60e1e99b4f
feat: new shorthand route /api/v3/users/bySlug/:userslug
...
closes #8844
4 years ago
512f6de6de
feat: allow passwords with length > 73 characters ( #8818 )
...
* feat: allow passwords longer than 73 characters
Context: A bcrypt/blowfish limitation means that password length is capped at 72 characters. We can get around this without compromising on security
by hashing all incoming passwords with SHA512, and then sending that to bcrypt.
https://dropbox.tech/security/how-dropbox-securely-stores-your-passwords
* feat: add additional test for passwords > 73 chars
* fix: remove 'password-too-long' error message and all invocations
* test: added test to show that a super long password won't bring down NodeBB
* fix: remove debug log
* Revert "fix: remove 'password-too-long' error message and all invocations"
This reverts commit 1e312bf7ef7e119fa0f1bd3517d756ca013d5e79.
* fix: added back password length checks, but at 512 chars
As processing a large string still uses a lot of memory
4 years ago
c61dee4b62
fix : #8840 , don't crash if /compose route is called with no query params
4 years ago
9e3eb5d41a
feat: #8821 , allow guest topic views
4 years ago
f68bce86a9
fix: XSS in event:banned messaging modal
4 years ago
76cd5b0fc1
fix : #8836 , truncate fullname
4 years ago
eec630f1ef
fix(acp): max-height for plugin menu list
4 years ago
891a1ea2af
fix : #8827 , do not require admin:users privilege to ban users
4 years ago
4b63f9937c
fix: check is banned in buildHeader
...
remove unused banReason
remove generateHeader function
4 years ago
a338f52780
feat: #8823 , remove hardcoded write concern
4 years ago
08ff4041aa
fix: missing await
4 years ago
c0f699e655
fix: disallow registration attempts with password length > 4096
...
This is a stopgap measure for v1.15.0
4 years ago
4818ec377e
fix: missing await
4 years ago
6e85920cb6
feat: allow mods/admins to see deleted posts on user profile
4 years ago
87bff6cd65
fix: broken test
4 years ago
dda5d42610
fix: restore old behaviour of empty json w/ 401 code in admin middleware
4 years ago
15e0731dd9
fix: deprecate middleware.isAdmin
...
Also, handle admin logout timer in middleware.admin.checkPrivileges
4 years ago
4439864ce0
fix: post editing not taking plugin hook results into account
4 years ago
a02ae6f5df
refactor: simpler check in user.blocks.filter
4 years ago
27016d221c
feat: rearrange buttons on manage/users
4 years ago
57ed6be78b
fix : #8805 define our own name for write API v3
4 years ago
266d7587b2
refactor: remove usage of middlewares
...
Specifically, middleware.isAdmin|exposePrivilegeSet|exposePrivileges
4 years ago
a6a52430ce
fix: remove setCategorySort and setTopicSort
4 years ago
aa8faf58a0
refactor: remove /users/{uid}/settings/{setting} route
...
@baris Also, I am now allowing the following properties to be saved in User.saveSettings:
- categoryTopicSort
- topicPostSort
- setCategorySort
- setTopicSort
4 years ago
6ac73ccb7e
feat: #8801 , disable express compression by default
4 years ago
3c98cd3d95
fix: topic object in post editing data return
4 years ago
1392d064a1
fix(writeapi): normalizing data
4 years ago
ec03af7a38
feat: allow passing subset of user settings on update route
4 years ago
618e098305
fix: bug where token generation route would fail on null case
4 years ago
b156b8b573
feat: wip, write api tests framework
...
re-using read api tests if possible
4 years ago
2e9f27d8ff
fix: typo
4 years ago
93bdfe2f10
perf: reorder async calls
4 years ago
88a07e69b5
feat: add filter:category.getFields
4 years ago
a05905f196
performance improvements ( #8795 )
...
