hyperzlib
/
nodebb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
24,660 Commits
2 Branches
0 Tags
158 MiB
Commit Graph

12541 Commits (7bc22a5993b452fca0c4e9b4cb9475dd56913f40)

Author SHA1 Message Date
Julian Lam d89fc44c03 fix: move authenticateRequest before interstitial and maintenance mode middlewares, allowed plugins to disable authentication on certain routes 
fixes
Barış Soner Uşaklı 0d9ec9d30e test: fix restore test
Julian Lam b5b188fd53 feat: allow isCluster, isPrimary, and jobsDisabled to be passed in as numbers in addition to string/bool 
/cc @barisusakli
Barış Soner Uşaklı 07232a8cf6 fix: retry incrObjtFieldBy
Julian Lam d960f601a1 style: eslint
Julian Lam 2fe53cf849 feat: `GET /api/v3/chats/:roomId/messages`
Julian Lam d95b4ee29a fix: assertion check to ensure messages are in the room when editing/deleting, etc
Julian Lam aaa6f752d0 refactor: put message api calls behind `/messages` prefix,
Julian Lam aeb43b9bb1 fix: rename language key for incorrect parameter type error
Julian Lam 16ba16cdc4 fix: deprecate chats.leave
Julian Lam fe17c94c35 feat: `DELETE /api/v3/chats/:roomId/users` and `DELETE /api/v3/chats/:roomId/users/:uid`
Julian Lam 6294beea0b fix: re-allow kicking of the other party in a 1-to-1 chat
Julian Lam d62ee84637 feat: `POST /chats/:roomId/users`
Julian Lam 6eea6451d2 feat: `GET /chats/:roomId/users` [breaking]
Julian Lam d5fd098ecf feat: `POST /chats/:roomId/:mid` and `DELETE /chats/:roomId/:mid`
Julian Lam 90fcbe4416 feat: middleware.assert.message
Julian Lam b292960594 feat: `GET /chats/:roomId/:mid`
Julian Lam f48ed3658a feat: `PUT /chats/:roomId/:mid`
Julian Lam 140f9d2481 fix: isFinite check for room assertion, more test migrating
Julian Lam e745e21242 chore: use apiv3 for room rename tests
Julian Lam 74f1905ea8 feat: allow API checkRequired middleware error to be internationalized
Julian Lam 9a4fd5dc7e feat: `PUT /api/v3/chats/:roomId`
Julian Lam eeffb9d978 feat: `POST /api/v3/chats/:roomId`
Julian Lam 09cf9c7770 feat: `GET /api/v3/chats/:roomId`
Julian Lam 40b4544e70 feat: `POST /api/v3/chats`, chat room creation, plus openAPI docs update
Julian Lam 94bead71fe feat: `GET /api/v3/chats`
Julian Lam 02e878be72 feat: stub code for v3 chats api
Barış Soner Uşaklı 35fea58a57 refactor: only write analytics data on nbb that has runJobs=true 
prevents mongodb index error when lots of nodebbs try to write to the same key
Barış Soner Uşaklı 42781467d2 refactor: remove knonwOwner param
Barış Soner Uşaklı 8fb89d761a fix: don't crash server if analytics fails to save 
fixes
MongoBulkWriteError: E11000 duplicate key error collection:
 community.objects index: _key_1_value_-1 dup key: { _key: "analytics:pageviews", value: "1639807200000" }
Barış Soner Uşaklı e332acf3f7 fix: upgrade script to handle strings as well
Barış Soner Uşaklı 4e1d421722 refactor: remove unused validator
Barış Soner Uşaklı c4042c70de feat: , allow seeing and editing your queued posts 
allow regular users access to post queue
allow regular users to edit their queued post/topic title
allow regular users to remove their post from post queue
ability to send a notification to user without removing from post queue
allow accessing single post queue items from notifications
Barış Soner Uşaklı b8896d1328 refactor: only pass qs
Barış Soner Uşaklı 599bffd8e0 feat: pass in all query params to category search filter
Barış Soner Uşaklı c4156bdd7b feat: add data param to filter:categories.search 
so plugins can do custom search for categories
Barış Soner Uşaklı 1e60ae8703 refactor: change error message
Barış Soner Uşaklı 1264dcb555 test: add email interstitial tests
Barış Soner Uşaklı 1f063058f0 breaking: remove socket.emit('user.exists') 
remove socket.emit('user.deleteAccount')
remove socket.emit('user.follow')
remove socket.emit('user.unfollow')
remove socket.emit('user.saveSettings')
Barış Soner Uşaklı 6b45dee9c5 breaking: remove socket.emit('user.changeUsernameEmail') 
remove socket.emit('user.changePassword')
remove socket.emit('user.updateProfile')
Barış Soner Uşaklı cc0a087a70 fix: prevent crash if groups is not valid json
Barış Soner Uşaklı 968d461692 fix: upgrade script
Barış Soner Uşaklı 737e1c191e fix: delete left over nav items after removal of some
Barış Soner Uşaklı 10e890e41f fix: targetBlank/dropdown not getting cleared 
show caret if nav item is dropdown
Barış Soner Uşaklı 69c96078ea breaking: , store nav items in objects
Barış Soner Uşaklı 3b0c42a591 fix: prettier bulk method usage
Julian Lam 42959df053 fix: bug where groupChat property was not set for chat rooms
Barış Soner Uşaklı f918a38164 breaking: remove socket.emit('topics.follow') 
remove socket.emit('topics.changeWatching')
