fix category link redirect on cold load
fix helpers.redirect if passed in url is external
fix ajaxify so it doesn't slice first character of external url
* fix: add back topic assert middleware for pin route
* feat: server-side handling of pin expiries
* refactor: togglePin to not require uid parameter [breaking]
* feat: automatic unpinning if pin has expiration set
* feat: client-side modal for setting pin expiration
* refactor: categories.getPinnedTids to accept multiple cids
... in preparation for pin expiry logic, direct access to *:pinned zsets is discouraged
* fix: remove references to since-removed jobs file for topics
* feat: expire pins when getPinnedTids is called
* refactor: make the togglePin change non-breaking
The 'action:topic.pin' hook now sends uid again, as before. However, if it is a system action (that is, a pin that expired), 'system' will be sent in instead of a valid uid
* feat: #8444 Allow nested objects in translations
* feat: #8444 Allow nested objects in translations
* style: don't change formatting
* fix: don't use the first string match if key isn't finished
* feat: #8444 Allow nested objects in translations
* feat: #8444 Allow nested objects in translations
* style: don't change formatting
* fix: don't use the first string match if key isn't finished
* feat: add nested translations test
* feat: allow invites in normal registration mode + invite privilege
* feat: select groups to join from an invite
* test: check if groups from invitations have been joined
* fix: remove unused variable
* feat: write API versions of socket calls
* docs: openapi specs for the new routes
* test: iron out mongo redis difference
* refactor: move inviteGroups endpoint into write API
* refactor: use GET /api/v3/users/:uid/invites/groups
Instead of GET /api/v3/users/:uid/inviteGroups
* fix: no need for /api/v3 prefix when using api module
* fix: tests
* refactor: change POST /api/v3/users/invite
To POST /api/v3/users/:uid/invites
* refactor: make helpers.invite awaitable
* fix: restrict invite API to self-use only
* fix: move invite groups controller to write api, +tests
* fix: tests
Co-authored-by: Julian Lam <julian@nodebb.org>
* feat: allow groups to specify which cids to show member posts from
* docs: fix tests for openapi
* fix: test breakage caused by improper conditional
* feat: server-side checking of memberPostCids for validity
* feat: admin panel template update to select categories to include
* refactor: privilege helpers.isUserAllowedTo
... to helpers.isAllowedTo, allowing group names to be passed in
If the post template contains references to items outside of the scope of the post, then when the post is loaded via IS, the expected values are empty.
This was due to createNewPosts calling app.parseAndTranslate with a subset of the page payload. This works fine in Persona (and most other themes)
because they do not refer to properties outside of the post object, but it may be helpful to include the rest of the ajaxify data as well.
@baris Also, I am now allowing the following properties to be saved in User.saveSettings:
- categoryTopicSort
- topicPostSort
- setCategorySort
- setTopicSort
only return promise if callback is undefined
dont append baseUrl if url already starts with api
correctly handle writeapi readapi response for data/error
remove unused onError
dont append empty ? to url for get routes
* feat: wip admin/users
* feat: more work
* feat: more fixes
* feat: #8662, verified/unverified user groups
* feat: add filter
* feat: change user search to use filters array
* refactor: remove unused search call
* fix: tests
* fix: cant join system groups
* fix: upgrade script
* feat: #8734, jquery-ui, jquery-form, timeago
get rid of forum/footer.js move that code to app.js & wait for app to load before calling ajaxify.end
make sockets.js a requirejs module
move jquery-ui to node_modules and load via requirejs
move jquery-form to node_modules and load via requirejs
move timeago to node_modules and load via requirejs
only include the css for needed jquery-ui widgets
* feat: keep socket/io global for backwards compat
* refactor: move socket listener to chat
This reverts commit a395324b52, and
fixes the issue where the ACP became unusable because of the earlier
variant of this code.
Thanks @psychobunny for spotting.
This solves a small UX issue where clicking on a button (or anchor
that is not meant to be ajaxified) before ajaxify.end is called
leads to nothing happening because the appropriate click handler
has not been added.
This code will intercept premature clicks, wait until ajaxify.end
is called, and then re-send the click.
* refactor: socket posts delete/restore/purge so tid is not necessary
* refactor: stop trying to be fancy
* fix: tests to not pass in tid into posts.deletePosts
* fix: some more unnecessary tid passing
9adaccd036 introduced the ability to
configure an assetBaseUrl, but the timeago strings were still
calling a hardcoded value as it was handled server-side. There's
no need for the strings to be loaded until timeago is initialised.
Additional base URLs were necessary for benchpress and translator,
and in order to not clutter the API response with needless one-
time use base URLs, I decided to use a single base that is used
by all of the services, assetBaseUrl.