* perf: nconf/winston/render
cache nconf.get calls
modify middleware.pageView to call next earlier
don't call winston.verbose on every hook see https://github.com/winstonjs/winston/issues/1669
translate header/footer separately and cache results for guests
* fix: copy paste fail
* refactor: style and fire hook only log in dev mode
* fix: cache key, header changes based on template
* perf: change replace
* fix: add missing await
* perf: category
* perf: lodash clone
* perf: remove escapeRegexChars
4 years ago
0db0231cff
feat: move postercount to topic hash
4 years ago
203db47b30
fix: return early for guests/spiders
4 years ago
156e1396f2
fix: #8789,cache meta.settings
4 years ago
a7b6d0dfe5
feat: add free and total mem usage to info
4 years ago
c26f2b6599
feat(writeapi): user settings API
4 years ago
db63f5e3f0
fix : #8781
4 years ago
177a961000
feat: new filter filter:teasers.configureStripTags
4 years ago
d68ffea80d
feat: send 'Vary' header when ACAO header set
4 years ago
1f43e98f8b
fix: allow admins adding users to global moderators
...
add new test
4 years ago
bbafa1b82a
Revert "fix: [breaking] send configured config URL as origin if not custom"
...
This reverts commit 205a10308e
4 years ago
a691be5952
fix: incorrect logic for post history editable bool
4 years ago
205a10308e
fix: [breaking] send configured config URL as origin if not custom
...
This is a breaking change if your install uses multiple URLs to access. You will need to update the Access-Control-Allow-Origin header in ACP > Advanced > Headers to supply all URLs you use to access your site
4 years ago
7a019494e8
feat: add filter.topics.getPostReplies
4 years ago
7a8f704900
fix : #8776 some users unable to restore old versions via history
4 years ago
b26e9b5993
fix : #8595 , dont save escaped data when renaming groups
4 years ago
ea31f50554
refactor: show more lines of stack trace
4 years ago
7bddec93ec
fix: sortby
4 years ago
b3619d3d47
fix : #8774
4 years ago
ff4fcc23b6
Update bundled logos with new branding ( #8702 )
...
* feat: updating logo assets, square logos missing still
* fix: squared logo for touch icon and notification fallback
* fix: update link to favicon
* feat: add default touch icon sizes, if one isn't uploaded
Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com>
4 years ago
e362c342a3
fix : #8630 , sort extra deps
4 years ago
d9a16855d0
refactor: posts api
4 years ago
272e73da53
refactor: post restore/delete/purge
4 years ago
9738e20207
refactor: merge post.edit
...
fix: dont fadeout/fadeint if title/post didnt change
4 years ago
2279e37261
refactor: deprecate socket.emit('users.search') use api route
4 years ago
083c74e059
refactor: api categories
4 years ago
e78c498e84
fix: missing doTopicAction, fix wrong api params
4 years ago
bc880ee0ca
refactor: remove sockets.reqFromSocket
4 years ago
9d81660e24
Revert "Revert "fix: appropriate 404 handling for write API calls""
...
This reverts commit 135c2d6c7d
4 years ago
135c2d6c7d
Revert "fix: appropriate 404 handling for write API calls"
...
This reverts commit b6cce75d97
4 years ago
9ee3cb9b62
refactor: topic follow/ignore to use api lib
4 years ago
68d6818bca
refactor: topic tools' actions to use api lib
4 years ago
21974a77f8
feat: topic reply to use api lib (also + missing file)
4 years ago
40598b368e
refactor: topic creation to use api lib
4 years ago
b6cce75d97
fix: appropriate 404 handling for write API calls
4 years ago
ede9435f0e
feat: send 401 for invalid-uid
4 years ago
c913900ed6
feat: async/await admin/search
4 years ago
bf480ee58b
refactor: setupApiRoute signature
4 years ago
688d7a2cc2
refactor: remove unused middleware
4 years ago
b2ff1594b8
fix: redis hget
...
'node_redis: The HGET command contains a invalid argument type.\n' +
'Only strings, dates and buffers are accepted. Please update your code to use valid argument types.'
