2ec838fc59
feat(writeapi): token generation/delete routes, ACP updates
5 years ago
3ea1aa4780
refactor(writeapi): update route prefix to api/v3, default error option
5 years ago
f67824719c
chore(writeapi): cleanup
5 years ago
0973feea16
feat(writeapi): post bookmarking
5 years ago
9942c248eb
feat(writeapi): post voting
5 years ago
414169fdfa
feat(writeapi): post delete/restore/purge
5 years ago
f66c2fb60f
feat(writeapi): post editing
5 years ago
1605e5e443
feat(writeapi): topic tags
5 years ago
9be5629458
feat(writeapi): topic follow/ignore
5 years ago
da25ce4d09
feat: topic delete/restore/purge/(un)pin/(un)lock
5 years ago
675a62dadd
fix: remove debug log
5 years ago
49652e6f1b
feat: management of API tokens via ACP
5 years ago
8e7baac6ef
fix(writeapi): calls to profile editing routes 200 even if user DNE
5 years ago
6096f74ab2
feat(writeapi): adding missing files
5 years ago
4c833d0bf0
feat(writeapi): topic posting and replying
5 years ago
40dc1c38d3
feat(writeapi): added DELETE /groups/:slug/membership/:uid route
5 years ago
952dc211dd
feat(writeapi): added group joining and deletion
5 years ago
d044c3223e
feat(writeapi): abstracted ajax calls out to new api module
5 years ago
ba345e53e8
feat(writeapi): added POST /api/v1/groups
5 years ago
49994f3a15
fix(openapi): moved write-api to public/openapi
5 years ago
3072de4812
feat: added DELETE /api/v1/categories/:cid route
5 years ago
e942ad8101
feat: added PUT /api/v1/categories/:cid route
...
Deprecated admin.categories.update socket call
Showing stack trace in console for errors, when in development mode
5 years ago
dc666fd8a9
feat: added POST /api/v1/categories route
5 years ago
a5af2dc819
feat: added PUT/DELETE /api/v1/users/:uid/ban routes
5 years ago
db5c5b2cfb
fix: follow route to match spec
5 years ago
b5bbcbaeaa
feat: added POST and DELETE /api/v1/users/:uid/follow routes
5 years ago
7aed174ebc
feat: added PUT /api/v1/users/:uid/password route
5 years ago
a1ddc210b2
feat: added DELETE /api/v1/users/:uid and DELETE /api/v1/users
5 years ago
d15d9e4492
fix(refactor): patching helpers.tryRoute for API routes, some re-org
...
Thanks @barisusakli for the tip
5 years ago
d8879d21db
fix: error handling with POST /api/v1/users
5 years ago
bba2a4638c
fix: user creation POST route returns user data, updated openapi spec
5 years ago
7b6d43bcc8
feat: added checkRequired middleware for API calls
5 years ago
f6433ef2c5
fix(refactor): merging write-api auth middlewares with core middlewares
5 years ago
ec5c48b188
feat: migrating write-api skeleton into core
5 years ago
dde5b6b814
fix: unable to register async method as response hook listener
...
Also fixes #8723 , /api/config now runs middleware.authenticateOrGuest
5 years ago
f4d76f1edd
feat: move service-worker.js into its own file
5 years ago
6478b32d0e
feat: upload maskable icon for PWA
5 years ago
f69697b3fa
feat: basic service worker, minimum requirement for for a2hs; see #8126
5 years ago
46800b6639
fix: prefer webmanifest extension over json
...
https://w3c.github.io/manifest/#media-type-registration
5 years ago
af43f0e48e
fix : #8656 , rename /api/me to /api/self
5 years ago
5f10d67db5
Remove sounds ( #8617 )
...
* feat: remove sounds
* feat: remove more sounds
* feat: disable sounds plugin
* fix: openapi
5 years ago
762b0be4b4
feat: remove /assets/stylesheet.css
5 years ago
a3c8d45626
fix: crash if csrfToken does not exist
5 years ago
00d39fb32c
feat: #8460 , export groups members as csv
5 years ago
e53a18f219
fix : #8437 , #8433
5 years ago
3be4d5f7d5
feat: redirect /me to user profile
5 years ago
a82e9bd7f6
feat: privileges for Admin Control Panel ( #8355 )
...
