We used to send a soft 404 because require.js would error out on
a 404, but it seems years ago, error handling was added to the
require() call, so a hard 404 will not throw errors to the console
* feat: acp privileges (WIP)
* fix: restore global privilege hooks
* refactor: using cid 0 in admin privs
* fix: no need for zebrastripe-reset
* feat: manage:categories privilege WIP
* feat: renamed prefix to admin:, settigns and dashboard privs
* fix: nofocus on acp privs group find modal
* refactor: privileges.x.get() to not used hardcoded privs
* fix: crash if unable to get latest version
* feat: setting acp priv
* Revert "fix: crash if unable to get latest version"
This reverts commit afdb235f48eb0072d88de45f3a1e0151281095b3.
* feat: user/privilege acp privs
* fix: category selector in manage/privileges
* fix: guests potentially becoming admins
* fix: bug in setting admin privs
* fix: some last minute things + api docs
* fix: some more last minute fixes
* feat: fix session mismatch errors by clearing cookie on logout
* feat: remove app.upateHeader
ported from 2.0
* feat: handle if user doesn't click button and just refreshes page
* feat: testing suite integration for openapi spec
The testing suite now takes the openapi spec into account. It will
check each route defined, make a call to it, and compare the
response with the defined schema. Any mismatches will cause the
test to fail.
* fix(openapi): removed debug stuff from tests
* fix(openapi): fixed some tests
* fix(openapi): added additional check to tests, test fixes
* fix(openapi): better tests, fixed spec errors
* fix(openapi): bad conditional in test
* fix: oops
* fix(openapi): more tests fixing
* fix(openapi): more tests
* fix(openapi): fix some more tests
* fix: verbose'd an info log
* fix: topic pagination route returns schema-optimized pagination block
* fix(openapi): more test/spec fixes
* fix(openapi): accidentally sending in authenticated jar for anon routes
* fix(openapi): more test/spec fixes
* fix(openapi): more spec fixes
* fix: timestampReadable Invalid Date
* fix(openapi): more tests... almost there
* fix(openapi): more tests fixing
* fix(openapi): finally all tests passing
* fix(openapi): added reverse test to compare response to spec
... and fixed all the tests that broke
* fix: remove tests related to group covers, as route is gone
* fix(openapi): broken test on travis
* fix(openapi): broken test on travis
* fix(openapi): broken test on travis
* fix(openapi): object cache is not present for psql
* fix: tests
Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com>
In scenarios where onSuccessfulLogin was not called in the SSO plugin,
core's calling of onSuccessfulLogin was prematurely returning, because
it was checking the wrong value.
This commit fixes the issue by checking a different value.
* feat: wip, better digest handling (+ eventual digest resend logic)
- await emailer.send call in digest.send method
- save send success to a new sorted set digest:{interval}:byUid
* feat: continuing work on digest tools
- Added ACP page to view digest settings and delivery times per user
* feat: added paginator and stub buttons for resending digest
* feat: wrapping up digest revamp
- New language strings in ACP digest page
- Client-side ACP script for digest ACP page
- Websocket call for ACP page to execute digests
- Broke out logic to retrieve user digest settings to getUsersInterval
* fix: minor cleanup
* fix: #8010 and some style suggestions from baris
* fix: resolve confusing comment
* adding filter:login.check and loginFormEntry[] for the filter:login.build hook, related to nodebb-plugin-spam-be-gone/issues/32
* do not exceed 50 lines per function
* spam-be-gone@0.6.4
* feat: add failing test for pagination
* feat: test
* fix: redis tests
* refactor: remove logs
* fix: add new test
* feat: make sortedSetRangeByScore work with keys on redis
* fix: hardcoded set name
* feat: show topics from readable categories on recent/popular/top
* feat: rewrite unread topics
respect watched categories and followed topics
* fix: term + watched
* Add view users info global privilege
* Show user ip only to global mods and admins
* fix missing comma
* Hide link for users without correct privilege
* move getting privilege information to getAllData
* Hide the link from Global Moderators as well
* Give Global Moderator view:users:info privilege
* Restrict ip in post menu to view:users:info
* add some trailing commas....
