Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2026-04-13 16:08:07 +02:00
Code Issues Packages Projects Releases Wiki Activity
20,975 Commits 73 Branches 496 Tags
5af5cb8517bc4f03ea59a77ff6e882bd277698d1
Commit Graph

689 Commits

Author SHA1 Message Date
Julian Lam
6e2da9966e refactor: move plugin hook methods to plugin.hooks.* 2020-11-20 16:32:39 -05:00
Barış Soner Uşaklı
120999bf63 feat: #7550, show message if post is queued when js is disabled 2020-11-17 14:47:06 -05:00
Barış Soner Uşaklı
e4d2764d4c fix: #8884, remove header/footer cache 2020-11-15 16:43:06 -05:00
Barış Soner Uşaklı
a0164b1c38 fix: use header/footer cache in prod 2020-11-08 19:46:36 -05:00
Barış Soner Uşaklı
2e44639210 fix: guest header/footer cache 
allow clearing individual caches
 2020-11-07 22:06:25 -05:00
Barış Soner Uşaklı
4b63f9937c fix: check is banned in buildHeader 
remove unused banReason
remove generateHeader function
 2020-11-04 13:23:10 -05:00
Julian Lam
87bff6cd65 fix: broken test 2020-10-30 17:17:31 -04:00
Julian Lam
dda5d42610 fix: restore old behaviour of empty json w/ 401 code in admin middleware 2020-10-30 14:07:47 -04:00
Julian Lam
15e0731dd9 fix: deprecate middleware.isAdmin 
Also, handle admin logout timer in middleware.admin.checkPrivileges
 2020-10-30 12:30:58 -04:00
Julian Lam
57ed6be78b fix: #8805 define our own name for write API v3 2020-10-29 12:51:36 -04:00
Julian Lam
266d7587b2 refactor: remove usage of middlewares 
Specifically, middleware.isAdmin|exposePrivilegeSet|exposePrivileges
 2020-10-29 07:56:28 -04:00
Barış Soner Uşaklı
a05905f196 performance improvements (#8795) 
* perf: nconf/winston/render

cache nconf.get calls
modify middleware.pageView to call next earlier
don't call winston.verbose on every hook see https://github.com/winstonjs/winston/issues/1669
translate header/footer separately and cache results for guests

* fix: copy paste fail

* refactor: style and fire hook only log in dev mode

* fix: cache key, header changes based on template

* perf: change replace

* fix: add missing await

* perf: category

* perf: lodash clone

* perf: remove escapeRegexChars
 2020-10-26 10:43:18 -04:00
Julian Lam
d68ffea80d feat: send 'Vary' header when ACAO header set 2020-10-21 10:34:38 -04:00
Barış Soner Uşaklı
bbafa1b82a Revert "fix: [breaking] send configured config URL as origin if not custom" 
This reverts commit 205a10308e.
 2020-10-20 18:38:50 -04:00
Julian Lam
205a10308e fix: [breaking] send configured config URL as origin if not custom 
This is a breaking change if your install uses multiple URLs to access. You will need to update the Access-Control-Allow-Origin header in ACP > Advanced > Headers to supply all URLs you use to access your site
 2020-10-20 15:25:20 -04:00
Julian Lam
ff4fcc23b6 Update bundled logos with new branding (#8702) 
* feat: updating logo assets, square logos missing still

* fix: squared logo for touch icon and notification fallback

* fix: update link to favicon

* feat: add default touch icon sizes, if one isn't uploaded

Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com>
 2020-10-18 01:41:04 -04:00
Barış Soner Uşaklı
1fd2eba6f2 refactor: async/await 
src/cli/manage.js
src/meta/build.js
src/meta/css.js
src/meta/js.js
 2020-10-14 22:49:39 -04:00
Julian Lam
1e07886f30 feat: require csrf token if not using bearer token 2020-10-13 16:58:44 -04:00
Barış Soner Uşaklı
dc29f4dca2 refactor: switch to using slugify module 2020-10-11 21:49:37 -04:00
Barış Soner Uşaklı
fda2aedfd8 feat: #8734, jquery-ui, jquery-form, timeago (#8748) 
* feat: #8734, jquery-ui, jquery-form, timeago

get rid of forum/footer.js move that code to app.js & wait for app to load before calling ajaxify.end
make sockets.js a requirejs module
move jquery-ui to node_modules and load via requirejs
move jquery-form to node_modules and load via requirejs
move timeago to node_modules and load via requirejs
only include the css for needed jquery-ui widgets

