f68bce86a9
fix: XSS in event:banned messaging modal
4 years ago
76cd5b0fc1
fix : #8836 , truncate fullname
4 years ago
eec630f1ef
fix(acp): max-height for plugin menu list
4 years ago
891a1ea2af
fix : #8827 , do not require admin:users privilege to ban users
4 years ago
4b63f9937c
fix: check is banned in buildHeader
...
remove unused banReason
remove generateHeader function
4 years ago
a338f52780
feat: #8823 , remove hardcoded write concern
4 years ago
08ff4041aa
fix: missing await
4 years ago
c0f699e655
fix: disallow registration attempts with password length > 4096
...
This is a stopgap measure for v1.15.0
4 years ago
4818ec377e
fix: missing await
4 years ago
6e85920cb6
feat: allow mods/admins to see deleted posts on user profile
4 years ago
87bff6cd65
fix: broken test
4 years ago
dda5d42610
fix: restore old behaviour of empty json w/ 401 code in admin middleware
4 years ago
15e0731dd9
fix: deprecate middleware.isAdmin
...
Also, handle admin logout timer in middleware.admin.checkPrivileges
4 years ago
4439864ce0
fix: post editing not taking plugin hook results into account
4 years ago
a02ae6f5df
refactor: simpler check in user.blocks.filter
4 years ago
27016d221c
feat: rearrange buttons on manage/users
4 years ago
57ed6be78b
fix : #8805 define our own name for write API v3
4 years ago
266d7587b2
refactor: remove usage of middlewares
...
Specifically, middleware.isAdmin|exposePrivilegeSet|exposePrivileges
4 years ago
a6a52430ce
fix: remove setCategorySort and setTopicSort
4 years ago
aa8faf58a0
refactor: remove /users/{uid}/settings/{setting} route
...
@baris Also, I am now allowing the following properties to be saved in User.saveSettings:
- categoryTopicSort
- topicPostSort
- setCategorySort
- setTopicSort
4 years ago
6ac73ccb7e
feat: #8801 , disable express compression by default
4 years ago
3c98cd3d95
fix: topic object in post editing data return
4 years ago
1392d064a1
fix(writeapi): normalizing data
4 years ago
ec03af7a38
feat: allow passing subset of user settings on update route
4 years ago
618e098305
fix: bug where token generation route would fail on null case
4 years ago
b156b8b573
feat: wip, write api tests framework
...
re-using read api tests if possible
4 years ago
2e9f27d8ff
fix: typo
4 years ago
93bdfe2f10
perf: reorder async calls
4 years ago
88a07e69b5
feat: add filter:category.getFields
4 years ago
a05905f196
performance improvements ( #8795 )
...
* perf: nconf/winston/render
cache nconf.get calls
modify middleware.pageView to call next earlier
don't call winston.verbose on every hook see https://github.com/winstonjs/winston/issues/1669
translate header/footer separately and cache results for guests
* fix: copy paste fail
* refactor: style and fire hook only log in dev mode
* fix: cache key, header changes based on template
* perf: change replace
* fix: add missing await
* perf: category
* perf: lodash clone
* perf: remove escapeRegexChars
4 years ago
0db0231cff
feat: move postercount to topic hash
4 years ago
203db47b30
fix: return early for guests/spiders
4 years ago
156e1396f2
fix: #8789,cache meta.settings
4 years ago
a7b6d0dfe5
feat: add free and total mem usage to info
4 years ago
c26f2b6599
feat(writeapi): user settings API
4 years ago
db63f5e3f0
fix : #8781
4 years ago
177a961000
feat: new filter filter:teasers.configureStripTags
4 years ago
d68ffea80d
feat: send 'Vary' header when ACAO header set
4 years ago
1f43e98f8b
fix: allow admins adding users to global moderators
...
add new test
4 years ago
bbafa1b82a
Revert "fix: [breaking] send configured config URL as origin if not custom"
...
This reverts commit 205a10308e
4 years ago
a691be5952
fix: incorrect logic for post history editable bool
4 years ago
205a10308e
fix: [breaking] send configured config URL as origin if not custom
...
This is a breaking change if your install uses multiple URLs to access. You will need to update the Access-Control-Allow-Origin header in ACP > Advanced > Headers to supply all URLs you use to access your site
4 years ago
7a019494e8
feat: add filter.topics.getPostReplies
4 years ago
7a8f704900
fix : #8776 some users unable to restore old versions via history
4 years ago
b26e9b5993
fix : #8595 , dont save escaped data when renaming groups
4 years ago
ea31f50554
refactor: show more lines of stack trace
4 years ago
7bddec93ec
fix: sortby
4 years ago
b3619d3d47
fix : #8774
4 years ago
ff4fcc23b6
Update bundled logos with new branding ( #8702 )
...
