Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2026-01-18 13:32:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,296 Commits 69 Branches 489 Tags
fcc1e24ad03721500a8d0922df3fbfb4aa53a673
Commit Graph

700 Commits

Author SHA1 Message Date
Barış Soner Uşaklı
fcc1e24ad0 feat: rename admin middleware header hook 2020-12-23 10:47:51 -05:00
Julian Lam
da191341e8 feat(acp): added new admin privilege for groups management 2020-12-22 21:45:51 -05:00
Julian Lam
34ccabe3ab fix: bad assignment logic in middleware.renderHeader 2020-12-21 10:02:28 -05:00
Julian Lam
75b1bbd09f feat: explicitly add filter:admin/header.build hook 
As it is not fired during middleware.processRender
 2020-12-21 09:59:19 -05:00
Julian Lam
4c87f30184 feat: allow plugins to override ACP relogin challenge 
- used in 2factor
 2020-12-11 11:50:24 -05:00
Julian Lam
90497e3ef5 feat: more work on topic thumbs refactor 
- addThumb and deleteThumb are now protected routes (duh)
- new getThumbs route GET /api/v3/topics/<tid>/thumbs
- Updated `assert.path` middleware to better handle if relative paths are received with upload_url
- Slight refactor of thumbs lib to use validator to differentiate between tid and UUID
 2020-12-09 10:42:41 -05:00
Julian Lam
708b1c338f fix: #9040 2020-12-09 10:42:41 -05:00
Julian Lam
7e9e08f718 feat: server-side routes for handling multiple topic thumbnails 
closes #8994, requires 'topic-thumb-refactor' branch of composer-default
 2020-12-09 10:42:41 -05:00
Julian Lam
6037f5ee2c chore: add comment for clarification 2020-12-07 15:44:34 -05:00
Julian Lam
970ccb5a68 fix: #9063, missing handler for passwordless accounts in admin.checkPrivileges middleware 2020-12-05 09:50:49 -05:00
Julian Lam
3ea66f84e1 fix: use file lib instead of directly accessing fs (for Assert.path) 2020-12-03 07:41:14 -05:00
Julian Lam
6e2da9966e refactor: move plugin hook methods to plugin.hooks.* 2020-11-20 16:32:39 -05:00
Barış Soner Uşaklı
120999bf63 feat: #7550, show message if post is queued when js is disabled 2020-11-17 14:47:06 -05:00
Barış Soner Uşaklı
e4d2764d4c fix: #8884, remove header/footer cache 2020-11-15 16:43:06 -05:00
Barış Soner Uşaklı
a0164b1c38 fix: use header/footer cache in prod 2020-11-08 19:46:36 -05:00
Barış Soner Uşaklı
2e44639210 fix: guest header/footer cache 
allow clearing individual caches
 2020-11-07 22:06:25 -05:00
Barış Soner Uşaklı
4b63f9937c fix: check is banned in buildHeader 
remove unused banReason
remove generateHeader function
 2020-11-04 13:23:10 -05:00
Julian Lam
87bff6cd65 fix: broken test 2020-10-30 17:17:31 -04:00
Julian Lam
dda5d42610 fix: restore old behaviour of empty json w/ 401 code in admin middleware 2020-10-30 14:07:47 -04:00
Julian Lam
15e0731dd9 fix: deprecate middleware.isAdmin 
Also, handle admin logout timer in middleware.admin.checkPrivileges
 2020-10-30 12:30:58 -04:00
Julian Lam
57ed6be78b fix: #8805 define our own name for write API v3 2020-10-29 12:51:36 -04:00
Julian Lam
266d7587b2 refactor: remove usage of middlewares 
Specifically, middleware.isAdmin|exposePrivilegeSet|exposePrivileges
 2020-10-29 07:56:28 -04:00
Barış Soner Uşaklı
a05905f196 performance improvements (#8795) 
* perf: nconf/winston/render

cache nconf.get calls
modify middleware.pageView to call next earlier
don't call winston.verbose on every hook see https://github.com/winstonjs/winston/issues/1669
translate header/footer separately and cache results for guests

