-available/gradido_updating
View File

@ -1,29 +0,0 @@
server {
server_name _;
listen 80;
listen [::]:80;
include /etc/nginx/common/protect.conf;
include /etc/nginx/common/protect_add_header.conf;
root /var/www/html/;
index updating.html;
location /account {
alias /var/www/html/;
index updating.html;
}
location /vue {
alias /var/www/html/;
index updating.html;
}
location ~ /\.ht {
deny all;
}
access_log /var/log/nginx/access.log main;
}

36
deployment/bare_metal/nginx/sites-available/update-page.conf.ssl.template Normal file
View File

@ -0,0 +1,36 @@
server {
if ($host = $NGINX_SERVER_NAME) {
return 301 https://$host$request_uri;
}
server_name $NGINX_SERVER_NAME;
listen 80;
listen [::]:80;
return 404;
}
server {
server_name $NGINX_SERVER_NAME;
listen [::]:443 ssl ipv6only=on;
listen 443 ssl;
ssl_certificate $NGINX_SSL_CERTIFICATE;
ssl_certificate_key $NGINX_SSL_CERTIFICATE_KEY;
include $NGINX_SSL_INCLUDE;
ssl_dhparam $NGINX_SSL_DHPARAM;
include /etc/nginx/common/protect.conf;
include /etc/nginx/common/protect_add_header.conf;
root $NGINX_UPDATE_PAGE_ROOT;
index updating.html;
#location / {
# alias $NGINX_UPDATE_PAGE_ROOT;
# index updating.html;
#}
#access_log /var/log/nginx/access.log main;
}

21
deployment/bare_metal/nginx/sites-available/update-page.conf.template Normal file
View File

@ -0,0 +1,21 @@
server {
server_name _;
listen 80;
listen [::]:80;
include /etc/nginx/common/protect.conf;
include /etc/nginx/common/protect_add_header.conf;
root $NGINX_UPDATE_PAGE_ROOT;
index updating.html;
#location / {
# alias $NGINX_UPDATE_PAGE_ROOT;
# index updating.html;
#}
access_log /var/log/nginx/access.log main;
}

3
deployment/bare_metal/nginx/update-page/updating.html.template Normal file
View File

@ -0,0 +1,3 @@
Gradido is currently updating...<br>
please stand by and try again in some minutes<br>
<br>

1
deployment/bare_metal/nginx/updating_original.html
View File

@ -1 +0,0 @@
Gradido Servers are updating..., please stand by and try again in some minutes

0
deployment/bare_metal/build_frontend.sh → deployment/bare_metal/old/build_frontend.sh
View File

138
deployment/bare_metal/old/setup_server_online_ubuntu18.sh Normal file
View File

@ -0,0 +1,138 @@
# nginx security
sudo cat << "EOF" > ssl.conf
##
# SSL Settings
##
# disable SSLv3(enabled by default since nginx 0.8.19) since it's less secure then TLS http://en.wikipedia.org/wiki/Secure_Sockets_Layer#SSL_3.0
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
# enables server-side protection from BEAST attacks
# http://blog.ivanristic.com/2013/09/is-beast-still-a-threat.html
ssl_prefer_server_ciphers on;
# enable session resumption to improve https performance
# http://vincent.bernat.im/en/blog/2011-ssl-session-reuse-rfc5077.html
ssl_session_cache shared:SSL:50m;
ssl_session_timeout 1d;
ssl_session_tickets off;
# ciphers chosen for forward secrecy and compatibility
# http://blog.ivanristic.com/2013/08/configuring-apache-nginx-and-openssl-for-forward-secrecy.html
ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
# enable ocsp stapling (mechanism by which a site can convey certificate revocation information to visitors in a privacy-preserving, scalable manner)
# http://blog.mozilla.org/security/2013/07/29/ocsp-stapling-in-firefox/
resolver 8.8.8.8 8.8.4.4;
ssl_stapling on;
ssl_stapling_verify on;
# ssl_trusted_certificate /etc/nginx/ssl/star_forgott_com.crt;
# config to enable HSTS(HTTP Strict Transport Security) https://developer.mozilla.org/en-US/docs/Security/HTTP_Strict_Transport_Security
# to avoid ssl stripping https://en.wikipedia.org/wiki/SSL_stripping#SSL_stripping
# also https://hstspreload.org/
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload";
EOF
cd /etc/nginx/conf.d
sudo cat <<EOF > logging.conf
log_format main '$http_x_forwarded_for - $remote_user [$time_local] '
'"$request_method $scheme://$host$request_uri $server_protocol" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $request_time';
EOF
# fail2ban enable blocking to many http request resulting in forbidden
echo "fail2ban config"
cd /etc/fail2ban/filter.d
sudo cat <<EOF > nginx-forbidden.conf
[Definition]
failregex = ^.*\[error\] \d+#\d+: .* forbidden .*, client: <HOST>, .*$
ignoreregex =
EOF
cd /etc/fail2ban/jail.d
sudo cat <<EOF > nginx-forbidden.conf
[nginx-forbidden]
enabled = true
filter = nginx-forbidden
port = http,https
logpath = /var/log/nginx/*error*.log
findtime = 60
bantime = 6000
maxretry = 3
EOF
sudo service fail2ban restart
# phpmyadmin
echo "install and secure phpmyadmin"
sudo apt install phpmyadmin
cd /etc/phpmyadmin/conf.d
sudo cat <<EOF > pma_secure.php
<?php
# PhpMyAdmin Settings
# This should be set to a random string of at least 32 chars
$cfg['blowfish_secret'] = '3!#32@3sa(+=_4?),5XP_:U%%8\34sdfSdg43yH#{o';
$i=0;
$i++;
$cfg['Servers'][$i]['auth_type'] = 'cookie';
$cfg['Servers'][$i]['AllowNoPassword'] = false;
$cfg['Servers'][$i]['AllowRoot'] = false;
?>
EOF
phpmyadminPwd = $(openssl passwd)
echo "Please give a username for phpmyadmin, but not root"
read phpmyadmin_user
# TODO: check if phpmyadmin_user isn't really root
sudo cat <<EOF > /etc/nginx/pma_pass
$phpmyadmin_user:$phpmyadminPwd
EOF
serverIP = $(ifconfig | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*' | grep -v '127.0.0.1')
sudo cat <<EOF > /etc/nginx/sites-available/phpmyadmin
server {
listen 80 ;
listen [::]:80;
server_name $serverIP;
location ~* \.(png|jpg|ico)$ {
expires 30d;
}
location ~* \.(js|css) {
expires 30d;
}
location /phpmyadmin {
root /usr/share/phpmyadmin
index index.php;
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
}
location ~ /\.ht {
deny all;
}
access_log /var/log/nginx/access.log main;
}
EOF
sudo ln -s /etc/nginx/sites-available/phpmyadmin /etc/nginx/sites-enabled

