Merge branch 'master' of github.com:NodeBB/NodeBB

This commit is contained in:
Julian Lam
2020-07-10 11:50:55 -04:00
23 changed files with 241 additions and 59 deletions

View File

@@ -70,6 +70,8 @@
"reputation:disabled": 0,
"downvote:disabled": 0,
"disableSignatures": 0,
"downvotesPerDay": 10,
"downvotesPerUserPerDay": 3,
"min:rep:downvote": 0,
"min:rep:flag": 0,
"min:rep:profile-picture": 0,

View File

@@ -2,7 +2,7 @@
"name": "nodebb",
"license": "GPL-3.0",
"description": "NodeBB Forum",
"version": "1.14.1",
"version": "1.14.2-beta.0",
"homepage": "http://www.nodebb.org",
"repository": {
"type": "git",
@@ -80,7 +80,7 @@
"@nodebb/mubsub": "^1.6.0",
"@nodebb/socket.io-adapter-mongo": "3.0.1",
"nconf": "^0.10.0",
"nodebb-plugin-composer-default": "6.3.48",
"nodebb-plugin-composer-default": "6.3.50",
"nodebb-plugin-dbsearch": "4.1.1",
"nodebb-plugin-emoji": "^3.3.0",
"nodebb-plugin-emoji-android": "2.0.0",
@@ -90,7 +90,7 @@
"nodebb-plugin-spam-be-gone": "0.7.2",
"nodebb-rewards-essentials": "0.1.3",
"nodebb-theme-lavender": "5.0.11",
"nodebb-theme-persona": "10.1.60",
"nodebb-theme-persona": "10.1.62",
"nodebb-theme-slick": "1.2.29",
"nodebb-theme-vanilla": "11.1.32",
"nodebb-widget-essentials": "4.1.1",
@@ -172,4 +172,4 @@
"url": "https://github.com/barisusakli"
}
]
}
}

View File

@@ -76,6 +76,7 @@
"alert.user-search": "Search for a user here...",
"alert.find-group": "Find a Group",
"alert.group-search": "Search for a group here...",
"alert.not-enough-whitelisted-tags": "Whitelisted tags are less than minimum tags, you need to create more whitelisted tags!",
"collapse-all": "Collapse All",
"expand-all": "Expand All",
"disable-on-create": "Disable on create"

View File

@@ -108,5 +108,5 @@
"alerts.prompt-email": "Emails: ",
"alerts.email-sent-to": "An invitation email has been sent to %1",
"alerts.x-users-found": "%1 user(s) found! Search took %2 ms."
"alerts.x-users-found": "%1 user(s) found, (%2 seconds)"
}

View File

@@ -5,6 +5,8 @@
"votes-are-public": "All Votes Are Public",
"thresholds": "Activity Thresholds",
"min-rep-downvote": "Minimum reputation to downvote posts",
"downvotes-per-day": "Downvotes per day (set to 0 for unlimited downvotes)",
"downvotes-per-user-per-day": "Downvotes per user per day (set to 0 for unlimited downvotes)",
"min-rep-flag": "Minimum reputation to flag posts",
"min-rep-website": "Minimum reputation to add \"Website\" to user profile",
"min-rep-aboutme": "Minimum reputation to add \"About me\" to user profile",

View File

@@ -165,6 +165,8 @@
"not-enough-reputation-min-rep-cover-picture": "You do not have enough reputation to add a cover picture",
"already-flagged": "You have already flagged this post",
"self-vote": "You cannot vote on your own post",
"too-many-downvotes-today": "You can only downvote %1 times a day",
"too-many-downvotes-today-user": "You can only downvote a user %1 times a day",
"reload-failed": "NodeBB encountered a problem while reloading: \"%1\". NodeBB will continue to serve the existing client-side assets, although you should undo what you did just prior to reloading.",

View File

@@ -60,6 +60,8 @@
"composer.upload-file": "Upload File",
"composer.zen_mode": "Zen Mode",
"composer.select_category": "Select a category",
"composer.textarea.placeholder": "Enter your post content here, drag and drop images",
"bootbox.ok": "OK",
"bootbox.cancel": "Cancel",

