* feat: fix session mismatch errors by clearing cookie on logout
* feat: remove app.upateHeader
ported from 2.0
* feat: handle if user doesn't click button and just refreshes page
- Show account moderation history
- Ban and delete quick actions
Squashed commit of the following:
commit 0e782e65f4d48ae814708e510ec9d01bcdd914e0
Author: Julian Lam <julian@nodebb.org>
Date: Tue May 26 20:24:53 2020 -0400
fix(deps): use persona 10.1.41/vanilla 11.1.17
commit 369e073d3c3189d8ce181eb3d573489cbe54d4fc
Author: Julian Lam <julian@nodebb.org>
Date: Tue May 26 20:23:24 2020 -0400
fix: allow ban and delete exported methods to have cbs
commit b83a086ea31a77ec82d161306c0b9bc115cb2a3a
Merge: 525aae1ea 256ee45d3
Author: Julian Lam <julian@nodebb.org>
Date: Tue May 26 08:54:25 2020 -0400
Merge remote-tracking branch 'origin/master' into flags-improvements
commit 525aae1ea2e5d0103028a0f0c8dde05f172d088e
Author: Julian Lam <julian@nodebb.org>
Date: Tue May 26 08:53:39 2020 -0400
feat: integrate ban history and username changes to flag history list
commit 3e68ad28ba266f4c8620a676aa7f463f0a9d1df7
Author: Julian Lam <julian@nodebb.org>
Date: Mon May 25 18:22:53 2020 -0400
feat: allow ban and deletion from flag details page
commit a559ea1d8e8883385c2876868d855a0b93516c54
Author: Julian Lam <julian@nodebb.org>
Date: Mon May 25 18:22:00 2020 -0400
feat: export banAccount and deleteAccount methods from accounts module
* feat: testing suite integration for openapi spec
The testing suite now takes the openapi spec into account. It will
check each route defined, make a call to it, and compare the
response with the defined schema. Any mismatches will cause the
test to fail.
* fix(openapi): removed debug stuff from tests
* fix(openapi): fixed some tests
* fix(openapi): added additional check to tests, test fixes
* fix(openapi): better tests, fixed spec errors
* fix(openapi): bad conditional in test
* fix: oops
* fix(openapi): more tests fixing
* fix(openapi): more tests
* fix(openapi): fix some more tests
* fix: verbose'd an info log
* fix: topic pagination route returns schema-optimized pagination block
* fix(openapi): more test/spec fixes
* fix(openapi): accidentally sending in authenticated jar for anon routes
* fix(openapi): more test/spec fixes
* fix(openapi): more spec fixes
* fix: timestampReadable Invalid Date
* fix(openapi): more tests... almost there
* fix(openapi): more tests fixing
* fix(openapi): finally all tests passing
* fix(openapi): added reverse test to compare response to spec
... and fixed all the tests that broke
* fix: remove tests related to group covers, as route is gone
* fix(openapi): broken test on travis
* fix(openapi): broken test on travis
* fix(openapi): broken test on travis
* fix(openapi): object cache is not present for psql
* fix: tests
Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com>
There is no reason why avatars should be a blocking reasorce, and browsers are now adding support for lazy loading of images (and iframes). According to [caniuse.com](https://caniuse.com/#feat=loading-lazy-attr) 62% of users use a browser that supports this attribute.
So there doesn't seem to be any downside to just adding this attribute here. It won't affect browsers that don't support it and might speed up page loads on browsers that do.
* fix: #8142, broken site if no server-side session
During the `addHeader` middleware, a check is now done to see if
`req.session.meta` is present. This value is only present if the user
has a valid server-side session. If it is missing, then it is probably
safe to assume that the server-side session was deleted (either
intentionally or accidentally). In that scenario, the client-side cookie
should be cleared.
Also, there was an issue where the sessionRefresh flag was never cleared
after a successful login, so that was fixed too.
* feat: exported method to get cookie config
* fix: don't clear cookie if cookie is being set
* fix: socket.io tests
Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com>
- Now showing user-join message for chat owner in addition to the newly
added user
- If a modal already exists for a room when createModal is called, don't
return null, return the modal
* feat: wip, better digest handling (+ eventual digest resend logic)
- await emailer.send call in digest.send method
- save send success to a new sorted set digest:{interval}:byUid
* feat: continuing work on digest tools
- Added ACP page to view digest settings and delivery times per user
* feat: added paginator and stub buttons for resending digest
* feat: wrapping up digest revamp
- New language strings in ACP digest page
- Client-side ACP script for digest ACP page
- Websocket call for ACP page to execute digests
- Broke out logic to retrieve user digest settings to getUsersInterval
* fix: minor cleanup
* fix: #8010 and some style suggestions from baris
* fix: resolve confusing comment
* fix: removed duplicate checkContent call in addMessage
addMessage is called in one place (sendMessage), and the checks
are already contained there. addMessage is the lower level call
and so should be called only from within core itself.
* feat: #7330 chat system messages for join, leave, rename
* fix: add back content checking in .addMessage();
* fix: tests, and added .addSystemMessage() method
Tests were relying on message indices that changed due to the
new system messages.
* feat: add tests for system chat messages
* refactor: rewrite half of src/messaging/rooms.js, fix tests
* feat: #7743 messaging/room.js
* fix: tests for messaging/room.js, #7743
* fix: trying to fix tests
* fix: omg :rage2:
* feat: added API route for retrieving analytics via REST API
* feat: sets is now optional, can pass in multiple sets
* fix: moved expand and added json button to panel header
* fix: matching api params to socket method
* fix: update json api button url on graph change
* fix: updated default counts based on passed in units
In not-so-rare circumstances, the avatar generated is wrapped in
an anchor so that when clicked, it goes to the user profile.
