77ab46686d
fix: access checks for tags and thumbs get route
4 years ago
56f929ed4f
feat: add write API route for checking login credentials
4 years ago
edb8da1ef9
feat(api): closes #9123 category and topic routes migrated to Write API
5 years ago
cdff8d286a
chore(api): add deprecation notices re: #9123
5 years ago
e267f29584
feat(api): #9123 , migrate /api/post/pid/:pid to Write API
5 years ago
32e36f7b2e
feat(api): group ownership API route, switch client-side to use API route
5 years ago
1cd2689cf6
refactor(api): deprecated groups update socket in favour of API lib
5 years ago
878ee06715
refactor: schema backreference test to use map instead of reduce, properly check write-api routes
5 years ago
3e54b70c06
fix : #9092 , Topic thumbnails do not work with third-party uploaders
5 years ago
340387c18a
fix : #9055 , non-standard API response from addThumbs route
...
Also removed old thumb upload router handler, and updated uploadPost handling in composer to match new response schema
5 years ago
ef7d6db912
feat: server-side work for #9047
...
- rename Thumbs.commit to Thumbs.migrate
- new PUT method that calls Thumbs.migrate
- `checkThumbPrivileges` now takes a single object parameter (ins. of req/res)
5 years ago
b5d910f53b
feat: core work for #9042 , thumb deletion now accepts uuids
...
+ common data validation for thumb addition and deletion
5 years ago
90497e3ef5
feat: more work on topic thumbs refactor
...
- addThumb and deleteThumb are now protected routes (duh)
- new getThumbs route GET /api/v3/topics/<tid>/thumbs
- Updated `assert.path` middleware to better handle if relative paths are received with upload_url
- Slight refactor of thumbs lib to use validator to differentiate between tid and UUID
5 years ago
708b1c338f
fix : #9040
5 years ago
7e9e08f718
feat: server-side routes for handling multiple topic thumbnails
...
closes #8994 , requires 'topic-thumb-refactor' branch of composer-default
5 years ago
3cd0c9a476
fix : #8998 , allow guests to use write api to post/reply
5 years ago
ac734b8335
fix : #8912
5 years ago
6e2da9966e
refactor: move plugin hook methods to plugin.hooks.*
5 years ago
3b1c03ed50
feat: allow ACP API access to bearer tokens
...
closes nodebb/nodebb-plugin-write-api#132
5 years ago
046d0b1637
feat: allow pins to expire (if set) ( #8908 )
...
* fix: add back topic assert middleware for pin route
* feat: server-side handling of pin expiries
* refactor: togglePin to not require uid parameter [breaking]
* feat: automatic unpinning if pin has expiration set
* feat: client-side modal for setting pin expiration
* refactor: categories.getPinnedTids to accept multiple cids
... in preparation for pin expiry logic, direct access to *:pinned zsets is discouraged
* fix: remove references to since-removed jobs file for topics
* feat: expire pins when getPinnedTids is called
* refactor: make the togglePin change non-breaking
The 'action:topic.pin' hook now sends uid again, as before. However, if it is a system action (that is, a pin that expired), 'system' will be sent in instead of a valid uid
5 years ago
fa4177c3bc
fix : #6407 , fix feeds
...
display latest posts instead of oldest in topic rss feed
fix missing await that was causing rss_tokens to not function
fix feed test
more tests for getTopicWithPosts
5 years ago
a0b7a82350
feat(api): account deletion routes for the Write API ( #8881 )
...
* feat(api): account deletion routes for the Write API
* refactor: rewrite client-side calls to account deletion to use api
* style: apply DRY
5 years ago
3ccebf112e
feat: invites regardless of registration type, invite privilege, groups to join on acceptance ( #8786 )
...
* feat: allow invites in normal registration mode + invite privilege
* feat: select groups to join from an invite
* test: check if groups from invitations have been joined
* fix: remove unused variable
* feat: write API versions of socket calls
* docs: openapi specs for the new routes
* test: iron out mongo redis difference
* refactor: move inviteGroups endpoint into write API
* refactor: use GET /api/v3/users/:uid/invites/groups
Instead of GET /api/v3/users/:uid/inviteGroups
* fix: no need for /api/v3 prefix when using api module
* fix: tests
* refactor: change POST /api/v3/users/invite
To POST /api/v3/users/:uid/invites
* refactor: make helpers.invite awaitable
* fix: restrict invite API to self-use only
* fix: move invite groups controller to write api, +tests
* fix: tests
Co-authored-by: Julian Lam <julian@nodebb.org>
5 years ago
bcccb331db
docs: openapi schema for user/group exist check, session deletion
5 years ago
f300c933a5
refactor: move session revocation route to write api
5 years ago
f1f9b225b0
feat: #8824 , cache refactor ( #8851 )
...