77
deployment/bare_metal/setup.md Normal file
View File

@ -0,0 +1,77 @@
# Setup script to setup the server be ready to run gradido
# This assums you have root access via ssh to your cleanly setup server
# Furthermore this assumes you have debian (11 64bit) running
> ssh root@gddhost.tld
# change default shell
chsh
# Create user `gradido`
> useradd -d /home/gradido -m gradido
> passwd gradido
>> enter new
# Gives the user priviledges - this might be omitted in order to harden security
# Care: This will require another administering user if you don't want root access.
# Since this setup expects the user running the software be the same as the administering user,
# you have to adjust the instructions according to that scenario.
# You might lock yourself out, if done wrong.
> usermod -a -G sudo gradido
# Install sudo
> apt-get install sudo
# switch to the new user
> su gradido
# Register first ssh key for user `gradido`
> mkdir ~/.ssh
> chmod 700 ~/.ssh
> nano ~/.ssh/authorized_keys
>> insert public key
>> ctrl + x
>> save
# Test authentication via SSH
> ssh -i /path/to/privKey gradido@gddhost.tld
>> This should log you in and allow you to use sudo commands, which will require the user's password
# Disable password authentication & root login
> cd /etc/ssh
> sudo cp sshd_config sshd_config.org
> sudo nano sshd_config
>> change `PermitRootLogin yes` to `PermitRootLogin no`
>> change `#PasswordAuthentication yes` to `PasswordAuthentication no`
>> change `UsePAM yes` to `UsePAM no`
>> ctrl + x
>> save
> sudo /etc/init.d/ssh restart
# Test SSH Access only, no root ssh access
> ssh gradido@gddhost.tld
>> Will result in in either a password request for your key or the message `Permission denied (publickey)`
> ssh -i /path/to/privKey root@gddhost.tld
>> Will result in `Permission denied (publickey)`
> ssh -i /path/to/privKey gradido@gddhost.tld
>> Will succeed after entering the correct keys password (if any)
# update system
> sudo apt-get update
> sudo apt-get upgrade
# Install security tools
## ufw
> sudo apt-get install ufw
> sudo ufw allow http
> sudo ufw allow https
> sudo ufw allow ssh
> sudo ufw enable
## fail2ban
> sudo apt-get install fail2ban
> sudo /etc/init.d/fail2ban restart
# Install gradido
> sudo apt-get install git
> git clone https://github.com/gradido/gradido.git
> cd gradido/deployment/bare_metal
> ./install.sh

114
deployment/bare_metal/start.sh Executable file
View File

@ -0,0 +1,114 @@
#!/bin/bash
# Find current directory & configure paths
set -o allexport
SCRIPT_PATH=$(realpath $0)
SCRIPT_DIR=$(dirname $SCRIPT_PATH)
LOCK_FILE=$SCRIPT_DIR/update.lock
UPDATE_HTML=$SCRIPT_DIR/nginx/update-page/updating.html
PROJECT_ROOT=$SCRIPT_DIR/../..
NGINX_CONFIG_DIR=$SCRIPT_DIR/nginx/sites-available
set +o allexport
# Load .env or .env.dist if not present
set -o allexport
#TODO
if [ -f "$SCRIPT_DIR/.env" ]; then
source $SCRIPT_DIR/.env
else
source $SCRIPT_DIR/.env.dist
fi
set +o allexport
# lock start
if [ -f $LOCK_FILE ] ; then
return "Already building!" 2>/dev/null || exit 1
fi
touch $LOCK_FILE
# Create a new updating.html from the template
\cp $SCRIPT_DIR/nginx/update-page/updating.html.template $UPDATE_HTML
# configure nginx for the update-page
echo 'Configuring nginx to serve the update-page<br>' >> $UPDATE_HTML
rm /etc/nginx/sites-enabled/gradido.conf
ln -s /etc/nginx/sites-available/update-page.conf /etc/nginx/sites-enabled/
sudo /etc/init.d/nginx restart
# stop all services
echo 'Stopping all Gradido services<br>' >> $UPDATE_HTML
pm2 stop all
# git
BRANCH=${1:-master}
echo "Starting with git pull - branch:$BRANCH<br>" >> $UPDATE_HTML
cd $PROJECT_ROOT
git fetch origin $BRANCH
git checkout $BRANCH
git pull
export BUILD_COMMIT="$(git rev-parse HEAD)"
# Generate gradido.conf from template
echo 'Generate new gradido nginx config<br>' >> $UPDATE_HTML
case "$NGINX_SSL" in
true) TEMPLATE_FILE="gradido.conf.ssl.template" ;;
*) TEMPLATE_FILE="gradido.conf.template" ;;
esac
envsubst "$(env | sed -e 's/=.*//' -e 's/^/\$/g')" < $NGINX_CONFIG_DIR/$TEMPLATE_FILE > $NGINX_CONFIG_DIR/gradido.conf
# Generate update-page.conf from template
echo 'Generate new update-page nginx config<br>' >> $UPDATE_HTML
case "$NGINX_SSL" in
true) TEMPLATE_FILE="update-page.conf.ssl.template" ;;
*) TEMPLATE_FILE="update-page.conf.template" ;;
esac
envsubst "$(env | sed -e 's/=.*//' -e 's/^/\$/g')" < $NGINX_CONFIG_DIR/$TEMPLATE_FILE > $NGINX_CONFIG_DIR/update-page.conf
# Install & build database
echo 'Updating database<br>' >> $UPDATE_HTML
cd $PROJECT_ROOT/database
yarn install
yarn build
if [ "$DEPLOY_SEED_DATA" = "true" ]; then
yarn dev_up
yarn dev_reset
yarn seed
else
yarn up
fi
# Install & build backend
echo 'Updating backend<br>' >> $UPDATE_HTML
cd $PROJECT_ROOT/backend
yarn install
yarn build
pm2 delete gradido-backend
pm2 start --name gradido-backend "yarn --cwd $PROJECT_ROOT/backend start"
pm2 save
# Install & build frontend
echo 'Updating frontend<br>' >> $UPDATE_HTML
cd $PROJECT_ROOT/frontend
yarn install
yarn build
pm2 delete gradido-frontend
pm2 start --name gradido-frontend "yarn --cwd $PROJECT_ROOT/frontend start"
pm2 save
# Install & build admin
echo 'Updating admin<br>' >> $UPDATE_HTML
cd $PROJECT_ROOT/admin
yarn install
yarn build
pm2 delete gradido-admin
pm2 start --name gradido-admin "yarn --cwd $PROJECT_ROOT/admin start"
pm2 save
# let nginx showing gradido
echo 'Configuring nginx to serve gradido again<br>' >> $UPDATE_HTML
ln -s /etc/nginx/sites-available/gradido.conf /etc/nginx/sites-enabled/
rm /etc/nginx/sites-enabled/update-page.conf
sudo /etc/init.d/nginx restart
# release lock
rm $LOCK_FILE

