cc9d6fd08b
chore: eslint max-len
4 years ago
115d19e289
chore: eslint prefer-rest-params, prefer-spread
4 years ago
23f212a4c0
chore: eslint prefer-destructuring
4 years ago
dab3b23575
chore: eslint no-var, vars-on-top
4 years ago
b56d9e12b5
chore: eslint prefer-arrow-callback
4 years ago
707b55b6a5
chore: eslint prefer-template
4 years ago
4ee0f1459d
chore: eslint import/newline-after-import
4 years ago
fca17cb713
fix: move service worker back to relative_path/service-worker.js
4 years ago
eb642f40b9
feat: #9109 , ability to delete a post's diffs
4 years ago
2bc74cffe6
fix : #9127 , scope service worker to relative_path for the forum ( #9239 )
...
Adds a `Service-Worker-Allowed` header on `assets/src/service-worker.js` URL and uses `scope` option during registration to ensure the service worker is correctly scoped to the entire forum and only the forum.
4 years ago
647d3ba810
fix: removed methods
4 years ago
2ad0d0d0d8
chore: remove deprecated getObject routes [breaking]
...
`/api/post/pid/:pid`, `/api/topic/tid/:tid`, `/api/category/cid/:cid` have now been removed in favour of routes in the Write API (`/api/v3/(posts|topics|categories)/:id`)
4 years ago
dc84559d0b
feat(topic-events): topic events GET route in write API
4 years ago
966c4117ec
refactor(api): post move to write API
4 years ago
e118e59ce0
refactor(api): post diffs to use write API
4 years ago
ab11435ed5
feat: grant plugins the ability to specify options to the SSO handler
...
... to be handled in the plugin itself (overriding the passport prototype's authorizationParams method)
+ new hook filter:auth.options
4 years ago
9b289eca9d
fix: ssoState passed to strategies even if not called for
4 years ago
77ab46686d
fix: access checks for tags and thumbs get route
4 years ago
56f929ed4f
feat: add write API route for checking login credentials
4 years ago
edb8da1ef9
feat(api): closes #9123 category and topic routes migrated to Write API
4 years ago
cdff8d286a
chore(api): add deprecation notices re: #9123
4 years ago
e267f29584
feat(api): #9123 , migrate /api/post/pid/:pid to Write API
4 years ago
32e36f7b2e
feat(api): group ownership API route, switch client-side to use API route
4 years ago
1cd2689cf6
refactor(api): deprecated groups update socket in favour of API lib
4 years ago
878ee06715
refactor: schema backreference test to use map instead of reduce, properly check write-api routes
4 years ago
3e54b70c06
fix : #9092 , Topic thumbnails do not work with third-party uploaders
4 years ago
340387c18a
fix : #9055 , non-standard API response from addThumbs route
...
Also removed old thumb upload router handler, and updated uploadPost handling in composer to match new response schema
4 years ago
ef7d6db912
feat: server-side work for #9047
...
- rename Thumbs.commit to Thumbs.migrate
- new PUT method that calls Thumbs.migrate
- `checkThumbPrivileges` now takes a single object parameter (ins. of req/res)
4 years ago
b5d910f53b
feat: core work for #9042 , thumb deletion now accepts uuids
...
+ common data validation for thumb addition and deletion
4 years ago
90497e3ef5
feat: more work on topic thumbs refactor
...
- addThumb and deleteThumb are now protected routes (duh)
- new getThumbs route GET /api/v3/topics/<tid>/thumbs
- Updated `assert.path` middleware to better handle if relative paths are received with upload_url
- Slight refactor of thumbs lib to use validator to differentiate between tid and UUID
4 years ago
708b1c338f
fix : #9040
4 years ago
7e9e08f718
feat: server-side routes for handling multiple topic thumbnails
...
closes #8994 , requires 'topic-thumb-refactor' branch of composer-default
4 years ago
3cd0c9a476
fix : #8998 , allow guests to use write api to post/reply
4 years ago
ac734b8335
fix : #8912
4 years ago
6e2da9966e
refactor: move plugin hook methods to plugin.hooks.*
4 years ago
3b1c03ed50
feat: allow ACP API access to bearer tokens
...
closes nodebb/nodebb-plugin-write-api#132
4 years ago
046d0b1637
feat: allow pins to expire (if set) ( #8908 )
...
