34ccabe3ab
fix: bad assignment logic in middleware.renderHeader
4 years ago
75b1bbd09f
feat: explicitly add filter:admin/header.build hook
...
As it is not fired during middleware.processRender
4 years ago
05d8b3c339
chore: add deprecation notice to topic thumb tpl value
4 years ago
da4f91186b
fix : #9113 , wrong path separator used in thumbs.get
4 years ago
2be396ff6e
fix: email testing and settings change from ACP
...
- changing email SMTP settings wouldn't apply the first time
- "Send Test Email" now will report emailer errors in most cases
4 years ago
713f029dc8
fix: removing ability to specify deprecated topic 'thumb' on topic creation
4 years ago
600807fbe1
fix: don't return deleted: 0 for ephemeral groups
4 years ago
438fa5c88f
fix: send fewer items to client-side for ACP settings/email page
4 years ago
878ee06715
refactor: schema backreference test to use map instead of reduce, properly check write-api routes
4 years ago
a2152dd100
feat: update html-to-text closes https://github.com/NodeBB/NodeBB/pull/8810
4 years ago
4404e32ed9
fix : #9117 , lower query before search
4 years ago
ab96f526d6
feat: remove max age since cache is cleared when thumbs change
4 years ago
2d5a224b06
perf: don't load thumbs if disabled globally, cache thumb results
4 years ago
d28581eb6a
feat: show alt text instead of images in teasers ( #9107 )
...
* feat: show alt text instead of images in teasers
* refactor: from utils to local function
4 years ago
8f938eba19
fix : #9074 , fix svg uploads
4 years ago
ab98740821
fix : #9100 topic thumbs in OG image tags
4 years ago
74d73313fd
feat: migration of old topic thumbs to new format
...
closes #9099
4 years ago
378a3a6945
fix: update version removal comments to 1.17 for some features
4 years ago
4c87f30184
feat: allow plugins to override ACP relogin challenge
...
- used in 2factor
4 years ago
80de572aa1
feat: add user.email.confirmByUid for sso plugins
4 years ago
05dd859714
fix: postgres is slow ™️
4 years ago
9f62df15bd
chore: appease codeclimate
4 years ago
24e754d120
feat: add thumbs to category data return
4 years ago
edf67f349f
fix: use getSortedSetRange instead of getSortedSetsMembers
4 years ago
bd5c4a5cff
fix: tests
4 years ago
e83baa97a0
fix: bad topic thumbs logic on local thumb upload
4 years ago
3e54b70c06
fix : #9092 , Topic thumbnails do not work with third-party uploaders
4 years ago
2170c40007
fix: iteration logic bug
4 years ago
9342d611be
fix: enable topic thumbnails across the board [breaking]
4 years ago
a30c8ab5c8
feat: clent-side modal for managing topic thumbs
...
closes #9087
4 years ago
67cf5e83b7
fix: changes to thumb resizing logic
...
- Resized thumb no longer skews aspect ratio
- Thumbs resized down to maximum thumb size by WIDTH only
- image.checkDimensions() now returns dimensions
4 years ago
37c367d6ff
feat: raise maximum thumb size to 512
4 years ago
1c5cdb5121
feat: associate topic thumbs with post uploads (for the mainPid)
4 years ago
08736b1812
fix: use file lib instead of direct fs module access
4 years ago
c043cfebd6
fix: added back missing topic thumb tests that were removed in last commit
4 years ago
340387c18a
fix : #9055 , non-standard API response from addThumbs route
...
Also removed old thumb upload router handler, and updated uploadPost handling in composer to match new response schema
4 years ago
c09c238e3f
fix: do not allow thumb deletion route to arbitrarily delete other files in uploads folder
4 years ago
5950683316
feat: closes #9048 , tests for topic thumbs routes, write API schema
4 years ago
4152aa552e
feat: tests for topic thumbs
...
Also added some error checking to addThumbs controller
4 years ago
ef7d6db912
feat: server-side work for #9047
...
- rename Thumbs.commit to Thumbs.migrate
- new PUT method that calls Thumbs.migrate
- `checkThumbPrivileges` now takes a single object parameter (ins. of req/res)
4 years ago
b5d910f53b
feat: core work for #9042 , thumb deletion now accepts uuids
...
+ common data validation for thumb addition and deletion
4 years ago
1f0c1cd229
fix: references to since-removed Topics.thumbs.resizeAndUpload
4 years ago
90497e3ef5
feat: more work on topic thumbs refactor
...