51
deployment/bare_metal/update_all.sh
View File

@ -1,51 +0,0 @@
#!/bin/bash
EMPTY_UPDATE_HTML=/var/www/html/updating_original.html
UPDATE_HTML=/var/www/html/updating.html
LOCK_FILE=/root/relay.lock
PROJECT_PATH=/var/www/html/gradido
SITE_CONFIG=stage1
UPDATE_SITE_CONFIG=stage1_updating
# this script can be called for example from webhookrelay.com relay
# to auto-deploy automatic after a update to the master branch
if [ -f $LOCK_FILE ] ; then
retVal="Already building!"
return "${retVal}" 2>/dev/null || exit "${retVal}"
fi
touch $LOCK_FILE
# start with nearly empty html
# needed a nearly empty html page in the folder
cp $EMPTY_UPDATE_HTML $UPDATE_HTML
# let nginx showing a update page
# needed nginx site-configs in nginx folders
# gradido for running gradido servers
# gradido_updating for showing upddate.html idealy for all pathes
rm /etc/nginx/sites-enabled/$SITE_CONFIG
ln -s /etc/nginx/sites-available/$UPDATE_SITE_CONFIG /etc/nginx/sites-enabled/
service nginx restart
# stop login server
screen -XS login quit
echo 'starting with git pull<br>' >> $UPDATE_HTML
cd $PROJECT_PATH
# git checkout -f master
git pull
cd deployment/bare_metal
echo 'starting with rebuilding login-server<br>' >> $UPDATE_HTML
./build_and_start_login_server.sh
echo 'starting with rebuilding frontend<br>' >> $UPDATE_HTML
./build_frontend.sh
# let nginx showing gradido
rm /etc/nginx/sites-enabled/$UPDATE_SITE_CONFIG
ln -s /etc/nginx/sites-available/$SITE_CONFIG /etc/nginx/sites-enabled/
service nginx restart
rm $LOCK_FILE

4
docker-compose.override.yml
View File

@ -129,10 +129,6 @@ services:
## NGINX ################################################
#########################################################
nginx:
depends_on:
- frontend
- community-server
- login-server
volumes:
- ./logs/nginx:/var/log/nginx

9
docker-compose.yml
View File

@ -151,15 +151,14 @@ services:
## nginx, connect login-server and community-server together (and php-fpm to community-server)
nginx:
build:
context: .
dockerfile: ./nginx/Dockerfile
context: ./nginx/
networks:
- external-net
- internal-net
depends_on:
- community-server
- login-server
- frontend
- frontend
- backend
- admin
ports:
- 80:80

4
docu/Concepts/Testfallkatalog/T02-Benutzerverwaltung/T02-C001-01-LoginMaske.md
View File

@ -28,8 +28,8 @@ Es wird die Anzeige der Login-Maske geprüft auf:
Es wird die URL
* Testumgebung: https://stage1.gradido.net/vue/login
* Produktionsumgebung: https://gradido.net/vue/login
* Testumgebung: https://stage1.gradido.net/login
* Produktionsumgebung: https://gdd1.gradido.net/login
aufgerufen und die Login-Maske wird angezeigt.

4
docu/Concepts/Testfallkatalog/T02-Benutzerverwaltung/T02-C001-02-LoginMaske.md
View File

@ -31,8 +31,8 @@ Prüfung auf korrekten Funktionsweise des Buttons "Anmeldung":
2. Mit Betätigen des Buttons "Anmeldung" wird der Login-Prozess gestartet
1. *Gibt es noch weitere Prüfschritte (LOG-Ausgaben auf Login-, Community-Server o.ä.) die hier überprüft werden sollten?*
3. Bei erfolgreichem Login wird die URL angezeigt
* Testumgebung: "https://stage1.gradido.net/vue/overview"
* Produktionsumgebung: "https://gradido.net/vue/overview"
* Testumgebung: "https://stage1.gradido.net/overview"
* Produktionsumgebung: "https://gdd1.gradido.net/overview"
4. Bei fehlerhaftem Login wird eine entsprechend aussagekräftige Fehlermeldung angezeigt und die Anzeige verbleibt auf der Login-Maske.
## Ende-Bedingungen:

20
docu/Concepts/Testfallkatalog/T02-Benutzerverwaltung/T02-C001-03-LoginMaske.md
View File