* fix: add back topic assert middleware for pin route
* feat: server-side handling of pin expiries
* refactor: togglePin to not require uid parameter [breaking]
* feat: automatic unpinning if pin has expiration set
* feat: client-side modal for setting pin expiration
* refactor: categories.getPinnedTids to accept multiple cids
... in preparation for pin expiry logic, direct access to *:pinned zsets is discouraged
* fix: remove references to since-removed jobs file for topics
* feat: expire pins when getPinnedTids is called
* refactor: make the togglePin change non-breaking
The 'action:topic.pin' hook now sends uid again, as before. However, if it is a system action (that is, a pin that expired), 'system' will be sent in instead of a valid uid
4 years ago
fa4177c3bc
fix : #6407 , fix feeds
...
display latest posts instead of oldest in topic rss feed
fix missing await that was causing rss_tokens to not function
fix feed test
more tests for getTopicWithPosts
4 years ago
a0b7a82350
feat(api): account deletion routes for the Write API ( #8881 )
...
* feat(api): account deletion routes for the Write API
* refactor: rewrite client-side calls to account deletion to use api
* style: apply DRY
4 years ago
3ccebf112e
feat: invites regardless of registration type, invite privilege, groups to join on acceptance ( #8786 )
...
* feat: allow invites in normal registration mode + invite privilege
* feat: select groups to join from an invite
* test: check if groups from invitations have been joined
* fix: remove unused variable
* feat: write API versions of socket calls
* docs: openapi specs for the new routes
* test: iron out mongo redis difference
* refactor: move inviteGroups endpoint into write API
* refactor: use GET /api/v3/users/:uid/invites/groups
Instead of GET /api/v3/users/:uid/inviteGroups
* fix: no need for /api/v3 prefix when using api module
* fix: tests
* refactor: change POST /api/v3/users/invite
To POST /api/v3/users/:uid/invites
* refactor: make helpers.invite awaitable
* fix: restrict invite API to self-use only
* fix: move invite groups controller to write api, +tests
* fix: tests
Co-authored-by: Julian Lam <julian@nodebb.org>
4 years ago
bcccb331db
docs: openapi schema for user/group exist check, session deletion
4 years ago
f300c933a5
refactor: move session revocation route to write api
4 years ago
f1f9b225b0
feat: #8824 , cache refactor ( #8851 )
...
* feat: #8824 , cache refactor
ability to disable caches
ability to download contents of cache
refactor cache modules to remove duplicated code
* fix: remove duplicate hit/miss tracking
check cacheEnabled in getUncachedKeys
4 years ago
d263192271
feat: group exists API call in write api
4 years ago
f2bb42c076
fix: user exist route needs no authentication
4 years ago
60e1e99b4f
feat: new shorthand route /api/v3/users/bySlug/:userslug
...
closes #8844
4 years ago
57ed6be78b
fix : #8805 define our own name for write API v3
4 years ago
266d7587b2
refactor: remove usage of middlewares
...
Specifically, middleware.isAdmin|exposePrivilegeSet|exposePrivileges
4 years ago
aa8faf58a0
refactor: remove /users/{uid}/settings/{setting} route
...
@baris Also, I am now allowing the following properties to be saved in User.saveSettings:
- categoryTopicSort
- topicPostSort
- setCategorySort
- setTopicSort
4 years ago
b156b8b573
feat: wip, write api tests framework
...
re-using read api tests if possible
4 years ago
a05905f196
performance improvements ( #8795 )
...
* perf: nconf/winston/render
cache nconf.get calls
modify middleware.pageView to call next earlier
don't call winston.verbose on every hook see https://github.com/winstonjs/winston/issues/1669
translate header/footer separately and cache results for guests
* fix: copy paste fail
* refactor: style and fire hook only log in dev mode
* fix: cache key, header changes based on template
* perf: change replace
* fix: add missing await
* perf: category
* perf: lodash clone
* perf: remove escapeRegexChars
4 years ago
c26f2b6599
feat(writeapi): user settings API
4 years ago
9d81660e24
Revert "Revert "fix: appropriate 404 handling for write API calls""
...