* Add privilege to categories test
* Add group privilege to categories test
* add upgrade script
* fix style for TravisCI
* more styling - change spaces to tabs
* some more styling fixes (hopefully final one)
* fix style for Travis CI
* hide ip in chat messages
* Don't show even hidden ips on user profile page
* add filter:manifest.build
Added a hook that lets plugins modify manifest.json, as suggested in https://community.nodebb.org/post/59670
* Added error handling
Thanks barisusakli
* Define next
* Pass data as an object
* Remove multiple spaces
* feat: added API route for retrieving analytics via REST API
* feat: sets is now optional, can pass in multiple sets
* fix: moved expand and added json button to panel header
* fix: matching api params to socket method
* fix: update json api button url on graph change
* fix: updated default counts based on passed in units
* feat: add enable/disable checkbox for plugin usage
* feat: submit plugin data to packages.nodebb.org
only submit in production mode
submit once every 24 hours
dont submit for plugins that have "private": true in plugin.json
enabled on new installs
disabled on existing installs
* fix: hash not working after first send
fix statusCode
* fix: remove url
* feat: show compatibilty
* feat: add install question for submit plugin usage
* feat: design revamp of ACP events page
- minor UX changes
- new filter controls, filters moved to sidebar
- form usable without js
- start/end filters NOT programmed yet
* feat: events ACP limit by date and perPage
* feat: pre-fill applied filters on template render
* fix: missing translation for ACP events perPage filter
* fix: added some comments to explain setHours behaviour
* fix: stop - start + 1
* fix: socket tests
* fix: +inf, not just inf
* fix: tests, because I am an idiot
* feat: add upgrade script to give mods privs
* feat: give all privileges when making a moderator
* feat: remove implicit privs
* feat: give global mods default privs
* feat: more priv fixes
* feat: use lodash
* fix: remove implicit mod priv from topic delete
* fix: more privs
* fix: posts.canEdit
* fix: canDelete and canEdit
* fix: tests, remove console.log
* feat: shorter functions
* feat: add tests
* fix: uids
* fix: redis random test fail
* auto unban when User.getUsersFields is called and the user is banned but has expired
* cleanups and removal of expiry_readable
* expiry_readable make an alias for backward compatibility
* User.bans.func vs User.*ban*Func
* console.log cleanups, plus todo message added
* use code util.deprecate
* fix: remove ununsed winston require
* fix: display proper site logo or og-image with sizes in head
* fix: refactor og:image logic, #7444
- Updated logic to set additional og:image tags based on more
factors
- logo.png fallback
* feat: save image sizes on post upload, re: #7444
* fix: awaiting addTags in topic controller
* fix: pass strings to meta tags object
* fix: sending absolute image url to meta tag
* fix: removed unneeded async and requiring sync db
* feat: upgrade to calculate image sizes for all post uploads tracked
* fix: tests
- RTL is applied (or unapplied) on login and logout depending on
user language/guest-detected language.
- config is automatically saved into res.locals.config whenever
loadConfig is called
- On login/logout, buildHeader is called instead of getting config
- On logout, req.uid is deleted instead of set to 0
* feat: wip, category watch change
* feat: pass data to client
* feat: allow changing state
* fix: account page categories
* fix: show in unread if topic is followed or category is watched
* feat: add default watch state to acp
* feat: save user category watch state
* feat: update unread recent pages
* fix: remove dupe code
* fix: flip conditions
* fix: handle empty arrays
* fix: ignore/watch on others profile
* feat: upgrade script for category states
if there are any users ignoring categories set their state in new zset and delete cid:<cid>:ignorers
* fix: upgrade
* fix: tests
* fix: redis count
* fix: more tests
* fix: #7038, autoLocale logic not playing nicely with no-refresh auths
- on login, req.query.lang is deleted (since it seems to be left over)
- on logout, the middleware.autoLocale is executed, which resets
req.query.lang
- middleware.autoLocale is new, just refactored existing logic in
webserver.js into new middleware method.
