Merge branch 'master' of github.com:NodeBB/NodeBB

5 years ago · 2fba0a1405
parent 60bf488f54 b3a88331bf
commit 2fba0a1405
23 changed files with 241 additions and 59 deletions
--- a/install/data/defaults.json
+++ b/install/data/defaults.json
@ -70,6 +70,8 @@
    "reputation:disabled": 0,
    "downvote:disabled": 0,
    "disableSignatures": 0,
+    "downvotesPerDay": 10,
+    "downvotesPerUserPerDay": 3,
    "min:rep:downvote": 0,
    "min:rep:flag": 0,
    "min:rep:profile-picture": 0,
--- a/install/package.json
+++ b/install/package.json
@ -2,7 +2,7 @@
    "name": "nodebb",
    "license": "GPL-3.0",
    "description": "NodeBB Forum",
-    "version": "1.14.1",
+    "version": "1.14.2-beta.0",
    "homepage": "http://www.nodebb.org",
    "repository": {
        "type": "git",
@ -80,7 +80,7 @@
        "@nodebb/mubsub": "^1.6.0",
        "@nodebb/socket.io-adapter-mongo": "3.0.1",
        "nconf": "^0.10.0",
-        "nodebb-plugin-composer-default": "6.3.48",
+        "nodebb-plugin-composer-default": "6.3.50",
        "nodebb-plugin-dbsearch": "4.1.1",
        "nodebb-plugin-emoji": "^3.3.0",
        "nodebb-plugin-emoji-android": "2.0.0",
@ -90,7 +90,7 @@
        "nodebb-plugin-spam-be-gone": "0.7.2",
        "nodebb-rewards-essentials": "0.1.3",
        "nodebb-theme-lavender": "5.0.11",
-        "nodebb-theme-persona": "10.1.60",
+        "nodebb-theme-persona": "10.1.62",
        "nodebb-theme-slick": "1.2.29",
        "nodebb-theme-vanilla": "11.1.32",
        "nodebb-widget-essentials": "4.1.1",
@ -172,4 +172,4 @@
            "url": "https://github.com/barisusakli"
        }
    ]
-}
+}
--- a/public/language/en-GB/admin/manage/categories.json
+++ b/public/language/en-GB/admin/manage/categories.json
@ -76,6 +76,7 @@
 	"alert.user-search": "Search for a user here...",
 	"alert.find-group": "Find a Group",
 	"alert.group-search": "Search for a group here...",
+	"alert.not-enough-whitelisted-tags": "Whitelisted tags are less than minimum tags, you need to create more whitelisted tags!",
 	"collapse-all": "Collapse All",
 	"expand-all": "Expand All",
 	"disable-on-create": "Disable on create"
--- a/public/language/en-GB/admin/manage/users.json
+++ b/public/language/en-GB/admin/manage/users.json
@ -108,5 +108,5 @@

 	"alerts.prompt-email": "Emails: ",
 	"alerts.email-sent-to": "An invitation email has been sent to %1",
-	"alerts.x-users-found": "%1 user(s) found! Search took %2 ms."
+	"alerts.x-users-found": "%1 user(s) found, (%2 seconds)"
 }
--- a/public/language/en-GB/admin/settings/reputation.json
+++ b/public/language/en-GB/admin/settings/reputation.json
@ -5,6 +5,8 @@
 	"votes-are-public": "All Votes Are Public",
 	"thresholds": "Activity Thresholds",
 	"min-rep-downvote": "Minimum reputation to downvote posts",
+	"downvotes-per-day": "Downvotes per day (set to 0 for unlimited downvotes)",
+	"downvotes-per-user-per-day": "Downvotes per user per day (set to 0 for unlimited downvotes)",
 	"min-rep-flag": "Minimum reputation to flag posts",
 	"min-rep-website": "Minimum reputation to add \"Website\" to user profile",
 	"min-rep-aboutme": "Minimum reputation to add \"About me\" to user profile",
--- a/public/language/en-GB/error.json
+++ b/public/language/en-GB/error.json
@ -165,6 +165,8 @@
 	"not-enough-reputation-min-rep-cover-picture": "You do not have enough reputation to add a cover picture",
 	"already-flagged": "You have already flagged this post",
 	"self-vote": "You cannot vote on your own post",
+	"too-many-downvotes-today": "You can only downvote %1 times a day",
+	"too-many-downvotes-today-user": "You can only downvote a user %1 times a day",

