52082e1296
feat: add resolve flag to post tools
4 years ago
2a939aad8d
fix: regression via c1b3079d93
...
Also refactored privilege render logic so that it no longer needs a server-side hack to render column count
4 years ago
4cbd13fd9c
feat: hide revert button in ACP > Privileges until privileges change
4 years ago
46270f9f20
feat: bring back static hook timeout
4 years ago
d05d7091ae
refactor: remove async.each/reduce from hooks for better stack traces
4 years ago
0d3979efd0
refactor: use hooks.fire
4 years ago
9382fc6dc5
fix : #9370 , show correct teaser index if sorting is newest to oldest
4 years ago
1982edfde3
refactor: fix variable name
4 years ago
3c60ccfd4d
feat: upgrade connect-mongo, closes https://github.com/NodeBB/NodeBB/pull/9367
4 years ago
f71cb0e427
feat: pass interstital errors to individual partials as well as to registerComplete
4 years ago
5eb3132dae
feat: add filter:plugins.firehook
4 years ago
ebccc7940b
fix: don't copy if src doesn't exist
4 years ago
754283d37b
feat: copy default favicon if it doesn't exist
4 years ago
771a8955a4
fix : #9362 best not to check file exists on every page load; copying favicon to uploads/system folder instead
4 years ago
ad5654952a
fix : #9362
4 years ago
678e8f0fde
fix: regression where login redirect for admin routes didn't go to local=1
4 years ago
4b5450853d
feat: allow missing (or non-array) middlewares argument in route helper methods
4 years ago
e74df53997
feat: pass modified params, only affects filter hooks
4 years ago
696c489524
feat: add back topic id input
4 years ago
166d65a1ba
fix: add back middleware.authenticateOrGuest
4 years ago
e3b2c00db1
fix: request authentication called twice in account routes
4 years ago
7da061f0d7
refactor: automatically authenticate all requests setup through route helpers ( #9357 )
...
* refactor: automatically authenticate all requests setup through route helpers
* fix: removed connect-ensure-login dependency
* fix: bug with some middlewares not defined outside route helper methods
4 years ago
3aa26c4df2
fix : #9339 , only log email errors once per digest, notification push
...
show notice in acp
4 years ago
3f42d40c78
fix: winston.info
4 years ago
0021c6019e
refactor: async listen testSocket
4 years ago
c5e257888a
fix : #9351 bad logic when inserting rows to privilege tables, also a missing tfoot 🦶
4 years ago
bfd512b99b
feat: expose username validation logic to user lib, new hook `filter:username.check`
4 years ago
e5133a78f8
feat: add $.deserialize to client side
4 years ago
902a88c25e
feat: remove promise-pollyfil
4 years ago
c1b3079d93
feat: category privilege API routes
...
closes #9342
4 years ago
c8b78654d9
fix: bad assignment
4 years ago
fbe9215b17
fix : #9348 incorrect redirect via connect-ensure-login
4 years ago
0af9d26fe5
feat: change uploadCroppedPicture to use updateProfile as well
4 years ago
a598abcd8e
feat: use updateProfile for picture change
...
so it triggers action:user:updateProfile
4 years ago
f806befd2f
fix: bug where loginSeconds setting was ignored for local login
4 years ago
1155b0c42f
feat: allow payload to be passed to emailer test method
4 years ago
00a68a9548
feat: add additional flag hooks [breaking]
...
`action:flags.create` on initial flag creation
`action:flags.notify` on notification to admins and moderators
`action:flags.addReport` on flag report addition (called during initial flag create, too)
4 years ago
069ac60f62
feat: add uid of user who created flag to action:flags.create
4 years ago
b9fd2c87f3
chore: bump deps ( #9335 )
...
* chore: bump deps
* fix: husky git hooks
4 years ago
2737f6531b
fix: notif pruning
4 years ago
02f08111cf
feat: keep notifs for one month, load 50 notifications instead of 30
4 years ago
9bf94ad50f
fix: allow interstitial callbacks to be functional (no cb required)
4 years ago
cdf5d18f54
fix: don't publish before pubClient is connected
4 years ago
86b0c57d7a
feat: also pass in uid to `filter:email.prepare`
4 years ago
27ea3dcb2f
feat: new hook `filter:email.prepare`
4 years ago
bf90d15881
feat: new hook static:email.send
...
deprecates filter:email.send
4 years ago
0dad568cbe
perf: faster category tags upgrade script
4 years ago
95033ef756
perf: use setObjectBulk
4 years ago
a07509f770
perf: make upgrade script faster
4 years ago
48f1e265f4
fix: remove unused async
4 years ago
0959b1248b
perf: make upgrade script faster
...
use bulkAdd/remove
4 years ago
14a6c349c2
feat: show time info for upgrade scripts
4 years ago
293b7c2650
refactor: privileges, export modules directly ( #9325 )
...
fix unused/commented out methods in admin privileges
4 years ago
984c9dd915
fix: in setupPageRoute helper, buildHeader after plugin hooks have fired
...
To allow for a plugin to call doLogin and have it properly reflect in the header
4 years ago
73dc64d9ff
feat: add dashboard sub-pages to ACP menu
4 years ago
0804d54759
spec: schema docs for new ACP dashboard subpage routes
4 years ago
2f89b0d791
feat: recent logins sessions table in dashbaord subpage
4 years ago
e1ed514b10
feat: topics dashboard details subpage
4 years ago
c57c77030e
feat: update user list in dashboard/users on graph update
4 years ago
f8e1a74c26
fix: wrong qs param, allow string to be passed to util.getDaysArray
4 years ago
cc93822436
feat: show list of recent users in dashboard/users
4 years ago
6fdcae7320
feat: req.query parsing and dynamically loading data instead
4 years ago
f561799f74
refactor: abstract out some client side dashboard code into modules, analytics subpages for users, topics, and logins
4 years ago
079a13d41a
feat: new hooks for notifications get/getCount
4 years ago
0d59fe3d2b
fix( #9315 ): api v3 post, put, del JSON
...
also allow `app.alertError` to be called without an argument
also fix `./nodebb build --dev` to actually build in dev mode
4 years ago
dbe5f7027b
fix: wrong call to sortedSetAdd
4 years ago
16d3c45782
feat: report login statistics from analytics data, instead of its own zset
4 years ago
9a9f366d3b
feat: track login sessions for admin dashboard reporting
4 years ago
020f0b8322
fix: session not persisting to database in some scenarios
...
In some edge cases (e.g. SSO plugin redirecting the user immediately), with modern browsers, the request is never "completed" for speed. This causes a condition where the session object never persists to the database, even though it has changed. This added line forces a db persist on a successful login.
Context: https://github.com/expressjs/session/pull/484
4 years ago
504fd107c7
feat: track successful logins in analytics
4 years ago
d3a9e76ae2
test(user): added additional tests for icon background colour
4 years ago
955021247e
feat(user): icon background selector in change picture modal
4 years ago
fbccf6e22f
refactor(user): all plugins to change list of icon background colours
...
One notable change is line 200, where a conditional was changed. The conditional used to check for `user.hasOwnProperty('picture')` and was added so that icons would only be included in the response if the picture was requested. This doesn't seem to apply as picture could be set regardless (see default avatar logic above), so I explicitly check `requestedFields` now.
4 years ago
ed3d9dcbbf
feat: pass post object to filter:post.tools
4 years ago
0e07f3c9ba
feat: allow defining a list of system tags
4 years ago
25c8f02634
fix : #9307 , use _.flatten
4 years ago
2fef462782
fix: awaiting res.render in send404 controller
...
>
> A plugin wanted to use `response:rotuer.page` to 404 a specific page on some condition. res.render returns early in send404 and so must be awaited otherwise multiple responses will be sent
4 years ago
65c57c730c
docs: added comment re: #9305
4 years ago
34096b73ef
fix: do not overwrite `config.port` from URL, if it's already set
...
If URL was set to something like `http://example.com:8080 `, and port
was set to 4567, keep listening on port 4567 and keep linking through
URL that was specified.
This allows to listen on port 4567, while having NGINX (or any proxy)
set to listen on port 8080 and route traffic to port 4567.
So NodeBB can be "hidden" behind proxy while URL can still contain
non-standard port, i.e., port different than 80 and 443.
4 years ago
8686fbfa3f
fix: switch back to getSortedSetRange
...
