Merge branch 'master' of github.com:designcreateplay/NodeBB

public/src/forum/accountedit.js

@@ -190,10 +190,11 @@ define(['forum/accountheader', 'uploader'], function(header, uploader) {
 
 			$('#changePasswordBtn').on('click', function() {
 
-				if (passwordvalid && passwordsmatch && currentPassword.val()) {
+				if (passwordvalid && passwordsmatch && (currentPassword.val() || app.isAdmin)) {
 					socket.emit('user.changePassword', {
 						'currentPassword': currentPassword.val(),
-						'newPassword': password.val()
+						'newPassword': password.val(),
+						'uid': templates.get('theirid')
 					}, function(err) {
 
 						currentPassword.val('');
@@ -203,12 +204,10 @@ define(['forum/accountheader', 'uploader'], function(header, uploader) {
 						passwordvalid = false;
 
 						if (err) {
-							app.alertError(err.message);
-							return;
+							return app.alertError(err.message);
 						}
 
 						app.alertSuccess('Your password is updated!');
-
 					});
 				}
 				return false;

public/src/forum/admin/groups.js

@@ -58,15 +58,14 @@ define(function() {
 
 		listEl.on('click', 'button[data-action]', function() {
 			var action = this.getAttribute('data-action'),
-				parent = $(this).parents('li[data-gid]'),
-				gid = parent.attr('data-gid'),
-				system = parseInt(parent.attr('data-system'), 10) === 1;
+				gid = $(this).parents('li[data-gid]').attr('data-gid');
 
 			switch (action) {
 				case 'delete':
 					bootbox.confirm('Are you sure you wish to delete this group?', function(confirm) {
 						if (confirm) {
 							socket.emit('admin.groups.delete', gid, function(err, data) {
+								console.log(err, data);
 								if(err) {
 									return app.alertError(err.message);
 								}
@@ -107,8 +106,6 @@ define(function() {
 
 						detailsModal.attr('data-gid', groupObj.gid);
 						detailsModal.modal('show');
-						
-						$('.hide-if-system')[system ? 'hide' : 'show']();
 					});
 					break;
 			}

public/src/forum/popular.js

@@ -21,6 +21,10 @@ define(['forum/recent'], function(recent) {
 		});
 
 		function loadMoreTopics() {
+			if(!$('#topics-container').length) {
+				return;
+			}
+
 			loadingMoreTopics = true;
 			socket.emit('topics.loadMoreFromSet', {
 				set: 'topics:' + $('.nav-pills .active a').html().toLowerCase(),

public/src/forum/recent.js

@@ -92,6 +92,10 @@ define(function() {
 	}
 
 	Recent.loadMoreTopics = function() {
+		if(!$('#topics-container').length) {
+			return;
+		}
+
 		loadingMoreTopics = true;
 		socket.emit('topics.loadMoreRecentTopics', {
 			after: $('#topics-container').attr('data-nextstart'),

public/src/forum/unread.js

@@ -44,6 +44,9 @@ define(['forum/recent'], function(recent) {
 		});
 
 		function loadMoreTopics() {
+			if(!$('#topics-container').length) {
+				return;
+			}
 			loadingMoreTopics = true;
 			socket.emit('topics.loadMoreUnreadTopics', {
 				after: $('#topics-container').attr('data-nextstart')

public/templates/admin/groups.tpl

@@ -5,7 +5,7 @@
 <div class="groups">
 	<ul id="groups-list">
 	<!-- BEGIN groups -->
-		<li data-gid="{groups.gid}" data-system="{groups.hidden}">
+		<li data-gid="{groups.gid}">
 			<div class="row">
 				<div class="col-lg-8">
 					<h2>{groups.name}</h2>
@@ -69,7 +69,7 @@
 				<div class="modal-body">
 					<div class="alert alert-danger hide" id="create-modal-error"></div>
 					<form>
-						<div class="form-group hide-if-system">
+						<div class="form-group">
 							<label for="group-name">Group Name</label>
 							<input type="text" class="form-control" id="change-group-name" placeholder="Group Name" />
 						</div>

src/events.js

@@ -13,6 +13,17 @@ var fs = require('fs'),
 		logWithUser(uid, 'changed password');
 	}
 
