when admin is changing users emails check if its avaiable and remove old email of user first
upgrade script to cleanup email:uid, email:sorted, will remove entries if user doesn't exist or doesn't have email or if entry in user hash doesn't match entry in email:uid
fix missing ! in email interstitial
fix missing await in canSendValidation,
fix broken tests
dont pass sessionId to email.remove if admin is changing/removing email
for user flags-> admins + all users who have `admin:users` privilege
for post flags -> admins + global mods + moderators of the category the post is in
refactor getModeratorUids function so it can be used for different privileges
* fix: convert loginDays and loginSeconds to number inputs
* feat: configurable session timeout for when "Remember Me" is not checked
closes#11124
* test: addition tests to check loginDays and sessionDuration settings
* test: also test loginSeconds override
* chore: incrementing version number - v2.8.1
* chore: update changelog for v2.8.1
* fix: accidental clearing of reset rate limiting on reset send
* test: move user reset tests to its own file, add failing test for user reset locks
* fix: #11119, counter attempted flooding of user reset route
* test: fix password reset socket test to check for error now
* test: same user sending multiple reset emails
should work after waiting the correct amount of time
* lint: fixes
* chore: rename outdated `cleanTokensAndUids` method
* test: no need to create user for new test
Co-authored-by: Misty Release Bot <deploy@nodebb.org>
Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com>
* breaking: remove `SocketUser.emailConfirm`, re: #10954
* chore: move email confirmation related configs to own section in Settings > Email
* feat: new user email method `getValidationExpiry`, returns expiration in ms.. probably.
* fix: bug where `user.email.isValidationPending` returned an u nexpected non-boolean value if there was no confirmation pending (only when checking email as well)
* fix: update getValidationExpiry to return ms
* test: use emailConfirmInterval for tests, for now
* fix: throw friendly error when attempting an email change within email confirmation window
* feat: new config option `emailConfirmExpiry` in days, governs how long the confirm link is good for
* test: additional tests for user email methods
* fix: add back missing handling of option
* test: fix tests
* feat: allow plugins to add to admin cache list
resolves #10820
plugins will have to use `filter:admin.cache.get` hook and just add their own cache to the object there.
* feat: add dump to ttlCache and expose properties
* feat: also expose properties under their current names
* feat: display TTL if set
* refactor: move src/cacheCreate.js to src/cache/lru.js
* fix: call new library location for lru cache creator
* feat: add ttl cache
* fix: update upload throttler to use ttl cache instead of lru cache
* chore: add missing dependency
* fix: avoid pubsub conflicts
* fix: use get instead of peek, which is not available in ttl-cache
* chore(deps): bump lru-cache from 6.0.0 to 7.13.1 in /install
Bumps [lru-cache](https://github.com/isaacs/node-lru-cache) from 6.0.0 to 7.13.1.
- [Release notes](https://github.com/isaacs/node-lru-cache/releases)
- [Changelog](https://github.com/isaacs/node-lru-cache/blob/main/CHANGELOG.md)
- [Commits](https://github.com/isaacs/node-lru-cache/compare/v6.0.0...v7.13.1)
---
updated-dependencies:
- dependency-name: lru-cache
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
* fix(lru-cache): remove unneeded `length` params for cache creation, as `maxSize` was not used in those init calls, also renamed some methods to match new method names in lru-cache [breaking]
Added deprecation notices for old params
* fix: replace three direct calls to lru-cache with call to cacheCreate, moved cache creation call in uploads to run on first init as config is not populated at lib init
* test: move configs init above cache reset calls in databasemock
* move some more code above cache clear
* refactor: remove unused
* test: lru
* test: more debug
* test: on more test
* use await helpers.uploadFile
* fix: tests remove logs
* fix: acp cache page
* fix: add in one more guard again cache instantiation with `length` prop but no `maxSize` prop
* fix(deps): bump markdown
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com>
* Revert "Revert "feat: cross origin opener policy options (#10710)""
This reverts commit 46050ace1a.
* Revert "Revert "chore(i18n): fallback strings for new resources: nodebb.admin-settings-advanced""
This reverts commit 9f291c07d3.
* feat: closes#10719, don't trim children if category is marked section
* feat: fire hook to allow plugins to filter the pids returned in a user profile
/cc julianlam/nodebb-plugin-support-forum#14
* fix: use `user.hidePrivateData();` more consistently across user retrieval endpoints
* fix: better looking placeholder text for ACP search
* fix: bug where fallback to forum search was not working due to client-side error
* feat: allow plugins to toggle whether IPs are shown in the users CSV export
* feat: Allow defining active plugins in config (#10767)
* Revert "Revert "feat: cross origin opener policy options (#10710)""
This reverts commit 46050ace1a.
