55d7e55867
fix: tests
4 years ago
6ed7e937ce
refactor: fix wording
4 years ago
47c8c69264
fix: keep query string on redirects
4 years ago
5fd190f7c4
feat: #9651 , change category desc to multiline
4 years ago
8e0561f226
perf: cache Topics.getTopicsTags
4 years ago
10ddfff38f
perf: bypass getMultipleUserSettings
4 years ago
e03782f218
fix(docs): #9648
4 years ago
c9348efbdc
feat: add merge/fork hooks
4 years ago
b896484351
fix : #9634 , re-jig top bar of Admin > Manage > Users
4 years ago
97c8569a79
fix: hide private user data in api/v3/users/[uid]
4 years ago
d9e2190a6b
fix: numThumb upgrade script
4 years ago
fee782c436
fix: acp dashboard sometimes not loading on cold load
4 years ago
849049765b
fix : #9636 , sanitize all attributes in meta and link tags
4 years ago
acdbd04913
fix : #9627
4 years ago
db65360c0d
fix(post-queue): moderatedCids is an array of numbers ( #9631 )
4 years ago
52596902a6
feat: #9617 update fa link
4 years ago
909db3ae71
Merge branch 'master' of https://github.com/NodeBB/NodeBB
4 years ago
ab6f062ff9
fix: prevent crash in expandObjBy #9618
4 years ago
1bf263c4a2
9622 ( #9625 )
...
* fix : #9622
dont allow regular user to remove system tags
* refactor: add guest/spider check to isPrivileged
string/trim tag
4 years ago
0d975bc4fb
fix: dont show system tags in whitelist dropdown to regular users
4 years ago
84e065752f
fix : #9622 ( #9623 )
...
dont allow regular user to remove system tags
4 years ago
73f40e96a5
fix : #9620 , fix notif delay
4 years ago
c92fc19b5c
fix : #9619 , add group chat filter to /notifications
4 years ago
3cd9434b56
fix: scope
4 years ago
1eda538da5
fix : #9615 , catch exceptions in renderOverride
4 years ago
46a454f194
feat: add bodyClass to 500 page
4 years ago
8168c6c407
fix: purge uploaded images accordingly #9606 ( #9611 )
...
* fix: purge uploaded images accordingly
* fix: tests
* fix: relative paths
4 years ago
a2400f6baf
fix: accidental unnecessarily strict conditional that effectively rendered SSO state checking opt-in instead of opt-out
4 years ago
f9728aff2c
feat: clear reset tokens on successful login
4 years ago
5c42b3eab0
test: fixed broken tests from #9605 , removed token clean on token usage as it is superceded by token clean on generation (+ associated test)
4 years ago
f6c14d6b62
fix: introduce artificial delay + delay fudging on invalid email during reset token generation
4 years ago
229f96f872
fix : #9605 , expire all active reset tokens for a uid if that uid generates a new one
4 years ago
8c952aa381
fix: lint
4 years ago
be19f27f40
feat: add filter:categories.categorySearch
4 years ago
cc0cf99fed
feat: allow nested properties on category page ( #9601 )
...
* feat: allow nested properties on category page
* fix: remove debug
* fix: remove debug
4 years ago
8ea58432c9
feat: show ip on acp manage users
...
update url on search
show matching ip when searching by ip
add ip to export csv
4 years ago
6695927ea9
fix: pagination on acp users search
4 years ago
05cc7ccb60
feat: make undoTimeout configurable, closes #9599
4 years ago
2b42e7edb0
chore: lint
4 years ago
6f73261186
fix: extra ')'
4 years ago
d07229aa6b
chore: fix indentation
4 years ago
edcba61aa9
fix: disallow editing of other users' notes
...
Feel free to close this if it is intentional, but as you are not allowed to delete other users notes I expect you shouldn't be able to edit them. Editing another users post also changes ownership, allowing you to then delete it.
I also added `error:` to the errormessage so that they display properly.
4 years ago
ca72aa93d7
Locks bug failing test ( #9595 )
...
* test: failing test for issue
* fix : #9593 , don't lock if email is identical to username
* fix: lock calls after first call
* fix: add back email check
* test: remove invalid test
Co-authored-by: Julian Lam <julian@nodebb.org>
4 years ago
816856b0c6
feat: introduce boolean res.locals flag to bypass session reroll (used by session-sharing)
...
The session reroll logic is still standard practice, but in some cases, it is not necessary or causes UX issues. An issue opened in session sharing (julianlam/nodebb-plugin-session-sharing#95 ) brought this to attention in that parsing the cookie to log in the user caused a reroll (as expected), but caused the session open on other tabs to be mismatched. If "re-validate" was turned on, it basically meant that it was not possible to use NodeBB with multiple tabs.
Session sharing now sets `reroll` to `false` if re-validate is enabled.