* feat: acp privileges (WIP)
* fix: restore global privilege hooks
* refactor: using cid 0 in admin privs
* fix: no need for zebrastripe-reset
* feat: manage:categories privilege WIP
* feat: renamed prefix to admin:, settigns and dashboard privs
* fix: nofocus on acp privs group find modal
* refactor: privileges.x.get() to not used hardcoded privs
* fix: crash if unable to get latest version
* feat: setting acp priv
* Revert "fix: crash if unable to get latest version"
This reverts commit afdb235f48eb0072d88de45f3a1e0151281095b3.
* feat: user/privilege acp privs
* fix: category selector in manage/privileges
* fix: guests potentially becoming admins
* fix: bug in setting admin privs
* fix: some last minute things + api docs
* fix: some more last minute fixes
5 years ago
842b8abb84
feat: add buildHeaderAsync ( #8367 )
...
* feat: add buildHeaderAsync
make helphers.notAllowed async
* fix: remove csrf from buildHeader
* fix: remove unused method, use middleware
* fix: /post/pid redirect doesn't need buildHeader
use buildHeaderAsync
5 years ago
dcb85ee7a1
#8344 ( #8346 )
...
* feat: wip
* feat: wrap middlewares
* feat: middleware errors
* feat: more middleware changes
* fix: remove unused async
* fix: prevent version errors from blocking acp render
* feat: wrap more middlewares
5 years ago
0633ad3277
fix: acp menu items
...
- Shuffled items in settings
- Moved post-queue and ip-blacklist to front-end
- Removed Settings > Sockets, merged with Settings > Advanced
5 years ago
a51fff8bd1
refactor: remove general menu from ACP ( #8347 )
...
* refactor: remove general menu from ACP
* fix: incorrect translation keys, fixed tests
5 years ago
5781a2dc65
feat: fix session mismatch errors by clearing cookie on logout ( #8338 )
...
* feat: fix session mismatch errors by clearing cookie on logout
* feat: remove app.upateHeader
ported from 2.0
* feat: handle if user doesn't click button and just refreshes page
5 years ago
ef52461fb6
fix: remove dead picture upload code #8260
5 years ago
1136a369f3
feat: local redoc view on development mode only
5 years ago
c82a263788
Revert "fix: override ACAO header for read API spec file"
...
This reverts commit 240d90919b
5 years ago
240d90919b
fix: override ACAO header for read API spec file
5 years ago
cf6eadb91a
fix: dont let regular users see other users watched categories
5 years ago
4abe5eb7ff
Revert "fix: #8154 , move start/stop every iteration"
...
This reverts commit 300c04cef9
5 years ago
300c04cef9
fix : #8154 , move start/stop every iteration
5 years ago
df139928b6
feat: displaying one-click unsubscribe link in email footer ( #8024 )
...
closes #8016
6 years ago
b5a30006e2
feat: use helpers.setupAdminPageRoute
6 years ago
645d647248
feat: wip, better digest handling (+ eventual digest resend logic) ( #7995 )
...
* feat: wip, better digest handling (+ eventual digest resend logic)
- await emailer.send call in digest.send method
- save send success to a new sorted set digest:{interval}:byUid
* feat: continuing work on digest tools
- Added ACP page to view digest settings and delivery times per user
* feat: added paginator and stub buttons for resending digest
* feat: wrapping up digest revamp
- New language strings in ACP digest page
- Client-side ACP script for digest ACP page
- Websocket call for ACP page to execute digests
- Broke out logic to retrieve user digest settings to getUsersInterval
* fix: minor cleanup
* fix : #8010 and some style suggestions from baris
* fix: resolve confusing comment
6 years ago
df1efe5f96
feat: Implement WICG change-password-url ( #7072 ) ( #7990 )
...
* feat: Implement WICG change-password-url (#7072 )
* fix style for TravisCI
6 years ago
873ec51978
fix: crash in feed
6 years ago
ec3b5dd95a
refactor: async/await routes/feeds
6 years ago
52a2e5d61d
fix : #7816 , adding GDPR and TOU interstitials earlier on route reloading
...
A use-case was presented that called for a theme to disable the
registration interstitials. However, the plugin hooks were always
fired first, and so the core interstitials could not be removed
at that time because they hadn't been added yet.
This change moved the interstitial adding to the earliest point
possible, right after plugins.loadedHooks is emptied in preparation
for plugin initialisation.