4 years ago
e98285dbbb
fix: reimplementing isPrivilegedOrSelfAndPasswordMatch
4 years ago
84a179f48c
Merge branch 'master' of https://github.com/NodeBB/NodeBB
4 years ago
3f347baadb
fix: socket user bans
4 years ago
14f9d8b0e5
feat: send back 403 on no-privileges error
4 years ago
222b4c9533
fix: broken tests from api change
4 years ago
2d252f2fa4
refactor: user bans to use api lib
4 years ago
7d86be2bc2
fix: tests
4 years ago
e367c5403e
refactor: move groups.leave, fix some tests
4 years ago
bbbd9fee85
Merge branch 'master' of https://github.com/NodeBB/NodeBB
4 years ago
960e925e40
refactor: change password/user follow to use api lib
4 years ago
081c4fa6d4
Merge branch 'master' of https://github.com/NodeBB/NodeBB
4 years ago
430e7f5834
refactor: user deletion to use api lib
4 years ago
8ae1f81cf4
feat: refactor groups.delete
4 years ago
77481947f0
refactor: socket profile update to use api lib
4 years ago
31ae8a8323
refactor: socket profile update to use api lib
4 years ago
d69e503d21
feat: move groups.join to api
4 years ago
d07f0081b7
fix: add missing file
4 years ago
23086daead
refactor: user create and profile update to use api lib
4 years ago
5e2caf19f5
refactor: use single function for api code
4 years ago
25e4a09816
Merge branch 'master' of https://github.com/NodeBB/NodeBB
4 years ago
4418ff0716
fix : #8768
4 years ago
cc6e995ee2
fix: api bug where user profile editing continued even if not allowed
4 years ago
43afe7ffab
refactor: async/await src/user/approval
4 years ago
bae0f343e1
fix: module build
4 years ago
1fd2eba6f2
refactor: async/await
...
src/cli/manage.js
src/meta/build.js
src/meta/css.js
src/meta/js.js
4 years ago
b295d15eae
fix: tests
4 years ago
d89477cad0
refactor: use app.render
4 years ago
9dd3cc0483
feat: allow plugins to define api routes
...
via new plugin hook static:api.routes
4 years ago
a4ba23899e
feat: require https if nodebb is configured with https url
4 years ago
e6ea71c95a
fix: test
4 years ago
8c6a559188
fix: timestamp
4 years ago
331d236f6e
fix : #8763
4 years ago
a481024d27
fix: lastonline again
4 years ago
71d82ec8e0
fix: caret
4 years ago
97628e2ff2
fix: lastonline values
4 years ago
1289c10568
fix: upgrade script
4 years ago
59bbede8c7
fix: cant join system groups
4 years ago
a411df1321
fix: tests
4 years ago
dd7424e5b5
refactor: remove unused search call
4 years ago
2d6ea6e505
Merge branch 'master' into admin/users
4 years ago
a2edb86dfb
feat: change user search to use filters array
4 years ago
959314c921
feat: add filter
4 years ago
1e07886f30
feat: require csrf token if not using bearer token
4 years ago
933989e013
Merge branch 'master' into admin/users
4 years ago
682e926c6b
feat: #8662 , verified/unverified user groups
4 years ago
30b3fedca4
fix: password reset to invalidate all existing reset tokens for that uid
4 years ago
700e1e4340
feat: more fixes
4 years ago
40a05b70ef
feat: more work
4 years ago
b038ac07d8
feat: wip admin/users
4 years ago
7beaf49028
feat: set unread false for guests
4 years ago
30d6a2b84e
fix : #8756 , pass missing req to mock
4 years ago
1ee9384875
fix : #8757 , allow all slashes in category route
4 years ago
dc29f4dca2
refactor: switch to using slugify module
4 years ago
bddfcb5867
feat: #8734 , add slugify module, deprecate utils.slugify
4 years ago
f16c8268cf
feat: #8734 , move bootstrap-tagsinput to package.json
4 years ago
eab7489ec5
feat: #8734 , move deserialize/serialize to package.json
4 years ago
948f26143c
feat: #5964 , #8734 remove colorpicker
4 years ago
aedd28e0a6
fix: module name
4 years ago
cc705e5e2b
feat: #8734 , move sortable to package.json
4 years ago
300a87559f
feat: #8734 , move bootbox to package.json
4 years ago
420a312982
Merge branch 'master' of https://github.com/NodeBB/NodeBB
4 years ago
3b231360d3
feat: load jquery-form before using
4 years ago
fda2aedfd8
feat: #8734 , jquery-ui, jquery-form, timeago ( #8748 )
...
* feat: #8734 , jquery-ui, jquery-form, timeago
get rid of forum/footer.js move that code to app.js & wait for app to load before calling ajaxify.end
make sockets.js a requirejs module
move jquery-ui to node_modules and load via requirejs
move jquery-form to node_modules and load via requirejs
move timeago to node_modules and load via requirejs
only include the css for needed jquery-ui widgets
* feat: keep socket/io global for backwards compat
* refactor: move socket listener to chat
4 years ago
ae3a231fce
feat: #8734 , remove semver.browser
...
use compare-versions as a module
4 years ago
9a5b8a798a
fix: category RSS feed was displaying deleted topics
4 years ago
2c1897b373
feat: #8734 , move slideout to package.json
4 years ago
9c157de05d
feat: #8734 , move tinycon to package.json
4 years ago
45e8a4d588
fix : #8734 make nprogress module
4 years ago
43589a744d
feat: #8734 , move visibilityjs to package.json
4 years ago
8af30a51b5
fix: regression caused by 7545951725
...