* fix: copy paste fail

* refactor: style and fire hook only log in dev mode

* fix: cache key, header changes based on template

* perf: change replace

* fix: add missing await

* perf: category

* perf: lodash clone

* perf: remove escapeRegexChars
 2020-10-26 10:43:18 -04:00
Julian Lam
d68ffea80d feat: send 'Vary' header when ACAO header set 2020-10-21 10:34:38 -04:00
Barış Soner Uşaklı
bbafa1b82a Revert "fix: [breaking] send configured config URL as origin if not custom" 
This reverts commit 205a10308e.
 2020-10-20 18:38:50 -04:00
Julian Lam
205a10308e fix: [breaking] send configured config URL as origin if not custom 
This is a breaking change if your install uses multiple URLs to access. You will need to update the Access-Control-Allow-Origin header in ACP > Advanced > Headers to supply all URLs you use to access your site
 2020-10-20 15:25:20 -04:00
Julian Lam
ff4fcc23b6 Update bundled logos with new branding (#8702) 
* feat: updating logo assets, square logos missing still

* fix: squared logo for touch icon and notification fallback

* fix: update link to favicon

* feat: add default touch icon sizes, if one isn't uploaded

Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com>
 2020-10-18 01:41:04 -04:00
Barış Soner Uşaklı
1fd2eba6f2 refactor: async/await 
src/cli/manage.js
src/meta/build.js
src/meta/css.js
src/meta/js.js
 2020-10-14 22:49:39 -04:00
Julian Lam
1e07886f30 feat: require csrf token if not using bearer token 2020-10-13 16:58:44 -04:00
Barış Soner Uşaklı
dc29f4dca2 refactor: switch to using slugify module 2020-10-11 21:49:37 -04:00
Barış Soner Uşaklı
fda2aedfd8 feat: #8734, jquery-ui, jquery-form, timeago (#8748) 
* feat: #8734, jquery-ui, jquery-form, timeago

get rid of forum/footer.js move that code to app.js & wait for app to load before calling ajaxify.end
make sockets.js a requirejs module
move jquery-ui to node_modules and load via requirejs
move jquery-form to node_modules and load via requirejs
move timeago to node_modules and load via requirejs
only include the css for needed jquery-ui widgets

* feat: keep socket/io global for backwards compat

* refactor: move socket listener to chat
 2020-10-10 21:47:27 -04:00
Julian Lam
8ecef7b891 refactor: middleware.assert.* 2020-10-08 15:33:10 -04:00
Julian Lam
f870721fca feat(writeapi): file deletion route 2020-10-08 15:33:10 -04:00
Julian Lam
2ec838fc59 feat(writeapi): token generation/delete routes, ACP updates 2020-10-08 15:33:10 -04:00
Julian Lam
414169fdfa feat(writeapi): post delete/restore/purge 2020-10-08 15:33:10 -04:00
Julian Lam
8e89f34dbf fix: bad logic in group assertion middleware 2020-10-08 15:33:10 -04:00
Julian Lam
8e7baac6ef fix(writeapi): calls to profile editing routes 200 even if user DNE 2020-10-08 15:33:10 -04:00
Julian Lam
549ca11056 fix: bug where middlewares seemingly ran in parallel 2020-10-08 15:33:10 -04:00
Julian Lam
4c833d0bf0 feat(writeapi): topic posting and replying 2020-10-08 15:33:10 -04:00
Julian Lam
952dc211dd feat(writeapi): added group joining and deletion 2020-10-08 15:33:10 -04:00
Julian Lam
ba345e53e8 feat(writeapi): added POST /api/v1/groups 2020-10-08 15:33:10 -04:00
Julian Lam
a1ddc210b2 feat: added DELETE /api/v1/users/:uid and DELETE /api/v1/users 2020-10-08 15:33:10 -04:00
Julian Lam
bba2a4638c fix: user creation POST route returns user data, updated openapi spec 2020-10-08 15:33:10 -04:00
Julian Lam
7b6d43bcc8 feat: added checkRequired middleware for API calls 2020-10-08 15:33:10 -04:00
Julian Lam
fd67355b03 fix(writeapi): authenticate middleware logic to work better with await 2020-10-08 15:33:10 -04:00
Julian Lam
f6433ef2c5 fix(refactor): merging write-api auth middlewares with core middlewares 2020-10-08 15:33:10 -04:00
Julian Lam
ec5c48b188 feat: migrating write-api skeleton into core 2020-10-08 15:33:10 -04:00
Barış Soner Uşaklı
46ab2711d4 fix: #8432, add CSP frame-ancestors 2020-09-06 17:10:43 -04:00
Barış Soner Uşaklı
6fc31df033 feat: use const/let 2020-09-06 17:04:43 -04:00
Julian Lam
4b0cb26b34 fix: empty "manage" menu showing in ACP 
... if no privileges corresponding to those menu items
are given
 2020-08-21 15:42:04 -04:00