when admin is changing users emails check if its avaiable and remove old email of user first
upgrade script to cleanup email:uid, email:sorted, will remove entries if user doesn't exist or doesn't have email or if entry in user hash doesn't match entry in email:uid
fix missing ! in email interstitial
fix missing await in canSendValidation,
fix broken tests
dont pass sessionId to email.remove if admin is changing/removing email
* fix: convert loginDays and loginSeconds to number inputs
* feat: configurable session timeout for when "Remember Me" is not checked
closes#11124
* test: addition tests to check loginDays and sessionDuration settings
* test: also test loginSeconds override
* chore: incrementing version number - v2.8.1
* chore: update changelog for v2.8.1
* fix: accidental clearing of reset rate limiting on reset send
* test: move user reset tests to its own file, add failing test for user reset locks
* fix: #11119, counter attempted flooding of user reset route
* test: fix password reset socket test to check for error now
* test: same user sending multiple reset emails
should work after waiting the correct amount of time
* lint: fixes
* chore: rename outdated `cleanTokensAndUids` method
* test: no need to create user for new test
Co-authored-by: Misty Release Bot <deploy@nodebb.org>
Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com>
* breaking: remove `SocketUser.emailConfirm`, re: #10954
* chore: move email confirmation related configs to own section in Settings > Email
* feat: new user email method `getValidationExpiry`, returns expiration in ms.. probably.
* fix: bug where `user.email.isValidationPending` returned an u nexpected non-boolean value if there was no confirmation pending (only when checking email as well)
* fix: update getValidationExpiry to return ms
* test: use emailConfirmInterval for tests, for now
* fix: throw friendly error when attempting an email change within email confirmation window
* feat: new config option `emailConfirmExpiry` in days, governs how long the confirm link is good for
* test: additional tests for user email methods
* fix: add back missing handling of option
* test: fix tests
* chore(deps): bump lru-cache from 6.0.0 to 7.13.1 in /install
Bumps [lru-cache](https://github.com/isaacs/node-lru-cache) from 6.0.0 to 7.13.1.
- [Release notes](https://github.com/isaacs/node-lru-cache/releases)
- [Changelog](https://github.com/isaacs/node-lru-cache/blob/main/CHANGELOG.md)
- [Commits](https://github.com/isaacs/node-lru-cache/compare/v6.0.0...v7.13.1)
---
updated-dependencies:
- dependency-name: lru-cache
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
* fix(lru-cache): remove unneeded `length` params for cache creation, as `maxSize` was not used in those init calls, also renamed some methods to match new method names in lru-cache [breaking]
Added deprecation notices for old params
* fix: replace three direct calls to lru-cache with call to cacheCreate, moved cache creation call in uploads to run on first init as config is not populated at lib init
* test: move configs init above cache reset calls in databasemock
* move some more code above cache clear
* refactor: remove unused
* test: lru
* test: more debug
* test: on more test
* use await helpers.uploadFile
* fix: tests remove logs
* fix: acp cache page
* fix: add in one more guard again cache instantiation with `length` prop but no `maxSize` prop
* fix(deps): bump markdown
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com>
* Revert "Revert "feat: cross origin opener policy options (#10710)""
This reverts commit 46050ace1a.
* Revert "Revert "chore(i18n): fallback strings for new resources: nodebb.admin-settings-advanced""
This reverts commit 9f291c07d3.
* feat: closes#10719, don't trim children if category is marked section
* feat: fire hook to allow plugins to filter the pids returned in a user profile
/cc julianlam/nodebb-plugin-support-forum#14
* fix: use `user.hidePrivateData();` more consistently across user retrieval endpoints
* feat: Allow defining active plugins in config
resolves#10766
* fix: assign the db result to files properly
* test: add tests with plugins in config
* feat: better theme change handling
* feat: add visual indication that plugins can't be activated
* test: correct hooks
* test: fix test definitions
* test: remove instead of resetting nconf to avoid affecting other tests
* test: ... I forgot how nconf worked
* fix: remove negation
* docs: improve wording of error message
* feat: reduce code duplication
* style: remove a redundant space
* fix: remove unused imports
* fix: use nconf instead of requiring config.json
* fix: await...