* feat: updating logo assets, square logos missing still
* fix: squared logo for touch icon and notification fallback
* fix: update link to favicon
* feat: add default touch icon sizes, if one isn't uploaded
Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com>
4 years ago
e362c342a3
fix : #8630 , sort extra deps
4 years ago
d9a16855d0
refactor: posts api
4 years ago
272e73da53
refactor: post restore/delete/purge
4 years ago
9738e20207
refactor: merge post.edit
...
fix: dont fadeout/fadeint if title/post didnt change
4 years ago
2279e37261
refactor: deprecate socket.emit('users.search') use api route
4 years ago
083c74e059
refactor: api categories
4 years ago
e78c498e84
fix: missing doTopicAction, fix wrong api params
4 years ago
bc880ee0ca
refactor: remove sockets.reqFromSocket
4 years ago
9d81660e24
Revert "Revert "fix: appropriate 404 handling for write API calls""
...
This reverts commit 135c2d6c7d
4 years ago
135c2d6c7d
Revert "fix: appropriate 404 handling for write API calls"
...
This reverts commit b6cce75d97
4 years ago
9ee3cb9b62
refactor: topic follow/ignore to use api lib
4 years ago
68d6818bca
refactor: topic tools' actions to use api lib
4 years ago
21974a77f8
feat: topic reply to use api lib (also + missing file)
4 years ago
40598b368e
refactor: topic creation to use api lib
4 years ago
b6cce75d97
fix: appropriate 404 handling for write API calls
4 years ago
ede9435f0e
feat: send 401 for invalid-uid
4 years ago
c913900ed6
feat: async/await admin/search
4 years ago
bf480ee58b
refactor: setupApiRoute signature
4 years ago
688d7a2cc2
refactor: remove unused middleware
4 years ago
b2ff1594b8
fix: redis hget
...
'node_redis: The HGET command contains a invalid argument type.\n' +
'Only strings, dates and buffers are accepted. Please update your code to use valid argument types.'
4 years ago
e98285dbbb
fix: reimplementing isPrivilegedOrSelfAndPasswordMatch
4 years ago
84a179f48c
Merge branch 'master' of https://github.com/NodeBB/NodeBB
4 years ago
3f347baadb
fix: socket user bans
4 years ago
14f9d8b0e5
feat: send back 403 on no-privileges error
4 years ago
222b4c9533
fix: broken tests from api change
4 years ago
2d252f2fa4
refactor: user bans to use api lib
4 years ago
7d86be2bc2
fix: tests
4 years ago
e367c5403e
refactor: move groups.leave, fix some tests
4 years ago
bbbd9fee85
Merge branch 'master' of https://github.com/NodeBB/NodeBB
4 years ago
960e925e40
refactor: change password/user follow to use api lib
4 years ago
081c4fa6d4
Merge branch 'master' of https://github.com/NodeBB/NodeBB
4 years ago
430e7f5834
refactor: user deletion to use api lib
4 years ago
8ae1f81cf4
feat: refactor groups.delete
4 years ago
77481947f0
refactor: socket profile update to use api lib
4 years ago
31ae8a8323
refactor: socket profile update to use api lib
4 years ago
d69e503d21
feat: move groups.join to api
4 years ago
d07f0081b7
fix: add missing file
4 years ago
23086daead
refactor: user create and profile update to use api lib
4 years ago
5e2caf19f5
refactor: use single function for api code
4 years ago
25e4a09816
Merge branch 'master' of https://github.com/NodeBB/NodeBB
4 years ago
4418ff0716
fix : #8768
4 years ago
cc6e995ee2
fix: api bug where user profile editing continued even if not allowed
4 years ago
43afe7ffab
refactor: async/await src/user/approval
4 years ago
bae0f343e1
fix: module build
4 years ago
1fd2eba6f2
refactor: async/await
...
src/cli/manage.js
src/meta/build.js
src/meta/css.js
src/meta/js.js
4 years ago
b295d15eae
fix: tests
4 years ago
d89477cad0
refactor: use app.render
4 years ago
9dd3cc0483
feat: allow plugins to define api routes
...
