From 604a8f7e60c5bece7df54eb1eab23d762d9c9b48 Mon Sep 17 00:00:00 2001 From: Julian Lam Date: Mon, 1 May 2023 11:01:46 -0400 Subject: [PATCH 1/6] fix: black on red coloration on error when a bad reset code is received --- src/views/reset_code.tpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/views/reset_code.tpl b/src/views/reset_code.tpl index 49aca47400..2365d7614c 100644 --- a/src/views/reset_code.tpl +++ b/src/views/reset_code.tpl @@ -31,7 +31,7 @@ {{{ else }}} -
+
[[reset_password:wrong_reset_code.title]]
From 2b70063eecea23151f245aafcb4f005e557ec089 Mon Sep 17 00:00:00 2001 From: Julian Lam Date: Mon, 1 May 2023 11:09:59 -0400 Subject: [PATCH 2/6] fix: #11545, wrong message shown to new users re: email confirmation --- public/src/modules/messages.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/public/src/modules/messages.js b/public/src/modules/messages.js index 18120ae8a4..99edb969d0 100644 --- a/public/src/modules/messages.js +++ b/public/src/modules/messages.js @@ -27,7 +27,7 @@ define('messages', ['bootbox', 'translator', 'storage', 'alerts', 'hooks'], func }, }; - if (!app.user.email) { + if (!app.user.email && !app.user.isEmailConfirmSent) { msg.message = '[[error:no-email-to-confirm]]'; msg.clickfn = function () { alerts.remove('email_confirm'); From b3787bd50c68017190c0d06836bf5d51f993629a Mon Sep 17 00:00:00 2001 From: Julian Lam Date: Mon, 1 May 2023 11:19:04 -0400 Subject: [PATCH 3/6] fix: update openapi spec to specify optional `expiry` argument available to be passed in via request body. Also updated test runner to ignore any request bodies in spec that are explicitly not required. --- public/openapi/write/topics/tid/pin.yaml | 11 +++++++++++ test/api.js | 5 ++++- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/public/openapi/write/topics/tid/pin.yaml b/public/openapi/write/topics/tid/pin.yaml index b3f2d580ae..140d3af0f4 100644 --- a/public/openapi/write/topics/tid/pin.yaml +++ b/public/openapi/write/topics/tid/pin.yaml @@ -11,6 +11,17 @@ put: required: true description: a valid topic id example: 1 + requestBody: + required: false + content: + application/json: + schema: + type: object + properties: + expiry: + type: number + description: A UNIX timestamp representing the moment the topic will be unpinned. + example: 1585337827953 responses: '200': description: Topic successfully pinned diff --git a/test/api.js b/test/api.js index e76ec8a216..a3d55f2c24 100644 --- a/test/api.js +++ b/test/api.js @@ -447,7 +447,10 @@ describe('API', async () => { let body = {}; let type = 'json'; - if (context[method].hasOwnProperty('requestBody') && context[method].requestBody.content['application/json']) { + if ( + context[method].hasOwnProperty('requestBody') && + context[method].requestBody.required !== false && + context[method].requestBody.content['application/json']) { body = buildBody(context[method].requestBody.content['application/json'].schema.properties); } else if (context[method].hasOwnProperty('requestBody') && context[method].requestBody.content['multipart/form-data']) { type = 'form'; From 2b8dd3d202e1b285a20df8ed0390f78b95254998 Mon Sep 17 00:00:00 2001 From: Julian Lam Date: Tue, 2 May 2023 11:47:54 -0400 Subject: [PATCH 4/6] fix: #11554, email requirement bypass by sending in whitespace --- src/user/interstitials.js | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/user/interstitials.js b/src/user/interstitials.js index 9a0e96f6db..fe4c080be7 100644 --- a/src/user/interstitials.js +++ b/src/user/interstitials.js @@ -46,6 +46,10 @@ Interstitials.email = async (data) => { issuePasswordChallenge: !!data.userData.uid && hasPassword, }, callback: async (userData, formData) => { + if (formData.email) { + formData.email = String(formData.email).trim(); + } + // Validate and send email confirmation if (userData.uid) { const isSelf = parseInt(userData.uid, 10) === parseInt(data.req.uid, 10); From a70b25a44a650705d58f82e680d2584464f86a52 Mon Sep 17 00:00:00 2001 From: Misty Release Bot Date: Tue, 2 May 2023 16:01:07 +0000 Subject: [PATCH 5/6] chore: incrementing version number - v3.0.1 --- install/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install/package.json b/install/package.json index 40594c859d..89b92b7271 100644 --- a/install/package.json +++ b/install/package.json @@ -2,7 +2,7 @@ "name": "nodebb", "license": "GPL-3.0", "description": "NodeBB Forum", - "version": "3.0.0", + "version": "3.0.1", "homepage": "https://www.nodebb.org", "repository": { "type": "git", From fd30af100f8f7a85ab92bfa30c4f01b681e17ec5 Mon Sep 17 00:00:00 2001 From: Misty Release Bot Date: Tue, 2 May 2023 16:01:07 +0000 Subject: [PATCH 6/6] chore: update changelog for v3.0.1 --- CHANGELOG.md | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0b4c382222..98ea864ec5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,18 @@ +#### v3.0.1 (2023-05-02) + +##### Chores + +* incrementing version number - v3.0.0 (224e08cd) +* update changelog for v3.0.0 (56ad381f) + +##### Bug Fixes + +* #11554, email requirement bypass by sending in whitespace (2b8dd3d2) +* update openapi spec to specify optional `expiry` argument available to be passed in via request body. (b3787bd5) +* #11545, wrong message shown to new users re: email confirmation (2b70063e) +* black on red coloration on error when a bad reset code is received (604a8f7e) +* use query param sort over user setting if it's set (9484ddc3) + #### v3.0.0 (2023-04-26) ##### Breaking Changes