/cc @psychobunny
4 years ago
a46cbb623d
feat: #8734 , move nprogress to package.json
4 years ago
aa08f8826c
feat: #8734 move r.js to package.json
4 years ago
b3ed26ac2c
feat: revoke user sessions above threshold ( #8731 )
...
* feat: revoke user sessions above threshold
* fix: removed translations from en-US
* fix: defined default maxUserSessions in install\data\defaults.json
4 years ago
4a63c20a72
chore: some optimizations for codeclimate
4 years ago
b8703ba9f6
fix(writeapi): tests
4 years ago
8ecef7b891
refactor: middleware.assert.*
4 years ago
cfee431c53
feat(writeapi): commented-out stub code for file upload
4 years ago
f870721fca
feat(writeapi): file deletion route
4 years ago
a55b381791
feat(writeapi): admin settings update route
4 years ago
2ec838fc59
feat(writeapi): token generation/delete routes, ACP updates
4 years ago
c7d15dfa94
feat: filter:settings.get plugin hook
4 years ago
3ea1aa4780
refactor(writeapi): update route prefix to api/v3, default error option
4 years ago
f67824719c
chore(writeapi): cleanup
4 years ago
0973feea16
feat(writeapi): post bookmarking
4 years ago
9942c248eb
feat(writeapi): post voting
4 years ago
5e2a3ea6ec
refactor(writeapi): post.tools.purge no longer a method
4 years ago
414169fdfa
feat(writeapi): post delete/restore/purge
4 years ago
f66c2fb60f
feat(writeapi): post editing
4 years ago
1605e5e443
feat(writeapi): topic tags
4 years ago
9be5629458
feat(writeapi): topic follow/ignore
4 years ago
da25ce4d09
feat: topic delete/restore/purge/(un)pin/(un)lock
4 years ago
675a62dadd
fix: remove debug log
4 years ago
5fc7e7bfd0
feat: add new api page to ACP menu
4 years ago
49652e6f1b
feat: management of API tokens via ACP
4 years ago
8e89f34dbf
fix: bad logic in group assertion middleware
4 years ago
8e7baac6ef
fix(writeapi): calls to profile editing routes 200 even if user DNE
4 years ago
7757f965eb
fix: errors thrown if no password sent in to profile edit route
4 years ago
549ca11056
fix: bug where middlewares seemingly ran in parallel
4 years ago
6096f74ab2
feat(writeapi): adding missing files
4 years ago
4c833d0bf0
feat(writeapi): topic posting and replying
4 years ago
40dc1c38d3
feat(writeapi): added DELETE /groups/:slug/membership/:uid route
4 years ago
68ecf41ecf
fix(writeapi): client-side group join API call
4 years ago
952dc211dd
feat(writeapi): added group joining and deletion
4 years ago
d044c3223e
feat(writeapi): abstracted ajax calls out to new api module
4 years ago
ba345e53e8
feat(writeapi): added POST /api/v1/groups
4 years ago
49994f3a15
fix(openapi): moved write-api to public/openapi
4 years ago
3072de4812
feat: added DELETE /api/v1/categories/:cid route
4 years ago
e942ad8101
feat: added PUT /api/v1/categories/:cid route
...
Deprecated admin.categories.update socket call
Showing stack trace in console for errors, when in development mode
4 years ago
dc666fd8a9
feat: added POST /api/v1/categories route
4 years ago
a5af2dc819
feat: added PUT/DELETE /api/v1/users/:uid/ban routes
4 years ago
db5c5b2cfb
fix: follow route to match spec
4 years ago
b5bbcbaeaa
feat: added POST and DELETE /api/v1/users/:uid/follow routes
4 years ago
7aed174ebc
feat: added PUT /api/v1/users/:uid/password route
4 years ago
a1ddc210b2
feat: added DELETE /api/v1/users/:uid and DELETE /api/v1/users
4 years ago
d15d9e4492
fix(refactor): patching helpers.tryRoute for API routes, some re-org
...
