6eea6451d2
feat: `GET /chats/:roomId/users` [breaking]
3 years ago
d5fd098ecf
feat: `POST /chats/:roomId/:mid` and `DELETE /chats/:roomId/:mid`
3 years ago
90fcbe4416
feat: middleware.assert.message
3 years ago
b292960594
feat: `GET /chats/:roomId/:mid`
3 years ago
f48ed3658a
feat: `PUT /chats/:roomId/:mid`
3 years ago
9a4fd5dc7e
feat: `PUT /api/v3/chats/:roomId`
3 years ago
eeffb9d978
feat: `POST /api/v3/chats/:roomId`
3 years ago
09cf9c7770
feat: `GET /api/v3/chats/:roomId`
3 years ago
40b4544e70
feat: `POST /api/v3/chats`, chat room creation, plus openAPI docs update
3 years ago
94bead71fe
feat: `GET /api/v3/chats`
3 years ago
02e878be72
feat: stub code for v3 chats api
3 years ago
c4042c70de
feat: #9506 , allow seeing and editing your queued posts
...
allow regular users access to post queue
allow regular users to edit their queued post/topic title
allow regular users to remove their post from post queue
ability to send a notification to user without removing from post queue
allow accessing single post queue items from notifications
3 years ago
cc3f82bc83
breaking: remove socket.emit('admin.categories.setPrivilege') and socket.emit('admin.categories.getPrivilegeSettings')
3 years ago
65c5504193
fix: 403/400/500 page not generating csrf_token
3 years ago
c5f08fdc81
breaking: remove socket.io/flags.js
...
refactor: helpers.loginUser returns a single object {jar, csrf_token}
3 years ago
5b42b6b369
API route for returning tracked analytics keys ( #10019 )
...
* feat: track metrics saved by NodeBB (and assoc. plugins), #9949
* feat: route to retrieve analytics keys, closes #9949
3 years ago
fb363957d1
refactor: tab rules
3 years ago
697dd37670
refactor: change category feed so it is not updated on every reply
...
allow cid query param for recent/top/popular feeds
3 years ago
485b6ced1d
fix: broken post uploads due to 6a976a9db0
4 years ago
0ee85d5a0b
fix : #9950 , rename account export routes to remove `uid/` prefix
4 years ago
60352eca54
fix: double invocation of authenticateRequest
4 years ago
6a976a9db0
fix : #9945 , call authenticateRequest middleware for mount points in /api
4 years ago
f4cf482a87
feat: show popular searches
4 years ago
04dab1d550
fix: token verify
4 years ago
d4da98404c
refactor: add missing helpers.tryRoute
4 years ago
ee0282f5aa
refactor: shorter middleware
4 years ago
92d1ee31e4
Add authenticateRequest middleware ( #9795 )
...
* Add authenticateRequest middleware
to Post routes
* Fix linting error
4 years ago
0a41741b7e
refactor: deprecate picture update socket call, new API routes for picture update
4 years ago
3df79683f5
feat: create folders in ACP uploads #9638 ( #9750 )
...
* feat: create folders in ACP uploads #9638
* fix: openapi
* test: missing tests
* fix: eslint
* fix: tests
4 years ago
c354cde347
fix : #9719 , only apply to non https
4 years ago
358ad74054
feat: closes #9684 , allow event deletion
...
fix: topic events appearing before necro messages
feat: add move topic event
feat: add ability to delete specific topic events via events.purge
4 years ago
d509a307f0
Remove some deprecated/unnecessary code ( #9688 )
...
* refactor: remove mkdirp promisify
* refactor: remove old session deletion API route
* refactor: remove middleware.isAdmin
* refactor: remove templateValues.config.bootswatchSkin
* fix: unused dependencies
4 years ago
cc6cbfcdc4
Flags API ( #9666 )
...