@ -21,8 +21,8 @@ Es wird in der Login-Maske die Funktion des Links "Passwort vergessen?"geprüft:
Es wird die URL
* Testumgebung: https://stage1.gradido.net/vue/login
* Produktionsumgebung: https://gradido.net/vue/login
* Testumgebung: https://stage1.gradido.net/login
* Produktionsumgebung: https://gdd1.gradido.net/login
aufgerufen und die Login-Maske wird angezeigt.
@ -33,8 +33,8 @@ aufgerufen und die Login-Maske wird angezeigt.
* Prüfung auf korrekte Funktionsweise des Links "Passwort vergessen?"
* keine sonstigen Eingaben bzw. Vorraussetzungen notwendig
* Mit Betätigen des Links "Passwort vergessen?" wird der Passwort-Zurücksetzen-Prozess gestartet und unter
* der Testumgebung: https://stage1.gradido.net/vue/password
* der Produktionsumgebung: https://gradido.net/vue/password
* der Testumgebung: https://stage1.gradido.net/password
* der Produktionsumgebung: https://gdd1.gradido.net/password
* folgende Maske angezeigt:
![1te Passwort zurücksetzen Maske](../image/T02-C001-03-LoginMaske1.png)
@ -70,8 +70,8 @@ aufgerufen und die Login-Maske wird angezeigt.
3. Wiederholung von Schritt 2.4.1 und 2.4.2 bis alle verfügbaren Sprachen geprüft sind
5. Link "Zurück" ist aktiv und landet auf URL
1. Testumgebung: https://stage1.gradido.net/vue/Login
2. Produktionsumgebung: https://gradido.net/vue/Login
1. Testumgebung: https://stage1.gradido.net/login
2. Produktionsumgebung: https://gdd1.gradido.net/login
6. Footer-Links:
1. "Gradido-Akademie" reagiert und landet je nach aktuell eingestellter Sprache auf URL "https://gradido.net/de"
@ -91,8 +91,8 @@ aufgerufen und die Login-Maske wird angezeigt.
![Email-Versandmakse](../image/T02-C001-03-LoginMaske2.png)
5. **In dem angegebenen Email-Postfach wird eine Email empfangen, die ein Zurücksetzen-Link enthält:**
1. Testumgebung: https://stage1.gradido.net/vue/reset/'erzeugter rest-code'
2. Produktionsumgebung: https://gradido.net/vue/reset/'erzeugter reset-code'
1. Testumgebung: https://stage1.gradido.net/reset/'erzeugter rest-code'
2. Produktionsumgebung: https://ggd1.gradido.net/reset/'erzeugter reset-code'
6. **Mit Betätigen des Reset-Links bzw. Aufruf des Rest-Links im Browser wird folgende Maske angezeigt:**
![2te Passwort zurücksetzen Maske](../image/T02-C001-03-LoginMaske3.png)
@ -137,8 +137,8 @@ aufgerufen und die Login-Maske wird angezeigt.
3. Wiederholung von Schritt 8.3.1 und 8.3.2 bis alle verfügbaren Sprachen geprüft sind
12. Link "Zurück" ist aktiv und landet auf URL
1. Testumgebung: https://stage1.gradido.net/vue/Login
2. Produktionsumgebung: https://gradido.net/vue/Login
1. Testumgebung: https://stage1.gradido.net/Login
2. Produktionsumgebung: https://gdd1.gradido.net/Login
13. Footer-Links:
1. "Gradido-Akademie" reagiert und landet je nach aktuell eingestellter Sprache auf URL "https://gradido.net/de"

2
docu/create-coins-as-admin.md
View File

@ -1,5 +1,5 @@
### User creation
A user needs to be created on the login_server we do this when we create a User in the client https://$community_domain/vue/register.
A user needs to be created on the login_server we do this when we create a User in the client https://$community_domain/register.
### Admin user
To set a User admin we need the following SQL query on the gradido_login database:

25
docu/onboarding_process.md Normal file
View File

@ -0,0 +1,25 @@
# Onboarding process
## Meeting with Bernd (zoom)
## Meeting with Claus-Peter and perhaps concerning team member (zoom)
## Presentation to all team members (discord)
## Grant access to
- Nextcloud server
- Add to github repository (create github account if not available)
## Start working
- install docker desktop
- install git: https://git-scm.com/book/de/v2/Erste-Schritte-Git-installieren
- add new ssh key: https://docs.github.com/en/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account
- download gradido repository: git clone git@github.com:gradido/gradido.git --recursive
- install visual studio code
- docker-compose build
- docker-compose up
http://localhost/vue should be same as https://gdd1.gradido.com/vue
## git basics to update this document
- git status
- git branch onboarding_process
- git checkout onboarding_process
- git add onboarding_process.md
- git commit
- git push
- git push --set-upstream origin onboarding_process

20
frontend/run/server.js
View File

@ -1,15 +1,21 @@
// Imports
const express = require('express')
const serveStatic = require('serve-static')
const path = require('path')
// Port
// Host & Port
const hostname = '127.0.0.1'
const port = process.env.PORT || 3000
// Express Server
const app = express()
// eslint-disable-next-line node/no-path-concat
app.use(serveStatic(__dirname + '/../dist'))
app.listen(port)
// Serve files
app.use(express.static(path.join(__dirname, '../dist')))
// Default to index.html
app.get('*', (req, res) => {
res.sendFile(path.join(__dirname, '../dist/index.html'))
})
// eslint-disable-next-line no-console
console.log(`http://frontend:${port} server started.`)
app.listen(port, hostname, () => {
// eslint-disable-next-line no-console
console.log('Listening at http://%s:%s/', hostname, port)
})