- addThumb and deleteThumb are now protected routes (duh)
- new getThumbs route GET /api/v3/topics/<tid>/thumbs
- Updated `assert.path` middleware to better handle if relative paths are received with upload_url
- Slight refactor of thumbs lib to use validator to differentiate between tid and UUID
4 years ago
43dc3e3e48
fix : #9041 , remove Topics.thumbs.resizeAndUpload()
4 years ago
708b1c338f
fix : #9040
4 years ago
1257aa981e
feat: expose uploaded thumbnails to client-side via API
...
+ plugin hook: filter:topics.getThumbs
4 years ago
7e9e08f718
feat: server-side routes for handling multiple topic thumbnails
...
closes #8994 , requires 'topic-thumb-refactor' branch of composer-default
4 years ago
98cd9e3549
feat: allow uploadThumb controller to be called in code
...
it, and uploadsController.upload() now return the results of their operation
4 years ago
4fc9da81a9
refactor: topic thumbs lib to topics.thumbs
4 years ago
0f480be658
fix : #9085 , dont prevent admins from deleting other users
4 years ago
efa4eca0fe
fix : #9045 , no post usage info if '/files/' path received
4 years ago
60e7de0d13
feat: move upgrade script and make it shorter
4 years ago
6037f5ee2c
chore: add comment for clarification
4 years ago
1f32d38778
fix: default values, clamp postsPerPage/topicsPerPage to max
4 years ago
9da0ed400e
fix : #9081 , load raw settings before merging
4 years ago
bb6cc49c16
perf: dont build identical langs
4 years ago
86f0f82be7
fix : #9068
4 years ago
4a0d883359
breaking: #8808 , remove utils.slugify
4 years ago
1c45fa1ba5
feat: socket.io 3 changes ( #8845 )
...
* feat: socket.io 3 changes
* feat: replace socketio-wildcard with socket.onAny
up socket.io-redis to 6.x
* feat: remove mongodb/psql socket.io adapters
* feat: show data on fail
* fix: tests
* fix: typo
* fix: logger test fix
* fix: logger.io_close
* chore: up deps
* chore: update readme to reflect redis requirement
* fix: increase timeout show data if test fails
4 years ago
d2888d1d1f
Category tags ( #8938 )
...
* feat: wip category tags
* fix: tag search
* feat: remove debug
* fix: returns of searchTags and autocomplete
* fix: alpha sort
* fix: redis
* fix: delete zsets on category purge, fix another test
* fix: test
4 years ago
792e9e703e
fix: dont strip tags
4 years ago
91c20ceca5
fix : #9065 , settings v2/v3 conflict
4 years ago
970ccb5a68
fix : #9063 , missing handler for passwordless accounts in admin.checkPrivileges middleware
4 years ago
6669496dba
Navigator ( #9049 )
...
* feat: navigator changes
* fix: remove extra code
* feat: add lang keys
4 years ago
648f6215ef
fix: redirect external with absolute urls
4 years ago
458bfc0faf
fix: external path for subfolder installs
4 years ago
64ac483ddd
fix : #9032
4 years ago
fcb10ebdbb
feat: add socket connect/disconnect action hooks
4 years ago
5d00b0895b
fix: sso redirect on /login & /api/login
4 years ago
3ea66f84e1
fix: use file lib instead of directly accessing fs (for Assert.path)
4 years ago
ef6c3b0029
fix: check uid as well
4 years ago
7e867cf95e
fix : #7597 , fix progress bar of cover/profile uploads
...
send big cover images in chunks
4 years ago
6f68f4d20a
fix : #9032 , fix login redirect for sso plugins
4 years ago
86b7f8a5d4
fix : #8962 , dont show null for purged targets
4 years ago
5f0f476b57
feat: #9005 , use timestamp in profile/cover images
...
delete current one if keepAllUserImages is turned off
fix typo in data
4 years ago
954dc5b7be
feat: #8983 , update pin tooltip in topic
4 years ago
53abada5f0
Revert "feat: option to allow auto-joining of groups (optionally skip the "request membership" step)"
...