* feat: #8824 , cache refactor
ability to disable caches
ability to download contents of cache
refactor cache modules to remove duplicated code
* fix: remove duplicate hit/miss tracking
check cacheEnabled in getUncachedKeys
5 years ago
d263192271
feat: group exists API call in write api
5 years ago
f2bb42c076
fix: user exist route needs no authentication
5 years ago
60e1e99b4f
feat: new shorthand route /api/v3/users/bySlug/:userslug
...
closes #8844
5 years ago
57ed6be78b
fix : #8805 define our own name for write API v3
5 years ago
266d7587b2
refactor: remove usage of middlewares
...
Specifically, middleware.isAdmin|exposePrivilegeSet|exposePrivileges
5 years ago
aa8faf58a0
refactor: remove /users/{uid}/settings/{setting} route
...
@baris Also, I am now allowing the following properties to be saved in User.saveSettings:
- categoryTopicSort
- topicPostSort
- setCategorySort
- setTopicSort
5 years ago
b156b8b573
feat: wip, write api tests framework
...
re-using read api tests if possible
5 years ago
a05905f196
performance improvements ( #8795 )
...
* perf: nconf/winston/render
cache nconf.get calls
modify middleware.pageView to call next earlier
don't call winston.verbose on every hook see https://github.com/winstonjs/winston/issues/1669
translate header/footer separately and cache results for guests
* fix: copy paste fail
* refactor: style and fire hook only log in dev mode
* fix: cache key, header changes based on template
* perf: change replace
* fix: add missing await
* perf: category
* perf: lodash clone
* perf: remove escapeRegexChars
5 years ago
c26f2b6599
feat(writeapi): user settings API
5 years ago
9d81660e24
Revert "Revert "fix: appropriate 404 handling for write API calls""
...
This reverts commit 135c2d6c7d
5 years ago
135c2d6c7d
Revert "fix: appropriate 404 handling for write API calls"
...
This reverts commit b6cce75d97
5 years ago
68d6818bca
refactor: topic tools' actions to use api lib
5 years ago
b6cce75d97
fix: appropriate 404 handling for write API calls
5 years ago
bf480ee58b
refactor: setupApiRoute signature
5 years ago
688d7a2cc2
refactor: remove unused middleware
5 years ago
5e2caf19f5
refactor: use single function for api code
5 years ago
9dd3cc0483
feat: allow plugins to define api routes
...
via new plugin hook static:api.routes
5 years ago
a4ba23899e
feat: require https if nodebb is configured with https url
5 years ago
872bacf1c4
Admin/users ( #8762 )
...
* feat: wip admin/users
* feat: more work
* feat: more fixes
* feat: #8662 , verified/unverified user groups
* feat: add filter
* feat: change user search to use filters array
* refactor: remove unused search call
* fix: tests
* fix: cant join system groups
* fix: upgrade script
5 years ago
9a5b8a798a
fix: category RSS feed was displaying deleted topics
5 years ago
8ecef7b891
refactor: middleware.assert.*
5 years ago
cfee431c53
feat(writeapi): commented-out stub code for file upload
5 years ago
f870721fca
feat(writeapi): file deletion route
5 years ago
a55b381791
feat(writeapi): admin settings update route
5 years ago
2ec838fc59
feat(writeapi): token generation/delete routes, ACP updates
5 years ago
3ea1aa4780
refactor(writeapi): update route prefix to api/v3, default error option
5 years ago
f67824719c
chore(writeapi): cleanup
5 years ago
0973feea16
feat(writeapi): post bookmarking
5 years ago
9942c248eb
feat(writeapi): post voting
5 years ago
414169fdfa
feat(writeapi): post delete/restore/purge
5 years ago
f66c2fb60f
feat(writeapi): post editing
5 years ago
1605e5e443
feat(writeapi): topic tags
5 years ago
9be5629458
feat(writeapi): topic follow/ignore
5 years ago
da25ce4d09
feat: topic delete/restore/purge/(un)pin/(un)lock
5 years ago
675a62dadd
fix: remove debug log
5 years ago
49652e6f1b
feat: management of API tokens via ACP
5 years ago
8e7baac6ef
fix(writeapi): calls to profile editing routes 200 even if user DNE
5 years ago
6096f74ab2
feat(writeapi): adding missing files
5 years ago
4c833d0bf0
feat(writeapi): topic posting and replying
5 years ago
40dc1c38d3
feat(writeapi): added DELETE /groups/:slug/membership/:uid route
5 years ago
952dc211dd
feat(writeapi): added group joining and deletion
5 years ago
d044c3223e
feat(writeapi): abstracted ajax calls out to new api module
5 years ago
ba345e53e8
feat(writeapi): added POST /api/v1/groups
5 years ago
49994f3a15
fix(openapi): moved write-api to public/openapi
5 years ago
3072de4812
feat: added DELETE /api/v1/categories/:cid route
5 years ago
e942ad8101
feat: added PUT /api/v1/categories/:cid route
...