Thanks @barisusakli for the tip
4 years ago
d8879d21db
fix: error handling with POST /api/v1/users
4 years ago
58043e07ba
fix: use POST call for user creation in ACP
...
- Not entirely sure about error handling yet, more research needed
- Also added socket method deprecation utility method
4 years ago
bba2a4638c
fix: user creation POST route returns user data, updated openapi spec
4 years ago
7b6d43bcc8
feat: added checkRequired middleware for API calls
4 years ago
fd67355b03
fix(writeapi): authenticate middleware logic to work better with await
4 years ago
f6433ef2c5
fix(refactor): merging write-api auth middlewares with core middlewares
4 years ago
ec5c48b188
feat: migrating write-api skeleton into core
4 years ago
264818e517
fix: use proper api url
...
no need to parse all tags since https://api.github.com/repos/NodeBB/NodeBB/releases/latest gives the latest non-prerelease, non-draft releases
4 years ago
8eb62e2210
fix: tests, get latest release tag recursively
4 years ago
cdb794888d
style: linting
4 years ago
ed092bf6b5
refactor: remove posts.tools.purge
...
moved the check to socketPosts.purge
4 years ago
dde5b6b814
fix: unable to register async method as response hook listener
...
Also fixes #8723 , /api/config now runs middleware.authenticateOrGuest
4 years ago
cb2f6f7c4a
fix: test
4 years ago
7bf6d3b8eb
fix: dont let mods load postqueue for a cid they are not a mod of
4 years ago
2ea9768e00
fix: show disabled categories in admin&mods
4 years ago
fbd85680fb
fix: spec
4 years ago
5d9a868142
feat: category filter on post queue ( #8710 )
...
* feat: category filter on post queue
category filter module
* feat: add spec
4 years ago
7545951725
chore: refactor src/emailer.js
4 years ago
1aa336d837
refactor: shared constants ( #8707 )
...
define plugin name and theme name regexs in one location for consistency
define various shared paths in one place for consistency
4 years ago
e60357d20d
feat: #6594 , add top/popular sections to digest email ( #8709 )
4 years ago
55d5cccf2e
Document deprecations and remove old ones ( #8706 )
...
* chore: document deprecation removal versions
* chore: remove deprecations 2+ versions old
4 years ago
017af63fb0
fix : #8686 , deprecate `plugin.json/library` ( #8705 )
...
and also fix deprecated hooks with no alternative
4 years ago
5441651ea7
fix: update "install plugins" link to go to the download tab
4 years ago
38f88fc563
fix : #8699 tags route is case sensitive, though tags are not
4 years ago
f4d76f1edd
feat: move service-worker.js into its own file
4 years ago
14ba1a6dbb
feat: analytics:maxCache setting in ACP
...
I removed a TODO from core. Watch your head as flying pigs are abound
4 years ago
7f58e3ab09
fix: error on `reset -p` if plugin is not active
...
No need to throw error if plugin was not active, just silently OK
4 years ago
1e5621c049
fix(deps): update dependency sanitize-html to v2
4 years ago
9c5b690799
feat: up recommended size to 512x512 + ACP labels for PWA
4 years ago
6478b32d0e
feat: upload maskable icon for PWA
4 years ago
b12e8d6312
feat: show top 5 trending plugins in new tab in Extend > Plugins
4 years ago
07af621381
fix: typo in getCompatiblePlugins
4 years ago
54705cc432
fix: typo
4 years ago
5172d73137
feat: add theme-color meta tag for browser address bar
4 years ago
f69697b3fa
feat: basic service worker, minimum requirement for for a2hs; see #8126
4 years ago
31528a5202
fix: manifest - use absolute URL for start_url
4 years ago
46800b6639
fix: prefer webmanifest extension over json
...
https://w3c.github.io/manifest/#media-type-registration
4 years ago
4fc84e9f5c
chore: lint notifications.js
4 years ago
5b427a0c3b
feat: option in ACP to configure notification/email delay for chats
4 years ago
f85fe7faff
don't invite an already invited email ( #8688 )
...