78
frontend/src/locales/de.json
View File

@ -26,7 +26,7 @@
"days": "Tage",
"decay": "Vergänglichkeit",
"decayStart": " - Startblock für Vergänglichkeit am: ",
"decay_introduced": "Die Vergänglichkeit wurde Eingeführt am ",
"decay_introduced": "Die Vergänglichkeit wurde eingeführt am ",
"decay_since_last_transaction": "Vergänglichkeit seit der letzten Transaktion",
"hours": "Stunden",
"last_transaction": "Letzte Transaktion",
@ -47,8 +47,8 @@
"change-password": "Fehler beim Ändern des Passworts",
"empty-transactionlist": "Es gab einen Fehler mit der Übermittlung der Anzahl deiner Transaktionen.",
"error": "Fehler",
"no-account": "Leider konnten wir keinen Account finden mit diesen Daten!",
"no-email-verify": "Die Email wurde noch nicht bestätigt, bitte überprüfe deine Emails und klicke auf den Aktivierungslink!",
"no-account": "Leider konnten wir keinen Account mit diesen Daten finden.",
"no-email-verify": "Dein Konto wurde noch nicht bestätigt. Bitte überprüfe deine E-Mails und klicke auf den Aktivierungslink!",
"no-transactionlist": "Es gab leider einen Fehler. Es wurden keine Transaktionen vom Server übermittelt",
"session-expired": "Die Sitzung wurde aus Sicherheitsgründen beendet."
},
@ -56,29 +56,29 @@
"amount": "Betrag",
"at": "am",
"cancel": "Abbrechen",
"close": "schließen",
"current_balance": "aktueller Kontostand",
"close": "Schließen",
"current_balance": "Aktueller Kontostand",
"date": "Datum",
"description": "Beschreibung",
"edit": "bearbeiten",
"edit": "Bearbeiten",
"email": "E-Mail",
"firstname": "Vorname",
"from": "von",
"from": "Von",
"lastname": "Nachname",
"memo": "Nachricht",
"message": "Nachricht",
"new_balance": "neuer Kontostand nach Bestätigung",
"new_balance": "Neuer Kontostand nach Bestätigung",
"password": "Passwort",
"passwordRepeat": "Passwort wiederholen",
"password_new": "neues Passwort",
"password_new_repeat": "neues Passwort wiederholen",
"password_old": "altes Passwort",
"password_new": "Neues Passwort",
"password_new_repeat": "Neues Passwort wiederholen",
"password_old": "Altes Passwort",
"recipient": "Empfänger",
"reset": "Zurücksetzen",
"save": "speichern",
"save": "Speichern",
"scann_code": "<strong>QR Code Scanner</strong> - Scanne den QR Code deines Partners",
"sender": "Absender",
"send_check": "Bestätige deine Zahlung. Prüfe bitte nochmal alle Daten!",
"send_check": "Bestätige deine Transaktion. Prüfe bitte nochmal alle Angaben!",
"send_now": "Jetzt senden",
"send_transaction_error": "Leider konnte die Transaktion nicht ausgeführt werden!",
"send_transaction_success": "Deine Transaktion wurde erfolgreich ausgeführt",
@ -90,39 +90,39 @@
"validation": {
"gddSendAmount": "Das Feld {_field_} muss eine Zahl zwischen {min} und {max} mit höchstens zwei Nachkommastellen sein",
"is-not": "Du kannst dir selbst keine Gradidos überweisen",
"usernmae-regex": "Der Username muss mit einem Buchstaben beginnen auf den mindestens zwei alfanumerische Zeichen folgen müssen.",
"usernmae-regex": "Der Username muss mit einem Buchstaben beginnen, auf den mindestens zwei alpha-numerische Zeichen folgen müssen.",
"usernmae-unique": "Der Username ist bereits vergeben."
},
"your_amount": "Dein Betrag"
},
"gdt": {
"action": "Aktion",
"calculation": "Berechnung der Gradido Transform",
"calculation": "Berechnung der GradidoTransform",
"contribution": "Beitrag",
"conversion": "Umrechnung",
"conversion-gdt-euro": "Umrechnung Euro / Gradido Transform (GDT)",
"conversion-gdt-euro": "Umrechnung Euro / GradidoTransform (GDT)",
"credit": "Gutschrift",
"factor": "Faktor",
"formula": "Berechnungsformel",
"funding": "Zu den Förderbeiträgen",
"gdt-received": "Gradido Transform (GDT) erhalten",
"no-transactions": "Du hast noch keine Gradido Transform (GDT).",
"gdt-received": "GradidoTransform (GDT) erhalten",
"no-transactions": "Du hast noch keine GradidoTransform (GDT).",
"publisher": "Dein geworbenes Mitglied hat einen Beitrag bezahlt",
"raise": "Erhöhung",
"recruited-member": "Geworbenes Mitglied"
"recruited-member": "Eingeladenes Mitglied"
},
"imprint": "Impressum",
"language": "Sprache",
"login": "Anmeldung",
"logout": "Abmelden",
"members_area": "Mitgliederbereich",
"message": "hallo gradido !!",