6 years ago
0d047f4eb9
feat: #7743 , webserver
6 years ago
805dcd7ca2
Async refactor in place ( #7736 )
...
* feat: allow both callback&and await
* feat: ignore async key
* feat: callbackify and promisify in same file
* Revert "feat: callbackify and promisify in same file"
This reverts commit cea206a9b8e6d8295310074b18cc82a504487862.
* feat: no need to store .callbackify
* feat: change getTopics to async
* feat: remove .async
* fix: byScore
* feat: rewrite topics/index and social with async/await
* fix: rewrite topics/data.js
fix issue with async.waterfall, only pass result if its not undefined
* feat: add callbackify to redis/psql
* feat: psql use await
* fix: redis 🌋
* feat: less returns
* feat: more await rewrite
* fix: redis tests
* feat: convert sortedSetAdd
rewrite psql transaction to async/await
* feat: 🐶
* feat: test
* feat: log client and query
* feat: log bind
* feat: more logs
* feat: more logs
* feat: check perform
* feat: dont callbackify transaction
* feat: remove logs
* fix: main functions
* feat: more logs
* fix: increment
* fix: rename
* feat: remove cls
* fix: remove console.log
* feat: add deprecation message to .async usage
* feat: update more dbal methods
* fix: redis :voodoo:
* feat: fix redis zrem, convert setObject
* feat: upgrade getObject methods
* fix: psql getObjectField
* fix: redis tests
* feat: getObjectKeys
* feat: getObjectValues
* feat: isObjectField
* fix: add missing return
* feat: delObjectField
* feat: incrObjectField
* fix: add missing await
* feat: remove exposed helpers
* feat: list methods
* feat: flush/empty
* feat: delete
* fix: redis delete all
* feat: get/set
* feat: incr/rename
* feat: type
* feat: expire
* feat: setAdd
* feat: setRemove
* feat: isSetMember
* feat: getSetMembers
* feat: setCount, setRemoveRandom
* feat: zcard,zcount
* feat: sortedSetRank
* feat: isSortedSetMember
* feat: zincrby
* feat: sortedSetLex
* feat: processSortedSet
* fix: add mising await
* feat: debug psql
* fix: psql test
* fix: test
* fix: another test
* fix: test fix
* fix: psql tests
* feat: remove logs
* feat: user arrow func
use builtin async promises
* feat: topic bookmarks
* feat: topic.delete
* feat: topic.restore
* feat: topics.purge
* feat: merge
* feat: suggested
* feat: topics/user.js
* feat: topics modules
* feat: topics/follow
* fix: deprecation msg
* feat: fork
* feat: topics/posts
* feat: sorted/recent
* feat: topic/teaser
* feat: topics/tools
* feat: topics/unread
* feat: add back node versions
disable deprecation notice
wrap async controllers in try/catch
* feat: use db directly
* feat: promisify in place
* fix: redis/psql
* feat: deprecation message
logs for psql
* feat: more logs
* feat: more logs
* feat: logs again
* feat: more logs
* fix: call release
* feat: restore travis, remove logs
* fix: loops
* feat: remove .async. usage
6 years ago
a0c0ef1ba4
feat: ACP analytics API route ( #7725 )
...
* feat: added API route for retrieving analytics via REST API
* feat: sets is now optional, can pass in multiple sets
* fix: moved expand and added json button to panel header
* fix: matching api params to socket method
* fix: update json api button url on graph change
* fix: updated default counts based on passed in units
6 years ago
a251032f02
fix: typo
6 years ago
3b0459a0a5
fix: do not prevent nbb from starting
...
if a plugin returns error for filter:auth.init
6 years ago
740388492f
fix : #7545
6 years ago
ddffc904f4
feat: allow file uploading on registration interstitial
6 years ago
8f55ab1340
fix : #7494
6 years ago
d2cfe6b946
Moved onSuccessfulLogin call from plugins to core, + auth verification hook ( #7416 )
...
* fix : #7412 , calling controllers.onSuccessfulLogin in core
* feat: added plugin hook for auth validation
6 years ago
d722f3b8b6
fix: mounting of all-route middlewares to router instead of app
...
related to julianlam/nodebb-plugin-session-sharing#73
These three lines haven't changed in two years, but it makes more
sense for them to be called against the relative path router,
otherwise req.originalUrl contains the relative path, which is
not necessary.
