allow selecting main topic to merge into
allow specifying a new title for merge topic
upon merge go to correct topic
new tests for merging with options
* feat: add privilege give/rescind hooks
action:privileges.categories.give/rescind
action:privileges.global.give/rescind
breaking change, privileges.categories.give/rescind and privileges.global.give/rescind use full privilege name for groups ie `groups:find` instead of `find`
* fix: tests, privileges renamed
* feat: testing suite integration for openapi spec
The testing suite now takes the openapi spec into account. It will
check each route defined, make a call to it, and compare the
response with the defined schema. Any mismatches will cause the
test to fail.
* fix(openapi): removed debug stuff from tests
* fix(openapi): fixed some tests
* fix(openapi): added additional check to tests, test fixes
* fix(openapi): better tests, fixed spec errors
* fix(openapi): bad conditional in test
* fix: oops
* fix(openapi): more tests fixing
* fix(openapi): more tests
* fix(openapi): fix some more tests
* fix: verbose'd an info log
* fix: topic pagination route returns schema-optimized pagination block
* fix(openapi): more test/spec fixes
* fix(openapi): accidentally sending in authenticated jar for anon routes
* fix(openapi): more test/spec fixes
* fix(openapi): more spec fixes
* fix: timestampReadable Invalid Date
* fix(openapi): more tests... almost there
* fix(openapi): more tests fixing
* fix(openapi): finally all tests passing
* fix(openapi): added reverse test to compare response to spec
... and fixed all the tests that broke
* fix: remove tests related to group covers, as route is gone
* fix(openapi): broken test on travis
* fix(openapi): broken test on travis
* fix(openapi): broken test on travis
* fix(openapi): object cache is not present for psql
* fix: tests
Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com>
* fix: #8142, broken site if no server-side session
During the `addHeader` middleware, a check is now done to see if
`req.session.meta` is present. This value is only present if the user
has a valid server-side session. If it is missing, then it is probably
safe to assume that the server-side session was deleted (either
intentionally or accidentally). In that scenario, the client-side cookie
should be cleared.
Also, there was an issue where the sessionRefresh flag was never cleared
after a successful login, so that was fixed too.
* feat: exported method to get cookie config
* fix: don't clear cookie if cookie is being set
* fix: socket.io tests
Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com>
* feat: add assignee checking when updating flag
Prior to this, it was possible to update the assignee to any value (or
any user. This commit adds checking to allow only admins, global
moderators, or in the case of flagged posts, moderators.
Also some prep work was added for value checking `state`.
* feat: value checking `state` on flag update
The state should be one of the constants defined earlier in the file.
* feat: add failing test for pagination
* feat: test
* fix: redis tests
* refactor: remove logs
* fix: add new test
* feat: make sortedSetRangeByScore work with keys on redis
* fix: hardcoded set name
* feat: show topics from readable categories on recent/popular/top
* feat: rewrite unread topics
respect watched categories and followed topics
* fix: term + watched
* Add view users info global privilege
* Show user ip only to global mods and admins
* fix missing comma
* Hide link for users without correct privilege
* move getting privilege information to getAllData
* Hide the link from Global Moderators as well
* Give Global Moderator view:users:info privilege
* Restrict ip in post menu to view:users:info
* add some trailing commas....
* Add privilege to categories test
* Add group privilege to categories test
* add upgrade script
* fix style for TravisCI
* more styling - change spaces to tabs
* some more styling fixes (hopefully final one)
* fix style for Travis CI
* hide ip in chat messages
* Don't show even hidden ips on user profile page
Barış Soner Uşaklı
Julian Lam
Peter Jaszkowiak
Andrew Rodrigues
Opliko