* don't invite an already invited email
* add email-invited translation string
4 years ago
5078a8df25
ttl/pttl ( #8689 )
4 years ago
16039b1117
refactor: post edit
4 years ago
b6f2f0e5d0
fix : #8681 change owner modal's search should check if user is banned
4 years ago
5ddf70221c
feat: upon plugin installation via ACP, check against nbbpm first
4 years ago
0fffe28941
fix: issue where the last flag filter could not be removed
4 years ago
83d4e7efaa
feat: add number of posters to topic
4 years ago
81595095da
feat: allow plugins to override tags and tag counts
4 years ago
bbf6889ecc
fix: topic count on category page if filter is author
4 years ago
ac43cd8b6f
fix : #8665 , trim email before checking validity
4 years ago
e72fe25920
fix: editing posts saving uncessary data
4 years ago
4f14dc7a58
fix : #8640 , add bookmarks to intFields
4 years ago
af43f0e48e
fix : #8656 , rename /api/me to /api/self
4 years ago
43571bac38
feat: hotkey "/" to open ACP search
4 years ago
22cd265434
fix: tests
4 years ago
220297d501
fix: use correct topic count for category
4 years ago
437424375e
feat: expose calculateTopicPostCount and getChildrenTree
4 years ago
4fca79380a
fix: tests, because redis is TOO FAST
4 years ago
29b357bc66
refactor: expose new method for appending moderation note
4 years ago
de824007d9
feat: allow custom req.query.filter on /unread /recent
4 years ago
38d3982bf1
fix : #8418
...
allow updating other profile fields when username isnt being changed
4 years ago
4be693f2e7
feat: fullname search ( #8641 )
...
* feat: fullname search
* fix: take last element
* fix: attempt to fix psql like query
* feat: upgrade sript, another fix attempt
* fix: psql test
* fix: psql scan
* feat: add debug for test
* feat: test collate
* feat: cleanup
* fix: upgrade script
4 years ago
0891236142
fix: typo
4 years ago
7e7366be13
fix: remove toolsVisible in post tools' menu [breaking]
4 years ago
65d049c6f9
fix: tests
4 years ago
2d5bd153e0
fix: check if unread_tids are followed
4 years ago
c1c617b323
feat: add topicIndex to category page
4 years ago
a78e1df965
fix: use text-right
4 years ago
5a40d26b44
feat: #8626 , new move posts modal
4 years ago
a34b685c65
fix: remove lang keys, remove sounds menu
4 years ago
5f10d67db5
Remove sounds ( #8617 )
...
* feat: remove sounds
* feat: remove more sounds
* feat: disable sounds plugin
* fix: openapi
4 years ago
4bace773f9
fix: wider widget area
4 years ago
19c448612d
feat: remove global RELATIVE_PATH
4 years ago
46ab2711d4
fix : #8432 , add CSP frame-ancestors
4 years ago
6fc31df033
feat: use const/let
4 years ago
4588e52120
fix: allow setting maximumAboutMeLength to 0
4 years ago
a38784f567
fix: additional commit for CF rocket loader
4 years ago
4d6659553b
feat: allow nbb to work with cloudflare rocket loader 🚀
4 years ago
53a5f1516e
feat: move code
4 years ago
b6917b9dee
feat: #8602 , dont send emails to unconfirmed addresses
4 years ago
94da9fe55e
feat: add partials/footer/js.tpl
...
add ajaxify.coldLoad which gets called from partials/footer/js.tpl
4 years ago
4031a8cab1
fix: stack trace
4 years ago
54b497258f
feat: add missing name to profile image upload
4 years ago
b0a759223d
feat: add action:user.removeCoverPicture
4 years ago
962446a5ac
feat: add user data to action:user.removeUploadedPicture
4 years ago
9542ef1285
feat: add userData to action:user.delete
4 years ago
a263897627
fix : #8604
4 years ago
1e5981c0d6
feat: replace relative urls to absolute before sending email notifs
...
https://github.com/NodeBB/NodeBB/pull/8366/files
4 years ago
f743f92088
refactor: socket posts delete/restore/purge so tid is not necessary ( #8607 )
...
* refactor: socket posts delete/restore/purge so tid is not necessary
* refactor: stop trying to be fancy
* fix: tests to not pass in tid into posts.deletePosts
* fix: some more unnecessary tid passing
4 years ago
0c20351702
feat: additional sorting options for flags
...