* fix: second missed await
* fix: move back from getActiveIds to getActive
* fix: use paths again?
* fix: typo
* fix: move require into the function
* fix: forgot to change back to getActive
* test: getActive returns only id
* test: accedently commented out some stuff
* feat: added note to top of plugins page if \!canChangeState
Co-authored-by: Julian Lam <julian@nodebb.org>
Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com>
* feat: webpack 5 part 1
* fix: gruntfile fixes
* fix: fix taskbar warning
add app.importScript
copy public/src/modules to build folder
* refactor: remove commented old code
* feat: reenable admin
* fix: acp settings pages, fix sortable on manage categories
embedded require in html not allowed
* fix: bundle serialize/deserizeli so plugins dont break
* test: fixe util tests
* test: fix require path
* test: more test fixes
* test: require correct utils module
* test: require correct utils
* test: log stack
* test: fix db require blowing up tests
* test: move and disable bundle test
* refactor: add aliases
* test: disable testing route
* fix: move webpack modules necessary for build, into `dependencies`
* test: fix one more test
remove 500-embed.tpl
* fix: restore use of assets/nodebb.min.js, at least for now
* fix: remove unnecessary line break
* fix: point to proper ACP bundle
* test: maybe fix build test
* test: composer
* refactor: dont need dist
* refactor: more cleanup
use everything from build/public folder
* get rid of conditional import in app.js
* fix: ace
* refactor: cropper alias
* test: lint and test fixes
* lint: fix
* refactor: rename function to app.require
* refactor: go back to using app.require
* chore: use github branch
* chore: use webpack branch
* feat: webpack webinstaller
* feat: add chunkFile name with contenthash
* refactor: move hooks to top
* refactor: get rid of template500Function
* fix(deps): use webpack5 branch of 2factor plugin
* chore: tagging v2.0.0-beta.0 pre-release version 💥 :shipit: 🎉🚀
* refactor: disable cache on templates
loadTemplate is called once by benchpress and the result is cache internally
* refactor: add server side helpers.js
* feat: deprecate /plugins shorthand route, closes#10343
* refactor: use build/public for webpack
* test: fix filename
* fix: more specific selector
* lint: ignore
* refactor: fix comments
* test: add debug for random failing test
* refactor: cleanup
remove test page, remove dupe functions in utils.common
* lint: use relative path for now
* chore: bump prerelease version
* feat: add translateKeys
* fix: optional params
* fix: get rid of extra timeago files
* refactor: cleanup, require timeago locale earlier
remove translator.prepareDOM, it is in header.tpl html tag
* refactor: privileges system to use a Map in the backend instead of separate objects for keys and labels (#10378)
* refactor: privileges system to use a Map in the backend instead of separate objects for keys and labels
- Existing hooks are preserved (to be deprecated at a later date, possibly)
- New init hooks are called on NodeBB start, and provide a one-stop shop to add new privileges, instead of having to add to four different hooks
* docs: fix typo in comment
* test: spec changes
* refactor: privileges system to use a Map in the backend instead of separate objects for keys and labels (#10378)
* refactor: privileges system to use a Map in the backend instead of separate objects for keys and labels
- Existing hooks are preserved (to be deprecated at a later date, possibly)
- New init hooks are called on NodeBB start, and provide a one-stop shop to add new privileges, instead of having to add to four different hooks
* docs: fix typo in comment
* test: spec changes
* feat: allow app.require('bootbox'/'benchpressjs')
* refactor: require server side utils
* test: jquery ready
* change istaller to use build/public
* test: use document.addEventListener
* refactor: closes#10301
* refactor: generateTopicClass
* fix: column counts for other privileges
* fix: #10443, regression where sorted-list items did not render into the DOM in the predicted order [breaking]
* fix: typo in hook name
* refactor: introduce a generic autocomplete.init() method that can be called to add nodebb-style autocompletion but using different data sources (e.g. not user/groups/tags)
* fix: crash if `delay` not passed in (as it cannot be destructured)
* refactor: replace substr
* feat: set --panel-offset style in html element based on stored value in localStorage
* refactor: addDropupHandler() logic to be less naive
- Take into account height of the menu
- Don't apply dropUp logic if there's nothing in the dropdown
- Remove 'hidden' class (added by default in Persona for post tools) when menu items are added
closes#10423
* refactor: simplify utils.params [breaking]
Retrospective analysis of the usage of this method suggests that the options passed in are superfluous, and that only `url` is required. Using a browser built-in makes more sense to accomplish what this method sets out to do.