6 years ago
c72da5595a
fix : #6806
...
3 new global privileges
view:users
view:tags
view:groups
6 years ago
5353960ae7
fix : #7316
6 years ago
059a4be204
feat: explicit handling of SSO success and failure
6 years ago
2b9322e1c2
feat: additional options for SSO plugins
...
+checkState property, pass Boolean false to skip nonce checking
+callbackMethod, default 'get', you can pass in 'post', etc.
6 years ago
c831ff0de3
fix: removal of timeago fallback middleware ( #7259 )
...
* fix: removal of timeago fallback middleware
Instead of loading English fallback on missing language, we opt
to not send a script tag for a missing language to begin with.
Timeago already loads with English as default, so it will just
continue to use English.
* fix: check userLang against supported language codes
* fix: cleaned up code as per @pitaj
* fix: added comments
* fix: more fixes as per @pitaj
* feat: added addl. test for timeago locales, fixed broken test
6 years ago
70a87d4399
feat: support for one-click unsubscribe from email clients ( #7203 )
...
* feat: sending notifs via ACP creates real notification
re: #7202
* feat: basic integration for one-click unsubscription #7202
* feat: tests for #7202 + bugfix
* feat: added and organized digest unsub tests
closes #7202
7 years ago
d31684e8b8
fix : #7131
7 years ago
ae0fe5e880
feat: more naming
7 years ago
9f5062682d
fix: unread badge
...
- only increase unread badge if topic or category is watched
- fix logic for "there are new posts/topics" on /unread and /recent
7 years ago
99e0895e99
fix: move the check to get methods
...
all .post methods will have csrf
7 years ago
4fba1492c1
feat: added new middleware authenticateOrGuest
7 years ago
eeaee8ccef
fix: not calling authenticate middleware on resource direct access
...
routes
7 years ago
a07d9898df
fix : #7071 buildSkinAsset won't rebuild continuously
7 years ago
a63ddbe2aa
fix : #7040
...
if category doesn't exist return null and 404
7 years ago
cb7c2d8c28
fix: add missing render function
7 years ago
1f918ca8f8
Home route ( #7039 )
...
* fix: WIP home fix
* remove console.log
* fix : #6949
on redis run all tests in subfolder /forum
fix URI errors
fix sping/ping
7 years ago
8808a03307
fix : #7033
7 years ago
ba619c7ec8
style(eslint): match operator-linebreak preferences
7 years ago
4b486a808e
fix custom home
7 years ago
e17c4b2766
uid fixes
7 years ago
f1a6d39537
dont crash if a loginStrategies is undefined
7 years ago
d0b67b00db
closes #6949
7 years ago
f96208a0c8
fix(uploads): ugly filenames on uploaded asset downloading
...
During regular processing, a timestamp is prepended to the filename
for any uploaded files. We don't want this to be part of the filename
if an end-user elects to download the file.
This commit adds a middleware to strip out that portion of the
basename and adds the appropriate Content-Disposition header for
files in /uploads/files
Fixes #6953
7 years ago
64b9dabff8
chore(deps): update dependency eslint-config-airbnb-base to v13 ( #6599 )
...
* chore(deps): update dependency eslint-config-airbnb-base to v13
* chore: #6599 , linting 😬
7 years ago
501b3a79ca
Refactor skins to be built on server-side ( #6849 )
...
* WIP
* using bootswatch from npm instead of bootswatch CDN url
* feat: on-demand client css building for skins
* added ability for client-side to select a skin
* updated loading and saving logic of bootstrapSkin on client side user settings
* fix: broken test for #6849
7 years ago
412358b070
#6903
7 years ago
67d3b29204
#6903
7 years ago
f3a679e268
remove parseInts
7 years ago
ebd4b19a65
moved req.user up
7 years ago
ab7657d445
closes #6854
7 years ago
ac39112271
remove more parseInts
7 years ago
9c022afae1
Parse int ( #6853 )
...
* Store config fields as JSON in the db
Fewer parseInts
* Remove unnecessary parseInts
* remove some dupe code add tests
* remove console.log
* remove more parseInts
* WIP: read meta.configs defaults from defaults.json
remove more parseInts
* more work
* add log for failing test
* update admin pwd
* fix tests, dont require posts/cache before configs are initialized
* handle saves
* Test boolean conditions
* remove more parseInts
* Fix boolean values
* remove lots more parseInts
* removed json parsing
* renamed var to number
* categories dont have timestamp
7 years ago
60c58870af
remove hotswap ( #6835 )
7 years ago
92744a7200
closes #6852
7 years ago
523a2dc54c
Add settings page to control watched categories ( #6648 )
...