 	"reload-failed": "NodeBB encountered a problem while reloading: \"%1\". NodeBB will continue to serve the existing client-side assets, although you should undo what you did just prior to reloading.",

--- a/public/language/en-GB/modules.json
+++ b/public/language/en-GB/modules.json
@ -60,6 +60,8 @@
 	"composer.upload-file": "Upload File",
 	"composer.zen_mode": "Zen Mode",
 	"composer.select_category": "Select a category",
+	"composer.textarea.placeholder": "Enter your post content here, drag and drop images",
+

 	"bootbox.ok": "OK",
 	"bootbox.cancel": "Cancel",
--- a/public/openapi/read.yaml
+++ b/public/openapi/read.yaml
@ -954,11 +954,30 @@ paths:
                    properties:
                      search_display:
                        type: string
+                      matchCount:
+                        type: number
+                      query:
+                        type: string
+                      uidQuery:
+                        type: string
+                      usernameQuery:
+                        type: string
+                      emailQuery:
+                        type: string
+                      ipQuery:
+                        type: string
+                      pageCount:
+                        type: number
+                      resultsPerPage:
+                        type: number
+                      timing:
+                        type: number
                      users:
                        type: array
                        items:
                          $ref: components/schemas/UserObject.yaml#/UserObjectACP
                  - $ref: components/schemas/CommonProps.yaml#/CommonProps
+                  - $ref: components/schemas/Pagination.yaml#/Pagination
  /api/admin/manage/users/latest:
    get:
      tags:
--- a/public/src/admin/manage/category.js
+++ b/public/src/admin/manage/category.js
@ -48,6 +48,11 @@ define('admin/manage/category', [
 		$('[data-name="bgColor"], [data-name="color"]').each(enableColorPicker);

 		$('#save').on('click', function () {
+			var tags = $('#tag-whitelist').val() ? $('#tag-whitelist').val().split(',') : [];
+			if (tags.length && tags.length < parseInt($('#cid-min-tags').val(), 10)) {
+				return app.alertError('[[admin/manage/categories:alert.not-enough-whitelisted-tags]]');
+			}
+
 			if (Object.keys(modified_categories).length) {
 				socket.emit('admin.categories.update', modified_categories, function (err, result) {
 					if (err) {
--- a/public/src/admin/manage/users.js
+++ b/public/src/admin/manage/users.js
@ -376,33 +376,10 @@ define('admin/manage/users', ['translator', 'benchpress', 'autocomplete'], funct

 			timeoutId = setTimeout(function () {
 				$('.fa-spinner').removeClass('hidden');
-
-				socket.emit('admin.user.search', { searchBy: type, query: $this.val() }, function (err, data) {
-					if (err) {
-						return app.alertError(err.message);
-					}
-
-					Benchpress.parse('admin/manage/users', 'users', data, function (html) {
-						translator.translate(html, function (html) {
-							html = $(html);
-							$('.users-table tbody tr').remove();
-							$('.users-table tbody').append(html);
-							html.find('.timeago').timeago();
-							$('.fa-spinner').addClass('hidden');
-
-							if (data && data.users.length === 0) {
-								$('#user-notfound-notify').translateHtml('[[admin/manage/users:search.not-found]]')
-									.removeClass('hide')
-									.addClass('label-danger')
-									.removeClass('label-success');
-							} else {
-								$('#user-notfound-notify').translateHtml(translator.compile('admin/manage/users:alerts.x-users-found', data.users.length, data.timing))
-									.removeClass('hide')
-									.addClass('label-success')
-									.removeClass('label-danger');
-							}
-						});
-					});
+				loadSearchPage({
+					searchBy: type,
+					query: $this.val(),
+					page: 1,
 				});
 			}, 250);
 		});
@ -412,6 +389,38 @@ define('admin/manage/users', ['translator', 'benchpress', 'autocomplete'], funct
 		handleInvite();
 	};