Barış Soner Uşaklı 6ad0472106 breaking: remove socket.emit('topics.post') 
remove socket.emit('topics.search')
remove socket.emit('topics.getTopic')
Barış Soner Uşaklı 49641a3217 breaking: remove socket.emit('user.banUsers'); 
remove socket.emit('user.unbanUsers');
Barış Soner Uşaklı 4604a5724c breaking: remove socket.emit('posts.reply') 
remove socket.emit('posts.getPost')
Barış Soner Uşaklı 6d95684bc8 breaking: remove socket.emit('user.changePicture')
Barış Soner Uşaklı 0d694c781c breaking: remove socket.emit('user.search')
Barış Soner Uşaklı 99f865c618 breaking: remove socketHelpers.setDefaultPostData
Barış Soner Uşaklı 02ea17ea1b breaking: remove deprecated groups socket calls 
socket.emit('groups.join') removed use `PUT /api/v3/groups/:slug/membership/:uid`
socket.emit('groups.leave') removed use `DELETE /api/v3/groups/:slug/membership/:uid`
socket.emit('groups.grant') removed, `PUT /api/v3/groups/:slug/ownership/:uid`
socket.emit('groups.rescind') removed, `DELETE /api/v3/groups/:slug/ownership/:uid`
socket.emit('groups.update') removed, `PUT /api/v3/groups/:slug`
socket.emit('groups.create') removed, `POST /api/v3/groups`
socket.emit('groups.delete') removed, `DELETE /api/v3/groups`
Julian Lam bc7707aa88 fix: show user history only to admins and gmods
Baris Usakli 0d1e57dce0 breaking: remove deprecated methods 
socket.emit('topics.delete') removed use `DELETE /api/v3/topics/state`
socket.emit('topics.restore') removed use `PUT /api/v3/topics/state`
socket.emit('topics.purge') removed use `DELETE /api/v3/topics`
socket.emit('topics.lock') removed use `PUT /api/v3/topics/lock`
socket.emit('topics.unlock') removed use `DELETE /api/v3/topics/lock`
socket.emit('topics.pin') removed use `PUT /api/v3/topics/pin`
socket.emit('topics.unpin') removed use `DELETE /api/v3/topics/pin`
Julian Lam 45c9dde319 fix: no need to pass 'img' to teaser tags stripping as images are already converted to alt text
Barış Soner Uşaklı bd1cb2d4f9 breaking: remove socket.emit('posts.delete') 
remove socket.emit('posts.restore')
remove socket.emit('posts.purge')
remove socket.emit('posts.deletePosts')
remove socket.emit('posts.purgePosts')
Barış Soner Uşaklı ec1d5e38da breaking: remove socket.emit('posts.upvote') 
socket.emit('posts.downvote')
socket.emit('posts.unvote')
Barış Soner Uşaklı 8427c5d9db breaking: remove socket.emit('posts.move')
Barış Soner Uşaklı 4247f62441 breaking: remove socket.emit('posts.edit')
Barış Soner Uşaklı f7418ccd47 breaking: remove socket.emit('posts.bookmark/unbookmark')
Barış Soner Uşaklı 5c3d5f1f40 test: make it async
Barış Soner Uşaklı cfd474487a refactor: async
Barış Soner Uşaklı f0394c4965 refactor: async
Barış Soner Uşaklı 8491f67daf refactor: use async
Barış Soner Uşaklı 07e2741ea6 breaking: remove deprecated admin.groups methods
Barış Soner Uşaklı a8afdc6019 fix: , don't modify fields array 
use a single setObjectFields for the profile update
Barış Soner Uşaklı 45d8157fee fix: tests
Barış Soner Uşaklı 9627fa9029 refactor: always returns array
Barış Soner Uşaklı 830166d120 fix: , count posts instead of incr/decr
Barış Soner Uşaklı f4aa249d8c refactor: use async/await
Barış Soner Uşaklı cbf198fe9b lint: remove unused
Barış Soner Uşaklı 45d755b6ae breaking: remove socket.emit('categories.getCategory')
Barış Soner Uşaklı cc3f82bc83 breaking: remove socket.emit('admin.categories.setPrivilege') and socket.emit('admin.categories.getPrivilegeSettings')
Barış Soner Uşaklı 0b9c01f9a0 breaking: remove deprecated socket.emit('admin.categories.update')
Barış Soner Uşaklı ba5d2e7b81 breaking: remove deprecated socket.emit('admin.categories.purge')
Barış Soner Uşaklı b335372348 breaking: remove deprecated socket.emit('admin.categories.create')
Barış Soner Uşaklı 10c19af2ad breaking: remove deprecated socket.emit('admin.categories.getAll')
Barış Soner Uşaklı a20abdce02 lint: remove unused
Barış Soner Uşaklı 36eb47d9a0 refactor: change var name
Barış Soner Uşaklı 170e5dd941 breaking: remove getTopicPosts(tid, ...) usage
Barış Soner Uşaklı 906dc5675e fix: handle start=0 stop=0 for topics.getTopicPosts 
add more tests
Julian Lam fa01801f64 fix: don't throw on invalid session, just return early so socket is not opened. 
Also updated the plugin hook call to `static:sockets.validateSession` to not return a result, because in static calls that result is always null anyway
Barış Soner Uşaklı a29535833f fix: , dont use spaces in tag class name
Barış Soner Uşaklı 41db9436e8 perf: only add middleware if relativePath is set
Julian Lam a3bdb70617 feat: ensure that all requests handled by NodeBB fall under the relative_path as configured
Barış Soner Uşaklı 2bb0828af6 refactor: dont need local function
sadaszewski a1c9a69cd3
incr by bulk. () 
* incr by bulk.

