This commit ensures that the Satzung content is loaded as a string, enhancing reliability. Additionally, it refines the HTML conversion function by improving the handling of line breaks, merging related lines, and removing empty paragraphs. These changes enhance the overall quality and readability of the generated HTML content.
This commit updates the text-to-HTML conversion function to remove page numbers and footers from the extracted text. It also introduces enhanced handling for enumerated lists, allowing for better formatting of items with specific patterns (e.g., a), b), c)). These changes improve the overall quality and readability of the generated HTML content.
This commit introduces a new mechanism for extracting text from uploaded PDF files using pdftotext, followed by a basic plausibility check of the extracted content. If the text meets the criteria, it is converted to HTML format and stored in the configuration, replacing the previous static content handling. This enhancement improves the accuracy and reliability of the Satzung content management.
This commit removes the PDF text extraction logic and replaces it with a fallback mechanism that retains existing content or provides a neutral message. The configuration update now only sets the PDF path without automatically generating HTML content, improving clarity and maintaining the integrity of the existing data.
This commit modifies the navigation and CMS user management components to allow access for both 'admin' and 'vorstand' roles. The changes include updating the conditional rendering logic in the Navigation and index.vue files, as well as adjusting the API endpoint to reflect the new role permissions, enhancing the flexibility of user access within the CMS.
This commit introduces role-based access control for user contact information in the CMS. It updates the user list display to show email and phone details only to users with the 'vorstand' role, while masking this information for others. Additionally, it modifies the API endpoints to ensure that contact data is only returned for authorized users, improving data privacy and security.
This commit modifies the loadMannschaften function across multiple components to fetch CSV data from the new API endpoint '/api/mannschaften' instead of the previous static file path '/data/mannschaften.csv'. This change enhances data retrieval consistency and aligns with the updated data management strategy in the application.
This commit adds logic to remove outdated `.gz` and `.br` files after a successful CSV write operation in the CMS. This ensures that users do not encounter inconsistent content due to leftover pre-compressed assets, enhancing data integrity and reliability in the application.
This commit improves the CSV file handling in the CMS by implementing an atomic write function that ensures data integrity during file saves. It introduces a verification step to check file size after writing, preventing issues with incomplete or corrupted files. Additionally, it refines the logic for determining target paths, prioritizing preferred directories and providing better error handling for write operations. These changes enhance the reliability and robustness of data management in the application.
This commit updates the version of several packages in package.json and package-lock.json, including downgrading "quill" to 2.0.2 and upgrading "devalue", "diff", "h3", "node-mock-http", "tar", and "undici" to their latest versions. Additionally, it improves the CSV file handling in the CMS by implementing a cache-busting mechanism for fetching data and enhancing error handling during file saving, ensuring more robust data management.
This commit removes the X-Frame-Options header in favor of using Content Security Policy (CSP) with frame-ancestors for better flexibility and modern security practices. It also adds a fallback for frame-ancestors in case CSP is not enabled. Additionally, the JavaScript middleware is updated to reflect these changes, ensuring consistent security header management across the application.
This commit updates the newsletter subscription component to display the user's email when logged in, improving user experience. It also adds logic to load the user's profile data upon authentication, ensuring that the email field is pre-filled for logged-in users. Additionally, the server-side subscription handler is modified to check user authentication status, allowing only logged-in users to subscribe to certain groups. This change enhances the overall subscription process and aligns it with user authentication state.
This commit deletes several files related to Passkey functionality, including CORS_TEST_ANLEITUNG.md, CROSS_DEVICE_DEBUG.md, CROSS_DEVICE_PROBLEM_ZUSAMMENFASSUNG.md, SMARTPHONE_TEST_ANLEITUNG.md, test-cors.html, test-smartphone.html, and Vue components for Passkey registration and recovery. These removals are part of a broader effort to streamline the codebase and focus on core authentication methods while Passkey support is under review.
Update the registrieren.vue component to enhance debug logging for local authenticator usage, providing clearer messages about the expected behavior during registration. Modify the register-passkey-options API to specify the use of local authenticators, ensuring better clarity on the authenticator selection process. This update aims to improve user understanding and troubleshooting during Passkey registration without the need for Cross-Device functionality.
Update the registrieren.vue component to improve debug logging for Cross-Device registration, including checks for local authenticators and tunnel server connections. Add warnings for potential issues when Cross-Device is not used. Modify the register-passkey-options API to ensure compatibility with Cross-Device requirements by allowing both platform and cross-platform authenticators. This update aims to provide clearer insights and troubleshooting guidance during the Passkey registration process.
Update the CROSS_DEVICE_PROBLEM_ZUSAMMENFASSUNG.md to clarify the role of tunnel servers in the Cross-Device authentication process and outline troubleshooting steps. Additionally, enhance the registrieren.vue component with detailed information about the FIDO Cross-Device flow, including QR-Code format, connection requirements, and potential issues. Improve the register-passkey-options API documentation to reflect the use of tunnel servers, ensuring better understanding and support for Cross-Device functionality.
Improve logging in the register-passkey-options and log-requests middleware to provide detailed insights into request handling. Add user-agent analysis, IP address logging, and mobile/desktop detection to aid in troubleshooting. This update aims to enhance the clarity of request logs and support better debugging during the Passkey registration process.
Update the registrieren.vue component to include detailed debug statements for the Cross-Device authentication flow, specifically during QR-Code generation. Improve logging in the register-passkey-options and register-passkey APIs to capture request details such as user agent and IP address, aiding in troubleshooting. Additionally, introduce a new function to retrieve pre-registration data, enhancing the overall registration process and compliance with Cross-Device requirements.