This reverts commit 685f3c6aa6
4 years ago
685f3c6aa6
feat: option to allow auto-joining of groups (optionally skip the "request membership" step)
4 years ago
c1a7968d23
feat: user notification settings for group.leave event
4 years ago
f7558c6052
fix: notification on group.leave incorrectly showing "Guest has left X group"
4 years ago
b46d2f93e6
fix : #9019 , add missing lang strings
4 years ago
e45b5cba81
fix : #9018
4 years ago
f7c738deda
fix : #8997 , don't send notifications if uids already in group
4 years ago
1eb5fabdb1
feat: #8900 , postQueue setting for category
4 years ago
14bb0a4469
feat: #8960 , update view count after merge
4 years ago
4317cdea34
fix : #9002 ban templates not user friendly
4 years ago
202dcef42e
fix : #9010 , show rest of info even if clusterMonitor priv is not granted
4 years ago
d46740f860
fix : #9007 revoke old sessions after adding
4 years ago
700736535c
fix: guests dont always have sid
4 years ago
a4fe4d3cf5
fix: allow guests to see their replies immediately
4 years ago
92d1b8a65f
fix: privs headers
4 years ago
4c650aeead
feat: #8989 , convert widget nav to dropdown
4 years ago
5080f35752
fix : #8991 , logout on password reset, dont verify email if password expired
...
dont allow same password on reset
4 years ago
3cd0c9a476
fix : #8998 , allow guests to use write api to post/reply
4 years ago
5a137a0dd6
fix: guest handles to user displayname as well
4 years ago
546f58bf1f
fix: timestamp in queue, add post queue strings
4 years ago
7f5efc3e93
fix : #8992 , set email:confirmed for first admin user
4 years ago
80f0750bd4
fix: typo in upgrade script, closes #8990
4 years ago
9ab4fb412b
fix: order
4 years ago
d3c04afb98
fix : #8982 , copy color on tag rename, dont copy if target exists
...
refresh page on tag rename
4 years ago
acb576662e
fix(spec): from 6e6a7a8f8a
4 years ago
6e6a7a8f8a
fix : #8969 , export csv to file
4 years ago
007a3258a0
feat: add handler for 501 api response
4 years ago
f4d217d829
fix : #8980 , fix lang string
4 years ago
bf171adc83
fix : #8979
4 years ago
1e7cf1cbc4
fix : #8971 , disallow flags of privileged users (mods, gmods, admins)
4 years ago
dadb2527da
fix : #8974 , with password login for approval queue
4 years ago
ad8e770037
feat: add pinExpiry and pinExpiryISO to topic data
4 years ago
a56a657759
fix: missing select/clear all checkbox added to category privileges template ( #8967 )
4 years ago
ba3981e270
fix: use package.name for theme.id ( #8965 )
...
Prevents cases like #8953
4 years ago
07fe959ce5
chore: remove test code
4 years ago
b8cafefce2
fix: winston usages
4 years ago
414caac01b
fix : #8957
4 years ago
47a19d6763
fix: error message
4 years ago
5bb5ec4618
fix : #8954 , clear purged replies and toPids ( #8959 )
...
* fix : #8954 , clear purged replies and toPids
* fix: redis test
4 years ago
21d6225ce0
fix: 'already-deleting' error on subsequent account content deletions
4 years ago
93863bb3c6
fix : #8949 , faster upgrade script
4 years ago
6771ca150a
fix: add topic uid to infinitescroll
4 years ago
c037779fa1
feat: add topicOwnerPost #8778
4 years ago
ac734b8335
fix : #8912
4 years ago
4f37eddc5e
feat: clear reset tokens on user delete
4 years ago
e32cd31ec6
fix : #8918
4 years ago
3af4d13fa5
fix: basepath for r.js modules
4 years ago
00e75de736
feat: select/clear all checkboxes in privilege table ( #8941 )
4 years ago
1c0e8c1663
fix: move meta.getServerTime call to admin namespace
4 years ago
90434a4668
Revert "fix(spec): always show thumb in topic response"
...
This reverts commit 493c568a75
4 years ago
493c568a75
fix(spec): always show thumb in topic response
4 years ago
0ca40af834
fix : #8939 , fix username change notification getting filtered out
4 years ago
906d7d734b
refactor: move API banned response handler to separate internal method
4 years ago
afb26bfe48
feat: show ban reason and expiry in write api responses, if user is banned
4 years ago
eab4ca7104
fix: bug with Topics.resizeAndUploadThumb not checking for extension validity
4 years ago
2b73a14e42
fix : #8933
4 years ago
6e5ec3f895
feat: automatically unban users in onSuccessfulLogin
...
