only return promise if callback is undefined
dont append baseUrl if url already starts with api
correctly handle writeapi readapi response for data/error
remove unused onError
dont append empty ? to url for get routes
* feat: wip admin/users
* feat: more work
* feat: more fixes
* feat: #8662, verified/unverified user groups
* feat: add filter
* feat: change user search to use filters array
* refactor: remove unused search call
* fix: tests
* fix: cant join system groups
* fix: upgrade script
* feat: #8734, jquery-ui, jquery-form, timeago
get rid of forum/footer.js move that code to app.js & wait for app to load before calling ajaxify.end
make sockets.js a requirejs module
move jquery-ui to node_modules and load via requirejs
move jquery-form to node_modules and load via requirejs
move timeago to node_modules and load via requirejs
only include the css for needed jquery-ui widgets
* feat: keep socket/io global for backwards compat
* refactor: move socket listener to chat
This reverts commit a395324b52, and
fixes the issue where the ACP became unusable because of the earlier
variant of this code.
Thanks @psychobunny for spotting.
This solves a small UX issue where clicking on a button (or anchor
that is not meant to be ajaxified) before ajaxify.end is called
leads to nothing happening because the appropriate click handler
has not been added.
This code will intercept premature clicks, wait until ajaxify.end
is called, and then re-send the click.
* refactor: socket posts delete/restore/purge so tid is not necessary
* refactor: stop trying to be fancy
* fix: tests to not pass in tid into posts.deletePosts
* fix: some more unnecessary tid passing
9adaccd036 introduced the ability to
configure an assetBaseUrl, but the timeago strings were still
calling a hardcoded value as it was handled server-side. There's
no need for the strings to be loaded until timeago is initialised.
Additional base URLs were necessary for benchpress and translator,
and in order to not clutter the API response with needless one-
time use base URLs, I decided to use a single base that is used
by all of the services, assetBaseUrl.
* feat: privileges save button, #8537, WIP
* fix: disable firefox autocomplete on privilege form fields
* feat: closes#8537 privilege changes commit on save
- new language strings for confirmation and success modals/toasts
- indeterminate privilege handling (/cc @psychobunny)
- added new discard button
- both discard and save buttons now have confirmation dialogs
* fix(tests): remove duplicate template helper test
* fix(tests): broken template helper test
* feat: confirm dialogs for all privilege copy actions
Also, ability to add user to a privilege table without needing
to refresh the privilege table.
* feat: group row addition w/o table refresh
breaking: helpers.getUserPrivileges and helpers.getGroupPrivileges
no longer make socket calls to the following hooks:
- filter:privileges.list, filter:privileges.admin.list,
filter:privileges.global.list, filter:privileges.groups.list,
filter:privileges.admin.groups.list,
filter:privileges.gloval.groups.list
The filters are still called, but done before the helper method
is called, and the results are passed in instead. This change
should only affect you if you directly call the helper methods,
otherwise the change is transparent.
* fix: stale ajaxify data on privilege category switch
* fix: implicit privileges not showing for user privs
* fix: groups, not group, also fix tests
* fix(tests): again
* fix: wrong tpl rendered when adding group to global priv table
allow selecting main topic to merge into
allow specifying a new title for merge topic
upon merge go to correct topic
new tests for merging with options
* feat: acp privileges (WIP)
* fix: restore global privilege hooks
* refactor: using cid 0 in admin privs
* fix: no need for zebrastripe-reset
* feat: manage:categories privilege WIP
* feat: renamed prefix to admin:, settigns and dashboard privs
* fix: nofocus on acp privs group find modal
* refactor: privileges.x.get() to not used hardcoded privs
* fix: crash if unable to get latest version
* feat: setting acp priv
* Revert "fix: crash if unable to get latest version"
This reverts commit afdb235f48eb0072d88de45f3a1e0151281095b3.
