diff --git a/client/src/components/AttachmentDisplayCard.vue b/client/src/components/AttachmentDisplayCard.vue index d9f565d..a9778fb 100644 --- a/client/src/components/AttachmentDisplayCard.vue +++ b/client/src/components/AttachmentDisplayCard.vue @@ -20,7 +20,7 @@ .image-placeholder { width: 100%; height: 100%; - max-height: 100px; + max-height: 75px; } .image-placeholder:after { content: 'No Image'; @@ -89,7 +89,14 @@
- + No Image @@ -171,6 +178,9 @@ this.checkKeyup() }) }, + updated: function(){ + this.checkKeyup() + }, methods: { checkKeyup(){ let elm = this.$refs.edit diff --git a/client/src/components/NoteTitleDisplayCard.vue b/client/src/components/NoteTitleDisplayCard.vue index 738806f..36618bb 100644 --- a/client/src/components/NoteTitleDisplayCard.vue +++ b/client/src/components/NoteTitleDisplayCard.vue @@ -108,7 +108,14 @@
- +
diff --git a/client/src/pages/AttachmentsPage.vue b/client/src/pages/AttachmentsPage.vue index 96b49a7..50e7b7b 100644 --- a/client/src/pages/AttachmentsPage.vue +++ b/client/src/pages/AttachmentsPage.vue @@ -35,6 +35,23 @@ Other Files + + + + Archived + + + + Trashed + { this.$bus.$emit('notification', error) }) + .catch(error => { + this.$bus.$emit('notification', error) + + this.setApplicationStateJson(null) + }) }, setApplicationStateJson(json){ @@ -1238,7 +1242,7 @@ // Can be called via import or Ajax on load this.cycleData = json?.cycleData || this.cycleData - this.fields = [...new Set(json.fields)] || this.fields + this.fields = [...new Set(json?.fields)] || this.fields this.userFields = json?.userFields || this.userFields // this.graphs = json?.graphs || this.graphs diff --git a/client/src/pages/HelpPage.vue b/client/src/pages/HelpPage.vue index 4338c0d..75b7cc1 100644 --- a/client/src/pages/HelpPage.vue +++ b/client/src/pages/HelpPage.vue @@ -6,7 +6,7 @@ Help -

Encrypted Data

Note text, note title and the note search index is fully encrypted.


Encryption is the transformation of data into a form unreadable by anyone without the password. Its purpose is to ensure privacy by keeping the information hidden from anyone for whom it is not intended, even those who can see the encrypted data. If every note in the database was leaked, nothing would be readable. If the government asked for your notes, it would all be gibberish.


Some Data is not encrypted

To keep up ease of use, your Username, Files, Tags, Attachments and attachment search text is not encrypted.


Searching

Note text searching is limited to key words.

To allow for higher security, the complexity of the search index has been reduced. To make sure that every word of every note is fully encrypted, the search index is encrypted as well.


Files

The files section will show files that have been uploaded to notes or web pages that have been scraped from notes.


The text next to each file can be modified and found later with the search bar.

Files are limited to 5MB in size.


Files can be uploaded to notes. If its an image, the picture will be put into the note.

Images added to notes will have text scanned, so it can be searched (This isn't super accurate so don't rely to heavily on it.) The text can be updated at any time and searched later.


Scratch Pad

The Scratch Pad was designed to allow rapid input to a single note. Rather than junking up all your notes with random links, numbers or haikus, you can put them all in one place.


Flux Theme

Flux theme limits the amount of blue emitted by your screen. Most things turn sepia and a filter is applied to images to make them more sepia. Less blue light at night is supposed to be helpful for falling asleep.

Here is some good research on the topic: https://justgetflux.com/research.html


Text Editor Keyboard Shortcuts


Shared Notes

Shared notes still respect privacy but use a different security scheme. Instead of encrypting the note with your password, a shared password is created. This note then uses public-key cryptography to share the note with other users, while still making it unreadable to anyone else.


It is possible to generate a public URL for shared notes. This exposes the Encryption Key for the note. Anyone with the key to the note can read that note. The encryption key to a shared note can easily be changed by turning off sharing, then turning it back on.


Links in notes

Links put into notes are automatically scraped. This means the data from the link will be scanned to get an image and some text from the website to help make that link more accessible in the future.

You can edit the text of scarped links and any time and search for it later.


Deleting Notes

Deleting a note from the trash erases all note text and the note entry. It can not be recovered.

None of the files related to the note are deleted. They can be manually removed at any time.


Daily Backups

All notes are backed up, every night, at midnight. If there is data loss, it can be restored from a backup. If you experience some sort of cataclysmic data loss please contact the system administrator for a copy of your data or a restoration procedure.

All data in the backups remains encrypted and unreadable.


Two Factor Authentication (2FA)

Two factor authentication is an additional layer of security on top of your regular password. It requires you to enter in two passwords when you log into your account:

  1. Your Regular Password
  2. A Time based one time password, generated by your mobile device


This means that even if an attacker steals your password, they still can not log in without your mobile device.

Google Authenticator is a good place to get started.

Android - iOS

Open Sours 2FA Alternatives

Aegis - Android - Authenticator - iOS



+

Encrypted Data

Note text, note title and the note search index is fully encrypted.


Encryption is the transformation of data into a form unreadable by anyone without the password. Its purpose is to ensure privacy by keeping the information hidden from anyone for whom it is not intended, even those who can see the encrypted data. If every note in the database was leaked, nothing would be readable. If the government asked for your notes, it would all be gibberish.


