* fix(user): fix changeProfilePicture
* use promises to simplify callbacks
* use fs.unlink to delete old picture once the profile is updated
Fixes#1415
* fix(user): fix changeProfilePicture
* use promises to simplify callbacks
* use fs.unlink to delete old picture once the profile is updated
* log file errors to console
Fixes#1415
* fix(user): fix changeProfilePicture
* use promises to simplify callbacks
* use fs.unlink to delete old picture once the profile is updated
* log file errors to console
* update error handler module to handle file upload errors
Fixes#1415
* fix(user): fix changeProfilePicture
* use promises to simplify callbacks
* use fs.unlink to delete old picture once the profile is updated
* log file errors to console
* update error handler module to handle file upload errors
Fixes#1415
* Use validator.js instead of regexp for validations in User Schema.
* Disables "Unexpected console statement no-console" warnings
* Fixes redirection to wrong URL after login with social networks.
* Use ViewModel vm instead of $scope in manage social accounts controller.
* preserving the option to redirect to a specific URL as done in saveOAuthUserProfile() (thanks to @OneOfTheWorld for pointing out)
* Fix for users.profile.server.controller.js security (#1338)
Fixes an issue where if req.body._id was not set to the current user it
could potentially log the current user in as another user.
Don't use req.body._id when editing user
Prevents a user from being logged in as another if edit user form _id is
not their own.
Fixes#1338
Fixes an issue with an empty/missing/null Email coming from GitHub's
OAuth call response.
Also, introduces the `sparse` index option on the User model's Email
field. This will ensure that we can have multiple User documents without
the Email field.
Adds a server-side User model test for the sparse index setting on the
email field.
Confirms that User documents without the email field are not indexed,
illustrating the sparse option on the schema's email field works
properly.
Added the dropdb task to the Gulp test:client & test:server tasks, to
ensure we have a clean database & that any indexes are rebuilt; this
will ensure any Schema changes (in this case the email index is rebuilt using
the sparse index option) are reflected when the database is started again.
Added a UPGRADE.md for tracking important upgrade information for our
user's to be aware of, when we introduce potentially breaking changes.
Included an explanation of the Sparse index being added, and how to apply it
to an existing MEANJS application's database.
Adds a script for dropping the `email` field's index from the User
collection.
Related #1145
Changed some bad comments referencing the Articles module in other modules.
Typo fixed in xxx.client.modules.js files ("Application" => "Applicaion")
Full stop character removed at the end of line comments
This solves the issue of the User model's pre('validate') method,
attempting to validate against a password that was not modified.
Adds the this.isModified('password') check to the condition.
Fixes the database seeding bug with the password not passing the owasp
test.
Adds a UserSchema static method that generates a random passphrase that passes
the owasp test.
Performed minor refactoring of the database seed configuration to
implement the new UserSchema method.
Added model test for the UserSchema generateRandomPassphrase static method.
These changes make the role field required in the User model. Changes to
the Admin user edit view were added to provide validation for the role
field.
As an added enhancement, the user's roles are displayed in the Admin
user list view.
Two different strategies are adopted, one for when the user authenticates locally and the other through providers. When authenticating locally, the signin function in the client controller redirects to the previous state (storing and using a state name) after successful login. When authenticating through a provider, the first call to provider stores the previous URL (not state, URL) in the session. Then, when provider actually calls the authentication callback, session redirect_to path is used for redirecting user.
Emails are made unique. When user attempts to sign in through a provider in which his email is one that is already registered, user is redirected to the signin page with an error passed as a query string parameter.