* Update analytics.js

* Update analytics.js

* lint: fix

Co-authored-by: Barış Soner Uşaklı <baris@nodebb.org>
Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com>
Barış Soner Uşaklı 6ea3b51f12
Zincrybulk () 
* feat: zincry bulk

* feat: psql bulk incr placeholder

* test: redis test fix

* test: redis test
Barış Soner Uşaklı d9c42c000c feat: show 10 members
Barış Soner Uşaklı 1cdb0b1e19 fix: don't crash if tid is falsy
Barış Soner Uşaklı 0414356cf7 perf: don't load all set members to get count
Barış Soner Uşaklı 50063fe238 fix: regression from 27c05448e1
Barış Soner Uşaklı 82b72f7edc lint: remove unused utils
Barış Soner Uşaklı 5843122178 test: add missing tests
Barış Soner Uşaklı 8117b7f22f breaking: remove deprecated post diff socket calls
Barış Soner Uşaklı 324262cbb5 refactor: DRY
Barış Soner Uşaklı 1a7fffc7e9 breaking: remove deprecated user middlewares
Barış Soner Uşaklı 941ecaf899 fix: keep query params on /me redirects
Barış Soner Uşaklı 65c5504193 fix: 403/400/500 page not generating csrf_token
Barış Soner Uşaklı 3dd681ebce fix: error pages dont have config.csrf_token
Barış Soner Uşaklı 7434cbf66f test: add api token tests
Barış Soner Uşaklı 1e53552874 feat: closes
Baris Usakli 06bfec8840 feat: add href
Baris Usakli 0f14f23b2a feat: , wip
Julian Lam 6c07433dea
refactor: use routePrefixMap instead of routeRegexpMap, +tests () 
* refactor: use routePrefixMap instead of routeRegexpMap, +tests

Currently tests fail because privilege pages resolve if passed garbage... hmm

* fix: priv check paths

remove /v3 from path as well

Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com>
Barış Soner Uşaklı daf385cd42 refactor: use hasOwnProprety
Barış Soner Uşaklı 404a877408 test: add missing tests
Barış Soner Uşaklı 6dcdf1d342 breaking: remove setTopicSort/setCategorySort
Barış Soner Uşaklı 7aa85882d5 chore: right dropdown
Barış Soner Uşaklı a998cc1c47 chore: right dropdown
Barış Soner Uşaklı a7d1dfb65c breaking: remove deprecated socket user create/delete functions 
add missing tests
Barış Soner Uşaklı a0e2704da1 Merge branch 'master' of https://github.com/NodeBB/NodeBB
Barış Soner Uşaklı c93d7fdbdd breaking: remove deprecated uploads.delete
Julian Lam e0caa5e0c4 fix: removed unused var
Julian Lam 01bd8a8694
remove email only login () 
* feat: remove ACP option for email-only logins

* feat: remove email-only login, upgrade script to fix config
Barış Soner Uşaklı 79de48c57f breaking: remove deprecated methods
Barış Soner Uşaklı 2473d5d873 fix: , properly auto confirm first user
Barış Soner Uşaklı 71e34be565 fix: cli password reset
Barış Soner Uşaklı d375dcb873 test: submitUsage
Barış Soner Uşaklı 29b3587d91 test: middleware/expose.js
Barış Soner Uşaklı c5f08fdc81 breaking: remove socket.io/flags.js 
refactor: helpers.loginUser returns a single object {jar, csrf_token}
Julian Lam f0d192fbfd feat: autocomplete for activate/reset 
useless features™️
Julian Lam 5b42b6b369
API route for returning tracked analytics keys () 
* feat: track metrics saved by NodeBB (and assoc. plugins), 

* feat: route to retrieve analytics keys, closes
Julian Lam 449366ca83 fix: consolidate plugin reset logic
Barış Soner Uşaklı 9245f71a66 fix: search crash
Barış Soner Uşaklı fb363957d1 refactor: tab rules
Barış Soner Uşaklı c26870d227 feat: , add history entry for note deletion
Barış Soner Uşaklı 697dd37670 refactor: change category feed so it is not updated on every reply 
allow cid query param for recent/top/popular feeds
Barış Soner Uşaklı d5bfd51267 fix: , handle reverse sorting for topic events 
dont add events to dom if sort is most votes
if sorting is reverse add new events after the main post or at the top instead of bottom
Barış Soner Uşaklı e368feef51 refactor: dont expost entire res._locals to client side
Barış Soner Uşaklı 190532b3b4 refactor: shorter meta.settings.get
Barış Soner Uşaklı 51cbeccb08 refactor: clone settings before returning 
prevents plugins from mistakenly modifying saved settings in cache
Barış Soner Uşaklı 27c05448e1 refactor: remove another async.series
Barış Soner Uşaklı 0532c1b2a1 feat: , don't remove existing fields form config.json
Barış Soner Uşaklı 047f031dd7 fix: , dont allow new rooms or adding to a room if target is blocked
Barış Soner Uşaklı f729e51921 refactor: clone before returning
Barış Soner Uşaklı 258f368e32 refactor: add filter:topic.getPosts 
this hook only fires when loading the posts of a topic cold load + infinite scroll
do not remove posts if they have index =-1
use topics.getTopicPosts instead of getMainPostAndReplies
Barış Soner Uşaklı 8379c11b22 refactor: setObjectBulk to match sortedSetAddBulk
Baris Usakli d412ba4411 perf: closes , bulk methods for settings
Julian Lam 09e0c6d503 feat: add feature flag to disable verification emails, closes
Barış Soner Uşaklı d196409580 refactor: remove more async.eachSeries/mapSeries
Barış Soner Uşaklı 8750ee04a6 refactor: make a single call to set widgets per template
Barış Soner Uşaklı 80f9963bed refactor: remove jshint, remove async.parallel
Barış Soner Uşaklı 61d1f56500 test: socket.emit doesnt exist in tests
Julian Lam 1719bff89c feat: use auto-generated meta and link tags in ACP, closes
Barış Soner Uşaklı 8b4510cc70 refactor: deprecate app.logout 
use logout module instead
move header related code out of app.js
Barış Soner Uşaklı 1a9b15989b refactor: move search functions from app.js to search module 
deprecate:
app.handleSearch, use search.init(options) instead
app.enableTopicSearch, use search.enableQuickSearch(options) instead
app.prepareSearch, use search.showAndFocusInput() instead
Barış Soner Uşaklı 518552543d refactor: move warnings/messages out of app.js
Julian Lam c1ac291284 fix: ability to enumerate email via updateProfile method
Julian Lam b912a564e3 fix: accidentally not clearing email when said email is confirmed for a different uid
Barış Soner Uşaklı 4b738c8cd3 refactor: cleanup info, better cpu usage %
Barış Soner Uşaklı 890bf03fcc refactor: acp only uses 3 modes and a single theme 
so only copy 7 files to build folder instead of 400+
Barış Soner Uşaklı 28dd31a8e7 fix:
Barış Soner Uşaklı 9bfb6c7281 fix: , handle array or object
Barış Soner Uşaklı 66e7cdac7a fix: , ignore if assigning to same parent
Barış Soner Uşaklı d27c9696e3
feat: add node 16 () 
* feat: add node 16