4 years ago
286644d0b8
fix : #9592 , check session
4 years ago
3717df610a
fix: don't crash if session doesn't exist
4 years ago
66cae54ee3
fix: lint
4 years ago
57e46e41e3
feat: allow modifying default category privileges
4 years ago
16e0bca570
fix: improper use of filename extensions
4 years ago
d8d6c98970
fix: return null
4 years ago
ac7b093f99
feat: add filter:notifications.create
4 years ago
3fb7444580
fix: returnOriginal deprecation
...
https://github.com/mongodb/node-mongodb-native/pull/2808
4 years ago
3d5fef6e80
feat: pass req.query to getUnreadData
4 years ago
d2960aeb09
feat: added GET user route for api v3
4 years ago
48b8e3bb3f
fix: error when trying to trim an object
4 years ago
9ebfdeb7ee
fix : #9580 , proper 404 when ajaxifying
4 years ago
09f5179216
fix: lint
4 years ago
77dde41f7b
feat: keep query string when redirecting category
4 years ago
951e71a0e5
fix : #9567 fix tests
4 years ago
5215c30ade
fix : #9567 , use regular 404
4 years ago
3d6bdeb3df
feat: add req.query to flags.list/getCount
4 years ago
d35c64b1a2
feat: add filter:flags.getFlagIdsWithFilters
4 years ago
1ec9739629
switch to request-promise-native ( #9561 )
...
* refactor: cli/upgrade async/await
async/await cli/upgrade-plugins
remove unused payload.files
* fix: add missing await
* refactor: use request-promise-native
4 years ago
ac86937c88
refactor: cli/upgrade async/await ( #9558 )
...
* refactor: cli/upgrade async/await
async/await cli/upgrade-plugins
remove unused payload.files
* fix: add missing await
4 years ago
1ce595083a
fix: ioredis upgrade fix, maybe
4 years ago
4afca6900b
feat: add filter:user.getWatchedCategories
4 years ago
1d9cfe1e96
fix: bug where interstitial errors were not properly passed to the front-end via req.flash
4 years ago
518157d9fa
feat: pass req.query to getUserDataByUserSlug
4 years ago
0551642a35
fix : #9553 , use same fields for user search results in acp
4 years ago
94c12e3771
feat: #9508 , add cluster support
4 years ago
a3d6c56ec3
feat: #9551
4 years ago
ffa8016355
fix: lint
4 years ago
fad5988ed6
fix: tests
4 years ago
074ee859c4
fix: tests
4 years ago
1f3e660108
feat: add template to hook
4 years ago
a2442ee914
feat: add filter:account.getPostsFromUserSet
4 years ago
dd81dd03e0
fix( #9508 ): switch to ioredis ( #9545 )
...
* switch to ioredis
also need this fix in redisearch:
redis-search.js:98
```
redisClient.multi(cmds).exec(function(err, ids) {
if (err) {
return callback(err);
}
var errRes = ids[resultIndex];
if (errRes[0]) {
return callback(errRes[0]);
}
callback(null, errRes[1]);
});
```
* dbsearch compatible with ioredis
* fixed dbsearch?
4 years ago
0096cf178a
refactor: bubble other errors
4 years ago
a9bb108802
fix: wrong error message checked
4 years ago
ec6d1e2321
fix : #9507 session reroll causes socket.io to become confused ( #9534 )
...
* fix : #9507 session reroll causes socket.io to become confused
* fix: added return
* fix: simpler logic for error handling
* fix: overly sensitive catch
4 years ago
f6b583bb9d
feat: #9533 , allow redirect in build hooks
4 years ago
2c22b06feb
fix: isObjectField(s) empty field
4 years ago
7c1e163d82
Revert "feat: add _hooks metadata object to all hooks that have object-type params"
...
This reverts commit 46899ccadb
4 years ago
46899ccadb
feat: add _hooks metadata object to all hooks that have object-type params
4 years ago
d8e4fd4cdd
feat: add filter:categories.copySettingsFrom
4 years ago
084c985117
feat: guard against multiple resolves
4 years ago
5fe97b9c2e
revert: sync hooks
4 years ago
6ed8890c2e
fix : #9512 , fix chat icon if no privileges
4 years ago
b40fc4b64d
feat: #9511 send notifications on accept/reject
4 years ago
a478dc7ee8
feat: add filter:middleware.autoLocale
4 years ago
308252f566
fix : #9503 , dont error in markUnread if room doesnt exist
...
this prevents deleting the user if they are the only person in the chat room
4 years ago
9e07efc126
fix: use socket.request.headers
4 years ago
ed534f34f5
fix: buildReqObject headers for socket.io calls
4 years ago
01956af43a
feat: remove sync hooks support
4 years ago
4e490f6058
test: fix redis tests
4 years ago
92de49be00
test: add test for undefined fields in getObjectsFields
4 years ago
1db8920b18
refactor: make debug handler async
4 years ago
8b79c7f139
fix: regress. rescheduling shouldn't add to sets that pinning removed… ( #9477 )
...
* fix: regress. rescheduling shouldn't add to sets that pinning removed from
* test: remove the also from tests
4 years ago
9b71b087ec
feat: lang strings
4 years ago
435067aa5f
test: remove logs
4 years ago
2ea468daa3
test: clear cache between runs, require middleware later in helpers
4 years ago
d15e27107e
test: log
4 years ago
354e0a822d
test: remove equals
4 years ago
4dd3844680
fix: logic is hard
4 years ago
2e9efc0e8a
fix: wrong variable for cache
4 years ago
fa0c92a7c4
fix: eslint
4 years ago
ea22cd302a
fix: use req.ip instead, since guests can upload as well
4 years ago
a9978fcfd2
feat: rate limit file uploads
4 years ago
36f119a96a
fix : #9492 , keep query params on redirect
4 years ago
8faa6e4515
feat: filter flags by username #8489 ( #9451 )
...