* style: tests, use lodash
* fix: timeago strings not switching languages on login or out
Made the dropdown an MDL button fab with better positioning via
a p.lead so that it is more easily discoverable and obvious that
it is a button that can be pressed.
Fixes#6899
* WIP
* using bootswatch from npm instead of bootswatch CDN url
* feat: on-demand client css building for skins
* added ability for client-side to select a skin
* updated loading and saving logic of bootstrapSkin on client side user settings
* fix: broken test for #6849
* no-refresh login as well, plus lots of fixes for missing config on login
* replace config with new set on logout as well
* passing new payload data into new action:app.loggedIn hook, and old action:app.loggedOut hook
* fixed issues with socket.io not properly representing uid on server
* some light refactoring and cleanup
* minor cleanup, fixed spa logout not working after login
* have reconnection handler for socket.io wait 2s to confirm disconnection before reporting -- stops flicker if reconnecting immediately
* Dynamically replace chat and slideout menu on updateHeader()
... instead of just the menu items.
* more efficient calls to Benchpress and translator /cc @pitaj
* fix: chats and notification handlers not working after login
* fix: accidentally calling cb multiple times
* Store config fields as JSON in the db
Fewer parseInts
* Remove unnecessary parseInts
* remove some dupe code add tests
* remove console.log
* remove more parseInts
* WIP: read meta.configs defaults from defaults.json
remove more parseInts
* more work
* add log for failing test
* update admin pwd
* fix tests, dont require posts/cache before configs are initialized
* handle saves
* Test boolean conditions
* remove more parseInts
* Fix boolean values
* remove lots more parseInts
* removed json parsing
* renamed var to number
* categories dont have timestamp
* allow groups.join to take an array of group names
* pass an array to groups.join/leave in privileges
* split up groups/membership
* add hits/miss to group cache
* fix typo
* add probe image size and max image size
* replace jimp and image-probe with sharp
* better name for test
* resize with just path
* resize thumb inplace
* use filename
-moved user.blocks.filter from unread controller to getUnreadTopics so
topics are filtered at other places this function is called
- when a new post is made do not send it to uids that have blocked the
poster
- update getUnreadTids so it does not return topics that have new posts
from blocked users
- update hasReadTopics so it does not return false data if topic has new
posts from blocked users
* DRY req props that depend on auth (fix#6727)
authentication leads to req.loggedIn and req.uid being set. However, a
later authentication event might outdate them. Here, I create one
function for setting those properties, and make sure it also is called
on the `action:middleware.authenticate` hook, which would be such an
authentication event. If there are other places, those should be added
as well.
* fix lint errors
* fix lint error
* change exports
* [test/database/list] Fix test list 4 being used in two different tests
* [database/postgres] PostgreSQL database driver
* [database/postgres] Make transactions work based on continuation scope.
* [database/postgres] Implement nested transactions
* eslint --fix
* Add database changes from earlier this week to the PostgreSQL driver.
* Fix typo
* Fix postgres.incrObjectFieldBy returning undefined instead of null when given NaN
* [database/postgres] Fix sortedSetsCard returning an array of strings.
* Update socket.io postgres adapter
* Fix PostgreSQL erroring when multiple updates are made to the same sorted set entry in a single operation.
Add a test case to catch this error.
* Fix lint errors.
* Only prune sessions on one instance in a cluster to avoid deadlocks.
They're caught and handled by the database server, but they spam the logs.
* Fix arguments.slice.
Sam Thompson
Julian Lam
Barış Soner Uşaklı
psychobunny
cryptoethic
Opliko
Aziz Khoury
Barış Soner Uşaklı
Ricki Hirner
Peter Jaszkowiak
renovate[bot]
André Zanghelini
LudwikJaniuk
Ben Lubar