* feat: add support for returning full URLSearchParams for utils.params
* fix: utils.params() fallback handling
* fix: default empty obj for params()
* fix: remove \'loggedin\' and \'register\' qs parameters once they have been used, delay invocation of messages until ajaxify.end
* fix: utils.params() not allowing relative paths to be passed in
* refactor(DRY): new assertPasswordValidity utils method
* fix: incorrect error message returned on insufficient privilege on flag edit
* fix: read/update/delete access to flags API should be limited for moderators to only post flags in categories they moderate
- added failing tests and patched up middleware.assert.flags to fix
* refactor: flag api v3 tests to create new post and flags on every round
* fix: missing error:no-flag language key
* refactor: flags.canView to check flag existence, simplify middleware.assert.flag
* feat: flag deletion API endpoint, #10426
* feat: UI for flag deletion, closes#10426
* chore: update plugin versions
* chore: up emoji
* chore: update markdown
* chore: up emoji-android
* fix: regression caused by utils.params() refactor, supports arrays and pipes all values through utils.toType, adjusts tests to type check
Co-authored-by: Julian Lam <julian@nodebb.org>
.substr() is deprecated so we replace it with .slice() which works similarily but isn't deprecated
Signed-off-by: Tobias Speicher <rootcommander@gmail.com>
* test: add failing test for if package.json is non-existant, fix tests' beforeEach method
* Revert "fix: #10289, remove lodash dependency in src/cli/package-install.js"
This reverts commit 81fa2e22bc.
* fix: regression caused by 94b79ce402
`./nodebb setup` was no longer able to be called without arguments or env vars
* fix: .updatePackageFile() throwing if no package.json
* fix: removing unneeded code in src/cli/index.js that seemed to be used to handle cases where package.json was missing (initial install)
... However, as .updatePackageFile() now handled cases where there is no package.json, it should be ok to remove this code
* fix: handle missing package.json or node_modules/
* test: add test to verify that a sorted set is automatically deleted if its last element is removed
* fix: remote empty zsets when all elements have been removed #yolo
* Revert "fix: remote empty zsets when all elements have been removed #yolo"
This reverts commit 0ac73244bb6ffd802007a252a35844c589ce8721.
* fix: altered behaviour in module.exists instead of zrem
socket.emit('topics.delete') removed use `DELETE /api/v3/topics/state`
socket.emit('topics.restore') removed use `PUT /api/v3/topics/state`
socket.emit('topics.purge') removed use `DELETE /api/v3/topics`
socket.emit('topics.lock') removed use `PUT /api/v3/topics/lock`
socket.emit('topics.unlock') removed use `DELETE /api/v3/topics/lock`
socket.emit('topics.pin') removed use `PUT /api/v3/topics/pin`
socket.emit('topics.unpin') removed use `DELETE /api/v3/topics/pin`
Julian Lam
Barış Soner Uşaklı
gasoved
Opliko
CommanderRoot
Barış Soner Uşaklı