+ upvotes, +downvotes, +replies
4 years ago
896fe9d65e
fix: don't crash on outdated redis instances
5 years ago
0e58d2b866
fix: update post-queue hook names
5 years ago
8cc36de284
feat: new filter hook prior to post queue addition
...
filter:post.queue
5 years ago
a9dfc9a74e
feat: add replies to getPostSummaryByPids
5 years ago
e0c7d65a92
Revert "feat: add reply count to getPostSummaryByPids"
...
This reverts commit de0f4aadb8
5 years ago
de0f4aadb8
feat: add reply count to getPostSummaryByPids
5 years ago
9f9164a9be
fix : #8582
5 years ago
56101ae5ae
fix: ip-blacklist not working after #8580
5 years ago
2b785628e7
fix: removed invalid options for the sendmail transport ( #8576 )
...
* Removed invalid options for the sendmail transport that were causing Nodemailer to return the SMTPTransport instead.
* Removed options for rate limiting in admin email interface. Added new option for toggling whether to use pooled connections.
5 years ago
b6b94a56dc
refactor: moved ip-blacklist and post-queue styles/tpls to themes
...
This is a breaking change!, re: #8580
5 years ago
a4dbbc3749
feat: sort dependencies alphabetically
...
... when merging from install/package.json
/cc @pitaj
5 years ago
55533b11e5
fix: dupes in unread followed topics
5 years ago
39f4bbaa0e
fix: wrong data passed to getCategories
5 years ago
354e6ccc66
feat: banning a user will resolve their post flags
5 years ago
91d9333a50
fix: username, email history disappering if content was deleted
5 years ago
840cb5105f
fix: package-install clobbering scoped nodebb plugins
5 years ago
4b0cb26b34
fix: empty "manage" menu showing in ACP
...
... if no privileges corresponding to those menu items
are given
5 years ago
cc2686057c
fix: hide nodebb version in ACP for non-superadmins
5 years ago
cf2f1e956a
refactor: changed way middleware was exported
5 years ago
f00595b32d
fix: change how admin middlewares are exported
5 years ago
ae68a254d7
fix: one less return, to appease codeclimate
5 years ago
03bd76dea2
fix: inability to access /admin if not superadmin
...
There was an odd issue where non-superadmins could not use
the /admin route to access the ACP, even though they had
appropriate access. For whatever reason, it could not
be reliably reproduced on my dev. As it turns out, the
reason was because I was checking the wrong privilege,
and my dev database had this wrong privilege leftover
from the initial development of the ACP admin privileges
feature. Dumb.
Anyhow, that fixes this issue.
5 years ago
29e3ab247d
fix : #8560 , fix old upgrade script
...
db.connect no longer exists at the root
5 years ago
6521e4dac4
Revert "feat: expose global/admin privileges to all routes"
...
This reverts commit 4737f937ee
5 years ago
4737f937ee
feat: expose global/admin privileges to all routes
...
@barisusakli revert if necessary 😬
5 years ago
7daba7ddc1
fix : #8570
5 years ago
3efe2362e2
fix: sorting the flags list by newest is not considered a filter
...
... as it is default
5 years ago
334be11382
fix: no-widgets messaging in ACP + copy
5 years ago
346db0d84d
feat: flags list sorting, closes #8569
5 years ago
cabe62a06c
fix : #8568 perPage not acting like a filter
5 years ago
35a538ec2a
feat: allow adding multiple users to group
5 years ago
f1e82b6441
feat: add filter:group.getOwnersAndMembers
5 years ago
9c70b6620e
feat: pass uid into filter:flags.list
5 years ago
31c2b7d946
fix : #8562
5 years ago
2adae87949
fix: progress bar clobbering upgrade script name
5 years ago
ac75c9a052
fix: tweak upgrade script progress bar to only update 100 times in total
5 years ago
80a2a700ce
fix: navigation title unescape upgrade script tweak
5 years ago
7456a0e34e
fix: new language key for error handling
5 years ago
de8eebbd7c
fix: upgrade scripts not run properly if schemaDate is present
...
Only affected VERY old installs that don't use schemaLog
5 years ago
0189945996
refactor: remove util.promisify calls
5 years ago
bfaf648ec3
fix : #8556 , catch errors from admin check
5 years ago
326827382a
fix: upgrade script for 1.15.0
5 years ago
846b7d2430
refactor: change pwd change logic
...
add one more test
5 years ago
16cee1b03b
fix: improper targetUid check during password change
5 years ago
0903eb4b8c
feat: limit privileges column to superadmins only
5 years ago
1d170e0c1c
fix : #8547 , remove old deps during upgrade ( #8557 )
5 years ago
12edd18b46
feat: use nodebb-scoped bootswatch
...
closes #8527
5 years ago
6e91885836
feat: use assetBaseUrl instead of hardcoding
5 years ago
3f01f4a2b8
Revert "feat: load timeago strings client-side"
...
