Fixes scenarios where previously when old image file would be missing, uploading new image file over it would fail because unlinking previous file fails.
* Cropping remove, nicer UI
* Fix MIME-type checking, add image upload tests
* Change image config settings to uploads.profile.image to build a more
rational structure for configuring other types of uploads
Fixes incorrest usage of 400 HTTP responses being returned from the
server, in favor of using 422.
Also, changed a few return codes to 401 where it was more appropriate.
See this article for reasoning behind moving to 422, and why 400 isn't
appropriate for these cases.
For ref:
6be12f8a06
Related:
https://github.com/meanjs/mean/pull/1547https://github.com/meanjs/mean/pull/1510
The test for authentication use a route /api/users/me. This should probably be upgraded to use
a proper passport mock.
In the meanwhile this should make the returned user object safer - using code from core.
Fixes n/a
* Fix(users): Don't update secure profile fields
Avoid updating secure fields as password, salt ..etc through
user profile update.
Fixes#1420
* Refactor variable name
* fix(user): fix changeProfilePicture
* use promises to simplify callbacks
* use fs.unlink to delete old picture once the profile is updated
Fixes#1415
* fix(user): fix changeProfilePicture
* use promises to simplify callbacks
* use fs.unlink to delete old picture once the profile is updated
* log file errors to console
Fixes#1415
* fix(user): fix changeProfilePicture
* use promises to simplify callbacks
* use fs.unlink to delete old picture once the profile is updated
* log file errors to console
* update error handler module to handle file upload errors
Fixes#1415
* fix(user): fix changeProfilePicture
* use promises to simplify callbacks
* use fs.unlink to delete old picture once the profile is updated
* log file errors to console
* update error handler module to handle file upload errors
Fixes#1415
* Fix for users.profile.server.controller.js security (#1338)
Fixes an issue where if req.body._id was not set to the current user it
could potentially log the current user in as another user.
Don't use req.body._id when editing user
Prevents a user from being logged in as another if edit user form _id is
not their own.
Fixes#1338
Changed some bad comments referencing the Articles module in other modules.
Typo fixed in xxx.client.modules.js files ("Application" => "Applicaion")
Full stop character removed at the end of line comments