/cc @barisusakli
4 years ago
9ce6f8ad93
feat: add tag filter to getSortedTopics
4 years ago
5286f20862
refactor: remove dupe code
4 years ago
7223074f1d
feat: ability to re-order topic thumbnails
4 years ago
91734a6484
fix: settings v3
4 years ago
0738dae895
feat: #9304 , add category/topic/username to post queue notification emails
4 years ago
8f0386d9ac
feat: add failing test for list append/prepend with list ( #9303 )
...
* feat: add failing test for list append/prepend with list
* feat: mongo/psql
* feat: improve test
4 years ago
1ae8dda8a8
chore: extra console.log
4 years ago
7ebb6d3056
fix: thumbs.associate logic fix + tests
4 years ago
7665adf7d1
fix: missing awaits, possible test fix
4 years ago
9a6cf3d967
fix : #9301 , dont call sitemapstream if there are no entries in categories/pages/topics.xml
4 years ago
50664487b9
test: additional tests for topic thumbs
4 years ago
807b0d4348
fix: properly incase its the same path
4 years ago
76bcc0c99c
fix: numThumbs count on associate
4 years ago
1490b32d1b
fix: missing cache deletion calls for post-queue cache
...
/cc @barisusakli
4 years ago
3e6640efb2
refactor: thumbs.associate accepts both relative path and url in path arg
4 years ago
a4b4a5566d
feat: link to post-queue from topic event
4 years ago
8fd78ce512
feat: post-queue topic event
4 years ago
3f35fd335d
feat: add post-queue cache
4 years ago
36f2021186
refactor: move post queue retrival code to posts.getQueuedPosts
4 years ago
b81508c4e2
fix: init topic events from webserver.js
4 years ago
6074a0fbbf
refactor: call topic events init from within file itself
4 years ago
cc275e1016
Revert "feat: newsletter opt-in/out in UCP, closes #21"
...
This reverts commit 3c7cd9a6c4
4 years ago
3c7cd9a6c4
feat: newsletter opt-in/out in UCP, closes #21
4 years ago
3595473485
feat: load user posts/topics via xhr on infinitescroll
4 years ago
b753c69cfe
fix: check null topics
4 years ago
58cd797e4c
fix: guard against null topics
4 years ago
c953b1b3d1
fix : #9292 , messageobj.content already parsed
4 years ago
4b2bf12fd1
feat: #9294 , put new categories at top
4 years ago
9d17f397c0
fix(remountable-routes): more fixes to remountable routes
...
fix: ensure proper admin privilege checking on remounted `/admin` mount
fix: guard against plugins sending back missing mounts
fix: no need to make addRemountableRoutes awaitable
4 years ago
16c1d6e937
style(remountable-routes): abstract removable routes code to a separate local fn
4 years ago
1f28713f1a
refactor(remountable-routes): rename `src/routes/accounts.js` to `src/routes/user.js` to better match the route prefix
4 years ago
bc68e990af
fix(remountable-routes): bug with user routes remounting to itself
4 years ago
9021f071d4
feat(remountable-routes): allow category and account routes to be remounted
4 years ago
f01af62b53
feat(remountable-routes): allow /admin and /post to be remountable
4 years ago
92758ec50d
refactor(remountable-routes): allow certain route prefixes to be mounted elsewhere
4 years ago
765db86d4e
fix: clear category cache on copy parent
4 years ago
ed3e9ce2e2
fix: delete category cache key on category create
4 years ago
c61cc37bba
fix: typo
4 years ago
cf4002bcc9
perf: cache base_url
4 years ago
5ce2820799
perf: single call to get digest topics, dont send duplicate topics
4 years ago
90d5c9da44
perf: single db call to add all uids
4 years ago
a5fa212fc7
fix: wait for event.log to finish before killing process
4 years ago
0185ea1b4f
perf: make digests a little bit faster
...
and use batch.processArray
dont load data for users who have no email or have not confirmed their emails
4 years ago
b6493f896f
fix: tests, only generate csrf_token on 404 gets
4 years ago
94f72d6093
fix : #9287 , generate csrf_token on 404
4 years ago
783786cf8c
fix: do not blindly escape a notification's bodyLong
...
For 7+ years we were escaping this value, but it is in many cases already sanitized (as it may be a post content). For those cases when it is not, I now run it through parse.raw.
Instead of escaping, it now strips p, img, and a tags.
4 years ago
670cde78da
feat: add invalid event name to error message
4 years ago
cc9d6fd08b
chore: eslint max-len
4 years ago
5c2f0f0557
chore: eslint no-restricted-syntax
4 years ago
115d19e289
chore: eslint prefer-rest-params, prefer-spread
4 years ago
23f212a4c0
chore: eslint prefer-destructuring
4 years ago
8d1462ffd8
chore: eslint object-curly-newline
4 years ago
62869bae3d
chore: eslint function-paren-newline
4 years ago
dab3b23575
chore: eslint no-var, vars-on-top
4 years ago
b56d9e12b5
chore: eslint prefer-arrow-callback
4 years ago
707b55b6a5
chore: eslint prefer-template
4 years ago
4ee0f1459d
chore: eslint import/newline-after-import
4 years ago
dad01e3051
chore: eslint no-bitwise
4 years ago
fca17cb713
fix: move service worker back to relative_path/service-worker.js
4 years ago
a4878a5b22
fix: markread selector
4 years ago
7eebcbdbbc
perf: only load thumbs for topics that actually have thumbs
4 years ago
47299ea587
Categories refactor ( #9257 )
...
* feat: wip categories pagination
* feat: add subCategoriesPerPage setting
* feat: add load more sub categories button to category page
* fix: openapi spec
* feat: show sub categories left on category page
hide button when no more categories left
* breaking: rename categories to allCategories on /search
categories contains the search results
* fix: spec
* refactor: remove cidsPerPage
* fix: tests
* feat: use component for subcategories
* fix: prevent negative subCategoriesLeft
* feat: new category filter/search WIP
* feat: remove categories from /tag
* fix: dont load all categories when showing move modal
* feat: allow adding custom categories to list
* breaking: dont load entire category tree on post queue
removed unused code
add hooks to filter/selector
add options to filter/selector
* feat: make selector modal work again
* feat: replace old search module
* fix: topic move selector
* feat: dont load all categories on create category modal
* fix: fix more categorySelectors
* feat: dont load entire category tree on group details page
* feat: dont load all categories on home page and user settings page
* feat: add pagination to /user/:userslug/categories
* fix: update schemas
* fix: more tests
* fix: test
* feat: flags page, dont return entire category tree
* fix: flag test
* feat: categories manage page
dont load all categories
allow changing root category
clear caches properly
* fix: spec
* feat: admins&mods page
dont load all categories
* fix: spec
* fix: dont load all children when opening dropdown
* fix: on search results dont return all children
* refactor: pass all options, rename options.cids to options.selectedCids
* fix : #9266
* fix: index 0
* fix: spec
* feat: #9265 , add setObjectBulk
* refactor: shoter updateOrder
* feat: selectors on categories/category
* fix: tests and search filter
* fix: category update test
* feat: pagination on acp categories page
show order in set order modal
* fix: allow drag&drop on pages > 1 in /admin/manage/categories
* fix: teasers for deep nested categories
fix sub category display on /category page
* fix: spec
* refactor: use eslint-disable-next-line
* refactor: shorter
4 years ago
e40af441c9
fix: cache key collision
4 years ago
a6fa351b72
feat: pass req.session into buildReqObject
4 years ago
4f97639009
feat: new hook `action:login.continue`
4 years ago
67e3fb6498
fix: register returnTo logic to match login route
...
Login route saves the previous page by checking for the X-Return-To header. This header is automatically set by ajaxify.
Login takes this value and saves it to `req.session`.
Up until now, `/register` saved the previous URL in a hidden input, and redirected based on that value, but it occasionally conflicted with req.session.returnTo. It was also confusing because it did not match how login handled the values.
This commit updates the route handling so it works identically to `/login`.
4 years ago
492cbc6227
fix: tests
...
/cc @pitaj
4 years ago
5e5d37c38f
fix( #9252 ): pass site domain to nodemailer ( #9254 )
4 years ago
f79aeef889
fix: posts.uploads.sync dissociates uploaded thumbs of the main pid
4 years ago
c729adeb08
fix: privileges page - tweak icon position and width, group name wrapping
4 years ago
970bd06fd2
refactor: improvements
4 years ago
53e0d4d2e0
feat: banned-users group
4 years ago
cabec378f4
fix: openapi test specs
4 years ago
7c9674de6c
fix: include admins
4 years ago
a2a7557cc0
refactor: update dom after diff deletion better
4 years ago
eaf9d2e44a
fix: include admins, limit to category mods, correct privilege name
4 years ago
72b050b4a8
test: post diff deletion tests
4 years ago
eb642f40b9
feat: #9109 , ability to delete a post's diffs
4 years ago
fffdc4e0ca
feat: #9234 , add pagination to /api/recent/posts/:term?