via new plugin hook static:api.routes
4 years ago
a4ba23899e
feat: require https if nodebb is configured with https url
4 years ago
e6ea71c95a
fix: test
4 years ago
8c6a559188
fix: timestamp
4 years ago
331d236f6e
fix : #8763
4 years ago
a481024d27
fix: lastonline again
4 years ago
71d82ec8e0
fix: caret
4 years ago
97628e2ff2
fix: lastonline values
4 years ago
1289c10568
fix: upgrade script
4 years ago
59bbede8c7
fix: cant join system groups
4 years ago
a411df1321
fix: tests
4 years ago
dd7424e5b5
refactor: remove unused search call
4 years ago
2d6ea6e505
Merge branch 'master' into admin/users
4 years ago
a2edb86dfb
feat: change user search to use filters array
4 years ago
959314c921
feat: add filter
4 years ago
1e07886f30
feat: require csrf token if not using bearer token
4 years ago
933989e013
Merge branch 'master' into admin/users
4 years ago
682e926c6b
feat: #8662 , verified/unverified user groups
4 years ago
30b3fedca4
fix: password reset to invalidate all existing reset tokens for that uid
4 years ago
700e1e4340
feat: more fixes
4 years ago
40a05b70ef
feat: more work
4 years ago
b038ac07d8
feat: wip admin/users
4 years ago
7beaf49028
feat: set unread false for guests
4 years ago
30d6a2b84e
fix : #8756 , pass missing req to mock
4 years ago
1ee9384875
fix : #8757 , allow all slashes in category route
4 years ago
dc29f4dca2
refactor: switch to using slugify module
4 years ago
bddfcb5867
feat: #8734 , add slugify module, deprecate utils.slugify
4 years ago
f16c8268cf
feat: #8734 , move bootstrap-tagsinput to package.json
4 years ago
eab7489ec5
feat: #8734 , move deserialize/serialize to package.json
4 years ago
948f26143c
feat: #5964 , #8734 remove colorpicker
4 years ago
aedd28e0a6
fix: module name
4 years ago
cc705e5e2b
feat: #8734 , move sortable to package.json
4 years ago
300a87559f
feat: #8734 , move bootbox to package.json
4 years ago
420a312982
Merge branch 'master' of https://github.com/NodeBB/NodeBB
4 years ago
3b231360d3
feat: load jquery-form before using
4 years ago
fda2aedfd8
feat: #8734 , jquery-ui, jquery-form, timeago ( #8748 )
...
* feat: #8734 , jquery-ui, jquery-form, timeago
get rid of forum/footer.js move that code to app.js & wait for app to load before calling ajaxify.end
make sockets.js a requirejs module
move jquery-ui to node_modules and load via requirejs
move jquery-form to node_modules and load via requirejs
move timeago to node_modules and load via requirejs
only include the css for needed jquery-ui widgets
* feat: keep socket/io global for backwards compat
* refactor: move socket listener to chat
4 years ago
ae3a231fce
feat: #8734 , remove semver.browser
...
use compare-versions as a module
4 years ago
9a5b8a798a
fix: category RSS feed was displaying deleted topics
4 years ago
2c1897b373
feat: #8734 , move slideout to package.json
4 years ago
9c157de05d
feat: #8734 , move tinycon to package.json
4 years ago
45e8a4d588
fix : #8734 make nprogress module
4 years ago
43589a744d
feat: #8734 , move visibilityjs to package.json
4 years ago
8af30a51b5
fix: regression caused by 7545951725
...
/cc @psychobunny
4 years ago
a46cbb623d
feat: #8734 , move nprogress to package.json
4 years ago
aa08f8826c
feat: #8734 move r.js to package.json
4 years ago
b3ed26ac2c
feat: revoke user sessions above threshold ( #8731 )
...
* feat: revoke user sessions above threshold
* fix: removed translations from en-US
* fix: defined default maxUserSessions in install\data\defaults.json
4 years ago
4a63c20a72
chore: some optimizations for codeclimate
4 years ago
b8703ba9f6
fix(writeapi): tests
4 years ago
8ecef7b891
refactor: middleware.assert.*
4 years ago
cfee431c53
feat(writeapi): commented-out stub code for file upload
4 years ago
f870721fca
feat(writeapi): file deletion route
4 years ago
a55b381791
feat(writeapi): admin settings update route
4 years ago
2ec838fc59
feat(writeapi): token generation/delete routes, ACP updates
4 years ago
c7d15dfa94
feat: filter:settings.get plugin hook
4 years ago
Julian Lam
Barış Soner Uşaklı
psychobunny
Barış Soner Uşaklı
cryptoethic