* feat: user/privilege acp privs
* fix: category selector in manage/privileges
* fix: guests potentially becoming admins
* fix: bug in setting admin privs
* fix: some last minute things + api docs
* fix: some more last minute fixes
* feat: fix session mismatch errors by clearing cookie on logout
* feat: remove app.upateHeader
ported from 2.0
* feat: handle if user doesn't click button and just refreshes page
- Show account moderation history
- Ban and delete quick actions
Squashed commit of the following:
commit 0e782e65f4d48ae814708e510ec9d01bcdd914e0
Author: Julian Lam <julian@nodebb.org>
Date: Tue May 26 20:24:53 2020 -0400
fix(deps): use persona 10.1.41/vanilla 11.1.17
commit 369e073d3c3189d8ce181eb3d573489cbe54d4fc
Author: Julian Lam <julian@nodebb.org>
Date: Tue May 26 20:23:24 2020 -0400
fix: allow ban and delete exported methods to have cbs
commit b83a086ea31a77ec82d161306c0b9bc115cb2a3a
Merge: 525aae1ea 256ee45d3
Author: Julian Lam <julian@nodebb.org>
Date: Tue May 26 08:54:25 2020 -0400
Merge remote-tracking branch 'origin/master' into flags-improvements
commit 525aae1ea2e5d0103028a0f0c8dde05f172d088e
Author: Julian Lam <julian@nodebb.org>
Date: Tue May 26 08:53:39 2020 -0400
feat: integrate ban history and username changes to flag history list
commit 3e68ad28ba266f4c8620a676aa7f463f0a9d1df7
Author: Julian Lam <julian@nodebb.org>
Date: Mon May 25 18:22:53 2020 -0400
feat: allow ban and deletion from flag details page
commit a559ea1d8e8883385c2876868d855a0b93516c54
Author: Julian Lam <julian@nodebb.org>
Date: Mon May 25 18:22:00 2020 -0400
feat: export banAccount and deleteAccount methods from accounts module
* feat: testing suite integration for openapi spec
The testing suite now takes the openapi spec into account. It will
check each route defined, make a call to it, and compare the
response with the defined schema. Any mismatches will cause the
test to fail.
* fix(openapi): removed debug stuff from tests
* fix(openapi): fixed some tests
* fix(openapi): added additional check to tests, test fixes
* fix(openapi): better tests, fixed spec errors
* fix(openapi): bad conditional in test
* fix: oops
* fix(openapi): more tests fixing
* fix(openapi): more tests
* fix(openapi): fix some more tests
* fix: verbose'd an info log
* fix: topic pagination route returns schema-optimized pagination block
* fix(openapi): more test/spec fixes
* fix(openapi): accidentally sending in authenticated jar for anon routes
* fix(openapi): more test/spec fixes
* fix(openapi): more spec fixes
* fix: timestampReadable Invalid Date
* fix(openapi): more tests... almost there
* fix(openapi): more tests fixing
* fix(openapi): finally all tests passing
* fix(openapi): added reverse test to compare response to spec
... and fixed all the tests that broke
* fix: remove tests related to group covers, as route is gone
* fix(openapi): broken test on travis
* fix(openapi): broken test on travis
* fix(openapi): broken test on travis
* fix(openapi): object cache is not present for psql
* fix: tests
Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com>
There is no reason why avatars should be a blocking reasorce, and browsers are now adding support for lazy loading of images (and iframes). According to [caniuse.com](https://caniuse.com/#feat=loading-lazy-attr) 62% of users use a browser that supports this attribute.
So there doesn't seem to be any downside to just adding this attribute here. It won't affect browsers that don't support it and might speed up page loads on browsers that do.
* fix: #8142, broken site if no server-side session
During the `addHeader` middleware, a check is now done to see if
`req.session.meta` is present. This value is only present if the user
has a valid server-side session. If it is missing, then it is probably
safe to assume that the server-side session was deleted (either
intentionally or accidentally). In that scenario, the client-side cookie
should be cleared.
Also, there was an issue where the sessionRefresh flag was never cleared
after a successful login, so that was fixed too.
* feat: exported method to get cookie config
* fix: don't clear cookie if cookie is being set
* fix: socket.io tests
Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com>
- Now showing user-join message for chat owner in addition to the newly
added user
- If a modal already exists for a room when createModal is called, don't
return null, return the modal
* feat: wip, better digest handling (+ eventual digest resend logic)
- await emailer.send call in digest.send method
- save send success to a new sorted set digest:{interval}:byUid
* feat: continuing work on digest tools
- Added ACP page to view digest settings and delivery times per user
* feat: added paginator and stub buttons for resending digest
* feat: wrapping up digest revamp
- New language strings in ACP digest page
- Client-side ACP script for digest ACP page
- Websocket call for ACP page to execute digests
- Broke out logic to retrieve user digest settings to getUsersInterval
* fix: minor cleanup
* fix: #8010 and some style suggestions from baris
* fix: resolve confusing comment
* fix: removed duplicate checkContent call in addMessage
addMessage is called in one place (sendMessage), and the checks
are already contained there. addMessage is the lower level call
and so should be called only from within core itself.
* feat: #7330 chat system messages for join, leave, rename
* fix: add back content checking in .addMessage();
* fix: tests, and added .addSystemMessage() method
Tests were relying on message indices that changed due to the
new system messages.
* feat: add tests for system chat messages
* refactor: rewrite half of src/messaging/rooms.js, fix tests
* feat: #7743 messaging/room.js
* fix: tests for messaging/room.js, #7743
* fix: trying to fix tests
* fix: omg :rage2:
* feat: added API route for retrieving analytics via REST API
* feat: sets is now optional, can pass in multiple sets
* fix: moved expand and added json button to panel header
* fix: matching api params to socket method
* fix: update json api button url on graph change
* fix: updated default counts based on passed in units
In not-so-rare circumstances, the avatar generated is wrapped in
an anchor so that when clicked, it goes to the user profile.