"message": "hallo gradido!!",
"overview": "Übersicht",
"privacy_policy": "Datenschutzerklärung",
"publisher": {
"infoNoRegister": "Dies ist für die Registrieung nicht nötig!",
"infoText": "Trage hier die ID des Herausgebers ein. Wenn du keine ID hast dann bitte leer lassen.",
"publisherId": "PublisherID"
"infoNoRegister": "Dies ist für die Registrieung nicht nötig.",
"infoText": "Wenn dir dein Empfehlungsgeber seine Publisher-Id gegeben hat, trage sie hier ein, sonst lass das Feld bitte unverändert!",
"publisherId": "Publisher-Id"
},
"send": "Senden",
"settings": {
@ -143,7 +143,7 @@
"change-success": "Dein Name wurde erfolgreich geändert."
},
"newsletter": {
"newsletter": "Newsletter",
"newsletter": "Informationen per E-Mail",
"newsletterFalse": "Du erhältst keine Informationen per E-Mail.",
"newsletterTrue": "Du erhältst Informationen per E-Mail."
},
@ -151,15 +151,15 @@
"change-password": "Passwort ändern",
"forgot_pwd": "Passwort vergessen?",
"not-authenticated": "Leider konnten wir dich nicht authentifizieren. Bitte wende dich an den Support.",
"resend_subtitle": "Dein Aktivierungslink ist abgelaufen, Du kannst hier ein neuen anfordern.",
"resend_subtitle": "Dein Aktivierungslink ist abgelaufen. Du kannst hier ein neuen anfordern.",
"reset": "Passwort zurücksetzen",
"reset-password": {
"text": "Jetzt kannst du ein neues Passwort speichern, mit dem du dich zukünftig in der Gradido-App anmelden kannst."
"text": "Gib nun ein neues Passwort ein, mit dem du dich zukünftig in deinem Gradido-Konto anmelden willst."
},
"send_now": "Jetzt senden",
"set": "Passwort festlegen",
"set-password": {
"text": "Jetzt kannst du ein neues Passwort speichern, mit dem du dich zukünftig in der Gradido-App anmelden kannst."
"text": "Speichere nun dein neues Passwort, mit dem du dich zukünftig in deinem Gradido-Konto anmelden kannst."
},
"subtitle": "Wenn du dein Passwort vergessen hast, kannst du es hier zurücksetzen."
}
@ -167,13 +167,13 @@
"signup": "Registrieren",
"site": {
"404": {
"back": "Zurück zur Übersicht!",
"back": "Zurück zur Übersicht",
"ooops": "Ooops!",
"text": "Seite nicht gefunden. Aber keine Sorge, wir haben noch viele andere Seiten zum Erkunden"
"text": "Seite nicht gefunden. Aber keine Sorge, wir haben noch viele andere Seiten zu erkunden."
},
"checkEmail": {
"errorText": "Email konnte nicht verifiziert werden.",
"title": "Email wird verifiziert"
"errorText": "E-Mail konnte nicht verifiziert werden.",
"title": "E-Mail wird verifiziert"
},
"login": {
"community": "Tausend Dank, weil du bei uns bist!",
@ -190,17 +190,17 @@
"lowercase": "Ein Kleinbuchstabe erforderlich.",
"minimum": "Mindestens 8 Zeichen.",
"no-whitespace": "Keine Leerzeichen und Tabulatoren",
"one_number": "Eine Zahl erforderlich.",
"special-char": "Ein Sonderzeichen erforderlich (z.B. _ oder ä)",
"one_number": "Zahl erforderlich.",
"special-char": "Sonderzeichen erforderlich (z.B. _ oder ä)",
"subtitle": "Werde Teil der Gemeinschaft!",
"title": "Erstelle dein Gradido-Konto",
"uppercase": "Ein Großbuchstabe erforderlich."
"uppercase": "Großbuchstabe erforderlich."
},
"thx": {
"activateEmail": "Deine Email wurde noch nicht aktiviert, bitte überprüfe deine Email und Klicke den Aktivierungslink!",
"checkEmail": "Deine Email würde erfolgreich verifiziert.",
"email": "Wir haben dir eine eMail gesendet.",
"emailActivated": "Danke dass Du deine Email bestätigt hast.",
"activateEmail": "Dein Konto wurde noch nicht aktiviert. Bitte überprüfe deine E-Mail und klicke den Aktivierungslink!",
"checkEmail": "Deine E-Mail wurde erfolgreich verifiziert.",
"email": "Wir haben dir eine E-Mail gesendet.",
"emailActivated": "Danke dass Du deine E-Mail bestätigt hast.",
"errorTitle": "Achtung!",
"register": "Du bist jetzt registriert, bitte überprüfe deine Emails und klicke auf den Aktivierungslink.",
"reset": "Dein Passwort wurde geändert.",
@ -209,7 +209,7 @@
},
"transaction": {
"gdd-text": "Gradido Transaktionen",
"gdt-text": "Gradido Transform Transaktionen",
"gdt-text": "GradidoTransform Transaktionen",
"more": "mehr",
"nullTransactions": "Du hast noch keine Transaktionen auf deinem Konto.",
"receiverNotFound": "Empfänger nicht gefunden",