Unfortunately, html 4 spec doesn't like block level elements
inside anchors (since an anchor is an inline element), and even
though we define html5 doctype, browsers still reorder the div
and anchor, beats me as to why.
So I can trick the browser by using a span. The css already styles
it as inline-block so no further fixes are required.
* feat: helper for building avatars
* feat: benchpress truefalse globals, componentPrefix in buildAvatar
* refactor: remove componentPrefix
* feat: changes to buildAvatar helper
- removed extra .avatar-xl class in generics.less
- added support for component override
- "size" can be a number now
* fix: prevent overflow of alt text in avatars
* fix: update doc on buildAvatar helper
* feat: add enable/disable checkbox for plugin usage
* feat: submit plugin data to packages.nodebb.org
only submit in production mode
submit once every 24 hours
dont submit for plugins that have "private": true in plugin.json
enabled on new installs
disabled on existing installs
* fix: hash not working after first send
fix statusCode
* fix: remove url
* feat: show compatibilty
* feat: add install question for submit plugin usage
* feat: design revamp of ACP events page
- minor UX changes
- new filter controls, filters moved to sidebar
- form usable without js
- start/end filters NOT programmed yet
* feat: events ACP limit by date and perPage
* feat: pre-fill applied filters on template render
* fix: missing translation for ACP events perPage filter
* fix: added some comments to explain setHours behaviour
* fix: stop - start + 1
* fix: socket tests
* fix: +inf, not just inf
* fix: tests, because I am an idiot
* feat: add upgrade script to give mods privs
* feat: give all privileges when making a moderator
* feat: remove implicit privs
* feat: give global mods default privs
* feat: more priv fixes
* feat: use lodash
* fix: remove implicit mod priv from topic delete
* fix: more privs
* fix: posts.canEdit
* fix: canDelete and canEdit
* fix: tests, remove console.log
* feat: shorter functions
* feat: add tests
* fix: uids
* fix: redis random test fail
* feat: wip -- refresh meta tags on ajaxify
* feat: wrapped up meta tags update on ajaxify feature
* fix: removed commented-out line
* fix: removed another commented-out line
* feat: ability to copy a groups privileges
ability to copy a group's privileges to all categories, or children of current category
* feat: switch to dropdown
added copy from category to groups
* fix: indents
On uploading a new profile picture via URL, a CORS error presents
itself during the .toDataUrl() call due to misconfigured CORS
handling in the library. The change here allows cropper.js to
check crossorigin attribute in image and handle appropriately.
Also, the error handling is improved so the error is caught on
Firefox, as it sends a different error message than on Chrome.
* feat: re-designed digest
Updated design, logic no longer shows "no topics", just doesn't
show the list at all, teaser re-retrieved for digest so that it
always grabs a teaser even if there is no reply, changed default
email background to a light grey.
* fix: minor padding issues in digest
* fix: banned template
* fix: invitation.tpl
* fix: removed unused notif_chat and notif_post email templates
* fix: notification template
* fix: registration_accepted template
* fix: reset tpl
* fix: test tpl
* fix: email verify tpl
* fix: reset notify tpl
* fix: welcome tpl
* fix: additional minor font fixes
* fix: removed unused email header image assets
* fix: internationalised 'your daily digest' string
* fix: broken url in digest 🤦
* feat: added RTL support for emailer
/cc @PostMidnight
- RTL is applied (or unapplied) on login and logout depending on
user language/guest-detected language.
- config is automatically saved into res.locals.config whenever
loadConfig is called
- On login/logout, buildHeader is called instead of getting config
- On logout, req.uid is deleted instead of set to 0
* fix: closes#6784
* #6784 also fix homepage + subfolder installs
* #6784 fixes suburls as well (ex. /tags/x and /groups/y)
* #6784 more elegant solution @pitaj
and the last time I touch this function, lol
* #6784 regis, final answer
I lied in that last commit
* feat: wip, category watch change
* feat: pass data to client
* feat: allow changing state
* fix: account page categories
* fix: show in unread if topic is followed or category is watched
* feat: add default watch state to acp
* feat: save user category watch state
* feat: update unread recent pages
* fix: remove dupe code
* fix: flip conditions
* fix: handle empty arrays
* fix: ignore/watch on others profile
* feat: upgrade script for category states
if there are any users ignoring categories set their state in new zset and delete cid:<cid>:ignorers
* fix: upgrade
* fix: tests
* fix: redis count
* fix: more tests
* fix: #7038, autoLocale logic not playing nicely with no-refresh auths
- on login, req.query.lang is deleted (since it seems to be left over)
- on logout, the middleware.autoLocale is executed, which resets
req.query.lang
- middleware.autoLocale is new, just refactored existing logic in
webserver.js into new middleware method.
* style: tests, use lodash
* fix: timeago strings not switching languages on login or out
- do not call $.timeago twice on topic load and for widgets
- do not use toLocaleString for each timeago string, use a single
Intl.DateTimeFormat instance instead
- do not call format for empty timeago strings, ie a post that isnt
edited doesnt have a timeago string
- do not call isTouchDevice for every element
- remove app.replaceSelfLinks, this is superceded with /me route
- store references to jquery objects in navigator instead of creating
them on every scroll
Barış Soner Uşaklı
Julian Lam
psychobunny
Opliko
yossizahn
Aziz Khoury
Andrew Rodrigues
Peter Jaszkowiak
Barış Soner Uşaklı