This reverts commit 135c2d6c7d
4 years ago
135c2d6c7d
Revert "fix: appropriate 404 handling for write API calls"
...
This reverts commit b6cce75d97
4 years ago
68d6818bca
refactor: topic tools' actions to use api lib
4 years ago
b6cce75d97
fix: appropriate 404 handling for write API calls
4 years ago
bf480ee58b
refactor: setupApiRoute signature
4 years ago
688d7a2cc2
refactor: remove unused middleware
4 years ago
5e2caf19f5
refactor: use single function for api code
4 years ago
9dd3cc0483
feat: allow plugins to define api routes
...
via new plugin hook static:api.routes
4 years ago
a4ba23899e
feat: require https if nodebb is configured with https url
4 years ago
872bacf1c4
Admin/users ( #8762 )
...
* feat: wip admin/users
* feat: more work
* feat: more fixes
* feat: #8662 , verified/unverified user groups
* feat: add filter
* feat: change user search to use filters array
* refactor: remove unused search call
* fix: tests
* fix: cant join system groups
* fix: upgrade script
4 years ago
9a5b8a798a
fix: category RSS feed was displaying deleted topics
4 years ago
8ecef7b891
refactor: middleware.assert.*
4 years ago
cfee431c53
feat(writeapi): commented-out stub code for file upload
4 years ago
f870721fca
feat(writeapi): file deletion route
4 years ago
a55b381791
feat(writeapi): admin settings update route
4 years ago
2ec838fc59
feat(writeapi): token generation/delete routes, ACP updates
4 years ago
3ea1aa4780
refactor(writeapi): update route prefix to api/v3, default error option
4 years ago
f67824719c
chore(writeapi): cleanup
4 years ago
0973feea16
feat(writeapi): post bookmarking
4 years ago
9942c248eb
feat(writeapi): post voting
4 years ago
414169fdfa
feat(writeapi): post delete/restore/purge
4 years ago
f66c2fb60f
feat(writeapi): post editing
4 years ago
1605e5e443
feat(writeapi): topic tags
4 years ago
9be5629458
feat(writeapi): topic follow/ignore
4 years ago
da25ce4d09
feat: topic delete/restore/purge/(un)pin/(un)lock
4 years ago
675a62dadd
fix: remove debug log
4 years ago
49652e6f1b
feat: management of API tokens via ACP
4 years ago
8e7baac6ef
fix(writeapi): calls to profile editing routes 200 even if user DNE
4 years ago
6096f74ab2
feat(writeapi): adding missing files
4 years ago
4c833d0bf0
feat(writeapi): topic posting and replying
4 years ago
40dc1c38d3
feat(writeapi): added DELETE /groups/:slug/membership/:uid route
4 years ago
952dc211dd
feat(writeapi): added group joining and deletion
4 years ago
d044c3223e
feat(writeapi): abstracted ajax calls out to new api module
4 years ago
ba345e53e8
feat(writeapi): added POST /api/v1/groups
4 years ago
49994f3a15
fix(openapi): moved write-api to public/openapi
4 years ago
3072de4812
feat: added DELETE /api/v1/categories/:cid route
4 years ago
e942ad8101
feat: added PUT /api/v1/categories/:cid route
...
Deprecated admin.categories.update socket call
Showing stack trace in console for errors, when in development mode
4 years ago
dc666fd8a9
feat: added POST /api/v1/categories route
4 years ago
a5af2dc819
feat: added PUT/DELETE /api/v1/users/:uid/ban routes
4 years ago
db5c5b2cfb
fix: follow route to match spec
4 years ago
b5bbcbaeaa
feat: added POST and DELETE /api/v1/users/:uid/follow routes
4 years ago
7aed174ebc
feat: added PUT /api/v1/users/:uid/password route
4 years ago
a1ddc210b2
feat: added DELETE /api/v1/users/:uid and DELETE /api/v1/users
4 years ago
d15d9e4492
fix(refactor): patching helpers.tryRoute for API routes, some re-org
...