* feat: filter flags by username #8489
* feat: toggle flag filter text
4 years ago
1fee6a702a
fix : #9487 , session data gathered during a session is lost upon login
...
e.g. returnTo, tids_viewed, etc.
4 years ago
697ed3bf37
feat: roll session identifier on login, as security best practice
...
see: https://owasp.org/www-community/attacks/Session_fixation
4 years ago
e845c34b52
fix: registration interstitials not handling promise rejections properly
4 years ago
4494728cf8
feat: allow different slugs
4 years ago
60eed8d89f
fix: let recent replies respect oldest/newest sort settings
4 years ago
6907837fce
fix : #9483 , fix events count display
4 years ago
161081e960
fix: escape flag reason
4 years ago
fd3bc605c6
feat: remove sort again
4 years ago
2dc3283f19
fix: updateCategoryTagsCount
4 years ago
f9df6431c9
revert: revert tag sort
4 years ago
036f935fa9
fix : #9473 ( #9476 )
4 years ago
397baf0254
refactor: widgets ( #9471 )
4 years ago
f65d2162f8
feat: update hook
...
Hook payload updated to pass login strategy (if overridden, this value will be something other than 'local'), and explicitly pass error if the login failed.
4 years ago
f32ea1737a
fix : #9466 , don't call leaveRoom in maintenance mode
4 years ago
a0dd90804c
fix: exempt ST from being del/res via last main posts ( #9468 )
4 years ago
784600d930
fix : #9462 , on install copy default favicon
4 years ago
05f2236193
feat: add reverse of recent to getSortedTopics
4 years ago
9c52fd2e74
fix : #9450 express session saved even if saveUninitialized explicitly passed in
4 years ago
285aa36556
feat: allow exists methods to work with arrays and single id
4 years ago
d16b45fd2d
feat: pass all data to filter:category.get
4 years ago
aa0137b1c4
feat: rescheduling (editing ST) ( #9445 )
4 years ago
9e1f72a435
feat: optional urlMethod param for loginStrategies
4 years ago
2a03012e2c
fix: ./nodebb help with commander@7 ( #9434 )
...
hopefully this one last as long as the last one did
4 years ago
728ac5ff72
perf: increase batch size for notifs, run parallel
4 years ago
344575dde1
feat: add hooks to language loading ( #9426 )
...
and flushNamespace method
4 years ago
edf80cfb3b
fix: hide titleRaw for deleted topics as well
4 years ago
a1ee1a2a76
chore: remove log
4 years ago
c5dda64fa8
fix : #9410 , fix post queue
...
items in the cache were parsed over and over again
4 years ago
9052db930f
fix: privilege tables
4 years ago
077330b764
feat: scheduled topics ( #9399 )
...
* feat: scheduled topics
* refactor: linting fixes
* fix: tests
* fix(test): race condition
* fix: make a single request
4 years ago
67b09cba5f
fix : #9420 , paginate after loading notifications
4 years ago
e42b152f16
fix : #9414 , use posts:view_deleted
4 years ago
a94d96514e
feat: show link if category is a link
4 years ago
2ceda70a97
fix: preserve order when changing parent
4 years ago
d00268c9b8
refactor: style, no need to convert length to string
4 years ago
d8ff9851a3
fix: typo in switch..case
4 years ago
801570e4cf
fix : #9404 , show signatures if the target user has signature privilege
4 years ago
75553b246c
fix: sorting when filtering by uid
4 years ago
98b72ca572
fix: allow local (and overridden) login strategies to pass Error objects back
4 years ago
6aa60b63b5
fix: category search not using uid
4 years ago
56523aa148
revert: change toPid truthy
4 years ago
90d64fe1df
fix : #9398 , crash on post flag
4 years ago
a8f7b24452
fix : #9395 , pass all data from client to Topics.reply ( #9396 )
...
* fix : #9395 , pass all data from client to Topics.reply
so plugins can set custom fields
refactor and use setDefaultPostData
* fix: circular json error
* refactor: change params
4 years ago
4ac38ab2bc
fix: lint
4 years ago
eb360351e5
fix : #9394 , fix guest handles
4 years ago
5c59354c58
fix : #9389 , allow admins to add themselves to private groups
4 years ago
4327a09d76
feat: allow optional fields argument on db.getObject(s) ( #9385 )
4 years ago
f316c4d4b8
refactor: remove uncessary check
4 years ago
e789fe8d2a
fix : #9383 , don't show deleted topic titles in inf scroll
4 years ago
cc489708ee
fix : #9378 , crash on verifyToken if API Token settings not saved (null case error)
4 years ago
35700d1634
fix: closes #9382 , fix digest topic links
4 years ago
668508cc37
feat: closes #9380 , add category filtering and topic tools to tag page
4 years ago
34b9aaedee
feat: allow sync function ( #9379 )
...
* feat: allow sync function
* fix: remove async
4 years ago
e725beaa4a
Revert "feat: allow filter functions that return promises or the data directly"
...
This reverts commit e6c52cf26c
4 years ago
e6c52cf26c
feat: allow filter functions that return promises or the data directly
4 years ago
53f67ff396
fix: regression from filter hook change
4 years ago
52082e1296
feat: add resolve flag to post tools
4 years ago
2a939aad8d
fix: regression via c1b3079d93
...