This reverts commit 558a2d739c
5 years ago
558a2d739c
feat: load timeago strings client-side
...
9adaccd036
5 years ago
9adaccd036
feat: +assetBaseUrl, -l10BaseUrl, -requireBaseUrl
...
Additional base URLs were necessary for benchpress and translator,
and in order to not clutter the API response with needless one-
time use base URLs, I decided to use a single base that is used
by all of the services, assetBaseUrl.
5 years ago
33c5988c34
refactor: rewrite src/upgrade.js with async/await
5 years ago
231d34d0aa
fix: upgrade script
5 years ago
8887f0edaa
fix: don't allow duplicate upgrade script names
5 years ago
9e3fd0e479
Revert "feat: #8493 , plugin helper for standardised link/button injection"
...
This reverts commit 0bbb813e4b
5 years ago
0bbb813e4b
feat: #8493 , plugin helper for standardised link/button injection
5 years ago
9f3b78118a
fix: send hard 404 instead of soft 404 for missing modules
...
We used to send a soft 404 because require.js would error out on
a 404, but it seems years ago, error handling was added to the
require() call, so a hard 404 will not throw errors to the console
5 years ago
d6baf5c278
feat: show event/params on error
5 years ago
68f8d6e3a1
fix : #8549 send 308 Permanent Redirect on topic/category shortlinks
5 years ago
def16f9e97
feat: introduce overridable l10nBaseUrl config value
5 years ago
2c35d0ba87
refactor: change incrementViewCount and markAsRead to async/await
5 years ago
dfabd0a3fe
feat: remove administrator property from public routes
5 years ago
774e5d0429
feat: add helmet middlewares
5 years ago
c39c51139b
fix: remove default helmet
5 years ago
a716a5529c
feat: more discrete commit-on-save instead of commit-on-change w/ confirm modals ( #8541 )
...
* feat: privileges save button, #8537 , WIP
* fix: disable firefox autocomplete on privilege form fields
* feat: closes #8537 privilege changes commit on save
- new language strings for confirmation and success modals/toasts
- indeterminate privilege handling (/cc @psychobunny)
- added new discard button
- both discard and save buttons now have confirmation dialogs
* fix(tests): remove duplicate template helper test
* fix(tests): broken template helper test
* feat: confirm dialogs for all privilege copy actions
Also, ability to add user to a privilege table without needing
to refresh the privilege table.
* feat: group row addition w/o table refresh
breaking: helpers.getUserPrivileges and helpers.getGroupPrivileges
no longer make socket calls to the following hooks:
- filter:privileges.list, filter:privileges.admin.list,
filter:privileges.global.list, filter:privileges.groups.list,
filter:privileges.admin.groups.list,
filter:privileges.gloval.groups.list
The filters are still called, but done before the helper method
is called, and the results are passed in instead. This change
should only affect you if you directly call the helper methods,
otherwise the change is transparent.
* fix: stale ajaxify data on privilege category switch
* fix: implicit privileges not showing for user privs
* fix: groups, not group, also fix tests
* fix(tests): again
* fix: wrong tpl rendered when adding group to global priv table
5 years ago
0f10e0836b
fix: remove duplicate configuration for helmet-hsts
5 years ago
e7a502e0aa
feat: add ability to search groups in group details page
5 years ago
335169f2b1
fix: don't process invalid topics, fallback to 0 score
5 years ago
6924a22238
fix: tests
5 years ago
bb224184d8
fix : #8539 , enforce content checks for post queue
5 years ago
776e34a80f
refactor: rewrite src/install with async/await
5 years ago
6c00ec8435
refactor: removed rather redundant flag reporters zset
5 years ago
0f2b6f1ff7
fix: bug; additional reports could be added by the same user repeatedly
5 years ago
Julian Lam
Barış Soner Uşaklı
psychobunny
Barış Soner Uşaklı
cryptoethic
Peter Jaszkowiak
Renovate Bot
Timothy Fike
Kyle Farris
Sam Thompson