This allows write API (and probably SSO login) to go through unimpeded if a user's ban has expired. Closes nodebb/nodebb-plugin-write-api#126
4 years ago
77f0bff54f
fix : #8929 , fix popular, top rss feed urls
4 years ago
8f4060819f
Merge branch 'master' of https://github.com/NodeBB/NodeBB
4 years ago
5dd3b03125
fix: a derp
4 years ago
b18e7e319b
fix: spec
4 years ago
4ca62dc45b
fix: improper handling of scheme-relative URLs in topic thumb logic
4 years ago
3f337b5d7c
feat: #8925 , #8924
4 years ago
5fa098326f
fix: https://github.com/NodeBB/NodeBB/pull/8685
...
fix category link redirect on cold load
fix helpers.redirect if passed in url is external
fix ajaxify so it doesn't slice first character of external url
4 years ago
f33a9185ff
fix: on OP edit, call helper method to upload and resize thumb
4 years ago
9ee1fb490e
fix: https://github.com/NodeBB/NodeBB/pull/8759
4 years ago
672d4da078
feat: human readable uptime
4 years ago
6e2da9966e
refactor: move plugin hook methods to plugin.hooks.*
4 years ago
3b1c03ed50
feat: allow ACP API access to bearer tokens
...
closes nodebb/nodebb-plugin-write-api#132
4 years ago
98a05e4dde
chore: add missing plugin hook deprecation warning
4 years ago
ef3df47a6d
refactor: remove breaking change in pin expiry
4 years ago
046d0b1637
feat: allow pins to expire (if set) ( #8908 )
...
* fix: add back topic assert middleware for pin route
* feat: server-side handling of pin expiries
* refactor: togglePin to not require uid parameter [breaking]
* feat: automatic unpinning if pin has expiration set
* feat: client-side modal for setting pin expiration
* refactor: categories.getPinnedTids to accept multiple cids
... in preparation for pin expiry logic, direct access to *:pinned zsets is discouraged
* fix: remove references to since-removed jobs file for topics
* feat: expire pins when getPinnedTids is called
* refactor: make the togglePin change non-breaking
The 'action:topic.pin' hook now sends uid again, as before. However, if it is a system action (that is, a pin that expired), 'system' will be sent in instead of a valid uid
4 years ago
1be08b2e8b
fix: guest displayname
4 years ago
dbd814c25f
fix: spec, only call modifyUser on unique user objects
4 years ago
903e9d82b8
feat: #8637
4 years ago
ae5d4405c0
fix: setting
4 years ago
9ca44e6f54
feat: add displayname into user obj #8637 ( #8909 )
...
* feat: add displayname into user obj #8637
* fix: spec
* perf: dont load settings if acp setting is turned off
4 years ago
8d060065a0
fix: spec
4 years ago
e9585b9be2
fix: group userTitles translation escapes
4 years ago
965671a97b
fix: remove params from error log
4 years ago
fa4177c3bc
fix : #6407 , fix feeds
...
display latest posts instead of oldest in topic rss feed
fix missing await that was causing rss_tokens to not function
fix feed test
more tests for getTopicWithPosts
4 years ago
4e9b10ab76
feat: #5274
4 years ago
fb567a7a33
feat: #4456
4 years ago
a6afcfd531
feat: #8475 , allow flagging self posts
...
dont count flags towards self posts
dont allow flagging your own account
4 years ago
a87ccccc9c
fix: benchpress warnings
4 years ago
dfdc0c420c
fix: benchpress warnings
4 years ago
a0b7a82350
feat(api): account deletion routes for the Write API ( #8881 )
...
* feat(api): account deletion routes for the Write API
* refactor: rewrite client-side calls to account deletion to use api
* style: apply DRY
4 years ago
120999bf63
feat: #7550 , show message if post is queued when js is disabled
4 years ago
35f932cd64
feat: #8171 , add oldCategory if topic is moved
4 years ago
b44ddecdf8
feat: #8204 , separate notification type for group chats
4 years ago
1d6bcbebde
feat: https://github.com/NodeBB/NodeBB/issues/8147
4 years ago
e1d7c4d8aa
fix: internal helper method hasGlobalPrivilege, DRY
4 years ago
3ccebf112e
feat: invites regardless of registration type, invite privilege, groups to join on acceptance ( #8786 )
...
* feat: allow invites in normal registration mode + invite privilege
* feat: select groups to join from an invite
* test: check if groups from invitations have been joined
* fix: remove unused variable
* feat: write API versions of socket calls
* docs: openapi specs for the new routes
* test: iron out mongo redis difference
* refactor: move inviteGroups endpoint into write API
* refactor: use GET /api/v3/users/:uid/invites/groups
Instead of GET /api/v3/users/:uid/inviteGroups
* fix: no need for /api/v3 prefix when using api module
* fix: tests
* refactor: change POST /api/v3/users/invite
To POST /api/v3/users/:uid/invites
* refactor: make helpers.invite awaitable
* fix: restrict invite API to self-use only
* fix: move invite groups controller to write api, +tests
* fix: tests
Co-authored-by: Julian Lam <julian@nodebb.org>
4 years ago
d30ea25629
feat(deps): benchpressjs@2.2.1 ( #8887 )
...