Also refactored privilege render logic so that it no longer needs a server-side hack to render column count
4 years ago
4cbd13fd9c
feat: hide revert button in ACP > Privileges until privileges change
4 years ago
46270f9f20
feat: bring back static hook timeout
4 years ago
d05d7091ae
refactor: remove async.each/reduce from hooks for better stack traces
4 years ago
0d3979efd0
refactor: use hooks.fire
4 years ago
9382fc6dc5
fix : #9370 , show correct teaser index if sorting is newest to oldest
4 years ago
1982edfde3
refactor: fix variable name
4 years ago
3c60ccfd4d
feat: upgrade connect-mongo, closes https://github.com/NodeBB/NodeBB/pull/9367
4 years ago
f71cb0e427
feat: pass interstital errors to individual partials as well as to registerComplete
4 years ago
5eb3132dae
feat: add filter:plugins.firehook
4 years ago
ebccc7940b
fix: don't copy if src doesn't exist
4 years ago
754283d37b
feat: copy default favicon if it doesn't exist
4 years ago
771a8955a4
fix : #9362 best not to check file exists on every page load; copying favicon to uploads/system folder instead
4 years ago
ad5654952a
fix : #9362
4 years ago
678e8f0fde
fix: regression where login redirect for admin routes didn't go to local=1
4 years ago
4b5450853d
feat: allow missing (or non-array) middlewares argument in route helper methods
4 years ago
e74df53997
feat: pass modified params, only affects filter hooks
4 years ago
696c489524
feat: add back topic id input
4 years ago
166d65a1ba
fix: add back middleware.authenticateOrGuest
4 years ago
e3b2c00db1
fix: request authentication called twice in account routes
4 years ago
7da061f0d7
refactor: automatically authenticate all requests setup through route helpers ( #9357 )
...
* refactor: automatically authenticate all requests setup through route helpers
* fix: removed connect-ensure-login dependency
* fix: bug with some middlewares not defined outside route helper methods
4 years ago
3aa26c4df2
fix : #9339 , only log email errors once per digest, notification push
...
show notice in acp
4 years ago
3f42d40c78
fix: winston.info
4 years ago
0021c6019e
refactor: async listen testSocket
4 years ago
c5e257888a
fix : #9351 bad logic when inserting rows to privilege tables, also a missing tfoot 🦶
4 years ago
bfd512b99b
feat: expose username validation logic to user lib, new hook `filter:username.check`
4 years ago
e5133a78f8
feat: add $.deserialize to client side
4 years ago
902a88c25e
feat: remove promise-pollyfil
4 years ago
c1b3079d93
feat: category privilege API routes
...
closes #9342
4 years ago
c8b78654d9
fix: bad assignment
4 years ago
fbe9215b17
fix : #9348 incorrect redirect via connect-ensure-login
4 years ago
0af9d26fe5
feat: change uploadCroppedPicture to use updateProfile as well
4 years ago
a598abcd8e
feat: use updateProfile for picture change
...
so it triggers action:user:updateProfile
4 years ago
f806befd2f
fix: bug where loginSeconds setting was ignored for local login
4 years ago
1155b0c42f
feat: allow payload to be passed to emailer test method
4 years ago
00a68a9548
feat: add additional flag hooks [breaking]
...
`action:flags.create` on initial flag creation
`action:flags.notify` on notification to admins and moderators
`action:flags.addReport` on flag report addition (called during initial flag create, too)
4 years ago
069ac60f62
feat: add uid of user who created flag to action:flags.create
4 years ago
b9fd2c87f3
chore: bump deps ( #9335 )
...
* chore: bump deps
* fix: husky git hooks
4 years ago
2737f6531b
fix: notif pruning
4 years ago
02f08111cf
feat: keep notifs for one month, load 50 notifications instead of 30
4 years ago
9bf94ad50f
fix: allow interstitial callbacks to be functional (no cb required)
4 years ago
cdf5d18f54
fix: don't publish before pubClient is connected
4 years ago
86b0c57d7a
feat: also pass in uid to `filter:email.prepare`
4 years ago
27ea3dcb2f
feat: new hook `filter:email.prepare`
4 years ago
bf90d15881
feat: new hook static:email.send
...
deprecates filter:email.send
4 years ago
0dad568cbe
perf: faster category tags upgrade script
4 years ago
95033ef756
perf: use setObjectBulk
4 years ago
a07509f770
perf: make upgrade script faster
4 years ago
48f1e265f4
fix: remove unused async
4 years ago
0959b1248b
perf: make upgrade script faster
...
use bulkAdd/remove
4 years ago
14a6c349c2
feat: show time info for upgrade scripts
4 years ago
293b7c2650
refactor: privileges, export modules directly ( #9325 )
...
fix unused/commented out methods in admin privileges
4 years ago
984c9dd915
fix: in setupPageRoute helper, buildHeader after plugin hooks have fired
...