4 years ago
2bc74cffe6
fix : #9127 , scope service worker to relative_path for the forum ( #9239 )
...
Adds a `Service-Worker-Allowed` header on `assets/src/service-worker.js` URL and uses `scope` option during registration to ensure the service worker is correctly scoped to the entire forum and only the forum.
4 years ago
d1364c3130
Categories refactor ( #9233 )
...
* feat: wip categories pagination
* feat: add subCategoriesPerPage setting
* feat: add load more sub categories button to category page
* fix: openapi spec
* feat: show sub categories left on category page
hide button when no more categories left
* breaking: rename categories to allCategories on /search
categories contains the search results
* fix: spec
* refactor: remove cidsPerPage
* fix: tests
* feat: use component for subcategories
* fix: prevent negative subCategoriesLeft
4 years ago
d6f60f4502
fix: broken test after sorted-lists logic change
4 years ago
d5d24594e8
feat: allow sorted-lists on multiple pages
...
If multiple sorted-lists were on separate pages, saving one page would erase the sorted-lists saved on the other page. This was caused by naive deletion of the sorted-lists index on settings save.
At the same time, a bug was found where if fewer items were passed in, only that many items were removed from the database, leaving leftover orphan data in the database.
The logic now:
- Only removes sorted-lists if they are passed in (and empty)
- Deletes all sorted list items, not just the items passed in.
4 years ago
9834f72fc7
fix: clear all locks on restart
4 years ago
f6cd2862bd
feat: #9232 , add profile picture into exported zip
4 years ago
a8be6fb8fb
fix: regression where `filter:settings.set` no longer received sorted-lists
4 years ago
5bc1f5b4e8
fix : #9231 , fix redis pubsub connection
...
regression from fdfbc90255
4 years ago
05c53394f3
fix: tests
4 years ago
7419922040
fix: improper override of req.body.username in login logic
4 years ago
b820d23401
feat: new hook `filter:login.override`, deprecate `action:auth.overrideLogin`
4 years ago
473d5f4aba
fix: full settings hash not passed through to action:settings.set
...
The sorted lists were being filtered out
4 years ago
eb96046e97
Revert "refactor: use Map to track sorted lists in Settings.set()"
...
This reverts commit 65de2e76b4
4 years ago
65de2e76b4
refactor: use Map to track sorted lists in Settings.set()
4 years ago
a5bf9779fd
fix : #9223 , don't overwrite stmp settings
4 years ago
3052256db3
chore: deprecation notices for plugins using plugin old hook methods
4 years ago
15ba0abb34
docs: update deprecation-removal version for plugin hook helper methods in 1.18.0
4 years ago
e8429f509b
fix: handle delete and update for categories:name zset
4 years ago
34c42c6fa3
feat: ability to search categories, #8813
4 years ago
a1c014462c
revert: bring back backwards compat
4 years ago
647d3ba810
fix: removed methods
4 years ago
fb84c78544
chore: remove deprecated `User.emailConfirm` [breaking]
...
Use `User.email.confirmByCode` instead.
4 years ago
5a775e09dc
chore: remove deprecated plugin hook `filter:privileges:isUserAllowedTo` [breaking]
...
Use `filter:privileges:isAllowedTo` instead.
4 years ago
d41de481a4
chore: remove deprecated plugin hook methods [breaking]
...
Call plugins.hooks.fire() instead.
4 years ago
cc0d562e9a
chore: more removals of thumb specific backwards-compatibility [breaking]
4 years ago
5f9f241e37
chore: remove deprecated `filter:admin/header.build` hook [breaking]
...
Use `filter:middleware.renderAdminHeader` instead.
4 years ago
84dfdfe659
chore: remove deprecated v2 style responses for thumbs upload route [breaking]
4 years ago
2ad0d0d0d8
chore: remove deprecated getObject routes [breaking]
...
`/api/post/pid/:pid`, `/api/topic/tid/:tid`, `/api/category/cid/:cid` have now been removed in favour of routes in the Write API (`/api/v3/(posts|topics|categories)/:id`)
4 years ago
7b090c588b
fix: incorrect return for Thumbs.get() if thumbs were disabled
4 years ago
dc84559d0b
feat(topic-events): topic events GET route in write API
4 years ago
449c379d22
feat(topic-events): server-side tests for topic events
4 years ago
0d4a377558
feat(topic-events): clear out topic events when a topic is purged
4 years ago
8e93bf7362
feat(topic-events): client-side handling on topic event log
4 years ago
df2fdd56ba
fix(topic-events): repeated invocations of Posts.addTopicEvents caused dupes to be added to DOM
4 years ago
cec3fc934d
refactor(topic-events): break out some logic in events.get into local modifyEvent method
...
+ events.log now returns a complete event object
4 years ago
611d1f872d
feat(topic-events): support for uids in topic event payloads
4 years ago
425eca145b
refactor(topic-events): fire topic event logging in topics/tools instead, pass uid into payload
4 years ago
ab2e1ecb40
feat(topic-events): work in progress topic events logic and client-side implementation
4 years ago
8ff07bc196
fix: update js concatenation logic to bundle scripts.rjs into minfile regardless of build environment
...
The slowdown is fairly insignificant (< .1s), and the only change is the minified file is identical across environments, which is better from a debugging standpoint
4 years ago
412d285850
fix(hooks): fallback handling for core invocations of hooks.fire
...
+ .on() which is the same as .register()
4 years ago
f975063b7d
fix : #7125 , allow list for page route, configurable via plugin hook
4 years ago
8b72479f62
fix: remove 'filters' and 'categories' from flag details API return [breaking]
...
These options were originally used when the flag filters were shown in the sidebar. This has seen been removed, and so the information is now superfluous
4 years ago
1603566bcc
fix: filtering logic of flags [breaking]
...
When combining filters, the old logic assumed that every filter was
exclusive, unless that filter contained multiple items, in which
case it was added to a list of "or" filters that returned all
matching flags.
A fault was discovered in that if you passed in multiple "or"
states, it did not return flags with the expected filtering.
e.g. open flags, closed flags, flags of cid 1, flags of cid 2
This could return open flags of cid 3, since all of the filters
were "OR"'d.
This logic change updates the behaviour so disparate OR sets are
intersected (ANDed).
4 years ago
942d924779
fix: error on flag list if no flag filters were saved in session
4 years ago
6b1c97db79
feat: feature flag for auto-resolving a user's flags on ban [breaking]
...
The default behaviour has now been changed to 'off'. Going forward, a user's flags will no longer automatically resolve on ban.
4 years ago
35c92d0cff
fix: mod cid filter accidentally saved in session
4 years ago
27cae0d5d8
fix: missing return for #9217
4 years ago
b2b1450e5d
fix : #9217 , render 400 error page on bad access to /register
4 years ago
78896fc623
fix: redis check compat tests
4 years ago
fdfbc90255
feat: async/await redis connection
4 years ago
33bf1b0e2c
feat: async/await psql connection
4 years ago
672959c13f
feat: add group name to csv event
4 years ago
a186ea0fe3
fix: registration completion overriding returnTo if it was already set
4 years ago
280285cda9
feat: allow interstitial callbacks to be async functions [breaking]
...
This change is breaking in the sense that if you have written
interstitial callbacks before that are async functions _with_ a
callback, those are no longer allowed. You will not need to call
next() as that argument will no longer be passed in to async
functions.
4 years ago
5c1b742979
fix: add missing user delete event types
4 years ago
7fb583dcfd
Merge branch 'master' of https://github.com/NodeBB/NodeBB
4 years ago
c608b0e8a3
fix: https://github.com/NodeBB/nodebb-plugin-webhooks/issues/3
4 years ago
d85ad10d34
fix: restored sanity checks for post move socket calls
4 years ago
966c4117ec
refactor(api): post move to write API
4 years ago
e118e59ce0
refactor(api): post diffs to use write API
4 years ago
c2e2370655
feat: add filter:email.cancel to allow plugins to cancel sending emails
4 years ago
f5fcd232f6
fix: regression caused by 77ab46686d
...