* Revert "Revert "chore(i18n): fallback strings for new resources: nodebb.admin-settings-advanced""
This reverts commit 9f291c07d3.
* feat: closes#10719, don't trim children if category is marked section
* feat: fire hook to allow plugins to filter the pids returned in a user profile
/cc julianlam/nodebb-plugin-support-forum#14
* fix: use `user.hidePrivateData();` more consistently across user retrieval endpoints
* feat: Allow defining active plugins in config
resolves#10766
* fix: assign the db result to files properly
* test: add tests with plugins in config
* feat: better theme change handling
* feat: add visual indication that plugins can't be activated
* test: correct hooks
* test: fix test definitions
* test: remove instead of resetting nconf to avoid affecting other tests
* test: ... I forgot how nconf worked
* fix: remove negation
* docs: improve wording of error message
* feat: reduce code duplication
* style: remove a redundant space
* fix: remove unused imports
* fix: use nconf instead of requiring config.json
* fix: await...
* fix: second missed await
* fix: move back from getActiveIds to getActive
* fix: use paths again?
* fix: typo
* fix: move require into the function
* fix: forgot to change back to getActive
* test: getActive returns only id
* test: accedently commented out some stuff
* feat: added note to top of plugins page if \!canChangeState
Co-authored-by: Julian Lam <julian@nodebb.org>
Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com>
* feat: show an informative message when no plugins are found after filtering
fixes#10771
* Latest translations and fallbacks
* Latest translations and fallbacks
* chore(deps): bump ace-builds from 1.7.1 to 1.8.1 in /install
Bumps [ace-builds](https://github.com/ajaxorg/ace-builds) from 1.7.1 to 1.8.1.
- [Release notes](https://github.com/ajaxorg/ace-builds/releases)
- [Changelog](https://github.com/ajaxorg/ace-builds/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ajaxorg/ace-builds/compare/v1.7.1...v1.8.1)
---
updated-dependencies:
- dependency-name: ace-builds
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* fix: swap out icons in ACP > Manage > Categories to more intuitive ones, remove extra placeholder div
* fix: hide expando button if no subcategories; remove attempt at establishing common vars, increased spacing between categories in list
* fix: buggy expando state on category drag/drop
Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com>
Co-authored-by: Opliko <opliko.reg@protonmail.com>
Co-authored-by: Misty Release Bot <deploy@nodebb.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Revert "Revert "feat: cross origin opener policy options (#10710)""
This reverts commit 46050ace1a.
* Revert "Revert "chore(i18n): fallback strings for new resources: nodebb.admin-settings-advanced""
This reverts commit 9f291c07d3.
* feat: closes#10719, don't trim children if category is marked section
* feat: fire hook to allow plugins to filter the pids returned in a user profile
/cc julianlam/nodebb-plugin-support-forum#14
* fix: use `user.hidePrivateData();` more consistently across user retrieval endpoints
* feat: Allow defining active plugins in config
resolves#10766
* fix: assign the db result to files properly
* test: add tests with plugins in config
* feat: better theme change handling
* feat: add visual indication that plugins can't be activated
* test: correct hooks
* test: fix test definitions
* test: remove instead of resetting nconf to avoid affecting other tests
* test: ... I forgot how nconf worked
* fix: remove negation
* docs: improve wording of error message
* feat: reduce code duplication
* style: remove a redundant space
* fix: remove unused imports
* fix: use nconf instead of requiring config.json
* fix: await...
* fix: second missed await
* fix: move back from getActiveIds to getActive
* fix: use paths again?