To allow for a plugin to call doLogin and have it properly reflect in the header
4 years ago
73dc64d9ff
feat: add dashboard sub-pages to ACP menu
4 years ago
0804d54759
spec: schema docs for new ACP dashboard subpage routes
4 years ago
2f89b0d791
feat: recent logins sessions table in dashbaord subpage
4 years ago
e1ed514b10
feat: topics dashboard details subpage
4 years ago
c57c77030e
feat: update user list in dashboard/users on graph update
4 years ago
f8e1a74c26
fix: wrong qs param, allow string to be passed to util.getDaysArray
4 years ago
cc93822436
feat: show list of recent users in dashboard/users
4 years ago
6fdcae7320
feat: req.query parsing and dynamically loading data instead
4 years ago
f561799f74
refactor: abstract out some client side dashboard code into modules, analytics subpages for users, topics, and logins
4 years ago
079a13d41a
feat: new hooks for notifications get/getCount
4 years ago
0d59fe3d2b
fix( #9315 ): api v3 post, put, del JSON
...
also allow `app.alertError` to be called without an argument
also fix `./nodebb build --dev` to actually build in dev mode
4 years ago
dbe5f7027b
fix: wrong call to sortedSetAdd
4 years ago
16d3c45782
feat: report login statistics from analytics data, instead of its own zset
4 years ago
9a9f366d3b
feat: track login sessions for admin dashboard reporting
4 years ago
020f0b8322
fix: session not persisting to database in some scenarios
...
In some edge cases (e.g. SSO plugin redirecting the user immediately), with modern browsers, the request is never "completed" for speed. This causes a condition where the session object never persists to the database, even though it has changed. This added line forces a db persist on a successful login.
Context: https://github.com/expressjs/session/pull/484
4 years ago
504fd107c7
feat: track successful logins in analytics
4 years ago
d3a9e76ae2
test(user): added additional tests for icon background colour
4 years ago
955021247e
feat(user): icon background selector in change picture modal
4 years ago
fbccf6e22f
refactor(user): all plugins to change list of icon background colours
...
One notable change is line 200, where a conditional was changed. The conditional used to check for `user.hasOwnProperty('picture')` and was added so that icons would only be included in the response if the picture was requested. This doesn't seem to apply as picture could be set regardless (see default avatar logic above), so I explicitly check `requestedFields` now.
4 years ago
ed3d9dcbbf
feat: pass post object to filter:post.tools
4 years ago
0e07f3c9ba
feat: allow defining a list of system tags
4 years ago
25c8f02634
fix : #9307 , use _.flatten
4 years ago
2fef462782
fix: awaiting res.render in send404 controller
...
>
> A plugin wanted to use `response:rotuer.page` to 404 a specific page on some condition. res.render returns early in send404 and so must be awaited otherwise multiple responses will be sent
4 years ago
65c57c730c
docs: added comment re: #9305
4 years ago
34096b73ef
fix: do not overwrite `config.port` from URL, if it's already set
...
If URL was set to something like `http://example.com:8080 `, and port
was set to 4567, keep listening on port 4567 and keep linking through
URL that was specified.
This allows to listen on port 4567, while having NGINX (or any proxy)
set to listen on port 8080 and route traffic to port 4567.
So NodeBB can be "hidden" behind proxy while URL can still contain
non-standard port, i.e., port different than 80 and 443.
4 years ago
8686fbfa3f
fix: switch back to getSortedSetRange
...
/cc @barisusakli
4 years ago
9ce6f8ad93
feat: add tag filter to getSortedTopics
4 years ago
5286f20862
refactor: remove dupe code
4 years ago
7223074f1d
feat: ability to re-order topic thumbnails
4 years ago
91734a6484
fix: settings v3
4 years ago
0738dae895
feat: #9304 , add category/topic/username to post queue notification emails
4 years ago
8f0386d9ac
feat: add failing test for list append/prepend with list ( #9303 )
...
* feat: add failing test for list append/prepend with list
* feat: mongo/psql
* feat: improve test
4 years ago
1ae8dda8a8
chore: extra console.log
4 years ago
7ebb6d3056
fix: thumbs.associate logic fix + tests
4 years ago
7665adf7d1
fix: missing awaits, possible test fix
4 years ago
9a6cf3d967
fix : #9301 , dont call sitemapstream if there are no entries in categories/pages/topics.xml
4 years ago
50664487b9
test: additional tests for topic thumbs
4 years ago
807b0d4348
fix: properly incase its the same path
4 years ago
76bcc0c99c
fix: numThumbs count on associate
4 years ago
1490b32d1b
fix: missing cache deletion calls for post-queue cache
...
/cc @barisusakli
4 years ago
3e6640efb2
refactor: thumbs.associate accepts both relative path and url in path arg
4 years ago
a4b4a5566d
feat: link to post-queue from topic event
4 years ago
8fd78ce512
feat: post-queue topic event
4 years ago
3f35fd335d
feat: add post-queue cache
4 years ago
36f2021186
refactor: move post queue retrival code to posts.getQueuedPosts
4 years ago
b81508c4e2
fix: init topic events from webserver.js
4 years ago
6074a0fbbf
refactor: call topic events init from within file itself
4 years ago
cc275e1016
Revert "feat: newsletter opt-in/out in UCP, closes #21"
...