Access checks were added for topic GET route, but occasionally a post_uuid is passed in, which is available to everyone, and so checks should be skipped
4 years ago
4fb907875e
fix: don't crash if fullname is not a string
...
https://community.nodebb.org/topic/15291/upgrade-error-fullname-substr-is-not-a-function
4 years ago
1374e0eeba
refactor: change var to const
4 years ago
00ba89b6d6
fix : #9204 , bypass groupname length check for system group in upgrade script
4 years ago
9938a139fe
fix: add missing await
4 years ago
25ab99b91d
refactor: single remove call
4 years ago
ab11435ed5
feat: grant plugins the ability to specify options to the SSO handler
...
... to be handled in the plugin itself (overriding the passport prototype's authorizationParams method)
+ new hook filter:auth.options
4 years ago
9b289eca9d
fix: ssoState passed to strategies even if not called for
4 years ago
77ab46686d
fix: access checks for tags and thumbs get route
4 years ago
c0fb1cb59c
fix : #9194 global mods unable to pin or unpin topics
4 years ago
ef16cd2e6f
fix : #9192 , exit after logging error
4 years ago
69419571a9
fix: make sure inviter user exists
4 years ago
89e6c75d58
fix : #9185 , fix string boolean values
4 years ago
66da6bcd1c
fix : #9184 proper relative_path usage in topic thumbs.get
4 years ago
b742229e59
fix : #9169 , re-adding v2-style behaviour so as to not break the API... yet
4 years ago
aa95cc7d60
Merge branch 'master' of https://github.com/NodeBB/NodeBB
4 years ago
eaf62d39fd
fix : #9177 , handled multiple deleted users properly
4 years ago
4ede18ce5f
fix: broken test caused by errant .pop(), missing await
4 years ago
c07e1e16af
feat: add unread-count badge if navigator contains /flags route
4 years ago
6a1311b4bc
refactor: flags lib to have a separate getFlagIdsWithFilters method
...
added quick filter for unresolved flags
4 years ago
6cb5888c13
fix: unescape header navigation originalRoute [breaking]
4 years ago
03a0e72fae
refactor: split out logic dedicated to calculating unread counts, to a separate local method
4 years ago
e14b67786c
Solve Custom home page route error bug ( #9180 )
...
When you select Custom Route as home you get a 404 error "/custom not found" error.
This because 'homePageRoute' property was used instead of 'homePageCustom'
4 years ago
7069735aa2
Merge branch 'master' of https://github.com/NodeBB/NodeBB
4 years ago
da54697075
fix : #9176 , limit description size
4 years ago
97d678fd2a
fix: return a user object, not an array of user objects (in v3 login check route)
4 years ago
8c86f5bcec
fix: bad execution flow in utilities.login
4 years ago
534224133b
fix: random loadFiles added by errant vscode autocompletion
4 years ago
8bbb320867
feat: handle HTTP 429 as a response code
4 years ago
56f929ed4f
feat: add write API route for checking login credentials
4 years ago
1cf0032d9f
feat: allow override of local fns in login controller, 400 instead of 500 for wrong login type [breaking]
4 years ago
6cbb77afda
fix: add missing breadcrumb on /user/<slug>/categories
4 years ago
f0dd302c77
perf: use only required calls
4 years ago
a51c5698c7
fix: `--help` usage info
...
yargs (via nconf) would exit when detecting a help flag
also improves the speed of `./nodebb help build`
4 years ago
171017c38c
fix : #9130 , remove timestamp prefix from thumbnail names in API response
4 years ago
8c31afae7d
feat: #9173 , show installed plugin versions in ./nodebb plugins
4 years ago
b9ba44edd7
fix : #9166 missing relative path in topic thumbs modal and topic list
4 years ago
1968bf50f1
fix : #9163 , fix total connection count on ACP
...
sockets.sockets is a JS map in 3.x
4 years ago
edb8da1ef9
feat(api): closes #9123 category and topic routes migrated to Write API
4 years ago
9ecfac9b68
feat(api): #9123 , migrate rest of the getObject controllers to Write API
4 years ago
cdff8d286a
chore(api): add deprecation notices re: #9123
4 years ago
e267f29584
feat(api): #9123 , migrate /api/post/pid/:pid to Write API
4 years ago
33290850ee
fix : #9126 , skip base64 and long values
4 years ago
c1ecfd1ebf
feat: #9135 , don't try to reconnect forever
4 years ago
a555f02415
fix: inability for admins with setting privilege to save plugin settings
4 years ago
895e3d939e
fix : #9149 , server-side handling of disableChatMessageEditing
4 years ago
d27815a8c0
fix : #9149 , incorrect client-side `disableChatMessageEditing` value for admins/gmods
4 years ago
2874036024
fix: tests
4 years ago
223f0a5515
feat(acp): admin tags privilege
4 years ago
fb46a8d975
feat(acp): admins-mods privilege
4 years ago
5b8558e9a5
feat: allow dashes in privilege group names
4 years ago
3aa5beb832
feat: allow multiple privileges to be defined for a given admin socket call
4 years ago
fcc1e24ad0
feat: rename admin middleware header hook
4 years ago
da191341e8
feat(acp): added new admin privilege for groups management
4 years ago
80ee3dfbd1
fix(api): tests
4 years ago
931105e6cb
fix: dont show deleted posts in navigator
4 years ago
32e36f7b2e
feat(api): group ownership API route, switch client-side to use API route
4 years ago
1cd2689cf6
refactor(api): deprecated groups update socket in favour of API lib
4 years ago
34ccabe3ab
fix: bad assignment logic in middleware.renderHeader
4 years ago
75b1bbd09f
feat: explicitly add filter:admin/header.build hook
...
As it is not fired during middleware.processRender
4 years ago
05d8b3c339
chore: add deprecation notice to topic thumb tpl value
4 years ago
da4f91186b
fix : #9113 , wrong path separator used in thumbs.get
4 years ago
2be396ff6e
fix: email testing and settings change from ACP
...
- changing email SMTP settings wouldn't apply the first time
- "Send Test Email" now will report emailer errors in most cases
4 years ago
713f029dc8
fix: removing ability to specify deprecated topic 'thumb' on topic creation
4 years ago
600807fbe1
fix: don't return deleted: 0 for ephemeral groups
4 years ago
438fa5c88f
fix: send fewer items to client-side for ACP settings/email page
4 years ago
878ee06715
refactor: schema backreference test to use map instead of reduce, properly check write-api routes
4 years ago
a2152dd100
feat: update html-to-text closes https://github.com/NodeBB/NodeBB/pull/8810
4 years ago
4404e32ed9
fix : #9117 , lower query before search
4 years ago
ab96f526d6
feat: remove max age since cache is cleared when thumbs change
4 years ago
2d5a224b06
perf: don't load thumbs if disabled globally, cache thumb results
4 years ago
d28581eb6a
feat: show alt text instead of images in teasers ( #9107 )
...
* feat: show alt text instead of images in teasers
* refactor: from utils to local function
4 years ago
8f938eba19
fix : #9074 , fix svg uploads
4 years ago
ab98740821
fix : #9100 topic thumbs in OG image tags
4 years ago
74d73313fd
feat: migration of old topic thumbs to new format
...
closes #9099
4 years ago
378a3a6945
fix: update version removal comments to 1.17 for some features
4 years ago
4c87f30184
feat: allow plugins to override ACP relogin challenge
...
- used in 2factor
4 years ago
80de572aa1
feat: add user.email.confirmByUid for sso plugins
4 years ago
05dd859714
fix: postgres is slow ™️
4 years ago
9f62df15bd
chore: appease codeclimate
4 years ago
24e754d120
feat: add thumbs to category data return
4 years ago
edf67f349f
fix: use getSortedSetRange instead of getSortedSetsMembers
4 years ago
bd5c4a5cff
fix: tests
4 years ago
e83baa97a0
fix: bad topic thumbs logic on local thumb upload
4 years ago
3e54b70c06
fix : #9092 , Topic thumbnails do not work with third-party uploaders
4 years ago
2170c40007
fix: iteration logic bug
4 years ago
9342d611be
fix: enable topic thumbnails across the board [breaking]
4 years ago
a30c8ab5c8
feat: clent-side modal for managing topic thumbs
...
closes #9087
4 years ago
67cf5e83b7
fix: changes to thumb resizing logic
...
- Resized thumb no longer skews aspect ratio
- Thumbs resized down to maximum thumb size by WIDTH only
- image.checkDimensions() now returns dimensions
4 years ago
37c367d6ff
feat: raise maximum thumb size to 512
4 years ago
1c5cdb5121
feat: associate topic thumbs with post uploads (for the mainPid)
4 years ago
08736b1812
fix: use file lib instead of direct fs module access
4 years ago
c043cfebd6
fix: added back missing topic thumb tests that were removed in last commit
4 years ago
340387c18a
fix : #9055 , non-standard API response from addThumbs route
...