View File

@@ -954,11 +954,30 @@ paths:
properties:
search_display:
type: string
matchCount:
type: number
query:
type: string
uidQuery:
type: string
usernameQuery:
type: string
emailQuery:
type: string
ipQuery:
type: string
pageCount:
type: number
resultsPerPage:
type: number
timing:
type: number
users:
type: array
items:
$ref: components/schemas/UserObject.yaml#/UserObjectACP
- $ref: components/schemas/CommonProps.yaml#/CommonProps
- $ref: components/schemas/Pagination.yaml#/Pagination
/api/admin/manage/users/latest:
get:
tags:

View File

@@ -48,6 +48,11 @@ define('admin/manage/category', [
$('[data-name="bgColor"], [data-name="color"]').each(enableColorPicker);
$('#save').on('click', function () {
var tags = $('#tag-whitelist').val() ? $('#tag-whitelist').val().split(',') : [];
if (tags.length && tags.length < parseInt($('#cid-min-tags').val(), 10)) {
return app.alertError('[[admin/manage/categories:alert.not-enough-whitelisted-tags]]');
}
if (Object.keys(modified_categories).length) {
socket.emit('admin.categories.update', modified_categories, function (err, result) {
if (err) {

View File

@@ -376,33 +376,10 @@ define('admin/manage/users', ['translator', 'benchpress', 'autocomplete'], funct
timeoutId = setTimeout(function () {
$('.fa-spinner').removeClass('hidden');
socket.emit('admin.user.search', { searchBy: type, query: $this.val() }, function (err, data) {
if (err) {
return app.alertError(err.message);
}
Benchpress.parse('admin/manage/users', 'users', data, function (html) {
translator.translate(html, function (html) {
html = $(html);
$('.users-table tbody tr').remove();
$('.users-table tbody').append(html);
html.find('.timeago').timeago();
$('.fa-spinner').addClass('hidden');
if (data && data.users.length === 0) {
$('#user-notfound-notify').translateHtml('[[admin/manage/users:search.not-found]]')
.removeClass('hide')
.addClass('label-danger')
.removeClass('label-success');
} else {
$('#user-notfound-notify').translateHtml(translator.compile('admin/manage/users:alerts.x-users-found', data.users.length, data.timing))
.removeClass('hide')
.addClass('label-success')
.removeClass('label-danger');
}
});
});
loadSearchPage({
searchBy: type,
query: $this.val(),
page: 1,
});
}, 250);
});
@@ -412,6 +389,38 @@ define('admin/manage/users', ['translator', 'benchpress', 'autocomplete'], funct
handleInvite();
};
function loadSearchPage(query) {
var qs = decodeURIComponent($.param(query));
$.get(config.relative_path + '/api/admin/manage/users/search?' + qs, renderSearchResults).fail(function (xhrErr) {
if (xhrErr && xhrErr.responseJSON && xhrErr.responseJSON.error) {
app.alertError(xhrErr.responseJSON.error);
}
});
}
function renderSearchResults(data) {
Benchpress.parse('partials/paginator', { pagination: data.pagination }, function (html) {
$('.pagination-container').replaceWith(html);
});
app.parseAndTranslate('admin/manage/users', 'users', data, function (html) {
$('.users-table tbody tr').remove();
$('.users-table tbody').append(html);
html.find('.timeago').timeago();
$('.fa-spinner').addClass('hidden');
if (data && data.users.length === 0) {
$('#user-notfound-notify').translateHtml('[[admin/manage/users:search.not-found]]')
.removeClass('hidden');
$('#user-found-notify').addClass('hidden');
} else {
$('#user-found-notify').translateHtml(translator.compile('admin/manage/users:alerts.x-users-found', data.matchCount, data.timing))
.removeClass('hidden');
$('#user-notfound-notify').addClass('hidden');
}
});
}
function handleInvite() {
$('[component="user/invite"]').on('click', function () {
bootbox.prompt('[[admin/manage/users:alerts.prompt-email]]', function (email) {

View File

@@ -11,7 +11,9 @@ define('categorySearch', function () {
if (!searchEl.length) {
return;
}
var toggleVisibility = searchEl.parent('[component="category/dropdown"]').length > 0;
var toggleVisibility = searchEl.parent('[component="category/dropdown"]').length > 0 ||
searchEl.parent('[component="category-selector"]').length > 0;
var categoryEls = el.find('[component="category/list"] [data-cid]');
el.on('show.bs.dropdown', function () {
function revealParents(cid) {