* feat: privileges save button, #8537, WIP
* fix: disable firefox autocomplete on privilege form fields
* feat: closes#8537 privilege changes commit on save
- new language strings for confirmation and success modals/toasts
- indeterminate privilege handling (/cc @psychobunny)
- added new discard button
- both discard and save buttons now have confirmation dialogs
* fix(tests): remove duplicate template helper test
* fix(tests): broken template helper test
* feat: confirm dialogs for all privilege copy actions
Also, ability to add user to a privilege table without needing
to refresh the privilege table.
* feat: group row addition w/o table refresh
breaking: helpers.getUserPrivileges and helpers.getGroupPrivileges
no longer make socket calls to the following hooks:
- filter:privileges.list, filter:privileges.admin.list,
filter:privileges.global.list, filter:privileges.groups.list,
filter:privileges.admin.groups.list,
filter:privileges.gloval.groups.list
The filters are still called, but done before the helper method
is called, and the results are passed in instead. This change
should only affect you if you directly call the helper methods,
otherwise the change is transparent.
* fix: stale ajaxify data on privilege category switch
* fix: implicit privileges not showing for user privs
* fix: groups, not group, also fix tests
* fix(tests): again
* fix: wrong tpl rendered when adding group to global priv table
allow selecting main topic to merge into
allow specifying a new title for merge topic
upon merge go to correct topic
new tests for merging with options
* feat: acp privileges (WIP)
* fix: restore global privilege hooks
* refactor: using cid 0 in admin privs
* fix: no need for zebrastripe-reset
* feat: manage:categories privilege WIP
* feat: renamed prefix to admin:, settigns and dashboard privs
* fix: nofocus on acp privs group find modal
* refactor: privileges.x.get() to not used hardcoded privs
* fix: crash if unable to get latest version
* feat: setting acp priv
* Revert "fix: crash if unable to get latest version"
This reverts commit afdb235f48eb0072d88de45f3a1e0151281095b3.
* feat: user/privilege acp privs
* fix: category selector in manage/privileges
* fix: guests potentially becoming admins
* fix: bug in setting admin privs
* fix: some last minute things + api docs
* fix: some more last minute fixes
* feat: fix session mismatch errors by clearing cookie on logout
* feat: remove app.upateHeader
ported from 2.0
* feat: handle if user doesn't click button and just refreshes page
- Show account moderation history
- Ban and delete quick actions
Squashed commit of the following:
commit 0e782e65f4d48ae814708e510ec9d01bcdd914e0
Author: Julian Lam <julian@nodebb.org>
Date: Tue May 26 20:24:53 2020 -0400
fix(deps): use persona 10.1.41/vanilla 11.1.17
commit 369e073d3c3189d8ce181eb3d573489cbe54d4fc
Author: Julian Lam <julian@nodebb.org>
Date: Tue May 26 20:23:24 2020 -0400
fix: allow ban and delete exported methods to have cbs
commit b83a086ea31a77ec82d161306c0b9bc115cb2a3a
Merge: 525aae1ea 256ee45d3
Author: Julian Lam <julian@nodebb.org>
Date: Tue May 26 08:54:25 2020 -0400
Merge remote-tracking branch 'origin/master' into flags-improvements
commit 525aae1ea2e5d0103028a0f0c8dde05f172d088e
Author: Julian Lam <julian@nodebb.org>
Date: Tue May 26 08:53:39 2020 -0400
feat: integrate ban history and username changes to flag history list
commit 3e68ad28ba266f4c8620a676aa7f463f0a9d1df7
Author: Julian Lam <julian@nodebb.org>
Date: Mon May 25 18:22:53 2020 -0400
feat: allow ban and deletion from flag details page
commit a559ea1d8e8883385c2876868d855a0b93516c54
Author: Julian Lam <julian@nodebb.org>
Date: Mon May 25 18:22:00 2020 -0400
feat: export banAccount and deleteAccount methods from accounts module
* feat: testing suite integration for openapi spec
The testing suite now takes the openapi spec into account. It will
check each route defined, make a call to it, and compare the
response with the defined schema. Any mismatches will cause the
test to fail.