+	function loadSearchPage(query) {
+		var qs = decodeURIComponent($.param(query));
+		$.get(config.relative_path + '/api/admin/manage/users/search?' + qs, renderSearchResults).fail(function (xhrErr) {
+			if (xhrErr && xhrErr.responseJSON && xhrErr.responseJSON.error) {
+				app.alertError(xhrErr.responseJSON.error);
+			}
+		});
+	}
+
+	function renderSearchResults(data) {
+		Benchpress.parse('partials/paginator', { pagination: data.pagination }, function (html) {
+			$('.pagination-container').replaceWith(html);
+		});
+
+		app.parseAndTranslate('admin/manage/users', 'users', data, function (html) {
+			$('.users-table tbody tr').remove();
+			$('.users-table tbody').append(html);
+			html.find('.timeago').timeago();
+			$('.fa-spinner').addClass('hidden');
+
+			if (data && data.users.length === 0) {
+				$('#user-notfound-notify').translateHtml('[[admin/manage/users:search.not-found]]')
+					.removeClass('hidden');
+				$('#user-found-notify').addClass('hidden');
+			} else {
+				$('#user-found-notify').translateHtml(translator.compile('admin/manage/users:alerts.x-users-found', data.matchCount, data.timing))
+					.removeClass('hidden');
+				$('#user-notfound-notify').addClass('hidden');
+			}
+		});
+	}
+
 	function handleInvite() {
 		$('[component="user/invite"]').on('click', function () {
 			bootbox.prompt('[[admin/manage/users:alerts.prompt-email]]', function (email) {
--- a/public/src/modules/categorySearch.js
+++ b/public/src/modules/categorySearch.js
@ -11,7 +11,9 @@ define('categorySearch', function () {
 		if (!searchEl.length) {
 			return;
 		}
-		var toggleVisibility = searchEl.parent('[component="category/dropdown"]').length > 0;
+		var toggleVisibility = searchEl.parent('[component="category/dropdown"]').length > 0 ||
+			searchEl.parent('[component="category-selector"]').length > 0;
+
 		var categoryEls = el.find('[component="category/list"] [data-cid]');
 		el.on('show.bs.dropdown', function () {
 			function revealParents(cid) {
--- a/src/controllers/admin/users.js
+++ b/src/controllers/admin/users.js
@ -1,6 +1,7 @@
 'use strict';

 const nconf = require('nconf');
+const validator = require('validator');

 const user = require('../../user');
 const meta = require('../../meta');
@ -15,11 +16,56 @@ const usersController = module.exports;
 const userFields = ['uid', 'username', 'userslug', 'email', 'postcount', 'joindate', 'banned',
 	'reputation', 'picture', 'flags', 'lastonline', 'email:confirmed'];