66
frontend/src/locales/en.json
View File

@ -1,5 +1,5 @@
{
"admin_area": "Admin's area",
"admin_area": "Admin Area",
"back": "Back",
"community": {
"choose-another-community": "Choose another community",
@ -9,7 +9,7 @@
"hours": "hours",
"hours_report": "Hourly report",
"more_hours": "more hours",
"submit": "submit"
"submit": "Submit"
}
},
"community": "Community",
@ -17,23 +17,23 @@
"current-community": "Current community",
"location": "Location:",
"other-communities": "Other communities",
"switch-to-this-community": "switch to this community"
"switch-to-this-community": "Switch to this community"
},
"decay": {
"calculation_decay": "Calculation of Decay",
"calculation_total": "Calculation of the grand total",
"calculation_total": "Calculation of the total Amount",
"created": "Created",
"days": "Days",
"decay": "Decay",
"decayStart": " - Starting block for decay at: ",
"decay_introduced": "Decay was Introduced on",
"decay_introduced": "Decay was introduced on",
"decay_since_last_transaction": "Decay since the last transaction",
"hours": "Hours",
"last_transaction": "Last transaction:",
"minutes": "Minutes",
"months": "Months",
"noDecay": "No Decay",
"past_time": "Past time",
"past_time": "Time passed",
"received": "Received",
"seconds": "Seconds",
"sent": "Sent",
@ -48,7 +48,7 @@
"empty-transactionlist": "There was an error with the transmission of the number of your transactions.",
"error": "Error",
"no-account": "Unfortunately we could not find an account to the given data!",
"no-email-verify": "Your email is not activated yet, please check your emails and click the activation link!",
"no-email-verify": "Your account has not been confirmed yet. Please check your emails and click on the activation link!",
"no-transactionlist": "Unfortunately, there was an error. No transactions have been sent from the server.",
"session-expired": "The session was closed for security reasons."
},
@ -57,7 +57,7 @@
"at": "at",
"cancel": "Cancel",
"close": "Close",
"current_balance": "current balance",
"current_balance": "Current Balance",
"date": "Date",
"description": "Description",
"edit": "Edit",
@ -67,7 +67,7 @@
"lastname": "Lastname",
"memo": "Message",
"message": "Message",
"new_balance": "account balance after confirmation",
"new_balance": "Account balance after confirmation",
"password": "Password",
"passwordRepeat": "Repeat password",
"password_new": "New password",
@ -75,10 +75,10 @@
"password_old": "Old password",
"recipient": "Recipient",
"reset": "Reset",
"save": "save",
"save": "Save",
"scann_code": "<strong>QR Code Scanner</strong> - Scan the QR Code of your partner",
"sender": "Sender",
"send_check": "Confirm your payment. Please check all data again!",
"send_check": "Confirm your transaction. Please check all data again!",
"send_now": "Send now",
"send_transaction_error": "Unfortunately, the transaction could not be executed!",
"send_transaction_success": "Your transaction was successfully completed",
@ -88,40 +88,40 @@
"to": "to",
"to1": "to",
"validation": {
"gddSendAmount": "The {_field_} field must be a number between {min} and {max} with at most two digits",
"gddSendAmount": "The {_field_} field must be a number between {min} and {max} with at most two digits after the decimal point",
"is-not": "You cannot send Gradidos to yourself",
"usernmae-regex": "The username must start with a letter, followed by at least two alphanumeric characters.",
"usernmae-unique": "The username is already taken."
"usernmae-unique": "This username is already taken."
},
"your_amount": "Your amount"
},
"gdt": {
"action": "Action",
"calculation": "Calculation of Gradido Transform",
"calculation": "Calculation of GradidoTransform",
"contribution": "Contribution",
"conversion": "Conversion",
"conversion-gdt-euro": "Conversion Euro / Gradido Transform (GDT)",
"conversion-gdt-euro": "Conversion Euro / GradidoTransform (GDT)",
"credit": "Credit",
"factor": "Factor",
"formula": "Calculation formula",
"funding": "Regarding the funding contributions",
"gdt-received": "Gradido Transform (GDT) received",
"no-transactions": "You do not have Gradido Transform (GDT) yet.",
"funding": "To the funding contributions",
"gdt-received": "GradidoTransform (GDT) received",
"no-transactions": "You do not have GradidoTransform (GDT) yet.",
"publisher": "A member you referred has paid a contribution",
"raise": "Increase",
"recruited-member": "Recruited Member"
"recruited-member": "Invited member"
},
"imprint": "Legal notice",
"language": "Language",
"login": "Login",
"logout": "Logout",
"members_area": "Member's area",
"members_area": "Members area",
"message": "hello gradido !!",
"overview": "Overview",
"privacy_policy": "Privacy policy",
"publisher": {
"infoNoRegister": "This is not necessary for registration!",
"infoText": "Enter the ID of the publisher here. If you do not have an ID, please leave it blank.",
"infoNoRegister": "This is not necessary for registration.",
"infoText": "If your referrer has given you his publisher id, enter it here, otherwise leave the field unchanged!",
"publisherId": "PublisherID"
},
"send": "Send",
@ -135,7 +135,7 @@
"changeLanguage": "Change language",
"de": "Deutsch",
"en": "English",
"select_language": "Please choose a language.",
"select_language": "Please choose your language.",
"success": "Your language has been successfully updated."
},
"name": {
@ -143,23 +143,23 @@
"change-success": "Your name has been successfully changed."
},
"newsletter": {
"newsletter": "Newsletter",
"newsletterFalse": "You will not receive any information by e-mail.",
"newsletterTrue": "You will receive information by e-mail."
"newsletter": "Information by email",
"newsletterFalse": "You will not receive any information by email.",
"newsletterTrue": "You will receive information by email."
},
"password": {
"change-password": "Change password",
"forgot_pwd": "Forgot password?",
"not-authenticated": "Unfortunately we could not authenticate you. Please contact the support.",
"resend_subtitle": "Your activation link is expired, here you can order a new one.",
"resend_subtitle": "Your activation link has expired, here you can order a new one.",
"reset": "Reset password",
"reset-password": {
"text": "Now you can save a new password to login to the Gradido-App in the future."
"text": "Enter a new password that you will use to log in to your Gradido account in the future.."
},
"send_now": "Send now",
"set": "Set password",
"set-password": {
"text": "Now you can save a new password to login to the Gradido-App in the future."
"text": "Now save your new password, which you can use to log in to your Gradido account in the future."
},
"subtitle": "If you have forgotten your password, you can reset it here."
}
@ -167,9 +167,9 @@
"signup": "Sign up",
"site": {
"404": {
"back": "Back to dashboard!",
"back": "Back to the overview",
"ooops": "Ooops!",
"text": "Page not found. Do not worry though, we have plenty of other pages to explore"
"text": "Page not found. But don't worry, we have many other sites to explore."
},
"checkEmail": {
"errorText": "Could not verify the email.",
@ -197,7 +197,7 @@
"uppercase": "One uppercase letter required."
},
"thx": {
"activateEmail": "Your email has not been activated yet, please check your emails and click the activation link!",
"activateEmail": "Your account has not been activated yet, please check your emails and click the activation link!",
"checkEmail": "Your email has been successfully verified.",
"email": "We have sent you an email.",
"emailActivated": "Thank you your email has been activated.",
@ -209,7 +209,7 @@
},
"transaction": {
"gdd-text": "Gradido Transactions",
"gdt-text": "Gradido Transform Transactions",
"gdt-text": "GradidoTransform Transactions",
"more": "more",
"nullTransactions": "You don't have any transactions on your account yet.",
"receiverNotFound": "Recipient not found",

2
frontend/src/main.js
View File

@ -28,7 +28,7 @@ Vue.toasted.register(
loadAllRules(i18n)
addNavigationGuards(router, store, apolloProvider.defaultClient)
addNavigationGuards(router, store, apolloProvider.defaultClient, i18n)
if (!store) {
setTimeout(

3
frontend/src/routes/guards.js
View File

@ -1,6 +1,6 @@
import { verifyLogin } from '../graphql/queries'
const addNavigationGuards = (router, store, apollo) => {
const addNavigationGuards = (router, store, apollo, i18n) => {
// handle publisherId
router.beforeEach((to, from, next) => {
const publisherId = to.query.pid
@ -21,6 +21,7 @@ const addNavigationGuards = (router, store, apollo) => {
fetchPolicy: 'network-only',
})
.then((result) => {
i18n.locale = result.data.verifyLogin.language
store.dispatch('login', result.data.verifyLogin)
next({ path: '/overview' })
})