+	events.logAdminChangeUserPassword = function(adminUid, theirUid) {
+		user.getMultipleUserFields([adminUid, theirUid], ['username'], function(err, userData) {
+			if(err) {
+				return winston.error('Error logging event. ' + err.message);
+			}
+
+			var msg = userData[0].username + '(uid ' + adminUid + ') changed password of ' + userData[1].username + '(uid ' + theirUid + ')';
+			events.log(msg);
+		});
+	}
+
 	events.logPasswordReset = function(uid) {
 		logWithUser(uid, 'reset password');
 	}
@@ -53,11 +64,10 @@ var fs = require('fs'),
 
 		user.getUserField(uid, 'username', function(err, username) {
 			if(err) {
-				winston.error('Error logging event. ' + err.message);
-				return;
+				return winston.error('Error logging event. ' + err.message);
 			}
 
-			var msg = '[' + new Date().toUTCString() + '] - ' + username + '(uid ' + uid + ') ' + string;
+			var msg = username + '(uid ' + uid + ') ' + string;
 			events.log(msg);
 		});
 	}
@@ -65,6 +75,8 @@ var fs = require('fs'),
 	events.log = function(msg) {
 		var logFile = path.join(nconf.get('base_dir'), logFileName);
 
+		msg = '[' + new Date().toUTCString() + '] - ' + msg;
+
 		fs.appendFile(logFile, msg + '\n', function(err) {
 			if(err) {
 				winston.error('Error logging event. ' + err.message);

src/groups.js

@@ -13,16 +13,14 @@
 						expand: options.expand
 					}, next);
 				}, function (err, groups) {
-					groups.forEach(function(group, g, arr) {
-						if (parseInt(group.deleted, 10) === 1) {
-							delete arr[g];
-						}
-						if (parseInt(group.hidden, 10) === 1) {
-							group.deletable = 0;
+					// Remove deleted and hidden groups from this list
+					callback(err, groups.filter(function (group) {
+						if (parseInt(group.deleted, 10) === 1 || parseInt(group.hidden, 10) === 1) {
+							return false;
+						} else {
+							return true;
 						}
-					});
-
-					callback(err, groups);
+					}));
 				});
 			} else {
 				callback(null, []);

src/routes/admin.js

@@ -375,7 +375,10 @@ var nconf = require('nconf'),
 					if(err) {
 						return next(err);
 					}
-					res.json(200, {eventdata: data.toString()});
+					if(data) {
+						data = data.toString().split('\n').reverse().join('\n');
+					}
+					res.json(200, {eventdata: data});
 				});
 			});
 

src/user.js

@@ -424,27 +424,59 @@ var bcrypt = require('bcryptjs'),
 	};
 
 	User.changePassword = function(uid, data, callback) {
+		if(!data || !data.uid) {
+			return callback(new Error('invalid-uid'));
+		}
+
+		function hashAndSetPassword(callback) {
+			User.hashPassword(data.newPassword, function(err, hash) {
+				if(err) {
+					return callback(err);
+				}
+
+				User.setUserField(data.uid, 'password', hash, function(err) {
+					if(err) {
+						return callback(err);
+					}
+
+					if(parseInt(uid, 10) === parseInt(data.uid, 10)) {
+						events.logPasswordChange(data.uid);
+					} else {
+						events.logAdminChangeUserPassword(uid, data.uid);
+					}
+
+					callback();
+				});
+			});
+		}
+
 		if (!utils.isPasswordValid(data.newPassword)) {
 			return callback(new Error('Invalid password!'));
 		}
 
+		if(parseInt(uid, 10) !== parseInt(data.uid, 10)) {
+			User.isAdministrator(uid, function(err, isAdmin) {
+				if(err || !isAdmin) {
+					return callback(err || new Error('not-allowed'));
+				}
+
+				hashAndSetPassword(callback);
+			});
+		} else {
 			User.getUserField(uid, 'password', function(err, currentPassword) {
-			bcrypt.compare(data.currentPassword, currentPassword, function(err, res) {
 				if(err) {
 					return callback(err);
 				}
 
-				if (res) {
-					User.hashPassword(data.newPassword, function(err, hash) {
-						User.setUserField(uid, 'password', hash);
-						events.logPasswordChange(uid);
-						callback(null);
-					});
-				} else {
-					callback(new Error('Your current password is not correct!'));
+				bcrypt.compare(data.currentPassword, currentPassword, function(err, res) {
+					if (err || !res) {
+						return callback(err || new Error('Your current password is not correct!'));
 					}
+
+					hashAndSetPassword(callback);
 				});
 			});
+		}
 	};
 
 	User.setUserField = function(uid, field, value, callback) {