87225a90c3
fix : #8134 , upgrade mkdirp to 1.0.x
5 years ago
8c48f94b96
fix : #8139 , dont allow restore if not deleted by self
5 years ago
66febb8071
feat: add test for isOnline
5 years ago
df2c785127
feat: add test for change post owner
5 years ago
23810cc64b
fix : #8133 , check if user is in room before removing
5 years ago
418c174d56
fix: dont return flag data to client
5 years ago
51236df4ed
fix: check if user has read priv before flagging
5 years ago
1f13ab8a19
fix: restrict getUsersInRoom to members
5 years ago
ecc579a29c
fix: tests for messaging
5 years ago
1b08f37612
fix: tests, was using hardcoded message id
5 years ago
bfaba89557
Merge branch 'master' of https://github.com/NodeBB/NodeBB
5 years ago
8e5a2276af
feat: check flag values on save (assignee and state) ( #8122 )
...
* feat: add assignee checking when updating flag
Prior to this, it was possible to update the assignee to any value (or
any user. This commit adds checking to allow only admins, global
moderators, or in the case of flagged posts, moderators.
Also some prep work was added for value checking `state`.
* feat: value checking `state` on flag update
The state should be one of the constants defined earlier in the file.
5 years ago
6a63c1a100
fix: escape system message, don't allow editing system messages
5 years ago
8c6a7954cf
fix: delete upload
5 years ago
01d1ae78c8
fix : #8120 , bubble errors from static hooks
5 years ago
3e52557689
fix: change owner missing await
5 years ago
e06c1bfcd2
fix: escape config.userLang/acpLang, don't allow invalid language codes
5 years ago
61da8c29ac
fix: group create/join/update name validation
5 years ago
10989cccaa
fix: meta description missing if url doesn't have post index
5 years ago
9d074731f4
fix: login with weak password
5 years ago
c2cd7de891
fix : #8069 , dont show hidden groups in search
5 years ago
0efe27b1f2
fix: make _csrf a secure cookie if the website is using https ( #8045 )
...
* Make _csrf a secure cookie if the website is using https
* fix style for TravsCI
* Add `url_parsed` to databasemock
5 years ago
480a64aaa7
feat: #7467 , pass query params when redirecting to posts
5 years ago
e3c9dafa08
fix: tests
5 years ago
1cedc4a0d6
feat: #7957 , allow post queue based on group
...
allow multiple select in ACP pages
5 years ago
cf7e0cfd2d
feat: no more session cookie for guests ( #7982 )
...
* feat: no more session cookie for guests
* fix(tests): added additional tests and fixed the broken test
5 years ago
441dd86d29
fix: convert param to string in slugify
...
fixes adding users to privilege table
5 years ago
ca3be1f336
fix : #7974 ( #7976 )
5 years ago
0da4f7ee8d
fix: event tests
5 years ago
661a0f5068
fix: don't show deleted topics on unread
5 years ago
75bcb0f484
fix: remove unused data from post/topic/user hashes
5 years ago
6fb29e8408
fix: tests
5 years ago
02d38caf47
refactor: async/await
5 years ago
3caa387ac6
fix: tests
5 years ago
9c051386d5
fix: tests
5 years ago
ffe3670ff5
feat: deprecate file.isFileTypeAllowed
...
use image.isFileTypeAllowed, this function was always meant for images
5 years ago
310c6fd33f
properly filter /unread /recent /popular /top ( #7927 )
...
* feat: add failing test for pagination
* feat: test
* fix: redis tests
* refactor: remove logs
* fix: add new test
* feat: make sortedSetRangeByScore work with keys on redis
* fix: hardcoded set name
* feat: show topics from readable categories on recent/popular/top
* feat: rewrite unread topics
respect watched categories and followed topics
* fix: term + watched
5 years ago
22b02f1407
feat: add failing test for pagination ( #7924 )
...
* feat: add failing test for pagination
* feat: test
* fix: redis tests
* refactor: remove logs
5 years ago
b602c04463
feat: refactor getSortedSetRange to allow big arrays
5 years ago
1e5246f9ad
feat: add new test
5 years ago
f9d6912b4a
refactor: async/await file
5 years ago
96ab8d05aa
fix: only allow png/jpg/bmp in cover/profile images
5 years ago
ecf39727cc
fix : #7912
5 years ago
b9583ed838
Add privilege for accessing user information ( #7859 )
...
* Add view users info global privilege
* Show user ip only to global mods and admins
* fix missing comma
* Hide link for users without correct privilege
* move getting privilege information to getAllData
* Hide the link from Global Moderators as well
* Give Global Moderator view:users:info privilege
* Restrict ip in post menu to view:users:info
* add some trailing commas....
* Add privilege to categories test
* Add group privilege to categories test
* add upgrade script
* fix style for TravisCI
* more styling - change spaces to tabs
* some more styling fixes (hopefully final one)
* fix style for Travis CI
* hide ip in chat messages
* Don't show even hidden ips on user profile page
5 years ago
de4619689b
fix: change params
5 years ago
1796b65d34
feat: option to restrict group leaving, closes #7770
5 years ago
30a86ed553
fix : #7853 , dissociation on post purge
5 years ago
aea04de094
feat: update LESS to v3.x, #7855 ( #7867 )
...
* feat: #7855
* fix: tests
5 years ago
f15c7f12b3
refactor: async/await
5 years ago
1e0190abef
fix : #7842 , groups.invite works with an array of uids
6 years ago
Baris Usakli
Julian Lam
Opliko