6
frontend/src/routes/guards.test.js
View File

@ -23,7 +23,11 @@ const apollo = {
query: apolloQueryMock,
}
addNavigationGuards(router, store, apollo)
const i18n = {
locale: jest.fn(),
}
addNavigationGuards(router, store, apollo, i18n)
describe('navigation guards', () => {
beforeEach(() => {

2
frontend/src/routes/router.js
View File

@ -5,7 +5,7 @@ import routes from './routes'
Vue.use(VueRouter)
const router = new VueRouter({
base: '/vue',
base: '/',
routes,
linkActiveClass: 'active',
mode: 'history',

4
frontend/src/routes/router.test.js
View File

@ -6,10 +6,10 @@ describe('router', () => {
const { options } = router
const { scrollBehavior, routes } = options
it('has "/vue" as base', () => {
it('has "/" as base', () => {
expect(options).toEqual(
expect.objectContaining({
base: '/vue',
base: '/',
}),
)
})

4
frontend/src/store/store.test.js
View File

@ -124,13 +124,13 @@ describe('Vuex store', () => {
name: 'test12',
description: 'test community 12',
url: 'http://test12.test12/',
registerUrl: 'http://test12.test12/vue/register',
registerUrl: 'http://test12.test12/register',
})
expect(state.community).toEqual({
name: 'test12',
description: 'test community 12',
url: 'http://test12.test12/',
registerUrl: 'http://test12.test12/vue/register',
registerUrl: 'http://test12.test12/register',
})
})
})

16
frontend/src/views/Layout/AuthLayout_gdd.spec.js
View File

@ -15,6 +15,7 @@ describe('AuthLayoutGdd', () => {
meta: {
hideFooter: false,
},
path: '/',
},
$store: {
state: {},
@ -47,5 +48,20 @@ describe('AuthLayoutGdd', () => {
it('has a footer inside the main content', () => {
expect(wrapper.find('div.main-content').find('footer.footer').exists()).toBeTruthy()
})
it('has LanguageSwitch', () => {
expect(wrapper.findComponent({ name: 'LanguageSwitch' }).exists()).toBeTruthy()
})
describe('check LanguageSwitch on register page', () => {
beforeEach(() => {
mocks.$route.path = '/register'
wrapper = Wrapper()
})
it('has not LanguageSwitch', () => {
expect(wrapper.findComponent({ name: 'LanguageSwitch' }).exists()).toBeFalsy()
})
})
})
})

2
frontend/src/views/Layout/AuthLayout_gdd.vue
View File

@ -2,7 +2,7 @@
<div class="wrapper">
<div class="main-content mt-4">
<router-view></router-view>
<language-switch class="text-center mb-5 mt-5" />
<language-switch v-if="$route.path !== '/register'" class="text-center mb-5 mt-5" />
<content-footer v-if="!$route.meta.hideFooter"></content-footer>
</div>
</div>

8
frontend/src/views/Pages/Login.spec.js
View File

@ -10,7 +10,7 @@ const apolloQueryMock = jest.fn().mockResolvedValue({
name: 'test12',
description: 'test community 12',
url: 'http://test12.test12/',
registerUrl: 'http://test12.test12/vue/register',
registerUrl: 'http://test12.test12/register',
},
},
})
@ -79,7 +79,7 @@ describe('Login', () => {
name: 'test12',
description: 'test community 12',
url: 'http://test12.test12/',
registerUrl: 'http://test12.test12/vue/register',
registerUrl: 'http://test12.test12/register',
})
})
@ -111,8 +111,8 @@ describe('Login', () => {
jest.clearAllMocks()
mocks.$store.state.community = {
name: 'Gradido Entwicklung',
url: 'http://localhost/vue/',
registerUrl: 'http://localhost/vue/register',
url: 'http://localhost/',
registerUrl: 'http://localhost/register',
description: 'Die lokale Entwicklungsumgebung von Gradido.',
}
wrapper = Wrapper()

8
frontend/src/views/Pages/Register.spec.js
View File

@ -11,7 +11,7 @@ const apolloQueryMock = jest.fn().mockResolvedValue({
name: 'test12',
description: 'test community 12',
url: 'http://test12.test12/',
registerUrl: 'http://test12.test12/vue/register',
registerUrl: 'http://test12.test12/register',
},
},
})
@ -73,7 +73,7 @@ describe('Register', () => {
name: 'test12',
description: 'test community 12',
url: 'http://test12.test12/',
registerUrl: 'http://test12.test12/vue/register',
registerUrl: 'http://test12.test12/register',
})
})
@ -105,8 +105,8 @@ describe('Register', () => {
jest.clearAllMocks()
mocks.$store.state.community = {
name: 'Gradido Entwicklung',
url: 'http://localhost/vue/',
registerUrl: 'http://localhost/vue/register',
url: 'http://localhost/',
registerUrl: 'http://localhost/register',
description: 'Die lokale Entwicklungsumgebung von Gradido.',
}
wrapper = Wrapper()

8
frontend/src/views/Pages/RegisterCommunity.spec.js
View File

@ -9,7 +9,7 @@ const apolloQueryMock = jest.fn().mockResolvedValue({
name: 'test12',
description: 'test community 12',
url: 'http://test12.test12/',
registerUrl: 'http://test12.test12/vue/register',
registerUrl: 'http://test12.test12/register',
},
},
})
@ -61,7 +61,7 @@ describe('RegisterCommunity', () => {
name: 'test12',
description: 'test community 12',
url: 'http://test12.test12/',
registerUrl: 'http://test12.test12/vue/register',
registerUrl: 'http://test12.test12/register',
})
})
@ -87,8 +87,8 @@ describe('RegisterCommunity', () => {
jest.clearAllMocks()
mocks.$store.state.community = {
name: 'Gradido Entwicklung',
url: 'http://localhost/vue/',
registerUrl: 'http://localhost/vue/register',
url: 'http://localhost/',
registerUrl: 'http://localhost/register',
description: 'Die lokale Entwicklungsumgebung von Gradido.',
}
wrapper = Wrapper()

Some files were not shown because too many files have changed in this diff Show More