* fix: check errors in fork

* test: add use-spawn

* test: another test

* Revert "test: another test"

This reverts commit 606efe26fe1decd5d9269d63d5b649441ba2203b.

* test: another test

* fix: lint

* fix: remove spawn-wrap

* test: comment out plugin installs

* fix: lint

* test: uncomment all tests except npm i

* fix: lint

* test: bring back tests

* test: remove leftover override
Barış Soner Uşaklı 67cb249122 fix:
Barış Soner Uşaklı 2e623dd271 feat: , allow dropdowns in navigation
Barış Soner Uşaklı b916e42f40 feat: show number of events per type in acp
Barış Soner Uşaklı 8c67031609 feat: show posts previews if enabled on mouse over
Barış Soner Uşaklı 3d611ab70e fix: events for just topic with main post
Barış Soner Uşaklı 89399c0ed5 fix: , get next post timestamp 
fixes topic events being inserted in after first page but at the wrong spot
Julian Lam 485b6ced1d fix: broken post uploads due to 6a976a9db0
Julian Lam 0ee85d5a0b fix: , rename account export routes to remove `uid/` prefix
Julian Lam 60352eca54
fix: double invocation of authenticateRequest
Julian Lam 6a976a9db0 fix: , call authenticateRequest middleware for mount points in /api
Barış Soner Uşaklı bc4b19b4d7 fix: typo in flags
Barış Soner Uşaklı 8f08d9cac0 fix: handle undefined data.query
Julian Lam 28efcb59cb chore: remove .opacity() mixin as it is supported cross-browser
Barış Soner Uşaklı c428ba80aa refactor: wider value field
Barış Soner Uşaklı c7e078d495 refactor: dont save partial searches
Julian Lam 80ea12c1c1 feat: new ACP option `emailPrompt` 
... which allows administrators to disable the client-side prompt to
encourage users to enter or confirm their email addresses
Barış Soner Uşaklı 64192731a0 refactor: use search api for topic search
Barış Soner Uşaklı 6cfaea06f0 fix: undefined query showing in searches
Barış Soner Uşaklı 0926ae6ecf fix: api session revoke test
Barış Soner Uşaklı da64810a4a fix: crash
Barış Soner Uşaklı a528790615 refactor: typo
Barış Soner Uşaklı ee8e048015 fix: move record to controller
Barış Soner Uşaklı f4cf482a87 feat: show popular searches
Barış Soner Uşaklı 63572c23ce fix: profile edit fields showing translated values
Barış Soner Uşaklı 719cfc0d57 breaking: disable javascript in custom less tab
Barış Soner Uşaklı 04dab1d550 fix: token verify
Barış Soner Uşaklı 1783f918bc fix: guard against prototype pollution
Barış Soner Uşaklı c8b2fc46dc fix: translator path traversal
Barış Soner Uşaklı e62948f73d fix: there is no alltime digest, fixes translation in test email 
there is no digest.title.alltime
Julian Lam 506c34a84d refactor: simplified utilities API > login rout 
Removed continueLogin override in favour of a simpler `redirectAfterLogin` override
Use passport to authenticate username and password instead of duplicated logic.
Julian Lam 6b4f35c2fa feat: new plugin hook to allow plugins to reject email address on new registration or email change
Julian Lam 806a1e50d2 feat: utilities login API route now starts an actual login session, if requested
Barış Soner Uşaklı b91ae0880d feat: add method name to deprecation message
Barış Soner Uşaklı 1d62bd6d7b refactor: log error as well
Barış Soner Uşaklı 73a9ca09c9 refactor: catch errors from buildHeader in error handler 🔥
Barış Soner Uşaklı d4da98404c refactor: add missing helpers.tryRoute
Barış Soner Uşaklı 998b9e7918 fix: minification regression
Julian Lam d22b076b2e feat: additional quality options for jpeg uploads, added quality and compression settings for png uploads
Barış Soner Uşaklı ee0282f5aa refactor: shorter middleware
Barış Soner Uşaklı b2429ef00e refactor: meta/minifier use async/await
Barış Soner Uşaklı 90b81262fa refactor: remove unused var
Barış Soner Uşaklı 9cb4de50a2 fix: biweekly digest
Julian Lam 44687394dc fix: restore plugin upgrade checking logic 
unintended regression from ac86937c88
Barış Soner Uşaklı 8e319a9b25 refactor: catch errors from digest
Barış Soner Uşaklı f7967bdf68 feat: , biweekly digest option
Barış Soner Uşaklı 6da3239230 refactor: less.render already returns promise 
rename callback to next to match other controllers
Barış Soner Uşaklı c70eaa0a34 refactor: prompt.get already returns promise
Barış Soner Uşaklı 38756a0c34 refactor: no more 🐮
Barış Soner Uşaklı 4333d217a1 fix: , show topics as unread for guests
Barış Soner Uşaklı a9bc6a0962 refactor: allow array of uids for blocks.is/list 
remove async.filter
use cacheCreate
Barış Soner Uşaklı 9e0ce0272c fix: don't overwrite reloadRequired with false 
1. meta.settings.set('name', values); // reloadRequired is set to true
2. meta.settings.set('otherName', values, false); // reloadRequired was set to false, even though it should stay true until restart due to step 1
Barış Soner Uşaklı 8e6bd7e913 refactor: show full url on error log
Barış Soner Uşaklı 1feb111ade
perf: dont fs.open if plugin doesnt have language namespace () 
closes
gasoved b0a24d6dd5
refactor: var to const and let () 
* refactor: var to const and let