This reverts commit 3c7cd9a6c4
4 years ago
3c7cd9a6c4
feat: newsletter opt-in/out in UCP, closes #21
4 years ago
3595473485
feat: load user posts/topics via xhr on infinitescroll
4 years ago
b753c69cfe
fix: check null topics
4 years ago
58cd797e4c
fix: guard against null topics
4 years ago
c953b1b3d1
fix : #9292 , messageobj.content already parsed
4 years ago
4b2bf12fd1
feat: #9294 , put new categories at top
4 years ago
9d17f397c0
fix(remountable-routes): more fixes to remountable routes
...
fix: ensure proper admin privilege checking on remounted `/admin` mount
fix: guard against plugins sending back missing mounts
fix: no need to make addRemountableRoutes awaitable
4 years ago
16c1d6e937
style(remountable-routes): abstract removable routes code to a separate local fn
4 years ago
1f28713f1a
refactor(remountable-routes): rename `src/routes/accounts.js` to `src/routes/user.js` to better match the route prefix
4 years ago
bc68e990af
fix(remountable-routes): bug with user routes remounting to itself
4 years ago
9021f071d4
feat(remountable-routes): allow category and account routes to be remounted
4 years ago
f01af62b53
feat(remountable-routes): allow /admin and /post to be remountable
4 years ago
92758ec50d
refactor(remountable-routes): allow certain route prefixes to be mounted elsewhere
4 years ago
765db86d4e
fix: clear category cache on copy parent
4 years ago
ed3e9ce2e2
fix: delete category cache key on category create
4 years ago
c61cc37bba
fix: typo
4 years ago
cf4002bcc9
perf: cache base_url
4 years ago
5ce2820799
perf: single call to get digest topics, dont send duplicate topics
4 years ago
90d5c9da44
perf: single db call to add all uids
4 years ago
a5fa212fc7
fix: wait for event.log to finish before killing process
4 years ago
0185ea1b4f
perf: make digests a little bit faster
...
and use batch.processArray
dont load data for users who have no email or have not confirmed their emails
4 years ago
b6493f896f
fix: tests, only generate csrf_token on 404 gets
4 years ago
94f72d6093
fix : #9287 , generate csrf_token on 404
4 years ago
783786cf8c
fix: do not blindly escape a notification's bodyLong
...
For 7+ years we were escaping this value, but it is in many cases already sanitized (as it may be a post content). For those cases when it is not, I now run it through parse.raw.
Instead of escaping, it now strips p, img, and a tags.
4 years ago
670cde78da
feat: add invalid event name to error message
4 years ago
cc9d6fd08b
chore: eslint max-len
4 years ago
5c2f0f0557
chore: eslint no-restricted-syntax
4 years ago
115d19e289
chore: eslint prefer-rest-params, prefer-spread
4 years ago
23f212a4c0
chore: eslint prefer-destructuring
4 years ago
8d1462ffd8
chore: eslint object-curly-newline
4 years ago
62869bae3d
chore: eslint function-paren-newline
4 years ago
dab3b23575
chore: eslint no-var, vars-on-top
4 years ago
b56d9e12b5
chore: eslint prefer-arrow-callback
4 years ago
707b55b6a5
chore: eslint prefer-template
4 years ago
4ee0f1459d
chore: eslint import/newline-after-import
4 years ago
dad01e3051
chore: eslint no-bitwise
4 years ago
fca17cb713
fix: move service worker back to relative_path/service-worker.js
4 years ago
a4878a5b22
fix: markread selector
4 years ago
7eebcbdbbc
perf: only load thumbs for topics that actually have thumbs
4 years ago
47299ea587
Categories refactor ( #9257 )
...
* feat: wip categories pagination
* feat: add subCategoriesPerPage setting
* feat: add load more sub categories button to category page
* fix: openapi spec
* feat: show sub categories left on category page
hide button when no more categories left
* breaking: rename categories to allCategories on /search
categories contains the search results
* fix: spec
* refactor: remove cidsPerPage
* fix: tests
* feat: use component for subcategories
* fix: prevent negative subCategoriesLeft
* feat: new category filter/search WIP
* feat: remove categories from /tag
* fix: dont load all categories when showing move modal
* feat: allow adding custom categories to list
* breaking: dont load entire category tree on post queue
removed unused code
add hooks to filter/selector
add options to filter/selector
* feat: make selector modal work again
* feat: replace old search module
* fix: topic move selector
* feat: dont load all categories on create category modal
* fix: fix more categorySelectors
* feat: dont load entire category tree on group details page
* feat: dont load all categories on home page and user settings page
* feat: add pagination to /user/:userslug/categories
* fix: update schemas
* fix: more tests
* fix: test
* feat: flags page, dont return entire category tree
* fix: flag test
* feat: categories manage page
dont load all categories
allow changing root category
clear caches properly
* fix: spec
* feat: admins&mods page
dont load all categories
* fix: spec
* fix: dont load all children when opening dropdown
* fix: on search results dont return all children
* refactor: pass all options, rename options.cids to options.selectedCids
* fix : #9266
* fix: index 0
* fix: spec
* feat: #9265 , add setObjectBulk
* refactor: shoter updateOrder
* feat: selectors on categories/category
* fix: tests and search filter
* fix: category update test
* feat: pagination on acp categories page
show order in set order modal
* fix: allow drag&drop on pages > 1 in /admin/manage/categories
* fix: teasers for deep nested categories
fix sub category display on /category page
* fix: spec
* refactor: use eslint-disable-next-line
* refactor: shorter
4 years ago
e40af441c9
fix: cache key collision
4 years ago
a6fa351b72
feat: pass req.session into buildReqObject
4 years ago
4f97639009
feat: new hook `action:login.continue`
4 years ago
67e3fb6498
fix: register returnTo logic to match login route
...
Login route saves the previous page by checking for the X-Return-To header. This header is automatically set by ajaxify.
Login takes this value and saves it to `req.session`.
Up until now, `/register` saved the previous URL in a hidden input, and redirected based on that value, but it occasionally conflicted with req.session.returnTo. It was also confusing because it did not match how login handled the values.