Also removed old thumb upload router handler, and updated uploadPost handling in composer to match new response schema
4 years ago
c09c238e3f
fix: do not allow thumb deletion route to arbitrarily delete other files in uploads folder
4 years ago
5950683316
feat: closes #9048 , tests for topic thumbs routes, write API schema
4 years ago
4152aa552e
feat: tests for topic thumbs
...
Also added some error checking to addThumbs controller
4 years ago
ef7d6db912
feat: server-side work for #9047
...
- rename Thumbs.commit to Thumbs.migrate
- new PUT method that calls Thumbs.migrate
- `checkThumbPrivileges` now takes a single object parameter (ins. of req/res)
4 years ago
b5d910f53b
feat: core work for #9042 , thumb deletion now accepts uuids
...
+ common data validation for thumb addition and deletion
4 years ago
1f0c1cd229
fix: references to since-removed Topics.thumbs.resizeAndUpload
4 years ago
90497e3ef5
feat: more work on topic thumbs refactor
...
- addThumb and deleteThumb are now protected routes (duh)
- new getThumbs route GET /api/v3/topics/<tid>/thumbs
- Updated `assert.path` middleware to better handle if relative paths are received with upload_url
- Slight refactor of thumbs lib to use validator to differentiate between tid and UUID
4 years ago
43dc3e3e48
fix : #9041 , remove Topics.thumbs.resizeAndUpload()
4 years ago
708b1c338f
fix : #9040
4 years ago
1257aa981e
feat: expose uploaded thumbnails to client-side via API
...
+ plugin hook: filter:topics.getThumbs
4 years ago
7e9e08f718
feat: server-side routes for handling multiple topic thumbnails
...
closes #8994 , requires 'topic-thumb-refactor' branch of composer-default
4 years ago
98cd9e3549
feat: allow uploadThumb controller to be called in code
...
it, and uploadsController.upload() now return the results of their operation
4 years ago
4fc9da81a9
refactor: topic thumbs lib to topics.thumbs
4 years ago
0f480be658
fix : #9085 , dont prevent admins from deleting other users
4 years ago
efa4eca0fe
fix : #9045 , no post usage info if '/files/' path received
4 years ago
60e7de0d13
feat: move upgrade script and make it shorter
4 years ago
6037f5ee2c
chore: add comment for clarification
4 years ago
1f32d38778
fix: default values, clamp postsPerPage/topicsPerPage to max
4 years ago
9da0ed400e
fix : #9081 , load raw settings before merging
4 years ago
bb6cc49c16
perf: dont build identical langs
4 years ago
86f0f82be7
fix : #9068
4 years ago
4a0d883359
breaking: #8808 , remove utils.slugify
4 years ago
1c45fa1ba5
feat: socket.io 3 changes ( #8845 )
...
* feat: socket.io 3 changes
* feat: replace socketio-wildcard with socket.onAny
up socket.io-redis to 6.x
* feat: remove mongodb/psql socket.io adapters
* feat: show data on fail
* fix: tests
* fix: typo
* fix: logger test fix
* fix: logger.io_close
* chore: up deps
* chore: update readme to reflect redis requirement
* fix: increase timeout show data if test fails
4 years ago
d2888d1d1f
Category tags ( #8938 )
...
* feat: wip category tags
* fix: tag search
* feat: remove debug
* fix: returns of searchTags and autocomplete
* fix: alpha sort
* fix: redis
* fix: delete zsets on category purge, fix another test
* fix: test
4 years ago
792e9e703e
fix: dont strip tags
4 years ago
91c20ceca5
fix : #9065 , settings v2/v3 conflict
4 years ago
970ccb5a68
fix : #9063 , missing handler for passwordless accounts in admin.checkPrivileges middleware
4 years ago
6669496dba
Navigator ( #9049 )
...
* feat: navigator changes
* fix: remove extra code
* feat: add lang keys
4 years ago
648f6215ef
fix: redirect external with absolute urls
4 years ago
458bfc0faf
fix: external path for subfolder installs
4 years ago
64ac483ddd
fix : #9032
4 years ago
fcb10ebdbb
feat: add socket connect/disconnect action hooks
4 years ago
5d00b0895b
fix: sso redirect on /login & /api/login
4 years ago
3ea66f84e1
fix: use file lib instead of directly accessing fs (for Assert.path)
4 years ago
ef6c3b0029
fix: check uid as well
4 years ago
7e867cf95e
fix : #7597 , fix progress bar of cover/profile uploads
...
send big cover images in chunks
4 years ago
6f68f4d20a
fix : #9032 , fix login redirect for sso plugins
4 years ago
86b7f8a5d4
fix : #8962 , dont show null for purged targets
4 years ago
5f0f476b57
feat: #9005 , use timestamp in profile/cover images
...
delete current one if keepAllUserImages is turned off
fix typo in data
4 years ago
954dc5b7be
feat: #8983 , update pin tooltip in topic
4 years ago
53abada5f0
Revert "feat: option to allow auto-joining of groups (optionally skip the "request membership" step)"
...
This reverts commit 685f3c6aa6
4 years ago
685f3c6aa6
feat: option to allow auto-joining of groups (optionally skip the "request membership" step)
4 years ago
c1a7968d23
feat: user notification settings for group.leave event
4 years ago
f7558c6052
fix: notification on group.leave incorrectly showing "Guest has left X group"
4 years ago
b46d2f93e6
fix : #9019 , add missing lang strings
4 years ago
e45b5cba81
fix : #9018
4 years ago
f7c738deda
fix : #8997 , don't send notifications if uids already in group
4 years ago
1eb5fabdb1
feat: #8900 , postQueue setting for category
4 years ago
14bb0a4469
feat: #8960 , update view count after merge
4 years ago
4317cdea34
fix : #9002 ban templates not user friendly
4 years ago
202dcef42e
fix : #9010 , show rest of info even if clusterMonitor priv is not granted
4 years ago
d46740f860
fix : #9007 revoke old sessions after adding
4 years ago
700736535c
fix: guests dont always have sid
4 years ago
a4fe4d3cf5
fix: allow guests to see their replies immediately
4 years ago
92d1b8a65f
fix: privs headers
4 years ago
4c650aeead
feat: #8989 , convert widget nav to dropdown
4 years ago
5080f35752
fix : #8991 , logout on password reset, dont verify email if password expired
...
dont allow same password on reset
4 years ago
3cd0c9a476
fix : #8998 , allow guests to use write api to post/reply
4 years ago
5a137a0dd6
fix: guest handles to user displayname as well
4 years ago
546f58bf1f
fix: timestamp in queue, add post queue strings
4 years ago
7f5efc3e93
fix : #8992 , set email:confirmed for first admin user
4 years ago
80f0750bd4
fix: typo in upgrade script, closes #8990
4 years ago
9ab4fb412b
fix: order
4 years ago
d3c04afb98
fix : #8982 , copy color on tag rename, dont copy if target exists
...
refresh page on tag rename
4 years ago
acb576662e
fix(spec): from 6e6a7a8f8a
4 years ago
6e6a7a8f8a
fix : #8969 , export csv to file
4 years ago
007a3258a0
feat: add handler for 501 api response
4 years ago
f4d217d829
fix : #8980 , fix lang string
4 years ago
bf171adc83
fix : #8979
4 years ago
1e7cf1cbc4
fix : #8971 , disallow flags of privileged users (mods, gmods, admins)
4 years ago
dadb2527da
fix : #8974 , with password login for approval queue
4 years ago
ad8e770037
feat: add pinExpiry and pinExpiryISO to topic data
4 years ago
a56a657759
fix: missing select/clear all checkbox added to category privileges template ( #8967 )
4 years ago
ba3981e270
fix: use package.name for theme.id ( #8965 )
...
Prevents cases like #8953
4 years ago
07fe959ce5
chore: remove test code
4 years ago
b8cafefce2
fix: winston usages
4 years ago
414caac01b
fix : #8957
4 years ago
47a19d6763
fix: error message
4 years ago
5bb5ec4618
fix : #8954 , clear purged replies and toPids ( #8959 )
...