* fix: typo
* fix: move require into the function
* fix: forgot to change back to getActive
* test: getActive returns only id
* test: accedently commented out some stuff
* feat: added note to top of plugins page if \!canChangeState
Co-authored-by: Julian Lam <julian@nodebb.org>
Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com>
* feat: webpack 5 part 1
* fix: gruntfile fixes
* fix: fix taskbar warning
add app.importScript
copy public/src/modules to build folder
* refactor: remove commented old code
* feat: reenable admin
* fix: acp settings pages, fix sortable on manage categories
embedded require in html not allowed
* fix: bundle serialize/deserizeli so plugins dont break
* test: fixe util tests
* test: fix require path
* test: more test fixes
* test: require correct utils module
* test: require correct utils
* test: log stack
* test: fix db require blowing up tests
* test: move and disable bundle test
* refactor: add aliases
* test: disable testing route
* fix: move webpack modules necessary for build, into `dependencies`
* test: fix one more test
remove 500-embed.tpl
* fix: restore use of assets/nodebb.min.js, at least for now
* fix: remove unnecessary line break
* fix: point to proper ACP bundle
* test: maybe fix build test
* test: composer
* refactor: dont need dist
* refactor: more cleanup
use everything from build/public folder
* get rid of conditional import in app.js
* fix: ace
* refactor: cropper alias
* test: lint and test fixes
* lint: fix
* refactor: rename function to app.require
* refactor: go back to using app.require
* chore: use github branch
* chore: use webpack branch
* feat: webpack webinstaller
* feat: add chunkFile name with contenthash
* refactor: move hooks to top
* refactor: get rid of template500Function
* fix(deps): use webpack5 branch of 2factor plugin
* chore: tagging v2.0.0-beta.0 pre-release version 💥 :shipit: 🎉🚀
* refactor: disable cache on templates
loadTemplate is called once by benchpress and the result is cache internally
* refactor: add server side helpers.js
* feat: deprecate /plugins shorthand route, closes#10343
* refactor: use build/public for webpack
* test: fix filename
* fix: more specific selector
* lint: ignore
* refactor: fix comments
* test: add debug for random failing test
* refactor: cleanup
remove test page, remove dupe functions in utils.common
* lint: use relative path for now
* chore: bump prerelease version
* feat: add translateKeys
* fix: optional params
* fix: get rid of extra timeago files
* refactor: cleanup, require timeago locale earlier
remove translator.prepareDOM, it is in header.tpl html tag
* refactor: privileges system to use a Map in the backend instead of separate objects for keys and labels (#10378)
* refactor: privileges system to use a Map in the backend instead of separate objects for keys and labels
- Existing hooks are preserved (to be deprecated at a later date, possibly)
- New init hooks are called on NodeBB start, and provide a one-stop shop to add new privileges, instead of having to add to four different hooks
* docs: fix typo in comment
* test: spec changes
* refactor: privileges system to use a Map in the backend instead of separate objects for keys and labels (#10378)
* refactor: privileges system to use a Map in the backend instead of separate objects for keys and labels
- Existing hooks are preserved (to be deprecated at a later date, possibly)
- New init hooks are called on NodeBB start, and provide a one-stop shop to add new privileges, instead of having to add to four different hooks
* docs: fix typo in comment
* test: spec changes
* feat: allow app.require('bootbox'/'benchpressjs')
* refactor: require server side utils
* test: jquery ready
* change istaller to use build/public
* test: use document.addEventListener
* refactor: closes#10301
* refactor: generateTopicClass
* fix: column counts for other privileges
* fix: #10443, regression where sorted-list items did not render into the DOM in the predicted order [breaking]
* fix: typo in hook name
* refactor: introduce a generic autocomplete.init() method that can be called to add nodebb-style autocompletion but using different data sources (e.g. not user/groups/tags)
* fix: crash if `delay` not passed in (as it cannot be destructured)
* refactor: replace substr
* feat: set --panel-offset style in html element based on stored value in localStorage
* refactor: addDropupHandler() logic to be less naive
- Take into account height of the menu
- Don't apply dropUp logic if there's nothing in the dropdown
- Remove 'hidden' class (added by default in Persona for post tools) when menu items are added
closes#10423
* refactor: simplify utils.params [breaking]
Retrospective analysis of the usage of this method suggests that the options passed in are superfluous, and that only `url` is required. Using a browser built-in makes more sense to accomplish what this method sets out to do.
* feat: add support for returning full URLSearchParams for utils.params
* fix: utils.params() fallback handling
* fix: default empty obj for params()
* fix: remove \'loggedin\' and \'register\' qs parameters once they have been used, delay invocation of messages until ajaxify.end
* fix: utils.params() not allowing relative paths to be passed in
* refactor(DRY): new assertPasswordValidity utils method
* fix: incorrect error message returned on insufficient privilege on flag edit
* fix: read/update/delete access to flags API should be limited for moderators to only post flags in categories they moderate
- added failing tests and patched up middleware.assert.flags to fix
* refactor: flag api v3 tests to create new post and flags on every round
* fix: missing error:no-flag language key
* refactor: flags.canView to check flag existence, simplify middleware.assert.flag
* feat: flag deletion API endpoint, #10426
* feat: UI for flag deletion, closes#10426
* chore: update plugin versions
* chore: up emoji
* chore: update markdown
* chore: up emoji-android
* fix: regression caused by utils.params() refactor, supports arrays and pipes all values through utils.toType, adjusts tests to type check
Co-authored-by: Julian Lam <julian@nodebb.org>
.substr() is deprecated so we replace it with .slice() which works similarily but isn't deprecated
Signed-off-by: Tobias Speicher <rootcommander@gmail.com>
Barış Soner Uşaklı
Julian Lam
gasoved
psibean
nesro
Peter Jaszkowiak
Opliko
Manuel Valle
Tong Ho
CommanderRoot
chadjw