This commit updates the route handling so it works identically to `/login`.
4 years ago
492cbc6227
fix: tests
...
/cc @pitaj
4 years ago
5e5d37c38f
fix( #9252 ): pass site domain to nodemailer ( #9254 )
4 years ago
f79aeef889
fix: posts.uploads.sync dissociates uploaded thumbs of the main pid
4 years ago
c729adeb08
fix: privileges page - tweak icon position and width, group name wrapping
4 years ago
970bd06fd2
refactor: improvements
4 years ago
53e0d4d2e0
feat: banned-users group
4 years ago
cabec378f4
fix: openapi test specs
4 years ago
7c9674de6c
fix: include admins
4 years ago
a2a7557cc0
refactor: update dom after diff deletion better
4 years ago
eaf9d2e44a
fix: include admins, limit to category mods, correct privilege name
4 years ago
72b050b4a8
test: post diff deletion tests
4 years ago
eb642f40b9
feat: #9109 , ability to delete a post's diffs
4 years ago
fffdc4e0ca
feat: #9234 , add pagination to /api/recent/posts/:term?
4 years ago
2bc74cffe6
fix : #9127 , scope service worker to relative_path for the forum ( #9239 )
...
Adds a `Service-Worker-Allowed` header on `assets/src/service-worker.js` URL and uses `scope` option during registration to ensure the service worker is correctly scoped to the entire forum and only the forum.
4 years ago
d1364c3130
Categories refactor ( #9233 )
...
* feat: wip categories pagination
* feat: add subCategoriesPerPage setting
* feat: add load more sub categories button to category page
* fix: openapi spec
* feat: show sub categories left on category page
hide button when no more categories left
* breaking: rename categories to allCategories on /search
categories contains the search results
* fix: spec
* refactor: remove cidsPerPage
* fix: tests
* feat: use component for subcategories
* fix: prevent negative subCategoriesLeft
4 years ago
d6f60f4502
fix: broken test after sorted-lists logic change
4 years ago
d5d24594e8
feat: allow sorted-lists on multiple pages
...
If multiple sorted-lists were on separate pages, saving one page would erase the sorted-lists saved on the other page. This was caused by naive deletion of the sorted-lists index on settings save.
At the same time, a bug was found where if fewer items were passed in, only that many items were removed from the database, leaving leftover orphan data in the database.
The logic now:
- Only removes sorted-lists if they are passed in (and empty)
- Deletes all sorted list items, not just the items passed in.
4 years ago
9834f72fc7
fix: clear all locks on restart
4 years ago
f6cd2862bd
feat: #9232 , add profile picture into exported zip
4 years ago
a8be6fb8fb
fix: regression where `filter:settings.set` no longer received sorted-lists
4 years ago
5bc1f5b4e8
fix : #9231 , fix redis pubsub connection
...
regression from fdfbc90255
4 years ago
05c53394f3
fix: tests
4 years ago
7419922040
fix: improper override of req.body.username in login logic
4 years ago
b820d23401
feat: new hook `filter:login.override`, deprecate `action:auth.overrideLogin`
4 years ago
473d5f4aba
fix: full settings hash not passed through to action:settings.set
...
The sorted lists were being filtered out
4 years ago
eb96046e97
Revert "refactor: use Map to track sorted lists in Settings.set()"
...
This reverts commit 65de2e76b4
4 years ago
65de2e76b4
refactor: use Map to track sorted lists in Settings.set()
4 years ago
a5bf9779fd
fix : #9223 , don't overwrite stmp settings
4 years ago
3052256db3
chore: deprecation notices for plugins using plugin old hook methods
4 years ago
15ba0abb34
docs: update deprecation-removal version for plugin hook helper methods in 1.18.0
4 years ago
e8429f509b
fix: handle delete and update for categories:name zset
4 years ago
34c42c6fa3
feat: ability to search categories, #8813
4 years ago
a1c014462c
revert: bring back backwards compat
4 years ago
647d3ba810
fix: removed methods
4 years ago
fb84c78544
chore: remove deprecated `User.emailConfirm` [breaking]
...
Use `User.email.confirmByCode` instead.
4 years ago
5a775e09dc
chore: remove deprecated plugin hook `filter:privileges:isUserAllowedTo` [breaking]
...
Use `filter:privileges:isAllowedTo` instead.
4 years ago
d41de481a4
chore: remove deprecated plugin hook methods [breaking]
...
Call plugins.hooks.fire() instead.
4 years ago
cc0d562e9a
chore: more removals of thumb specific backwards-compatibility [breaking]
4 years ago
5f9f241e37
chore: remove deprecated `filter:admin/header.build` hook [breaking]
...
Use `filter:middleware.renderAdminHeader` instead.
4 years ago
84dfdfe659
chore: remove deprecated v2 style responses for thumbs upload route [breaking]
4 years ago
2ad0d0d0d8
chore: remove deprecated getObject routes [breaking]
...
`/api/post/pid/:pid`, `/api/topic/tid/:tid`, `/api/category/cid/:cid` have now been removed in favour of routes in the Write API (`/api/v3/(posts|topics|categories)/:id`)
4 years ago
7b090c588b
fix: incorrect return for Thumbs.get() if thumbs were disabled
4 years ago
dc84559d0b
feat(topic-events): topic events GET route in write API
4 years ago
449c379d22
feat(topic-events): server-side tests for topic events
4 years ago
0d4a377558
feat(topic-events): clear out topic events when a topic is purged
4 years ago
8e93bf7362
feat(topic-events): client-side handling on topic event log
4 years ago
df2fdd56ba
fix(topic-events): repeated invocations of Posts.addTopicEvents caused dupes to be added to DOM
4 years ago
cec3fc934d
refactor(topic-events): break out some logic in events.get into local modifyEvent method
...