* fix : #8954 , clear purged replies and toPids
* fix: redis test
4 years ago
21d6225ce0
fix: 'already-deleting' error on subsequent account content deletions
4 years ago
93863bb3c6
fix : #8949 , faster upgrade script
4 years ago
6771ca150a
fix: add topic uid to infinitescroll
4 years ago
c037779fa1
feat: add topicOwnerPost #8778
4 years ago
ac734b8335
fix : #8912
4 years ago
4f37eddc5e
feat: clear reset tokens on user delete
4 years ago
e32cd31ec6
fix : #8918
4 years ago
3af4d13fa5
fix: basepath for r.js modules
4 years ago
00e75de736
feat: select/clear all checkboxes in privilege table ( #8941 )
4 years ago
1c0e8c1663
fix: move meta.getServerTime call to admin namespace
4 years ago
90434a4668
Revert "fix(spec): always show thumb in topic response"
...
This reverts commit 493c568a75
4 years ago
493c568a75
fix(spec): always show thumb in topic response
4 years ago
0ca40af834
fix : #8939 , fix username change notification getting filtered out
4 years ago
906d7d734b
refactor: move API banned response handler to separate internal method
4 years ago
afb26bfe48
feat: show ban reason and expiry in write api responses, if user is banned
4 years ago
eab4ca7104
fix: bug with Topics.resizeAndUploadThumb not checking for extension validity
4 years ago
2b73a14e42
fix : #8933
4 years ago
6e5ec3f895
feat: automatically unban users in onSuccessfulLogin
...
This allows write API (and probably SSO login) to go through unimpeded if a user's ban has expired. Closes nodebb/nodebb-plugin-write-api#126
4 years ago
77f0bff54f
fix : #8929 , fix popular, top rss feed urls
4 years ago
8f4060819f
Merge branch 'master' of https://github.com/NodeBB/NodeBB
4 years ago
5dd3b03125
fix: a derp
4 years ago
b18e7e319b
fix: spec
4 years ago
4ca62dc45b
fix: improper handling of scheme-relative URLs in topic thumb logic
4 years ago
3f337b5d7c
feat: #8925 , #8924
4 years ago
5fa098326f
fix: https://github.com/NodeBB/NodeBB/pull/8685
...
fix category link redirect on cold load
fix helpers.redirect if passed in url is external
fix ajaxify so it doesn't slice first character of external url
4 years ago
f33a9185ff
fix: on OP edit, call helper method to upload and resize thumb
4 years ago
9ee1fb490e
fix: https://github.com/NodeBB/NodeBB/pull/8759
4 years ago
672d4da078
feat: human readable uptime
4 years ago
6e2da9966e
refactor: move plugin hook methods to plugin.hooks.*
4 years ago
3b1c03ed50
feat: allow ACP API access to bearer tokens
...
closes nodebb/nodebb-plugin-write-api#132
4 years ago
98a05e4dde
chore: add missing plugin hook deprecation warning
4 years ago
ef3df47a6d
refactor: remove breaking change in pin expiry
4 years ago
046d0b1637
feat: allow pins to expire (if set) ( #8908 )
...
* fix: add back topic assert middleware for pin route
* feat: server-side handling of pin expiries
* refactor: togglePin to not require uid parameter [breaking]
* feat: automatic unpinning if pin has expiration set
* feat: client-side modal for setting pin expiration
* refactor: categories.getPinnedTids to accept multiple cids
... in preparation for pin expiry logic, direct access to *:pinned zsets is discouraged
* fix: remove references to since-removed jobs file for topics
* feat: expire pins when getPinnedTids is called
* refactor: make the togglePin change non-breaking
The 'action:topic.pin' hook now sends uid again, as before. However, if it is a system action (that is, a pin that expired), 'system' will be sent in instead of a valid uid
4 years ago
1be08b2e8b
fix: guest displayname
5 years ago
dbd814c25f
fix: spec, only call modifyUser on unique user objects
5 years ago
903e9d82b8
feat: #8637
5 years ago
ae5d4405c0
fix: setting
5 years ago
9ca44e6f54
feat: add displayname into user obj #8637 ( #8909 )
...
* feat: add displayname into user obj #8637
* fix: spec
* perf: dont load settings if acp setting is turned off
5 years ago
8d060065a0
fix: spec
5 years ago
e9585b9be2
fix: group userTitles translation escapes
5 years ago
965671a97b
fix: remove params from error log
5 years ago
fa4177c3bc
fix : #6407 , fix feeds
...
display latest posts instead of oldest in topic rss feed
fix missing await that was causing rss_tokens to not function
fix feed test
more tests for getTopicWithPosts
5 years ago
4e9b10ab76
feat: #5274
5 years ago
fb567a7a33
feat: #4456
5 years ago
a6afcfd531
feat: #8475 , allow flagging self posts
...
dont count flags towards self posts
dont allow flagging your own account
5 years ago
a87ccccc9c
fix: benchpress warnings
5 years ago
dfdc0c420c
fix: benchpress warnings
5 years ago
a0b7a82350
feat(api): account deletion routes for the Write API ( #8881 )
...
* feat(api): account deletion routes for the Write API
* refactor: rewrite client-side calls to account deletion to use api
* style: apply DRY
5 years ago
120999bf63
feat: #7550 , show message if post is queued when js is disabled
5 years ago
35f932cd64
feat: #8171 , add oldCategory if topic is moved
5 years ago
b44ddecdf8
feat: #8204 , separate notification type for group chats
5 years ago
1d6bcbebde
feat: https://github.com/NodeBB/NodeBB/issues/8147
5 years ago
e1d7c4d8aa
fix: internal helper method hasGlobalPrivilege, DRY
5 years ago
3ccebf112e
feat: invites regardless of registration type, invite privilege, groups to join on acceptance ( #8786 )
...
* feat: allow invites in normal registration mode + invite privilege
* feat: select groups to join from an invite
* test: check if groups from invitations have been joined
* fix: remove unused variable
* feat: write API versions of socket calls
* docs: openapi specs for the new routes
* test: iron out mongo redis difference
* refactor: move inviteGroups endpoint into write API
* refactor: use GET /api/v3/users/:uid/invites/groups
Instead of GET /api/v3/users/:uid/inviteGroups
* fix: no need for /api/v3 prefix when using api module
* fix: tests
* refactor: change POST /api/v3/users/invite
To POST /api/v3/users/:uid/invites
* refactor: make helpers.invite awaitable
* fix: restrict invite API to self-use only
* fix: move invite groups controller to write api, +tests
* fix: tests
Co-authored-by: Julian Lam <julian@nodebb.org>
5 years ago
d30ea25629
feat(deps): benchpressjs@2.2.1 ( #8887 )
...
Better warnings, faster template compiles
5 years ago
452d7f2b17
Create verified/unverified user groups ( #8889 )
...
Co-authored-by: Tudor-Dan Ravoiu <tudor-dan.ravoiu@ubisoft.com>
5 years ago
e4d2764d4c
fix : #8884 , remove header/footer cache
5 years ago
5598130a92
refactor: async/await controllers/index.js
5 years ago
f14e42d8bc
fix : #8883
5 years ago
8fbe832460
refactor: less dupe code
5 years ago
8518404e22
feat: allow groups to specify which cids to show member posts from ( #8875 )
...
* feat: allow groups to specify which cids to show member posts from
* docs: fix tests for openapi
* fix: test breakage caused by improper conditional
* feat: server-side checking of memberPostCids for validity
* feat: admin panel template update to select categories to include
* refactor: privilege helpers.isUserAllowedTo
... to helpers.isAllowedTo, allowing group names to be passed in
5 years ago
51b7eca119
fix: run every hour, dont show message if average_time is 0
5 years ago
04f4429f72
Resolve #7514 - optional timer for registration queue ( #8796 )
...
* feat: #7514 Optional timer for registration queue
* feat: show minutes in average time
* fix: don't show total number of minutes
* feat: implement requested changes
* fix: just store minutes instead of milliseconds
* feat: set default values
5 years ago
bcccb331db
docs: openapi schema for user/group exist check, session deletion
5 years ago
dc9668e417
fix: pass length to messaging checkContent hook
5 years ago
567c5f2056
fix : #8869 , dont escape category title,description twice
5 years ago
f300c933a5
refactor: move session revocation route to write api
5 years ago
9c5c32d4a5
feat: #8864 , add action:events.log
5 years ago
62c0454cfe
feat: show db info side by side
5 years ago
a0164b1c38
fix: use header/footer cache in prod
5 years ago
05a92885f2
fix: add missing maxAge to cache
5 years ago
2e44639210
fix: guest header/footer cache
...
allow clearing individual caches
5 years ago
f1f9b225b0
feat: #8824 , cache refactor ( #8851 )
...