* fix: missed global bootbox usage

* refactor: align with eslint expectations
Baris Usakli 997fb2b348 refactor: remove unused code
gasoved c1149d045c fix: better nomenclature
gasoved 3acaac4c7c
fix: html attributes () 
* fix: some empty xml tag bodies

* fix: missing/wrong attributing of label tags

* fix: attribute fixes

* fix: misassociated label

* fix: missing alt attributes

* fix: some more missing associated labels
Barış Soner Uşaklı 6c25b9dbaa test: remove escape
Barış Soner Uşaklı 4f9717fb08 fix: escape thumbs, allow robots meta tag
Barış Soner Uşaklı 27e53b42f3 feat: use unread icon in mobile
Barış Soner Uşaklı 8ad9a103b3
fix: , fire vote hooks after reputation changes ()
Barış Soner Uşaklı a0df389021 fix: dont show decimails on auto approva minutes
Barış Soner Uşaklı a70c69fa83 fix: delete old topic tags
gasoved d1ff3d6298
feat: cli user management commands () 
* feat: cli user management commands

* fix: consistent nomenclature
Barış Soner Uşaklı 5aea6c6aa1 feat: , allow uid for post queue notifications
Barış Soner Uşaklı 4404e81991
fix: switch inf. scroll to xhr () 
this fixes infinitescroll when url has custom query parameters
also fixes infinitescroll for plugins like QnA
fixes infinitescroll on tags page
deprecate topics.loadMoreSortedTopics
deprecate topics.loadMoreFromSet
Barış Soner Uşaklı e6a17a6349
Psql multikey () 
* perf: convert promise.all to single query

* perf: single query for removeBulk

* perf: list
Barış Soner Uşaklı ea04aeded4
perf: convert promise.all to single query ()
Julian Lam be43cd2597
Topic Linkbacks () 
* feat: WIP topic linkbacks, + failing tests

* test: don't accidentally comment out all of the post tests

* fix: rename to "backlinks"

* feat: more stub code, more failing tests

* feat: backend methods and passing tests for topic backlinks

* test: uncomment test/posts.js again

* fix: missing quotation mark in topic event helper

* fix: superfluous usage of Promise.all

* test: fix broken test -- used hardcoded (and incorrect) url

* test: parseInt shenanigans
Barış Soner Uşaklı f24b630e1a feat: add userData to static:user.delete
Barış Soner Uşaklı 6399b42826 feat: closes , sort by views
Peter Jaszkowiak ff84d6c52f
Add more chat hooks, replace toobig.jpg () 
* feat: more hooks for messaging

for use in global chat plugin

* fix: replace toobig.jpg

toobig.png is a real 10000x10000 image
gasoved ac1b9692f2 fix: handle undefined returnTo on registerAbort
Barış Soner Uşaklı f8d4ec6ca6 fix: psql test
Barış Soner Uşaklı 3605ac811d fix: possible test fix for subfolder redirect
Julian Lam 58e0a366c8 fix: , missing null email check on new registrations, added tests
Julian Lam a9645475fe feat: duplicate `requireEmailAddress` settings block to Settings > User
Barış Soner Uşaklı 07adb49e7f
feat: mongodb driver 4.x () 
* feat: mongodb driver 4.x