* Add settings page to control watched categories
* Fix passing undefined to pushUnreadCount
7 years ago
02046889ec
closes #6691
7 years ago
c7f3b76b4e
DRY req props that depend on auth ( fix #6727 ) ( #6731 )
...
* DRY req props that depend on auth (fix #6727 )
authentication leads to req.loggedIn and req.uid being set. However, a
later authentication event might outdate them. Here, I create one
function for setting those properties, and make sure it also is called
on the `action:middleware.authenticate` hook, which would be such an
authentication event. If there are other places, those should be added
as well.
* fix lint errors
* fix lint error
* change exports
7 years ago
c2c925cacd
closes #6678
7 years ago
29836aaad9
rename session account middleware to sessions, plural, prep for fixing #6678
7 years ago
fa499aef18
closes #6680
7 years ago
c7d6cacd98
closes #6658
7 years ago
04d31fe1d4
Precompile all templates
...
- Benchpress compilation is 33x faster now
- Native module with JS fallback and pre-built binaries
- Dev template build is <1sec now
- Minified template build is ~5sec (uglify accounts for almost all)
7 years ago
7a53fa9469
Added block and unblock button to profile dropdown menu, #6560
7 years ago
9912c400b6
closes #6612
7 years ago
ccad95cf73
closes #6579
7 years ago
ec91ef1c64
closes #6553
7 years ago
229e49cf8f
closes #6523 , closes #6524
7 years ago
99f1a5380e
closes #6483
7 years ago
dc386b5b23
Merge branch 'master' into user-blocking
7 years ago
ca932d30d2
basic UCP integration #6463
7 years ago
bfee23adee
basic methods and initial integration for #6463
7 years ago
67dec83011
profile export for #6441 + integration
7 years ago
a6564b7b4e
endpoint to download user attachments, #6441
7 years ago
2e6e7f7484
posts export endpoint for GDPR, re: #6441
7 years ago
8e822c7772
Added user consent pages ( #6430 )
...
- "Your Rights & Consent" user settings page
7 years ago
7cd004ca23
user uploads route
7 years ago
1ce448f2a1
Merge remote-tracking branch 'origin/master' into develop
7 years ago
cf087b6070
#6272 strip all tags
7 years ago
ac1f7eefe5
closes #2304
7 years ago
b907f08bf7
closes #6272
7 years ago
8427601b04
closes #6287
7 years ago
c7506d77b0
closes #6247
7 years ago
8446a733e5
closes #5569
8 years ago
242dc41aca
move privileges to same page
8 years ago
4a73621dca
chat privilege
8 years ago
2bf275fe29
#6158
8 years ago
43180d4b83
#6158
8 years ago
11b9cb7688
Fix #6076 , `action:home.get:*` returned to previous functionality ( #6077 )
...
Added tests to confirm `buildHeader` is used and `/api` works
8 years ago
f5385e38bf
Add `/me*` route which redirects to `/user/[userslug]*` ( #6063 )
...
* Add `/me*` route which redirects to the current user's information
- `/me` -> `/user/[usertslug]`
- `/me/bookmarks` -> `/user/[userslug]/bookmarks`
- `/me/settings` -> `/user/[userslug]/settings`
etc
* Add tests for `/me/*`
8 years ago
e4ea4d5134
move composer routes to its own file
8 years ago
bbdc55cb3a
Better fix for #5993 ( #6034 )
...
* Better fix for #5993
Also a nice newline so the line doesn't get overwritten when running `./nodebb upgrade`
* Optimizations for custom homepage
Move it into a separate module
8 years ago
5b2a674a4f
closes #6020
8 years ago
d5d6748c71
closes #6013
8 years ago
ab8465d7b6
Make deprecation warnings more clear ( #5996 )
...
* Add these as warnings
To be removed in next major version
* Make ACP search's purpose more clear
* Only warn once per deprecated path
8 years ago
Julian Lam
psychobunny
Barış Soner Uşaklı
Opliko
Peter Jaszkowiak
Barış Soner Uşaklı
renovate[bot]
André Zanghelini
LudwikJaniuk