* feat: #8824 , cache refactor
ability to disable caches
ability to download contents of cache
refactor cache modules to remove duplicated code
* fix: remove duplicate hit/miss tracking
check cacheEnabled in getUncachedKeys
5 years ago
6255874e32
feat: move mkdirp to beforeBuild so it doesnt get called twice
5 years ago
74951f5967
fix : #8846 , possible fix
5 years ago
0b30efba31
Merge branch 'master' of https://github.com/NodeBB/NodeBB
5 years ago
16d03975a0
fix: winston error message
5 years ago
d263192271
feat: group exists API call in write api
5 years ago
1446cec77f
feat: user exist route in write api
5 years ago
6b196a207f
fix: permanent redirect on user api redirect shorthand
5 years ago
f2bb42c076
fix: user exist route needs no authentication
5 years ago
60e1e99b4f
feat: new shorthand route /api/v3/users/bySlug/:userslug
...
closes #8844
5 years ago
512f6de6de
feat: allow passwords with length > 73 characters ( #8818 )
...
* feat: allow passwords longer than 73 characters
Context: A bcrypt/blowfish limitation means that password length is capped at 72 characters. We can get around this without compromising on security
by hashing all incoming passwords with SHA512, and then sending that to bcrypt.
https://dropbox.tech/security/how-dropbox-securely-stores-your-passwords
* feat: add additional test for passwords > 73 chars
* fix: remove 'password-too-long' error message and all invocations
* test: added test to show that a super long password won't bring down NodeBB
* fix: remove debug log
* Revert "fix: remove 'password-too-long' error message and all invocations"
This reverts commit 1e312bf7ef7e119fa0f1bd3517d756ca013d5e79.
* fix: added back password length checks, but at 512 chars
As processing a large string still uses a lot of memory
5 years ago
c61dee4b62
fix : #8840 , don't crash if /compose route is called with no query params
5 years ago
9e3eb5d41a
feat: #8821 , allow guest topic views
5 years ago
f68bce86a9
fix: XSS in event:banned messaging modal
5 years ago
76cd5b0fc1
fix : #8836 , truncate fullname
5 years ago
eec630f1ef
fix(acp): max-height for plugin menu list
5 years ago
891a1ea2af
fix : #8827 , do not require admin:users privilege to ban users
5 years ago
4b63f9937c
fix: check is banned in buildHeader
...
remove unused banReason
remove generateHeader function
5 years ago
a338f52780
feat: #8823 , remove hardcoded write concern
5 years ago
08ff4041aa
fix: missing await
5 years ago
c0f699e655
fix: disallow registration attempts with password length > 4096
...
This is a stopgap measure for v1.15.0
5 years ago
4818ec377e
fix: missing await
5 years ago
6e85920cb6
feat: allow mods/admins to see deleted posts on user profile
5 years ago
87bff6cd65
fix: broken test
5 years ago
dda5d42610
fix: restore old behaviour of empty json w/ 401 code in admin middleware
5 years ago
15e0731dd9
fix: deprecate middleware.isAdmin
...
Also, handle admin logout timer in middleware.admin.checkPrivileges
5 years ago
4439864ce0
fix: post editing not taking plugin hook results into account
5 years ago
a02ae6f5df
refactor: simpler check in user.blocks.filter
5 years ago
27016d221c
feat: rearrange buttons on manage/users
5 years ago
57ed6be78b
fix : #8805 define our own name for write API v3
5 years ago
266d7587b2
refactor: remove usage of middlewares
...
Specifically, middleware.isAdmin|exposePrivilegeSet|exposePrivileges
5 years ago
a6a52430ce
fix: remove setCategorySort and setTopicSort
5 years ago
aa8faf58a0
refactor: remove /users/{uid}/settings/{setting} route
...
@baris Also, I am now allowing the following properties to be saved in User.saveSettings:
- categoryTopicSort
- topicPostSort
- setCategorySort
- setTopicSort
5 years ago
6ac73ccb7e
feat: #8801 , disable express compression by default
5 years ago
3c98cd3d95
fix: topic object in post editing data return
5 years ago
1392d064a1
fix(writeapi): normalizing data
5 years ago
ec03af7a38
feat: allow passing subset of user settings on update route
5 years ago
618e098305
fix: bug where token generation route would fail on null case
5 years ago
b156b8b573
feat: wip, write api tests framework
...
re-using read api tests if possible
5 years ago
2e9f27d8ff
fix: typo
5 years ago
93bdfe2f10
perf: reorder async calls
5 years ago
88a07e69b5
feat: add filter:category.getFields
5 years ago
a05905f196
performance improvements ( #8795 )
...
* perf: nconf/winston/render
cache nconf.get calls
modify middleware.pageView to call next earlier
don't call winston.verbose on every hook see https://github.com/winstonjs/winston/issues/1669
translate header/footer separately and cache results for guests
* fix: copy paste fail
* refactor: style and fire hook only log in dev mode
* fix: cache key, header changes based on template
* perf: change replace
* fix: add missing await
* perf: category
* perf: lodash clone
* perf: remove escapeRegexChars
5 years ago
0db0231cff
feat: move postercount to topic hash
5 years ago
203db47b30
fix: return early for guests/spiders
5 years ago
156e1396f2
fix: #8789,cache meta.settings
5 years ago
a7b6d0dfe5
feat: add free and total mem usage to info
5 years ago
c26f2b6599
feat(writeapi): user settings API
5 years ago
db63f5e3f0
fix : #8781
5 years ago
177a961000
feat: new filter filter:teasers.configureStripTags
5 years ago
d68ffea80d
feat: send 'Vary' header when ACAO header set
5 years ago
1f43e98f8b
fix: allow admins adding users to global moderators
...
add new test
5 years ago
bbafa1b82a
Revert "fix: [breaking] send configured config URL as origin if not custom"
...
This reverts commit 205a10308e
5 years ago
a691be5952
fix: incorrect logic for post history editable bool
5 years ago
205a10308e
fix: [breaking] send configured config URL as origin if not custom
...
This is a breaking change if your install uses multiple URLs to access. You will need to update the Access-Control-Allow-Origin header in ACP > Advanced > Headers to supply all URLs you use to access your site
5 years ago
7a019494e8
feat: add filter.topics.getPostReplies
5 years ago
7a8f704900
fix : #8776 some users unable to restore old versions via history
5 years ago
b26e9b5993
fix : #8595 , dont save escaped data when renaming groups
5 years ago
ea31f50554
refactor: show more lines of stack trace
5 years ago
7bddec93ec
fix: sortby
5 years ago
b3619d3d47
fix : #8774
5 years ago
ff4fcc23b6
Update bundled logos with new branding ( #8702 )
...
* feat: updating logo assets, square logos missing still
* fix: squared logo for touch icon and notification fallback
* fix: update link to favicon
* feat: add default touch icon sizes, if one isn't uploaded
Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com>
5 years ago
e362c342a3
fix : #8630 , sort extra deps
5 years ago
d9a16855d0
refactor: posts api
5 years ago
272e73da53
refactor: post restore/delete/purge
5 years ago
9738e20207
refactor: merge post.edit
...
fix: dont fadeout/fadeint if title/post didnt change
5 years ago
2279e37261
refactor: deprecate socket.emit('users.search') use api route
5 years ago
083c74e059
refactor: api categories
5 years ago
e78c498e84
fix: missing doTopicAction, fix wrong api params
5 years ago
bc880ee0ca
refactor: remove sockets.reqFromSocket
5 years ago
9d81660e24
Revert "Revert "fix: appropriate 404 handling for write API calls""
...
This reverts commit 135c2d6c7d
5 years ago
135c2d6c7d
Revert "fix: appropriate 404 handling for write API calls"
...
This reverts commit b6cce75d97
5 years ago
9ee3cb9b62
refactor: topic follow/ignore to use api lib
5 years ago
68d6818bca
refactor: topic tools' actions to use api lib
5 years ago
21974a77f8
feat: topic reply to use api lib (also + missing file)
5 years ago
40598b368e
refactor: topic creation to use api lib
5 years ago
b6cce75d97
fix: appropriate 404 handling for write API calls
5 years ago
ede9435f0e
feat: send 401 for invalid-uid
5 years ago
c913900ed6
feat: async/await admin/search
5 years ago
bf480ee58b
refactor: setupApiRoute signature
5 years ago
688d7a2cc2
refactor: remove unused middleware
5 years ago
b2ff1594b8
fix: redis hget
...
'node_redis: The HGET command contains a invalid argument type.\n' +
'Only strings, dates and buffers are accepted. Please update your code to use valid argument types.'