Some Data is not encrypted

To keep up ease of use, your Username, Files, Tags, Attachments and attachment search text is not encrypted.


Searching

Note text searching is limited to key words.

To allow for higher security, the complexity of the search index has been reduced. To make sure that every word of every note is fully encrypted, the search index is encrypted as well.


Files

The files section will show files that have been uploaded to notes or web pages that have been scraped from notes.


The text next to each file can be modified and found later with the search bar.

Files are limited to 5MB in size.


Files can be uploaded to notes. If its an image, the picture will be put into the note.

Images added to notes will have text scanned, so it can be searched (This isn't super accurate so don't rely to heavily on it.) The text can be updated at any time and searched later.


Scratch Pad

The Scratch Pad was designed to allow rapid input to a single note. Rather than junking up all your notes with random links, numbers or haikus, you can put them all in one place.


Dark Theme

Dark theme limits the amount of blue emitted by your screen. Less blue light at night is supposed to be helpful for falling asleep.

Here is some good research on the topic: https://justgetflux.com/research.html


Text Editor Keyboard Shortcuts


Shared Notes

Shared notes still respect privacy but use a different security scheme. Instead of encrypting the note with your password, a shared password is created. This note then uses public-key cryptography to share the note with other users, while still making it unreadable to anyone else.


It is possible to generate a public URL for shared notes. This exposes the Encryption Key for the note. Anyone with the key to the note can read that note. The encryption key to a shared note can easily be changed by turning off sharing, then turning it back on.


Links in notes

Links put into notes are automatically scraped. This means the data from the link will be scanned to get an image and some text from the website to help make that link more accessible in the future.

You can edit the text of scarped links and any time and search for it later.


Deleting Notes

Deleting a note from the trash erases all note text and the note entry. It can not be recovered.

None of the files related to the note are deleted. They can be manually removed at any time.


Daily Backups

All notes are backed up, every night, at midnight. If there is data loss, it can be restored from a backup. If you experience some sort of cataclysmic data loss please contact the system administrator for a copy of your data or a restoration procedure.

All data in the backups remains encrypted and unreadable.


Two Factor Authentication (2FA)

Two factor authentication is an additional layer of security on top of your regular password. It requires you to enter in two passwords when you log into your account:

  1. Your Regular Password
  2. A Time based one time password, generated by your mobile device


This means that even if an attacker steals your password, they still can not log in without your mobile device.

Google Authenticator is a good place to get started.

Android - iOS

Open Sours 2FA Alternatives

Aegis - Android - Authenticator - iOS



diff --git a/client/src/pages/NotesPage.vue b/client/src/pages/NotesPage.vue index 32d2d55..7e5a117 100644 --- a/client/src/pages/NotesPage.vue +++ b/client/src/pages/NotesPage.vue @@ -23,6 +23,8 @@
diff --git a/server/models/Attachment.js b/server/models/Attachment.js index d268c3d..d2fa5d3 100644 --- a/server/models/Attachment.js +++ b/server/models/Attachment.js @@ -56,16 +56,28 @@ Attachment.search = (userId, noteId, attachmentType, offset, setSize, includeSha WHERE attachment.user_id = ? AND visible = 1 ` if(noteId && noteId > 0){ + // + // Show everything if note ID is present + // query += 'AND attachment.note_id = ? ' params.push(noteId) - } - if(attachmentType == 'links'){ - query += 'AND attachment_type = 1 ' - } - if(attachmentType == 'files'){ - query += 'AND attachment_type > 1 ' + } else { + // + // Other filters if NO note id + // + + if(attachmentType == 'links'){ + query += 'AND attachment_type = 1 ' + } + if(attachmentType == 'files'){ + query += 'AND attachment_type > 1 ' + } + + query += `AND note.archived = ${ attachmentType == 'archived' ? '1':'0' } ` + query += `AND note.trashed = ${ attachmentType == 'trashed' ? '1':'0' } ` } + if(!noteId){ const sharedOrNot = includeShared ? ' NOT ':' ' @@ -79,6 +91,8 @@ Attachment.search = (userId, noteId, attachmentType, offset, setSize, includeSha const parsedSetSize = parseInt(setSize, 10) || 20 query += ` LIMIT ${limitOffset}, ${parsedSetSize}` + console.log(query) + db.promise() .query(query, params) .then((rows, fields) => { @@ -434,8 +448,10 @@ Attachment.processUrl = (userId, noteId, url) => { const keywords = SiteScrape.getKeywords($) var desiredSearchText = '' - desiredSearchText += pageTitle + "\n" - desiredSearchText += keywords + desiredSearchText += pageTitle + if(keywords){ + desiredSearchText += "\n" + keywords + } console.log({ pageTitle, diff --git a/server/models/User.js b/server/models/User.js index 5642082..a7de2ca 100644 --- a/server/models/User.js +++ b/server/models/User.js @@ -205,7 +205,7 @@ User.getCounts = (userId) => { `SELECT SUM(archived = 1 && share_user_id IS NULL && trashed = 0) AS archivedNotes, SUM(trashed = 1) AS trashedNotes, - SUM(share_user_id IS NULL && trashed = 0) AS totalNotes, + SUM(share_user_id IS NULL && trashed = 0 AND quick_note < 2) AS totalNotes, SUM(share_user_id IS NOT null && opened IS null && trashed = 0) AS youGotMailCount, SUM(share_user_id != ? && trashed = 0) AS sharedToNotes FROM note