-usersController.search = function (req, res) {
-	res.render('admin/manage/users', {
-		search_display: '',
-		users: [],
+usersController.search = async function (req, res) {
+	const page = parseInt(req.query.page, 10) || 1;
+	let resultsPerPage = parseInt(req.query.resultsPerPage, 10) || 50;
+	if (![50, 100, 250, 500].includes(resultsPerPage)) {
+		resultsPerPage = 50;
+	}
+	const searchData = await user.search({
+		uid: req.uid,
+		query: req.query.query,
+		searchBy: req.query.searchBy,
+		page: page,
+		resultsPerPage: resultsPerPage,
+		findUids: async function (query, searchBy, hardCap) {
+			if (!query || query.length < 2) {
+				return [];
+			}
+			hardCap = hardCap || resultsPerPage * 10;
+			if (!query.endsWith('*')) {
+				query += '*';
+			}
+
+			const data = await db.getSortedSetScan({
+				key: searchBy + ':sorted',
+				match: query,
+				limit: hardCap,
+			});
+			return data.map(data => data.split(':')[1]);
+		},
+	});
+
+	const uids = searchData.users.map(user => user && user.uid);
+	const userInfo = await user.getUsersFields(uids, ['email', 'flags', 'lastonline', 'joindate']);
+
+	searchData.users.forEach(function (user, index) {
+		if (user && userInfo[index]) {
+			user.email = userInfo[index].email;
+			user.flags = userInfo[index].flags || 0;
+			user.lastonlineISO = userInfo[index].lastonlineISO;
+			user.joindateISO = userInfo[index].joindateISO;
+		}
 	});
+	searchData.query = validator.escape(String(req.query.query || ''));
+	searchData.uidQuery = req.query.searchBy === 'uid' ? searchData.query : '';
+	searchData.usernameQuery = req.query.searchBy === 'username' ? searchData.query : '';
+	searchData.emailQuery = req.query.searchBy === 'email' ? searchData.query : '';
+	searchData.ipQuery = req.query.searchBy === 'uid' ? searchData.query : '';
+	searchData.resultsPerPage = resultsPerPage;
+	searchData.pagination = pagination.create(page, searchData.pageCount, req.query);
+	searchData.search_display = '';
+	res.render('admin/manage/users', searchData);
 };

 usersController.sortByJoinDate = async function (req, res) {
--- a/src/database/mongo.js
+++ b/src/database/mongo.js
@ -168,7 +168,7 @@ mongoModule.close = function (callback) {

 mongoModule.socketAdapter = function () {
 	const mongoAdapter = require('@nodebb/socket.io-adapter-mongo');
-	return mongoAdapter(connection.getConnectionString());
+	return mongoAdapter(connection.getConnectionString(), connection.getConnectionOptions());
 };

 require('./mongo/main')(mongoModule);
--- a/src/meta/build.js
+++ b/src/meta/build.js
@ -218,7 +218,7 @@ exports.build = function (targets, options, callback) {
 		},
 	], function (err) {
 		if (err) {
-			winston.error('[build] Encountered error during build step\n' + err.stack);
+			winston.error('[build] Encountered error during build step\n' + err.stack ? err.stack : err);
 			return callback(err);
 		}

--- a/src/posts/votes.js
+++ b/src/posts/votes.js
@ -119,18 +119,17 @@ module.exports = function (Posts) {
 	}

 	async function unvote(pid, uid, command) {
-		const [owner, voteStatus, reputation] = await Promise.all([
+		const [owner, voteStatus] = await Promise.all([
 			Posts.getPostField(pid, 'uid'),
 			Posts.hasVoted(pid, uid),
-			user.getUserField(uid, 'reputation'),
 		]);

 		if (parseInt(uid, 10) === parseInt(owner, 10)) {
 			throw new Error('[[error:self-vote]]');
 		}

-		if (command === 'downvote' && reputation < meta.config['min:rep:downvote']) {
-			throw new Error('[[error:not-enough-reputation-to-downvote]]');
+		if (command === 'downvote') {
+			await checkDownvoteLimitation(pid, uid);
 		}

 		let hook;
@ -159,6 +158,33 @@ module.exports = function (Posts) {
 		return await vote(voteStatus.upvoted ? 'downvote' : 'upvote', true, pid, uid);
 	}