* fix(openapi): removed debug stuff from tests
* fix(openapi): fixed some tests
* fix(openapi): added additional check to tests, test fixes
* fix(openapi): better tests, fixed spec errors
* fix(openapi): bad conditional in test
* fix: oops
* fix(openapi): more tests fixing
* fix(openapi): more tests
* fix(openapi): fix some more tests
* fix: verbose'd an info log
* fix: topic pagination route returns schema-optimized pagination block
* fix(openapi): more test/spec fixes
* fix(openapi): accidentally sending in authenticated jar for anon routes
* fix(openapi): more test/spec fixes
* fix(openapi): more spec fixes
* fix: timestampReadable Invalid Date
* fix(openapi): more tests... almost there
* fix(openapi): more tests fixing
* fix(openapi): finally all tests passing
* fix(openapi): added reverse test to compare response to spec
... and fixed all the tests that broke
* fix: remove tests related to group covers, as route is gone
* fix(openapi): broken test on travis
* fix(openapi): broken test on travis
* fix(openapi): broken test on travis
* fix(openapi): object cache is not present for psql
* fix: tests
Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com>
There is no reason why avatars should be a blocking reasorce, and browsers are now adding support for lazy loading of images (and iframes). According to [caniuse.com](https://caniuse.com/#feat=loading-lazy-attr) 62% of users use a browser that supports this attribute.
So there doesn't seem to be any downside to just adding this attribute here. It won't affect browsers that don't support it and might speed up page loads on browsers that do.
* fix: #8142, broken site if no server-side session
During the `addHeader` middleware, a check is now done to see if
`req.session.meta` is present. This value is only present if the user
has a valid server-side session. If it is missing, then it is probably
safe to assume that the server-side session was deleted (either
intentionally or accidentally). In that scenario, the client-side cookie
should be cleared.
Also, there was an issue where the sessionRefresh flag was never cleared
after a successful login, so that was fixed too.
* feat: exported method to get cookie config
* fix: don't clear cookie if cookie is being set
* fix: socket.io tests
Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com>
- Now showing user-join message for chat owner in addition to the newly
added user
- If a modal already exists for a room when createModal is called, don't
return null, return the modal
* feat: wip, better digest handling (+ eventual digest resend logic)
- await emailer.send call in digest.send method
- save send success to a new sorted set digest:{interval}:byUid
* feat: continuing work on digest tools
- Added ACP page to view digest settings and delivery times per user
* feat: added paginator and stub buttons for resending digest
* feat: wrapping up digest revamp
- New language strings in ACP digest page
- Client-side ACP script for digest ACP page
- Websocket call for ACP page to execute digests
- Broke out logic to retrieve user digest settings to getUsersInterval
* fix: minor cleanup
* fix: #8010 and some style suggestions from baris
* fix: resolve confusing comment
* fix: removed duplicate checkContent call in addMessage
addMessage is called in one place (sendMessage), and the checks
are already contained there. addMessage is the lower level call
and so should be called only from within core itself.
* feat: #7330 chat system messages for join, leave, rename
* fix: add back content checking in .addMessage();
* fix: tests, and added .addSystemMessage() method
Tests were relying on message indices that changed due to the
new system messages.
* feat: add tests for system chat messages
* refactor: rewrite half of src/messaging/rooms.js, fix tests
* feat: #7743 messaging/room.js
* fix: tests for messaging/room.js, #7743
* fix: trying to fix tests
* fix: omg :rage2:
* feat: added API route for retrieving analytics via REST API
* feat: sets is now optional, can pass in multiple sets
* fix: moved expand and added json button to panel header
* fix: matching api params to socket method
* fix: update json api button url on graph change
* fix: updated default counts based on passed in units
In not-so-rare circumstances, the avatar generated is wrapped in
an anchor so that when clicked, it goes to the user profile.
Unfortunately, html 4 spec doesn't like block level elements
inside anchors (since an anchor is an inline element), and even
though we define html5 doctype, browsers still reorder the div
and anchor, beats me as to why.
So I can trick the browser by using a span. The css already styles
it as inline-block so no further fixes are required.
* feat: helper for building avatars
* feat: benchpress truefalse globals, componentPrefix in buildAvatar
* refactor: remove componentPrefix
* feat: changes to buildAvatar helper
- removed extra .avatar-xl class in generics.less
- added support for component override
- "size" can be a number now
* fix: prevent overflow of alt text in avatars
* fix: update doc on buildAvatar helper
* feat: add enable/disable checkbox for plugin usage
* feat: submit plugin data to packages.nodebb.org
only submit in production mode
submit once every 24 hours
dont submit for plugins that have "private": true in plugin.json
enabled on new installs
disabled on existing installs
* fix: hash not working after first send
fix statusCode
* fix: remove url
* feat: show compatibilty
* feat: add install question for submit plugin usage
Julian Lam
Barış Soner Uşaklı
gasoved
psychobunny
Opliko
Peter Jaszkowiak
Barış Soner Uşaklı
yossizahn
Aziz Khoury