Deprecated admin.categories.update socket call
Showing stack trace in console for errors, when in development mode
5 years ago
dc666fd8a9
feat: added POST /api/v1/categories route
5 years ago
a5af2dc819
feat: added PUT/DELETE /api/v1/users/:uid/ban routes
5 years ago
db5c5b2cfb
fix: follow route to match spec
5 years ago
b5bbcbaeaa
feat: added POST and DELETE /api/v1/users/:uid/follow routes
5 years ago
7aed174ebc
feat: added PUT /api/v1/users/:uid/password route
5 years ago
a1ddc210b2
feat: added DELETE /api/v1/users/:uid and DELETE /api/v1/users
5 years ago
d15d9e4492
fix(refactor): patching helpers.tryRoute for API routes, some re-org
...
Thanks @barisusakli for the tip
5 years ago
d8879d21db
fix: error handling with POST /api/v1/users
5 years ago
bba2a4638c
fix: user creation POST route returns user data, updated openapi spec
5 years ago
7b6d43bcc8
feat: added checkRequired middleware for API calls
5 years ago
f6433ef2c5
fix(refactor): merging write-api auth middlewares with core middlewares
5 years ago
ec5c48b188
feat: migrating write-api skeleton into core
5 years ago
dde5b6b814
fix: unable to register async method as response hook listener
...
Also fixes #8723 , /api/config now runs middleware.authenticateOrGuest
5 years ago
f4d76f1edd
feat: move service-worker.js into its own file
5 years ago
6478b32d0e
feat: upload maskable icon for PWA
5 years ago
f69697b3fa
feat: basic service worker, minimum requirement for for a2hs; see #8126
5 years ago
46800b6639
fix: prefer webmanifest extension over json
...
https://w3c.github.io/manifest/#media-type-registration
5 years ago
af43f0e48e
fix : #8656 , rename /api/me to /api/self
5 years ago
5f10d67db5
Remove sounds ( #8617 )
...
* feat: remove sounds
* feat: remove more sounds
* feat: disable sounds plugin
* fix: openapi
5 years ago
762b0be4b4
feat: remove /assets/stylesheet.css
5 years ago
a3c8d45626
fix: crash if csrfToken does not exist
5 years ago
00d39fb32c
feat: #8460 , export groups members as csv
5 years ago
e53a18f219
fix : #8437 , #8433
5 years ago
3be4d5f7d5
feat: redirect /me to user profile
5 years ago
a82e9bd7f6
feat: privileges for Admin Control Panel ( #8355 )
...
* feat: acp privileges (WIP)
* fix: restore global privilege hooks
* refactor: using cid 0 in admin privs
* fix: no need for zebrastripe-reset
* feat: manage:categories privilege WIP
* feat: renamed prefix to admin:, settigns and dashboard privs
* fix: nofocus on acp privs group find modal
* refactor: privileges.x.get() to not used hardcoded privs
* fix: crash if unable to get latest version
* feat: setting acp priv
* Revert "fix: crash if unable to get latest version"
This reverts commit afdb235f48eb0072d88de45f3a1e0151281095b3.
* feat: user/privilege acp privs
* fix: category selector in manage/privileges
* fix: guests potentially becoming admins
* fix: bug in setting admin privs
* fix: some last minute things + api docs
* fix: some more last minute fixes
5 years ago
842b8abb84
feat: add buildHeaderAsync ( #8367 )
...
* feat: add buildHeaderAsync
make helphers.notAllowed async
* fix: remove csrf from buildHeader
* fix: remove unused method, use middleware
* fix: /post/pid redirect doesn't need buildHeader
use buildHeaderAsync
5 years ago
dcb85ee7a1
#8344 ( #8346 )
...
* feat: wip
* feat: wrap middlewares
* feat: middleware errors
* feat: more middleware changes
* fix: remove unused async
* fix: prevent version errors from blocking acp render
* feat: wrap more middlewares
5 years ago
0633ad3277
fix: acp menu items
...
- Shuffled items in settings
- Moved post-queue and ip-blacklist to front-end
- Removed Settings > Sockets, merged with Settings > Advanced
5 years ago
Julian Lam
Barış Soner Uşaklı
gasoved
Barış Soner Uşaklı
psychobunny