* feat: new routes for flags API
+ flag get
+ flag creation, migration from socket method
+ flag update, migration from socket method
* fixed bug where you could not unassign someone from a flag
* feat: tests for new flags API
added missing files for schema update
* fix: flag tests to use Write API instead of sockets
* feat: flag notes API + tests
* chore: remove debug line
* test: fix breaking test on mongo
4 years ago
a2400f6baf
fix: accidental unnecessarily strict conditional that effectively rendered SSO state checking opt-in instead of opt-out
4 years ago
286644d0b8
fix : #9592 , check session
4 years ago
3717df610a
fix: don't crash if session doesn't exist
4 years ago
d2960aeb09
feat: added GET user route for api v3
4 years ago
951e71a0e5
fix : #9567 fix tests
4 years ago
5215c30ade
fix : #9567 , use regular 404
4 years ago
1db8920b18
refactor: make debug handler async
4 years ago
2ea468daa3
test: clear cache between runs, require middleware later in helpers
4 years ago
a9978fcfd2
feat: rate limit file uploads
4 years ago
9c52fd2e74
fix : #9450 express session saved even if saveUninitialized explicitly passed in
4 years ago
9e1f72a435
feat: optional urlMethod param for loginStrategies
4 years ago
077330b764
feat: scheduled topics ( #9399 )
...
* feat: scheduled topics
* refactor: linting fixes
* fix: tests
* fix(test): race condition
* fix: make a single request
4 years ago
d00268c9b8
refactor: style, no need to convert length to string
4 years ago
cc489708ee
fix : #9378 , crash on verifyToken if API Token settings not saved (null case error)
4 years ago
4b5450853d
feat: allow missing (or non-array) middlewares argument in route helper methods
4 years ago
e3b2c00db1
fix: request authentication called twice in account routes
4 years ago
7da061f0d7
refactor: automatically authenticate all requests setup through route helpers ( #9357 )
...
* refactor: automatically authenticate all requests setup through route helpers
* fix: removed connect-ensure-login dependency
* fix: bug with some middlewares not defined outside route helper methods
4 years ago
c1b3079d93
feat: category privilege API routes
...
closes #9342
4 years ago
984c9dd915
fix: in setupPageRoute helper, buildHeader after plugin hooks have fired
...
To allow for a plugin to call doLogin and have it properly reflect in the header
4 years ago
f561799f74
refactor: abstract out some client side dashboard code into modules, analytics subpages for users, topics, and logins
4 years ago
7223074f1d
feat: ability to re-order topic thumbnails
4 years ago
9d17f397c0
fix(remountable-routes): more fixes to remountable routes
...
fix: ensure proper admin privilege checking on remounted `/admin` mount
fix: guard against plugins sending back missing mounts
fix: no need to make addRemountableRoutes awaitable
4 years ago
16c1d6e937
style(remountable-routes): abstract removable routes code to a separate local fn
4 years ago
1f28713f1a
refactor(remountable-routes): rename `src/routes/accounts.js` to `src/routes/user.js` to better match the route prefix
4 years ago
bc68e990af
fix(remountable-routes): bug with user routes remounting to itself
4 years ago
9021f071d4
feat(remountable-routes): allow category and account routes to be remounted
4 years ago
f01af62b53
feat(remountable-routes): allow /admin and /post to be remountable
4 years ago
92758ec50d
refactor(remountable-routes): allow certain route prefixes to be mounted elsewhere
4 years ago
cc9d6fd08b
chore: eslint max-len
4 years ago
115d19e289
chore: eslint prefer-rest-params, prefer-spread
4 years ago
23f212a4c0
chore: eslint prefer-destructuring
4 years ago
dab3b23575
chore: eslint no-var, vars-on-top
4 years ago
b56d9e12b5
chore: eslint prefer-arrow-callback
4 years ago
707b55b6a5
chore: eslint prefer-template
4 years ago
4ee0f1459d
chore: eslint import/newline-after-import
4 years ago
fca17cb713
fix: move service worker back to relative_path/service-worker.js
4 years ago
eb642f40b9
feat: #9109 , ability to delete a post's diffs
4 years ago
2bc74cffe6
fix : #9127 , scope service worker to relative_path for the forum ( #9239 )
...
Adds a `Service-Worker-Allowed` header on `assets/src/service-worker.js` URL and uses `scope` option during registration to ensure the service worker is correctly scoped to the entire forum and only the forum.
4 years ago
647d3ba810
fix: removed methods
4 years ago
2ad0d0d0d8
chore: remove deprecated getObject routes [breaking]
...