+	async function checkDownvoteLimitation(pid, uid) {
+		const oneDay = 86400000;
+		const [reputation, targetUid, downvotedPids] = await Promise.all([
+			user.getUserField(uid, 'reputation'),
+			Posts.getPostField(pid, 'uid'),
+			db.getSortedSetRevRangeByScore(
+				'uid:' + uid + ':downvote', 0, -1, '+inf', Date.now() - oneDay
+			),
+		]);
+
+		if (reputation < meta.config['min:rep:downvote']) {
+			throw new Error('[[error:not-enough-reputation-to-downvote]]');
+		}
+
+		if (meta.config.downvotesPerDay && downvotedPids.length >= meta.config.downvotesPerDay) {
+			throw new Error('[[error:too-many-downvotes-today, ' + meta.config.downvotesPerDay + ']]');
+		}
+
+		if (meta.config.downvotesPerUserPerDay) {
+			const postData = await Posts.getPostsFields(downvotedPids, ['uid']);
+			const targetDownvotes = postData.filter(p => p.uid === targetUid).length;
+			if (targetDownvotes >= meta.config.downvotesPerUserPerDay) {
+				throw new Error('[[error:too-many-downvotes-today-user, ' + meta.config.downvotesPerUserPerDay + ']]');
+			}
+		}
+	}
+
 	async function vote(type, unvote, pid, uid) {
 		uid = parseInt(uid, 10);
 		if (uid <= 0) {
--- a/src/socket.io/admin/user.js
+++ b/src/socket.io/admin/user.js
@ -178,6 +178,7 @@ async function deleteUsers(socket, uids, method) {
 }

 User.search = async function (socket, data) {
+	// TODO: deprecate
 	const searchData = await user.search({
 		query: data.query,
 		searchBy: data.searchBy,
--- a/src/socket.io/groups.js
+++ b/src/socket.io/groups.js
@ -368,8 +368,15 @@ SocketGroups.cover.update = async (socket, data) => {
 	if (!socket.uid) {
 		throw new Error('[[error:no-privileges]]');
 	}
+	if (data.file || (!data.imageData && !data.position)) {
+		throw new Error('[[error:invalid-data]]');
+	}
 	await canModifyGroup(socket.uid, data.groupName);
-	return await groups.updateCover(socket.uid, data);
+	return await groups.updateCover(socket.uid, {
+		groupName: data.groupName,
+		imageData: data.imageData,
+		position: data.position,
+	});
 };

 SocketGroups.cover.remove = async (socket, data) => {
@ -378,7 +385,9 @@ SocketGroups.cover.remove = async (socket, data) => {
 	}

 	await canModifyGroup(socket.uid, data.groupName);
-	await groups.removeCover(data);
+	await groups.removeCover({
+		groupName: data.groupName,
+	});
 };

 async function canModifyGroup(uid, groupName) {
--- a/src/user/search.js
+++ b/src/user/search.js
@ -37,9 +37,9 @@ module.exports = function (User) {
 		};