Thanks @barisusakli for the tip
4 years ago
d8879d21db
fix: error handling with POST /api/v1/users
4 years ago
bba2a4638c
fix: user creation POST route returns user data, updated openapi spec
4 years ago
7b6d43bcc8
feat: added checkRequired middleware for API calls
4 years ago
f6433ef2c5
fix(refactor): merging write-api auth middlewares with core middlewares
4 years ago
ec5c48b188
feat: migrating write-api skeleton into core
4 years ago
dde5b6b814
fix: unable to register async method as response hook listener
...
Also fixes #8723 , /api/config now runs middleware.authenticateOrGuest
4 years ago
f4d76f1edd
feat: move service-worker.js into its own file
4 years ago
6478b32d0e
feat: upload maskable icon for PWA
4 years ago
f69697b3fa
feat: basic service worker, minimum requirement for for a2hs; see #8126
4 years ago
46800b6639
fix: prefer webmanifest extension over json
...
https://w3c.github.io/manifest/#media-type-registration
4 years ago
af43f0e48e
fix : #8656 , rename /api/me to /api/self
4 years ago
5f10d67db5
Remove sounds ( #8617 )
...
* feat: remove sounds
* feat: remove more sounds
* feat: disable sounds plugin
* fix: openapi
5 years ago
762b0be4b4
feat: remove /assets/stylesheet.css
5 years ago
a3c8d45626
fix: crash if csrfToken does not exist
5 years ago
00d39fb32c
feat: #8460 , export groups members as csv
5 years ago
e53a18f219
fix : #8437 , #8433
5 years ago
3be4d5f7d5
feat: redirect /me to user profile
5 years ago
a82e9bd7f6
feat: privileges for Admin Control Panel ( #8355 )
...
* feat: acp privileges (WIP)
* fix: restore global privilege hooks
* refactor: using cid 0 in admin privs
* fix: no need for zebrastripe-reset
* feat: manage:categories privilege WIP
* feat: renamed prefix to admin:, settigns and dashboard privs
* fix: nofocus on acp privs group find modal
* refactor: privileges.x.get() to not used hardcoded privs
* fix: crash if unable to get latest version
* feat: setting acp priv
* Revert "fix: crash if unable to get latest version"
This reverts commit afdb235f48eb0072d88de45f3a1e0151281095b3.
* feat: user/privilege acp privs
* fix: category selector in manage/privileges
* fix: guests potentially becoming admins
* fix: bug in setting admin privs
* fix: some last minute things + api docs
* fix: some more last minute fixes
5 years ago
842b8abb84
feat: add buildHeaderAsync ( #8367 )
...
* feat: add buildHeaderAsync
make helphers.notAllowed async
* fix: remove csrf from buildHeader
* fix: remove unused method, use middleware
* fix: /post/pid redirect doesn't need buildHeader
use buildHeaderAsync
5 years ago
dcb85ee7a1
#8344 ( #8346 )
...
* feat: wip
* feat: wrap middlewares
* feat: middleware errors
* feat: more middleware changes
* fix: remove unused async
* fix: prevent version errors from blocking acp render
* feat: wrap more middlewares
5 years ago
0633ad3277
fix: acp menu items
...
- Shuffled items in settings
- Moved post-queue and ip-blacklist to front-end
- Removed Settings > Sockets, merged with Settings > Advanced
5 years ago
a51fff8bd1
refactor: remove general menu from ACP ( #8347 )
...
* refactor: remove general menu from ACP
* fix: incorrect translation keys, fixed tests
5 years ago
5781a2dc65
feat: fix session mismatch errors by clearing cookie on logout ( #8338 )
...
* feat: fix session mismatch errors by clearing cookie on logout
* feat: remove app.upateHeader
ported from 2.0
* feat: handle if user doesn't click button and just refreshes page
5 years ago
ef52461fb6
fix: remove dead picture upload code #8260
5 years ago
1136a369f3
feat: local redoc view on development mode only
5 years ago
c82a263788
Revert "fix: override ACAO header for read API spec file"
...