`/api/post/pid/:pid`, `/api/topic/tid/:tid`, `/api/category/cid/:cid` have now been removed in favour of routes in the Write API (`/api/v3/(posts|topics|categories)/:id`)
4 years ago
dc84559d0b
feat(topic-events): topic events GET route in write API
4 years ago
966c4117ec
refactor(api): post move to write API
4 years ago
e118e59ce0
refactor(api): post diffs to use write API
4 years ago
ab11435ed5
feat: grant plugins the ability to specify options to the SSO handler
...
... to be handled in the plugin itself (overriding the passport prototype's authorizationParams method)
+ new hook filter:auth.options
4 years ago
9b289eca9d
fix: ssoState passed to strategies even if not called for
4 years ago
77ab46686d
fix: access checks for tags and thumbs get route
4 years ago
56f929ed4f
feat: add write API route for checking login credentials
4 years ago
edb8da1ef9
feat(api): closes #9123 category and topic routes migrated to Write API
4 years ago
cdff8d286a
chore(api): add deprecation notices re: #9123
4 years ago
e267f29584
feat(api): #9123 , migrate /api/post/pid/:pid to Write API
4 years ago
32e36f7b2e
feat(api): group ownership API route, switch client-side to use API route
4 years ago
1cd2689cf6
refactor(api): deprecated groups update socket in favour of API lib
4 years ago
878ee06715
refactor: schema backreference test to use map instead of reduce, properly check write-api routes
4 years ago
3e54b70c06
fix : #9092 , Topic thumbnails do not work with third-party uploaders
4 years ago
340387c18a
fix : #9055 , non-standard API response from addThumbs route
...
Also removed old thumb upload router handler, and updated uploadPost handling in composer to match new response schema
4 years ago
ef7d6db912
feat: server-side work for #9047
...
- rename Thumbs.commit to Thumbs.migrate
- new PUT method that calls Thumbs.migrate
- `checkThumbPrivileges` now takes a single object parameter (ins. of req/res)
4 years ago
b5d910f53b
feat: core work for #9042 , thumb deletion now accepts uuids
...
+ common data validation for thumb addition and deletion
4 years ago
90497e3ef5
feat: more work on topic thumbs refactor
...
- addThumb and deleteThumb are now protected routes (duh)
- new getThumbs route GET /api/v3/topics/<tid>/thumbs
- Updated `assert.path` middleware to better handle if relative paths are received with upload_url
- Slight refactor of thumbs lib to use validator to differentiate between tid and UUID
4 years ago
708b1c338f
fix : #9040
4 years ago
7e9e08f718
feat: server-side routes for handling multiple topic thumbnails
...
closes #8994 , requires 'topic-thumb-refactor' branch of composer-default
4 years ago
3cd0c9a476
fix : #8998 , allow guests to use write api to post/reply
4 years ago
ac734b8335
fix : #8912
4 years ago
6e2da9966e
refactor: move plugin hook methods to plugin.hooks.*
4 years ago
3b1c03ed50
feat: allow ACP API access to bearer tokens
...
closes nodebb/nodebb-plugin-write-api#132
4 years ago
046d0b1637
feat: allow pins to expire (if set) ( #8908 )
...
* fix: add back topic assert middleware for pin route
* feat: server-side handling of pin expiries
* refactor: togglePin to not require uid parameter [breaking]
* feat: automatic unpinning if pin has expiration set
* feat: client-side modal for setting pin expiration
* refactor: categories.getPinnedTids to accept multiple cids
... in preparation for pin expiry logic, direct access to *:pinned zsets is discouraged
* fix: remove references to since-removed jobs file for topics
* feat: expire pins when getPinnedTids is called
* refactor: make the togglePin change non-breaking
The 'action:topic.pin' hook now sends uid again, as before. However, if it is a system action (that is, a pin that expired), 'system' will be sent in instead of a valid uid
4 years ago
fa4177c3bc
fix : #6407 , fix feeds
...
display latest posts instead of oldest in topic rss feed
fix missing await that was causing rss_tokens to not function
fix feed test
more tests for getTopicWithPosts
4 years ago
a0b7a82350
feat(api): account deletion routes for the Write API ( #8881 )
...
* feat(api): account deletion routes for the Write API
* refactor: rewrite client-side calls to account deletion to use api
* style: apply DRY
4 years ago
Julian Lam
Barış Soner Uşaklı
uplift
gasoved
Opliko
psychobunny
Peter Jaszkowiak