 		if (paginate) {
-			var resultsPerPage = meta.config.userSearchResultsPerPage;
-			var start = Math.max(0, page - 1) * resultsPerPage;
-			var stop = start + resultsPerPage;
+			const resultsPerPage = data.resultsPerPage || meta.config.userSearchResultsPerPage;
+			const start = Math.max(0, page - 1) * resultsPerPage;
+			const stop = start + resultsPerPage;
 			searchResult.pageCount = Math.ceil(uids.length / resultsPerPage);
 			uids = uids.slice(start, stop);
 		}
--- a/src/views/admin/manage/users.tpl
+++ b/src/views/admin/manage/users.tpl
@ -57,23 +57,26 @@
 			<form class="form-inline">
 				<div class="form-group">
 					<label>[[admin/manage/users:search.uid]]</label>
-					<input class="form-control" id="search-user-uid" data-search-type="uid" type="number" placeholder="[[admin/manage/users:search.uid-placeholder]]"/><br />
+					<input class="form-control" id="search-user-uid" data-search-type="uid" type="number" placeholder="[[admin/manage/users:search.uid-placeholder]]" value="{uidQuery}"/>
 				</div>
 				<div class="form-group">
 					<label>[[admin/manage/users:search.username]]</label>
-					<input class="form-control" id="search-user-name" data-search-type="username" type="text" placeholder="[[admin/manage/users:search.username-placeholder]]"/><br />
+					<input class="form-control" id="search-user-name" data-search-type="username" type="text" placeholder="[[admin/manage/users:search.username-placeholder]]" value="{usernameQuery}"/>
 				</div>
 				<div class="form-group">
 					<label>[[admin/manage/users:search.email]]</label>
-					<input class="form-control" id="search-user-email" data-search-type="email" type="text" placeholder="[[admin/manage/users:search.email-placeholder]]"/><br />
+					<input class="form-control" id="search-user-email" data-search-type="email" type="text" placeholder="[[admin/manage/users:search.email-placeholder]]" value="{emailQuery}"/>
 				</div>
 				<div class="form-group">
 					<label>[[admin/manage/users:search.ip]]</label>
-					<input class="form-control" id="search-user-ip" data-search-type="ip" type="text" placeholder="[[admin/manage/users:search.ip-placeholder]]"/><br />
+					<input class="form-control" id="search-user-ip" data-search-type="ip" type="text" placeholder="[[admin/manage/users:search.ip-placeholder]]" value="{ipQuery}"/>
 				</div>
 			</form>
 			<i class="fa fa-spinner fa-spin hidden"></i>
-			<span id="user-notfound-notify" class="label label-danger hide">[[admin/manage/users:search.not-found]]</span><br/>
+
+			<div id="user-found-notify" class="label label-info {{{if !matchCount}}}hidden{{{end}}}">[[admin/manage/users:alerts.x-users-found, {matchCount}, {timing}]]</div>
+
+			<div id="user-notfound-notify" class="label label-danger {{{if !query}}}hidden{{{end}}} {{{if matchCount}}}hidden{{{end}}}">[[admin/manage/users:search.not-found]]</div>
 		</div>

 		<!-- IF inactive -->
--- a/src/views/admin/partials/widget-settings.tpl
+++ b/src/views/admin/partials/widget-settings.tpl
@ -17,7 +17,7 @@
  </div>
  <div class="col-lg-6">
      <label>[[admin/extend/widgets:hide-from-groups]]</label>
-      <select name="groups" class="form-control" multiple size="10">
+      <select name="groupsHideFrom" class="form-control" multiple size="10">
          <!-- BEGIN groups -->
          <option value="{groups.displayName}">{groups.displayName}</option>
          <!-- END groups -->
--- a/src/views/admin/settings/reputation.tpl
+++ b/src/views/admin/settings/reputation.tpl
@ -32,7 +32,10 @@
 	<div class="col-sm-2 col-xs-12 settings-header">[[admin/settings/reputation:thresholds]]</div>
 	<div class="col-sm-10 col-xs-12">
 		<form>
-			<strong>[[admin/settings/reputation:min-rep-downvote]]</strong><br /> <input type="text" class="form-control" placeholder="0" data-field="min:rep:downvote"><br />
+			<strong>[[admin/settings/reputation:min-rep-downvote]]</strong><br /> <input type="text" class="form-control" placeholder="0"
+			data-field="min:rep:downvote"><br />
+			<strong>[[admin/settings/reputation:downvotes-per-day]]</strong><br /> <input type="text" class="form-control" placeholder="10" data-field="downvotesPerDay"><br />
+			<strong>[[admin/settings/reputation:downvotes-per-user-per-day]]</strong><br /> <input type="text" class="form-control" placeholder="3" data-field="downvotesPerUserPerDay"><br />
 			<strong>[[admin/settings/reputation:min-rep-flag]]</strong><br /> <input type="text" class="form-control" placeholder="0" data-field="min:rep:flag"><br />
 			<strong>[[admin/settings/reputation:min-rep-website]]</strong><br /> <input type="text" class="form-control" placeholder="0" data-field="min:rep:website"><br />
 			<strong>[[admin/settings/reputation:min-rep-aboutme]]</strong><br /> <input type="text" class="form-control" placeholder="0" data-field="min:rep:aboutme"><br />
--- a/test/groups.js
+++ b/test/groups.js
@ -1387,9 +1387,9 @@ describe('Groups', function () {
 		});