This reverts commit 240d90919b
5 years ago
240d90919b
fix: override ACAO header for read API spec file
5 years ago
cf6eadb91a
fix: dont let regular users see other users watched categories
5 years ago
4abe5eb7ff
Revert "fix: #8154 , move start/stop every iteration"
...
This reverts commit 300c04cef9
5 years ago
300c04cef9
fix : #8154 , move start/stop every iteration
5 years ago
df139928b6
feat: displaying one-click unsubscribe link in email footer ( #8024 )
...
closes #8016
5 years ago
b5a30006e2
feat: use helpers.setupAdminPageRoute
5 years ago
645d647248
feat: wip, better digest handling (+ eventual digest resend logic) ( #7995 )
...
* feat: wip, better digest handling (+ eventual digest resend logic)
- await emailer.send call in digest.send method
- save send success to a new sorted set digest:{interval}:byUid
* feat: continuing work on digest tools
- Added ACP page to view digest settings and delivery times per user
* feat: added paginator and stub buttons for resending digest
* feat: wrapping up digest revamp
- New language strings in ACP digest page
- Client-side ACP script for digest ACP page
- Websocket call for ACP page to execute digests
- Broke out logic to retrieve user digest settings to getUsersInterval
* fix: minor cleanup
* fix : #8010 and some style suggestions from baris
* fix: resolve confusing comment
5 years ago
df1efe5f96
feat: Implement WICG change-password-url ( #7072 ) ( #7990 )
...
* feat: Implement WICG change-password-url (#7072 )
* fix style for TravisCI
5 years ago
873ec51978
fix: crash in feed
6 years ago
ec3b5dd95a
refactor: async/await routes/feeds
6 years ago
52a2e5d61d
fix : #7816 , adding GDPR and TOU interstitials earlier on route reloading
...
A use-case was presented that called for a theme to disable the
registration interstitials. However, the plugin hooks were always
fired first, and so the core interstitials could not be removed
at that time because they hadn't been added yet.
This change moved the interstitial adding to the earliest point
possible, right after plugins.loadedHooks is emptied in preparation
for plugin initialisation.
6 years ago
0d047f4eb9
feat: #7743 , webserver
6 years ago
805dcd7ca2
Async refactor in place ( #7736 )
...
* feat: allow both callback&and await
* feat: ignore async key
* feat: callbackify and promisify in same file
* Revert "feat: callbackify and promisify in same file"
This reverts commit cea206a9b8e6d8295310074b18cc82a504487862.
* feat: no need to store .callbackify
* feat: change getTopics to async
* feat: remove .async
* fix: byScore
* feat: rewrite topics/index and social with async/await
* fix: rewrite topics/data.js
fix issue with async.waterfall, only pass result if its not undefined
* feat: add callbackify to redis/psql
* feat: psql use await
* fix: redis 🌋
* feat: less returns
* feat: more await rewrite
* fix: redis tests
* feat: convert sortedSetAdd
rewrite psql transaction to async/await
* feat: 🐶
* feat: test
* feat: log client and query
* feat: log bind
* feat: more logs
* feat: more logs
* feat: check perform
* feat: dont callbackify transaction
* feat: remove logs
* fix: main functions
* feat: more logs
* fix: increment
* fix: rename
* feat: remove cls
* fix: remove console.log
* feat: add deprecation message to .async usage
* feat: update more dbal methods
* fix: redis :voodoo:
* feat: fix redis zrem, convert setObject
* feat: upgrade getObject methods
* fix: psql getObjectField
* fix: redis tests
* feat: getObjectKeys
* feat: getObjectValues
* feat: isObjectField
* fix: add missing return
* feat: delObjectField
* feat: incrObjectField
* fix: add missing await
* feat: remove exposed helpers
* feat: list methods
* feat: flush/empty
* feat: delete
* fix: redis delete all
* feat: get/set
* feat: incr/rename
* feat: type
* feat: expire
* feat: setAdd