* feat: up dbsearach
Barış Soner Uşaklı 6b34065f2a refactor: remove async.waterfall from remaining upgrade scripts
Barış Soner Uşaklı 89af00d1d5 fix: , fix reward duplication
Barış Soner Uşaklı 30f387710c fix: , use correct username/pwd
Barış Soner Uşaklı 2add84a568 fix: remove unused translator
Barış Soner Uşaklı 9f0e55ad3e fix: , show same time info for ban
Barış Soner Uşaklı c437b33652 fix: crash
Barış Soner Uşaklı 15f9aaa6ee fix: remove caller from payload after hooks is done 
only if it was added automatically
Julian Lam ce8ea6ea42 fix: bad uid reference
Julian Lam f194809f06 feat: move filter:topic.post hook to top of method
Julian Lam 7777812e62 fix: update Topics.post and Topics.reply so that plugins can modify uid (or redirect a reply to a different topic) 
/cc @antosik
Barış Soner Uşaklı c4fc7bf9b5 fix: , fix totalTime calculation
psychobunny 1ed62aa82f fix: missing microdata in category data
Barış Soner Uşaklı c0a52924f1 fix: , add topics:schedule
Barış Soner Uşaklı 18252fb9a8 refactor: no regex
Barış Soner Uşaklı 31a6d4b39a fix: for subfolders
Barış Soner Uşaklı 0236ea86ad fix: req.path doesn't have full url
Barış Soner Uşaklı 40c9fca918 fix: , send bodyClass on 403 
use helpers.formatApiResponse for /api/v3 routes only
Barış Soner Uşaklı 05ddd60c5e dont check empty emails in queue
Barış Soner Uşaklı 58ac55c16a refactor: remove async.waterfall
Barış Soner Uşaklı 222dccaf67 refactor: remove async.waterfall
Barış Soner Uşaklı f35a0f430a refactor: remove async.waterfall
Barış Soner Uşaklı ba3582b873 fix: xss on flags page via ban reason
Julian Lam 819917daf2 refactor: allow plugins to replace og:image, or specify additional og:image 
/cc @antosik
Barış Soner Uşaklı 0c4b875e10 fix: redis batch
Barış Soner Uşaklı 3261edcc32 fix: redis processing batch+1 items every iteration
Barış Soner Uşaklı 8b576a3704 fix: , don't save post diffs if content didn't change
Barış Soner Uşaklı 2657804c1f fix: , fix sorting of more than one page of pinned topics
Barış Soner Uşaklı 3ecbb624d8
fix: privileges added by plugins () 
* fix: privileges added by plugins

when copying a categories privileges, privileges added by plugins will be copied as well
when purging a category privileges added by plugins will be purged as well
show plugin privileges in privileges.<categories/admin/global>.get
show plugin privileges in privileges.<categories/admin/global>.userPrivileges
show plugin privileges in privileges.<categories/admin/global>.groupPrivileges

* fix: typo
Barış Soner Uşaklı 71ed50b9c1 fix: , don't send all welcome test emails to test@example.org @julianlam
uplift 92d1ee31e4
Add authenticateRequest middleware () 
* Add  authenticateRequest middleware

to Post routes

* Fix linting error
Barış Soner Uşaklı 397835a05a feat: allow removing multiple items from list
Barış Soner Uşaklı 7f48edc02a feat: add uid to filter:user.saveSettings
gasoved 84ff1152f7
feat: headers for global privs () 
* feat: headers for global privs 

* fix: don't spoil headers to adminPrivs

Co-authored-by: Julian Lam <julian@nodebb.org>
Julian Lam 006fc700dd feat: add ACP option to require email address on new registration
Julian Lam 34afb74762 fix: browsers autocompleting smtp fields when they should not
psychobunny bf0c02a71e feat: a slightly less ugly rewards panel
psychobunny a7855c4cc4 fix: dashboard graph controls
Barış Soner Uşaklı 0ce4b87d85
fix: ()
Julian Lam 856ba78a5f fix: replace logic in isPrivilegedOrSelfAndPasswordMatch to use privileges.users.canEdit
Julian Lam cdaea61136 fix: handle missing uid in deprecated socket call
Julian Lam 0a41741b7e refactor: deprecate picture update socket call, new API routes for picture update
Julian Lam e33e046f15 fix: use privileges.users.canEdit for image upload priv check
Barış Soner Uşaklı a48bbdbfe3 fix: errors from registerComplete
Julian Lam 60de084475 fix: simplify logic for fullname and email blanking in user retrieval (getUserDataByUserSlug) 
Previous logic seemed to match the logic used in privileges.users.canEdit, except
the latter allows plugins to modify the value.
Barış Soner Uşaklı 1e2bda13d0 fix: lint
Barış Soner Uşaklı 488f0978a4 fix: manifest error
Barış Soner Uşaklı 72710b8040 fix: , regression from 70a04bc105
Julian Lam dd4e66e22c fix: push back some deprecations, remove deprecated stuff scheduled for v1.18.0
Barış Soner Uşaklı 1f91a31327
Priv hook fix () 
* fix: , fire hooks properly for priv changes

* fix: admin/global group privs

dont allow invalid privs
Julian Lam 4ac701d747 fix: deprecate userData.showHidden as it is functionally equivalent to userData.canEdit
Barış Soner Uşaklı 6869920e06
fix: , fire hooks properly for priv changes ()
psychobunny 6afeac375b fix: automated tests are a good thing to have
psychobunny ae793b4a44 chore: found some hooks that don't play well docgen
gasoved 3df79683f5
feat: create folders in ACP uploads () 
* feat: create folders in ACP uploads 

* fix: openapi

* test: missing tests

* fix: eslint

* fix: tests
gasoved 61f02f17d8
feat: column based view on wide priv. tables () 
* feat: column based view on wide priv. tables

* fix: add group/user

* feat: copy buttons to work on visible privs

* feat: show what's being copied in modal

* feat: optional title and message for category selector modal
Barış Soner Uşaklı e59d357533
feat: als () 
* feat: als

* fix: up test timeout

* fix: don't overwrite caller if it already exists

* fix: up test timeout for psql
SAES:RPG dd15065706
Fix [MONGODB DRIVER] Warning: bulk operation `remove` has been deprecated, please use `delete` () 
Co-authored-by: Brophy <paul.brophy@bastage.net>
Barış Soner Uşaklı 0743554dd4 fix: pluginPaths
Barış Soner Uşaklı 13878e9f14 fix: , show warning if plugin is active but not installed
Barış Soner Uşaklı c354cde347 fix: , only apply to non https
Barış Soner Uşaklı 6659e95a4a
refactor: remove promisify from redis, ioredis supports promises nati… () 
* refactor: remove promisify from redis, ioredis supports promises natively