Unfortunately, html 4 spec doesn't like block level elements
inside anchors (since an anchor is an inline element), and even
though we define html5 doctype, browsers still reorder the div
and anchor, beats me as to why.
So I can trick the browser by using a span. The css already styles
it as inline-block so no further fixes are required.
* feat: helper for building avatars
* feat: benchpress truefalse globals, componentPrefix in buildAvatar
* refactor: remove componentPrefix
* feat: changes to buildAvatar helper
- removed extra .avatar-xl class in generics.less
- added support for component override
- "size" can be a number now
* fix: prevent overflow of alt text in avatars
* fix: update doc on buildAvatar helper
* feat: add enable/disable checkbox for plugin usage
* feat: submit plugin data to packages.nodebb.org
only submit in production mode
submit once every 24 hours
dont submit for plugins that have "private": true in plugin.json
enabled on new installs
disabled on existing installs
* fix: hash not working after first send
fix statusCode
* fix: remove url
* feat: show compatibilty
* feat: add install question for submit plugin usage
* feat: design revamp of ACP events page
- minor UX changes
- new filter controls, filters moved to sidebar
- form usable without js
- start/end filters NOT programmed yet
* feat: events ACP limit by date and perPage
* feat: pre-fill applied filters on template render
* fix: missing translation for ACP events perPage filter
* fix: added some comments to explain setHours behaviour
* fix: stop - start + 1
* fix: socket tests
* fix: +inf, not just inf
* fix: tests, because I am an idiot
* feat: add upgrade script to give mods privs
* feat: give all privileges when making a moderator
* feat: remove implicit privs
* feat: give global mods default privs
* feat: more priv fixes
* feat: use lodash
* fix: remove implicit mod priv from topic delete
* fix: more privs
* fix: posts.canEdit
* fix: canDelete and canEdit
* fix: tests, remove console.log
* feat: shorter functions
* feat: add tests
* fix: uids
* fix: redis random test fail
* feat: wip -- refresh meta tags on ajaxify
* feat: wrapped up meta tags update on ajaxify feature
* fix: removed commented-out line
* fix: removed another commented-out line
* feat: ability to copy a groups privileges
ability to copy a group's privileges to all categories, or children of current category
* feat: switch to dropdown
added copy from category to groups
* fix: indents
On uploading a new profile picture via URL, a CORS error presents
itself during the .toDataUrl() call due to misconfigured CORS
handling in the library. The change here allows cropper.js to
check crossorigin attribute in image and handle appropriately.
Also, the error handling is improved so the error is caught on
Firefox, as it sends a different error message than on Chrome.
* feat: re-designed digest
Updated design, logic no longer shows "no topics", just doesn't
show the list at all, teaser re-retrieved for digest so that it
always grabs a teaser even if there is no reply, changed default
email background to a light grey.
* fix: minor padding issues in digest
* fix: banned template
* fix: invitation.tpl
* fix: removed unused notif_chat and notif_post email templates
* fix: notification template
* fix: registration_accepted template
* fix: reset tpl
* fix: test tpl
* fix: email verify tpl
* fix: reset notify tpl
* fix: welcome tpl
* fix: additional minor font fixes
* fix: removed unused email header image assets
* fix: internationalised 'your daily digest' string
* fix: broken url in digest 🤦
* feat: added RTL support for emailer
/cc @PostMidnight
- RTL is applied (or unapplied) on login and logout depending on
user language/guest-detected language.
- config is automatically saved into res.locals.config whenever
loadConfig is called
- On login/logout, buildHeader is called instead of getting config
- On logout, req.uid is deleted instead of set to 0
* fix: closes#6784
* #6784 also fix homepage + subfolder installs
* #6784 fixes suburls as well (ex. /tags/x and /groups/y)
* #6784 more elegant solution @pitaj
and the last time I touch this function, lol
* #6784 regis, final answer
I lied in that last commit
* feat: wip, category watch change
* feat: pass data to client
* feat: allow changing state
* fix: account page categories
* fix: show in unread if topic is followed or category is watched
* feat: add default watch state to acp
* feat: save user category watch state
* feat: update unread recent pages
* fix: remove dupe code
* fix: flip conditions
* fix: handle empty arrays
* fix: ignore/watch on others profile
* feat: upgrade script for category states
if there are any users ignoring categories set their state in new zset and delete cid:<cid>:ignorers
* fix: upgrade
* fix: tests
* fix: redis count
* fix: more tests
Barış Soner Uşaklı
Julian Lam
psychobunny
Peter Jaszkowiak
Opliko
yossizahn
Aziz Khoury
Andrew Rodrigues