* feat: setRemove
* feat: isSetMember
* feat: getSetMembers
* feat: setCount, setRemoveRandom
* feat: zcard,zcount
* feat: sortedSetRank
* feat: isSortedSetMember
* feat: zincrby
* feat: sortedSetLex
* feat: processSortedSet
* fix: add mising await
* feat: debug psql
* fix: psql test
* fix: test
* fix: another test
* fix: test fix
* fix: psql tests
* feat: remove logs
* feat: user arrow func
use builtin async promises
* feat: topic bookmarks
* feat: topic.delete
* feat: topic.restore
* feat: topics.purge
* feat: merge
* feat: suggested
* feat: topics/user.js
* feat: topics modules
* feat: topics/follow
* fix: deprecation msg
* feat: fork
* feat: topics/posts
* feat: sorted/recent
* feat: topic/teaser
* feat: topics/tools
* feat: topics/unread
* feat: add back node versions
disable deprecation notice
wrap async controllers in try/catch
* feat: use db directly
* feat: promisify in place
* fix: redis/psql
* feat: deprecation message
logs for psql
* feat: more logs
* feat: more logs
* feat: logs again
* feat: more logs
* fix: call release
* feat: restore travis, remove logs
* fix: loops
* feat: remove .async. usage
6 years ago
a0c0ef1ba4
feat: ACP analytics API route ( #7725 )
...
* feat: added API route for retrieving analytics via REST API
* feat: sets is now optional, can pass in multiple sets
* fix: moved expand and added json button to panel header
* fix: matching api params to socket method
* fix: update json api button url on graph change
* fix: updated default counts based on passed in units
6 years ago
a251032f02
fix: typo
6 years ago
3b0459a0a5
fix: do not prevent nbb from starting
...
if a plugin returns error for filter:auth.init
6 years ago
740388492f
fix : #7545
6 years ago
ddffc904f4
feat: allow file uploading on registration interstitial
6 years ago
8f55ab1340
fix : #7494
6 years ago
d2cfe6b946
Moved onSuccessfulLogin call from plugins to core, + auth verification hook ( #7416 )
...
* fix : #7412 , calling controllers.onSuccessfulLogin in core
* feat: added plugin hook for auth validation
6 years ago
d722f3b8b6
fix: mounting of all-route middlewares to router instead of app
...
related to julianlam/nodebb-plugin-session-sharing#73
These three lines haven't changed in two years, but it makes more
sense for them to be called against the relative path router,
otherwise req.originalUrl contains the relative path, which is
not necessary.
6 years ago
c72da5595a
fix : #6806
...
3 new global privileges
view:users
view:tags
view:groups
6 years ago
5353960ae7
fix : #7316
6 years ago
059a4be204
feat: explicit handling of SSO success and failure
6 years ago
2b9322e1c2
feat: additional options for SSO plugins
...
+checkState property, pass Boolean false to skip nonce checking
+callbackMethod, default 'get', you can pass in 'post', etc.
6 years ago
c831ff0de3
fix: removal of timeago fallback middleware ( #7259 )
...
* fix: removal of timeago fallback middleware
Instead of loading English fallback on missing language, we opt
to not send a script tag for a missing language to begin with.
Timeago already loads with English as default, so it will just
continue to use English.
* fix: check userLang against supported language codes
* fix: cleaned up code as per @pitaj
* fix: added comments
* fix: more fixes as per @pitaj
* feat: added addl. test for timeago locales, fixed broken test
6 years ago
70a87d4399
feat: support for one-click unsubscribe from email clients ( #7203 )
...
* feat: sending notifs via ACP creates real notification
re: #7202
* feat: basic integration for one-click unsubscription #7202
* feat: tests for #7202 + bugfix
* feat: added and organized digest unsub tests
closes #7202
6 years ago
d31684e8b8
fix : #7131
6 years ago
Peter Jaszkowiak
Barış Soner Uşaklı
gasoved
Opliko
Julian Lam
Barış Soner Uşaklı
psychobunny
Opliko