Better warnings, faster template compiles
4 years ago
452d7f2b17
Create verified/unverified user groups ( #8889 )
...
Co-authored-by: Tudor-Dan Ravoiu <tudor-dan.ravoiu@ubisoft.com>
4 years ago
e4d2764d4c
fix : #8884 , remove header/footer cache
4 years ago
5598130a92
refactor: async/await controllers/index.js
4 years ago
f14e42d8bc
fix : #8883
4 years ago
8fbe832460
refactor: less dupe code
4 years ago
8518404e22
feat: allow groups to specify which cids to show member posts from ( #8875 )
...
* feat: allow groups to specify which cids to show member posts from
* docs: fix tests for openapi
* fix: test breakage caused by improper conditional
* feat: server-side checking of memberPostCids for validity
* feat: admin panel template update to select categories to include
* refactor: privilege helpers.isUserAllowedTo
... to helpers.isAllowedTo, allowing group names to be passed in
4 years ago
51b7eca119
fix: run every hour, dont show message if average_time is 0
4 years ago
04f4429f72
Resolve #7514 - optional timer for registration queue ( #8796 )
...
* feat: #7514 Optional timer for registration queue
* feat: show minutes in average time
* fix: don't show total number of minutes
* feat: implement requested changes
* fix: just store minutes instead of milliseconds
* feat: set default values
4 years ago
bcccb331db
docs: openapi schema for user/group exist check, session deletion
4 years ago
dc9668e417
fix: pass length to messaging checkContent hook
4 years ago
567c5f2056
fix : #8869 , dont escape category title,description twice
4 years ago
f300c933a5
refactor: move session revocation route to write api
4 years ago
9c5c32d4a5
feat: #8864 , add action:events.log
4 years ago
62c0454cfe
feat: show db info side by side
4 years ago
a0164b1c38
fix: use header/footer cache in prod
4 years ago
05a92885f2
fix: add missing maxAge to cache
4 years ago
2e44639210
fix: guest header/footer cache
...
allow clearing individual caches
4 years ago
f1f9b225b0
feat: #8824 , cache refactor ( #8851 )
...
* feat: #8824 , cache refactor
ability to disable caches
ability to download contents of cache
refactor cache modules to remove duplicated code
* fix: remove duplicate hit/miss tracking
check cacheEnabled in getUncachedKeys
4 years ago
6255874e32
feat: move mkdirp to beforeBuild so it doesnt get called twice
4 years ago
74951f5967
fix : #8846 , possible fix
4 years ago
0b30efba31
Merge branch 'master' of https://github.com/NodeBB/NodeBB
4 years ago
16d03975a0
fix: winston error message
4 years ago
d263192271
feat: group exists API call in write api
4 years ago
1446cec77f
feat: user exist route in write api
4 years ago
6b196a207f
fix: permanent redirect on user api redirect shorthand
4 years ago
f2bb42c076
fix: user exist route needs no authentication
4 years ago
60e1e99b4f
feat: new shorthand route /api/v3/users/bySlug/:userslug
...
closes #8844
4 years ago
512f6de6de
feat: allow passwords with length > 73 characters ( #8818 )
...
* feat: allow passwords longer than 73 characters
Context: A bcrypt/blowfish limitation means that password length is capped at 72 characters. We can get around this without compromising on security
by hashing all incoming passwords with SHA512, and then sending that to bcrypt.
https://dropbox.tech/security/how-dropbox-securely-stores-your-passwords
* feat: add additional test for passwords > 73 chars
* fix: remove 'password-too-long' error message and all invocations
* test: added test to show that a super long password won't bring down NodeBB
* fix: remove debug log
* Revert "fix: remove 'password-too-long' error message and all invocations"
This reverts commit 1e312bf7ef7e119fa0f1bd3517d756ca013d5e79.
* fix: added back password length checks, but at 512 chars
As processing a large string still uses a lot of memory
4 years ago
c61dee4b62
fix : #8840 , don't crash if /compose route is called with no query params
4 years ago
9e3eb5d41a
feat: #8821 , allow guest topic views
4 years ago
Julian Lam
Peter Jaszkowiak
Barış Soner Uşaklı
gasoved
Barış Soner Uşaklı
psychobunny
Tudor-Dan Ravoiu
Opliko