 		it('should fail if user is not logged in or not owner', function (done) {
-			socketGroups.cover.update({ uid: 0 }, {}, function (err) {
+			socketGroups.cover.update({ uid: 0 }, { imageData: 'asd' }, function (err) {
 				assert.equal(err.message, '[[error:no-privileges]]');
-				socketGroups.cover.update({ uid: regularUid }, { groupName: 'Test' }, function (err) {
+				socketGroups.cover.update({ uid: regularUid }, { groupName: 'Test', imageData: 'asd' }, function (err) {
 					assert.equal(err.message, '[[error:no-privileges]]');
 					done();
 				});
@ -1404,7 +1404,7 @@ describe('Groups', function () {
 					type: 'image/png',
 				},
 			};
-			socketGroups.cover.update({ uid: adminUid }, data, function (err, data) {
+			Groups.updateCover({ uid: adminUid }, data, function (err, data) {
 				assert.ifError(err);
 				Groups.getGroupFields('Test', ['cover:url'], function (err, groupData) {
 					assert.ifError(err);
@ -1434,6 +1434,20 @@ describe('Groups', function () {
 			});
 		});

+		it('should fail to upload group cover with invalid image', function (done) {
+			var data = {
+				groupName: 'Test',
+				file: {
+					path: imagePath,
+					type: 'image/png',
+				},
+			};
+			socketGroups.cover.update({ uid: adminUid }, data, function (err) {
+				assert.equal(err.message, '[[error:invalid-data]]');
+				done();
+			});
+		});
+
 		it('should fail to upload group cover with invalid image', function (done) {
 			var data = {
 				groupName: 'Test',
--- a/test/posts.js
+++ b/test/posts.js
@ -242,6 +242,42 @@ describe('Post\'s', function () {
 				});
 			});
 		});
+
+		it('should prevent downvoting more than total daily limit', async () => {
+			const oldValue = meta.config.downvotesPerDay;
+			meta.config.downvotesPerDay = 1;
+			let err;
+			const p1 = await topics.reply({
+				uid: voteeUid,
+				tid: topicData.tid,
+				content: 'raw content',
+			});
+			try {
+				await socketPosts.downvote({ uid: voterUid }, { pid: p1.pid, room_id: 'topic_1' });
+			} catch (_err) {
+				err = _err;
+			}
+			assert.equal(err.message, '[[error:too-many-downvotes-today, 1]]');
+			meta.config.downvotesPerDay = oldValue;
+		});
+
+		it('should prevent downvoting target user more than total daily limit', async () => {
+			const oldValue = meta.config.downvotesPerUserPerDay;
+			meta.config.downvotesPerUserPerDay = 1;
+			let err;
+			const p1 = await topics.reply({
+				uid: voteeUid,
+				tid: topicData.tid,
+				content: 'raw content',
+			});
+			try {
+				await socketPosts.downvote({ uid: voterUid }, { pid: p1.pid, room_id: 'topic_1' });
+			} catch (_err) {
+				err = _err;
+			}
+			assert.equal(err.message, '[[error:too-many-downvotes-today-user, 1]]');
+			meta.config.downvotesPerUserPerDay = oldValue;
+		});
 	});

 	describe('bookmarking', function () {
@ -910,7 +946,7 @@ describe('Post\'s', function () {
 		it('should get pid index', function (done) {
 			socketPosts.getPidIndex({ uid: voterUid }, { pid: pid, tid: topicData.tid, topicPostSort: 'oldest_to_newest' }, function (err, index) {
 				assert.ifError(err);
-				assert.equal(index, 2);
+				assert.equal(index, 4);
 				done();
 			});
 		});