* refactor: remove unused util
Barış Soner Uşaklı a288f51f42 fix: allow smaller than 5mins for admin relogin duration 
setting the value to 1min in ACP wasn't working
Barış Soner Uşaklı 794bf01b21 feat: allow changing default search in
Barış Soner Uşaklı 9de64bf516 fix: , pass along query params in redirect
Barış Soner Uşaklı 358ad74054 feat: closes , allow event deletion 
fix: topic events appearing before necro messages
feat: add move topic event
feat: add ability to delete specific topic events via events.purge
opliko a370c26f73 feat: re-add FontAwesome font for compatibility
opliko 093ac1c09a fix: remove unnecessary quote
opliko 41762e6603 feat: update to FontAwesome 5.15, resolve
Barış Soner Uşaklı 8fb53252a8 refactor: get rid of async.waterfall/each
Barış Soner Uşaklı 42dbd40253 refactor: remove unused async
Barış Soner Uşaklı 6b6a7d4b8a refactor: remove waterfall
Opliko d509a307f0
Remove some deprecated/unnecessary code () 
* refactor: remove mkdirp promisify

* refactor: remove old session deletion API route

* refactor: remove middleware.isAdmin

* refactor: remove templateValues.config.bootswatchSkin

* fix: unused dependencies
Barış Soner Uşaklı 0c81642997 fix: , update posts in queue if target tid is merged
Julian Lam 4a521ea218 fix: email update interstitial to not error on empty email field (on new registration)
Julian Lam 70a04bc105 feat: removed registerAndLoginUserCallback local helper, added handling if a bad interstitial doesn't go away nor throw errors
Julian Lam 0e05cbe1f7 feat: show instructional modal after email change request
Julian Lam e95df2f066 refactor: move interstitials into its own file in `src/user/`
Julian Lam 324a12b6c3 feat: return back to profile after editing email
Julian Lam b3c916414b feat: allow registration interstitial abort to also follow returnTo
Julian Lam 96398faa3c feat: plumb current session id into email removal/confirmation flow, so all other sessions are revoked except for the current session 
This utilises the new argument in user.auth.revokeAllSessions
Julian Lam b0a4a1d3e4 feat: allow revokeAllSessions method to revoke all sessions except that which is passed in (new arg)
Julian Lam f53fc1ad0b feat: return generic 404 on invalid confirm code
Julian Lam 824a72b220 fix: updated ACP > Manage > Users to handle users with no email address
Julian Lam d5b5b7d531 fix: allowed reset and reset_notify emails to go out to unconfirmed email addresses
Julian Lam ccf004f1f4 refactor: added user.email.remove method, updated email interstitial to handle email removal
Julian Lam 414d733d76 fix: bug where confirmation email was sent to the old email address, not the new one
Julian Lam 3bcd1f1438 fix: email validation flow, so that it actually works, fixed event logging bug, new email verification template
Julian Lam caf8968791 fix: accidental early return in confirmByCode, tests, race condition 
A race condition caused mongo/psql tests to fail.
gasoved a917210c5b feat: invites no longer require email
Julian Lam 81611ae1c4 fix(emails): broken test for api/user/email/:email 
+ fixed broken tests due to unexpected behaviour for email confirmation
Julian Lam c4e3362bd3 feat(emails): restore ability for admins to edit a user's email address [breaking] 
The edited user's email will be automatically confirmed
Julian Lam afd2d8dab1 feat(emails): pass req in to filter:registration.interstitial
Barış Soner Uşaklı 7d115c8ef2 fix(emails): dont allow retrieving user data if showemail is false @julianlam
Julian Lam e726048e0c fix(emails): don't automatically associate email during user creation if passed in at registration
Julian Lam f52919990b feat(emails): display current email in interstitial form
Julian Lam b4b65ecd98 fix(emails): remove debug log
Julian Lam 087e6020e4 refactor(email): validation checking methods, +tests fix
Julian Lam 50517020a2 feat(emails): upgrade script for includeUnverifiedEmails
Julian Lam be97aa6f13 feat(emails): +includeUnverifiedEmails ACP setting
Julian Lam 69c96dd23c refactor(emails): more work in update email interstitial, interstitial skipping, email change on confirmation, deprecation of requireEmailConfirmation
Julian Lam f365bc4600 refactor(emails): interstitial for adding/updating email
Julian Lam 74aaa0a926 feat: show different registration intersitial lead text on new account vs. existing
Julian Lam 7c1d1c777b refactor(emails): remove email validation on client and server side
Julian Lam 12b2a979a0 feat: removal of emailExists socket listener
Barış Soner Uşaklı 04b1f702cd feat: add loggedin/guest class to body
Julian Lam 340ccb2498 style: lint fix
Julian Lam d1959a258b fix: return 4xx errors instead of 5xx on flag routes, when unauthenticated or not privileged [breaking]
Barış Soner Uşaklı 6c47a060c1 fix: , add raw info to psql database page
Julian Lam ef4e74bfc8 refactor: client-side to use flag notes API
Julian Lam cc6cbfcdc4
Flags API () 
* feat: new routes for flags API

+ flag get
+ flag creation, migration from socket method
+ flag update, migration from socket method
* fixed bug where you could not unassign someone from a flag

* feat: tests for new flags API

added missing files for schema update

* fix: flag tests to use Write API instead of sockets

* feat: flag notes API + tests

* chore: remove debug line

* test: fix breaking test on mongo
Barış Soner Uşaklı 4a56388ec3
feat: store topic tags in topic hash () 
* feat: store topic tags in topic hash

breaking: remove color info from tags (use css)