* feat: keep socket/io global for backwards compat

* refactor: move socket listener to chat
 2020-10-10 21:47:27 -04:00
Julian Lam
8ecef7b891 refactor: middleware.assert.* 2020-10-08 15:33:10 -04:00
Julian Lam
f870721fca feat(writeapi): file deletion route 2020-10-08 15:33:10 -04:00
Julian Lam
2ec838fc59 feat(writeapi): token generation/delete routes, ACP updates 2020-10-08 15:33:10 -04:00
Julian Lam
414169fdfa feat(writeapi): post delete/restore/purge 2020-10-08 15:33:10 -04:00
Julian Lam
8e89f34dbf fix: bad logic in group assertion middleware 2020-10-08 15:33:10 -04:00
Julian Lam
8e7baac6ef fix(writeapi): calls to profile editing routes 200 even if user DNE 2020-10-08 15:33:10 -04:00
Julian Lam
549ca11056 fix: bug where middlewares seemingly ran in parallel 2020-10-08 15:33:10 -04:00
Julian Lam
4c833d0bf0 feat(writeapi): topic posting and replying 2020-10-08 15:33:10 -04:00
Julian Lam
952dc211dd feat(writeapi): added group joining and deletion 2020-10-08 15:33:10 -04:00
Julian Lam
ba345e53e8 feat(writeapi): added POST /api/v1/groups 2020-10-08 15:33:10 -04:00
Julian Lam
a1ddc210b2 feat: added DELETE /api/v1/users/:uid and DELETE /api/v1/users 2020-10-08 15:33:10 -04:00
Julian Lam
bba2a4638c fix: user creation POST route returns user data, updated openapi spec 2020-10-08 15:33:10 -04:00
Julian Lam
7b6d43bcc8 feat: added checkRequired middleware for API calls 2020-10-08 15:33:10 -04:00
Julian Lam
fd67355b03 fix(writeapi): authenticate middleware logic to work better with await 2020-10-08 15:33:10 -04:00
Julian Lam
f6433ef2c5 fix(refactor): merging write-api auth middlewares with core middlewares 2020-10-08 15:33:10 -04:00
Julian Lam
ec5c48b188 feat: migrating write-api skeleton into core 2020-10-08 15:33:10 -04:00
Barış Soner Uşaklı
46ab2711d4 fix: #8432, add CSP frame-ancestors 2020-09-06 17:10:43 -04:00
Barış Soner Uşaklı
6fc31df033 feat: use const/let 2020-09-06 17:04:43 -04:00
Julian Lam
4b0cb26b34 fix: empty "manage" menu showing in ACP 
... if no privileges corresponding to those menu items
are given
 2020-08-21 15:42:04 -04:00
Julian Lam
cf2f1e956a refactor: changed way middleware was exported 2020-08-21 15:29:40 -04:00
Julian Lam
f00595b32d fix: change how admin middlewares are exported 2020-08-21 15:11:54 -04:00
Julian Lam
ae68a254d7 fix: one less return, to appease codeclimate 2020-08-21 15:06:35 -04:00
Julian Lam
03bd76dea2 fix: inability to access /admin if not superadmin 
There was an odd issue where non-superadmins could not use
the /admin route to access the ACP, even though they had
appropriate access. For whatever reason, it could not
be reliably reproduced on my dev. As it turns out, the
reason was because I was checking the wrong privilege,
and my dev database had this wrong privilege leftover
from the initial development of the ACP admin privileges
feature. Dumb.

Anyhow, that fixes this issue.
 2020-08-21 15:00:51 -04:00
Julian Lam
6521e4dac4 Revert "feat: expose global/admin privileges to all routes" 
This reverts commit 4737f937ee.
 2020-08-20 13:21:30 -04:00
Julian Lam
4737f937ee feat: expose global/admin privileges to all routes 
@barisusakli revert if necessary 😬
 2020-08-20 10:36:11 -04:00
Barış Soner Uşaklı
6e91885836 feat: use assetBaseUrl instead of hardcoding 2020-08-11 11:09:46 -04:00
Barış Soner Uşaklı
3f01f4a2b8 Revert "feat: load timeago strings client-side" 
This reverts commit 558a2d739c.
 2020-08-11 11:06:46 -04:00
Julian Lam
558a2d739c feat: load timeago strings client-side 
9adaccd036 introduced the ability to
configure an assetBaseUrl, but the timeago strings were still
calling a hardcoded value as it was handled server-side. There's
no need for the strings to be loaded until timeago is initialised.
 2020-08-11 11:00:45 -04:00
Barış Soner Uşaklı
3761f05c98 feat: change invalid language codes to default lang 2020-07-24 12:22:24 -04:00
Barış Soner Uşaklı
0cea713691 feat: remove deprecated checkGlobalPrivacySettings 2020-07-24 11:42:37 -04:00