+ events.log now returns a complete event object
4 years ago
611d1f872d
feat(topic-events): support for uids in topic event payloads
4 years ago
425eca145b
refactor(topic-events): fire topic event logging in topics/tools instead, pass uid into payload
4 years ago
ab2e1ecb40
feat(topic-events): work in progress topic events logic and client-side implementation
4 years ago
8ff07bc196
fix: update js concatenation logic to bundle scripts.rjs into minfile regardless of build environment
...
The slowdown is fairly insignificant (< .1s), and the only change is the minified file is identical across environments, which is better from a debugging standpoint
4 years ago
412d285850
fix(hooks): fallback handling for core invocations of hooks.fire
...
+ .on() which is the same as .register()
4 years ago
f975063b7d
fix : #7125 , allow list for page route, configurable via plugin hook
4 years ago
8b72479f62
fix: remove 'filters' and 'categories' from flag details API return [breaking]
...
These options were originally used when the flag filters were shown in the sidebar. This has seen been removed, and so the information is now superfluous
4 years ago
1603566bcc
fix: filtering logic of flags [breaking]
...
When combining filters, the old logic assumed that every filter was
exclusive, unless that filter contained multiple items, in which
case it was added to a list of "or" filters that returned all
matching flags.
A fault was discovered in that if you passed in multiple "or"
states, it did not return flags with the expected filtering.
e.g. open flags, closed flags, flags of cid 1, flags of cid 2
This could return open flags of cid 3, since all of the filters
were "OR"'d.
This logic change updates the behaviour so disparate OR sets are
intersected (ANDed).
4 years ago
942d924779
fix: error on flag list if no flag filters were saved in session
4 years ago
6b1c97db79
feat: feature flag for auto-resolving a user's flags on ban [breaking]
...
The default behaviour has now been changed to 'off'. Going forward, a user's flags will no longer automatically resolve on ban.
4 years ago
35c92d0cff
fix: mod cid filter accidentally saved in session
4 years ago
27cae0d5d8
fix: missing return for #9217
4 years ago
b2b1450e5d
fix : #9217 , render 400 error page on bad access to /register
4 years ago
78896fc623
fix: redis check compat tests
4 years ago
fdfbc90255
feat: async/await redis connection
4 years ago
33bf1b0e2c
feat: async/await psql connection
4 years ago
672959c13f
feat: add group name to csv event
4 years ago
a186ea0fe3
fix: registration completion overriding returnTo if it was already set
4 years ago
280285cda9
feat: allow interstitial callbacks to be async functions [breaking]
...
This change is breaking in the sense that if you have written
interstitial callbacks before that are async functions _with_ a
callback, those are no longer allowed. You will not need to call
next() as that argument will no longer be passed in to async
functions.
4 years ago
5c1b742979
fix: add missing user delete event types
4 years ago
7fb583dcfd
Merge branch 'master' of https://github.com/NodeBB/NodeBB
4 years ago
c608b0e8a3
fix: https://github.com/NodeBB/nodebb-plugin-webhooks/issues/3
4 years ago
d85ad10d34
fix: restored sanity checks for post move socket calls
4 years ago
966c4117ec
refactor(api): post move to write API
4 years ago
e118e59ce0
refactor(api): post diffs to use write API
4 years ago
c2e2370655
feat: add filter:email.cancel to allow plugins to cancel sending emails
4 years ago
f5fcd232f6
fix: regression caused by 77ab46686d
...
Access checks were added for topic GET route, but occasionally a post_uuid is passed in, which is available to everyone, and so checks should be skipped
4 years ago
4fb907875e
fix: don't crash if fullname is not a string
...
https://community.nodebb.org/topic/15291/upgrade-error-fullname-substr-is-not-a-function
4 years ago
1374e0eeba
refactor: change var to const
4 years ago
00ba89b6d6
fix : #9204 , bypass groupname length check for system group in upgrade script
4 years ago
9938a139fe
fix: add missing await
4 years ago
25ab99b91d
refactor: single remove call
4 years ago
ab11435ed5
feat: grant plugins the ability to specify options to the SSO handler
...
... to be handled in the plugin itself (overriding the passport prototype's authorizationParams method)
+ new hook filter:auth.options
4 years ago
9b289eca9d
fix: ssoState passed to strategies even if not called for
4 years ago
77ab46686d
fix: access checks for tags and thumbs get route
4 years ago
c0fb1cb59c
fix : #9194 global mods unable to pin or unpin topics
4 years ago
ef16cd2e6f
fix : #9192 , exit after logging error
4 years ago
69419571a9
fix: make sure inviter user exists
4 years ago
89e6c75d58
fix : #9185 , fix string boolean values
4 years ago
66da6bcd1c
fix : #9184 proper relative_path usage in topic thumbs.get
4 years ago
Barış Soner Uşaklı
Julian Lam
Barış Soner Uşaklı
gasoved
Anton Grigoryev
psychobunny
Mats
Peter Jaszkowiak
ahwayakchih
Opliko