* fix: remove unused tag modal

* fix: tag search
Julian Lam 415416d2a7 fix: translate language keys if passed in to formatApiResponse
Julian Lam 7036c3751e feat: internationalize API error messages
Julian Lam a54a3ee1ca fix: return proper API-style response if exception caught by error handler on v3 routes [breaking]
Barış Soner Uşaklı ff78969c2c fix: lint
Barış Soner Uşaklı 55d7e55867 fix: tests
Barış Soner Uşaklı 6ed7e937ce refactor: fix wording
Barış Soner Uşaklı 47c8c69264 fix: keep query string on redirects
Barış Soner Uşaklı 5fd190f7c4 feat: , change category desc to multiline
Barış Soner Uşaklı 8e0561f226 perf: cache Topics.getTopicsTags
Barış Soner Uşaklı 10ddfff38f perf: bypass getMultipleUserSettings
Julian Lam e03782f218 fix(docs):
Barış Soner Uşaklı c9348efbdc feat: add merge/fork hooks
Julian Lam b896484351 fix: , re-jig top bar of Admin > Manage > Users
gasoved 97c8569a79 fix: hide private user data in api/v3/users/[uid]
Barış Soner Uşaklı d9e2190a6b fix: numThumb upgrade script
Barış Soner Uşaklı fee782c436 fix: acp dashboard sometimes not loading on cold load
Julian Lam 849049765b fix: , sanitize all attributes in meta and link tags
Julian Lam acdbd04913 fix:
Anton Grigoryev db65360c0d
fix(post-queue): moderatedCids is an array of numbers ()
Barış Soner Uşaklı 52596902a6 feat: update fa link
Barış Soner Uşaklı 909db3ae71 Merge branch 'master' of https://github.com/NodeBB/NodeBB
Barış Soner Uşaklı ab6f062ff9 fix: prevent crash in expandObjBy
Barış Soner Uşaklı 1bf263c4a2
9622 () 
* fix: 

dont allow regular user to remove system tags

* refactor: add guest/spider check to isPrivileged

string/trim tag
Barış Soner Uşaklı 0d975bc4fb fix: dont show system tags in whitelist dropdown to regular users
Barış Soner Uşaklı 84e065752f
fix: () 
dont allow regular user to remove system tags
Barış Soner Uşaklı 73f40e96a5 fix: , fix notif delay
Barış Soner Uşaklı c92fc19b5c fix: , add group chat filter to /notifications
Barış Soner Uşaklı 3cd9434b56 fix: scope
Barış Soner Uşaklı 1eda538da5 fix: , catch exceptions in renderOverride
Barış Soner Uşaklı 46a454f194 feat: add bodyClass to 500 page
gasoved 8168c6c407
fix: purge uploaded images accordingly () 
* fix: purge uploaded images accordingly

* fix: tests

* fix: relative paths
Julian Lam a2400f6baf fix: accidental unnecessarily strict conditional that effectively rendered SSO state checking opt-in instead of opt-out
Julian Lam f9728aff2c feat: clear reset tokens on successful login
Julian Lam 5c42b3eab0 test: fixed broken tests from , removed token clean on token usage as it is superceded by token clean on generation (+ associated test)
Julian Lam f6c14d6b62 fix: introduce artificial delay + delay fudging on invalid email during reset token generation
Julian Lam 229f96f872 fix: , expire all active reset tokens for a uid if that uid generates a new one
Barış Soner Uşaklı 8c952aa381 fix: lint
Barış Soner Uşaklı be19f27f40 feat: add filter:categories.categorySearch
Barış Soner Uşaklı cc0cf99fed
feat: allow nested properties on category page () 
* feat: allow nested properties on category page

* fix: remove debug

* fix: remove debug
Barış Soner Uşaklı 8ea58432c9 feat: show ip on acp manage users 
update url on search
show matching ip when searching by ip
add ip to export csv
Barış Soner Uşaklı 6695927ea9 fix: pagination on acp users search
psychobunny 05cc7ccb60 feat: make undoTimeout configurable, closes
Mats 2b42e7edb0 chore: lint
Mats 6f73261186 fix: extra ')'
Mats d07229aa6b chore: fix indentation
Mats edcba61aa9 fix: disallow editing of other users' notes 
Feel free to close this if it is intentional, but as you are not allowed to delete other users notes I expect you shouldn't be able to edit them. Editing another users post also changes ownership, allowing you to then delete it.

I also added `error:` to the errormessage so that they display properly.
Barış Soner Uşaklı ca72aa93d7
Locks bug failing test () 
* test: failing test for issue

* fix: , don't lock if email is identical to username

* fix: lock calls after first call

* fix: add back email check

* test: remove invalid test

Co-authored-by: Julian Lam <julian@nodebb.org>
Julian Lam 816856b0c6 feat: introduce boolean res.locals flag to bypass session reroll (used by session-sharing) 
The session reroll logic is still standard practice, but in some cases, it is not necessary or causes UX issues. An issue opened in session sharing () brought this to attention in that parsing the cookie to log in the user caused a reroll (as expected), but caused the session open on other tabs to be mismatched. If "re-validate" was turned on, it basically meant that it was not possible to use NodeBB with multiple tabs.

Session sharing now sets `reroll` to `false` if re-validate is enabled.
Barış Soner Uşaklı 286644d0b8 fix: , check session
Barış Soner Uşaklı 3717df610a fix: don't crash if session doesn't exist
Barış Soner Uşaklı 66cae54ee3 fix: lint
Barış Soner Uşaklı 57e46e41e3 feat: allow modifying default category privileges