5 years ago
e98285dbbb
fix: reimplementing isPrivilegedOrSelfAndPasswordMatch
5 years ago
84a179f48c
Merge branch 'master' of https://github.com/NodeBB/NodeBB
5 years ago
3f347baadb
fix: socket user bans
5 years ago
14f9d8b0e5
feat: send back 403 on no-privileges error
5 years ago
222b4c9533
fix: broken tests from api change
5 years ago
2d252f2fa4
refactor: user bans to use api lib
5 years ago
7d86be2bc2
fix: tests
5 years ago
e367c5403e
refactor: move groups.leave, fix some tests
5 years ago
bbbd9fee85
Merge branch 'master' of https://github.com/NodeBB/NodeBB
5 years ago
960e925e40
refactor: change password/user follow to use api lib
5 years ago
081c4fa6d4
Merge branch 'master' of https://github.com/NodeBB/NodeBB
5 years ago
430e7f5834
refactor: user deletion to use api lib
5 years ago
8ae1f81cf4
feat: refactor groups.delete
5 years ago
77481947f0
refactor: socket profile update to use api lib
5 years ago
31ae8a8323
refactor: socket profile update to use api lib
5 years ago
d69e503d21
feat: move groups.join to api
5 years ago
d07f0081b7
fix: add missing file
5 years ago
23086daead
refactor: user create and profile update to use api lib
5 years ago
5e2caf19f5
refactor: use single function for api code
5 years ago
25e4a09816
Merge branch 'master' of https://github.com/NodeBB/NodeBB
5 years ago
4418ff0716
fix : #8768
5 years ago
cc6e995ee2
fix: api bug where user profile editing continued even if not allowed
5 years ago
43afe7ffab
refactor: async/await src/user/approval
5 years ago
bae0f343e1
fix: module build
5 years ago
1fd2eba6f2
refactor: async/await
...
src/cli/manage.js
src/meta/build.js
src/meta/css.js
src/meta/js.js
5 years ago
b295d15eae
fix: tests
5 years ago
d89477cad0
refactor: use app.render
5 years ago
9dd3cc0483
feat: allow plugins to define api routes
...
via new plugin hook static:api.routes
5 years ago
a4ba23899e
feat: require https if nodebb is configured with https url
5 years ago
e6ea71c95a
fix: test
5 years ago
8c6a559188
fix: timestamp
5 years ago
331d236f6e
fix : #8763
5 years ago
a481024d27
fix: lastonline again
5 years ago
71d82ec8e0
fix: caret
5 years ago
97628e2ff2
fix: lastonline values
5 years ago
1289c10568
fix: upgrade script
5 years ago
59bbede8c7
fix: cant join system groups
5 years ago
a411df1321
fix: tests
5 years ago
dd7424e5b5
refactor: remove unused search call
5 years ago
2d6ea6e505
Merge branch 'master' into admin/users
5 years ago
a2edb86dfb
feat: change user search to use filters array
5 years ago
959314c921
feat: add filter
5 years ago
1e07886f30
feat: require csrf token if not using bearer token
5 years ago
933989e013
Merge branch 'master' into admin/users
5 years ago
682e926c6b
feat: #8662 , verified/unverified user groups
5 years ago
30b3fedca4
fix: password reset to invalidate all existing reset tokens for that uid
5 years ago
700e1e4340
feat: more fixes
5 years ago
40a05b70ef
feat: more work
5 years ago
b038ac07d8
feat: wip admin/users
5 years ago
7beaf49028
feat: set unread false for guests
5 years ago
30d6a2b84e
fix : #8756 , pass missing req to mock
5 years ago
1ee9384875
fix : #8757 , allow all slashes in category route
5 years ago
dc29f4dca2
refactor: switch to using slugify module
5 years ago
bddfcb5867
feat: #8734 , add slugify module, deprecate utils.slugify
5 years ago
f16c8268cf
feat: #8734 , move bootstrap-tagsinput to package.json
5 years ago
eab7489ec5
feat: #8734 , move deserialize/serialize to package.json
5 years ago
948f26143c
feat: #5964 , #8734 remove colorpicker
5 years ago
aedd28e0a6
fix: module name
5 years ago
cc705e5e2b
feat: #8734 , move sortable to package.json
5 years ago
300a87559f
feat: #8734 , move bootbox to package.json
5 years ago
420a312982
Merge branch 'master' of https://github.com/NodeBB/NodeBB
5 years ago
3b231360d3
feat: load jquery-form before using
5 years ago
fda2aedfd8
feat: #8734 , jquery-ui, jquery-form, timeago ( #8748 )
...
* feat: #8734 , jquery-ui, jquery-form, timeago
get rid of forum/footer.js move that code to app.js & wait for app to load before calling ajaxify.end
make sockets.js a requirejs module
move jquery-ui to node_modules and load via requirejs
move jquery-form to node_modules and load via requirejs
move timeago to node_modules and load via requirejs
only include the css for needed jquery-ui widgets
* feat: keep socket/io global for backwards compat
* refactor: move socket listener to chat
5 years ago
ae3a231fce
feat: #8734 , remove semver.browser
...
use compare-versions as a module
5 years ago
9a5b8a798a
fix: category RSS feed was displaying deleted topics
5 years ago
2c1897b373
feat: #8734 , move slideout to package.json
5 years ago
9c157de05d
feat: #8734 , move tinycon to package.json
5 years ago
45e8a4d588
fix : #8734 make nprogress module
5 years ago
43589a744d
feat: #8734 , move visibilityjs to package.json
5 years ago
8af30a51b5
fix: regression caused by 7545951725
...
/cc @psychobunny
5 years ago
a46cbb623d
feat: #8734 , move nprogress to package.json
5 years ago
aa08f8826c
feat: #8734 move r.js to package.json
5 years ago
b3ed26ac2c
feat: revoke user sessions above threshold ( #8731 )
...
* feat: revoke user sessions above threshold
* fix: removed translations from en-US
* fix: defined default maxUserSessions in install\data\defaults.json
5 years ago
4a63c20a72
chore: some optimizations for codeclimate
5 years ago
b8703ba9f6
fix(writeapi): tests
5 years ago
8ecef7b891
refactor: middleware.assert.*
5 years ago
cfee431c53
feat(writeapi): commented-out stub code for file upload
5 years ago
f870721fca
feat(writeapi): file deletion route
5 years ago
a55b381791
feat(writeapi): admin settings update route
5 years ago
2ec838fc59
feat(writeapi): token generation/delete routes, ACP updates
5 years ago
c7d15dfa94
feat: filter:settings.get plugin hook
5 years ago
3ea1aa4780
refactor(writeapi): update route prefix to api/v3, default error option
5 years ago
f67824719c
chore(writeapi): cleanup
5 years ago
0973feea16
feat(writeapi): post bookmarking
5 years ago
9942c248eb
feat(writeapi): post voting
5 years ago
5e2a3ea6ec
refactor(writeapi): post.tools.purge no longer a method
5 years ago
414169fdfa
feat(writeapi): post delete/restore/purge
5 years ago
f66c2fb60f
feat(writeapi): post editing
5 years ago
1605e5e443
feat(writeapi): topic tags
5 years ago
9be5629458
feat(writeapi): topic follow/ignore
5 years ago
da25ce4d09
feat: topic delete/restore/purge/(un)pin/(un)lock
5 years ago
675a62dadd
fix: remove debug log
5 years ago
5fc7e7bfd0
feat: add new api page to ACP menu
5 years ago
49652e6f1b
feat: management of API tokens via ACP
5 years ago
8e89f34dbf
fix: bad logic in group assertion middleware
5 years ago
8e7baac6ef
fix(writeapi): calls to profile editing routes 200 even if user DNE
5 years ago
7757f965eb
fix: errors thrown if no password sent in to profile edit route
5 years ago
549ca11056
fix: bug where middlewares seemingly ran in parallel
5 years ago
6096f74ab2
feat(writeapi): adding missing files
5 years ago
4c833d0bf0
feat(writeapi): topic posting and replying
5 years ago
40dc1c38d3
feat(writeapi): added DELETE /groups/:slug/membership/:uid route
5 years ago
68ecf41ecf
fix(writeapi): client-side group join API call
5 years ago
952dc211dd
feat(writeapi): added group joining and deletion
5 years ago
Barış Soner Uşaklı
Julian Lam
psychobunny
Peter Jaszkowiak
Barış Soner Uşaklı
ahwayakchih
gasoved
Opliko
Manuel Valle
Tudor-Dan Ravoiu
Opliko
cryptoethic