View File

@@ -1,6 +1,7 @@
'use strict';
const nconf = require('nconf');
const validator = require('validator');
const user = require('../../user');
const meta = require('../../meta');
@@ -15,11 +16,56 @@ const usersController = module.exports;
const userFields = ['uid', 'username', 'userslug', 'email', 'postcount', 'joindate', 'banned',
'reputation', 'picture', 'flags', 'lastonline', 'email:confirmed'];
usersController.search = function (req, res) {
res.render('admin/manage/users', {
search_display: '',
users: [],
usersController.search = async function (req, res) {
const page = parseInt(req.query.page, 10) || 1;
let resultsPerPage = parseInt(req.query.resultsPerPage, 10) || 50;
if (![50, 100, 250, 500].includes(resultsPerPage)) {
resultsPerPage = 50;
}
const searchData = await user.search({
uid: req.uid,
query: req.query.query,
searchBy: req.query.searchBy,
page: page,
resultsPerPage: resultsPerPage,
findUids: async function (query, searchBy, hardCap) {
if (!query || query.length < 2) {
return [];
}
hardCap = hardCap || resultsPerPage * 10;
if (!query.endsWith('*')) {
query += '*';
}
const data = await db.getSortedSetScan({
key: searchBy + ':sorted',
match: query,
limit: hardCap,
});
return data.map(data => data.split(':')[1]);
},
});
const uids = searchData.users.map(user => user && user.uid);
const userInfo = await user.getUsersFields(uids, ['email', 'flags', 'lastonline', 'joindate']);
searchData.users.forEach(function (user, index) {
if (user && userInfo[index]) {
user.email = userInfo[index].email;
user.flags = userInfo[index].flags || 0;
user.lastonlineISO = userInfo[index].lastonlineISO;
user.joindateISO = userInfo[index].joindateISO;
}
});
searchData.query = validator.escape(String(req.query.query || ''));
searchData.uidQuery = req.query.searchBy === 'uid' ? searchData.query : '';
searchData.usernameQuery = req.query.searchBy === 'username' ? searchData.query : '';
searchData.emailQuery = req.query.searchBy === 'email' ? searchData.query : '';
searchData.ipQuery = req.query.searchBy === 'uid' ? searchData.query : '';
searchData.resultsPerPage = resultsPerPage;
searchData.pagination = pagination.create(page, searchData.pageCount, req.query);
searchData.search_display = '';
res.render('admin/manage/users', searchData);
};
usersController.sortByJoinDate = async function (req, res) {

View File

@@ -168,7 +168,7 @@ mongoModule.close = function (callback) {
mongoModule.socketAdapter = function () {
const mongoAdapter = require('@nodebb/socket.io-adapter-mongo');
return mongoAdapter(connection.getConnectionString());
return mongoAdapter(connection.getConnectionString(), connection.getConnectionOptions());
};
require('./mongo/main')(mongoModule);

View File

@@ -218,7 +218,7 @@ exports.build = function (targets, options, callback) {
},
], function (err) {
if (err) {
winston.error('[build] Encountered error during build step\n' + err.stack);
winston.error('[build] Encountered error during build step\n' + err.stack ? err.stack : err);
return callback(err);
}

View File

@@ -119,18 +119,17 @@ module.exports = function (Posts) {
}
async function unvote(pid, uid, command) {
const [owner, voteStatus, reputation] = await Promise.all([
const [owner, voteStatus] = await Promise.all([
Posts.getPostField(pid, 'uid'),
Posts.hasVoted(pid, uid),
user.getUserField(uid, 'reputation'),
]);
if (parseInt(uid, 10) === parseInt(owner, 10)) {
throw new Error('[[error:self-vote]]');
}
if (command === 'downvote' && reputation < meta.config['min:rep:downvote']) {
throw new Error('[[error:not-enough-reputation-to-downvote]]');
if (command === 'downvote') {
await checkDownvoteLimitation(pid, uid);
}
let hook;
@@ -159,6 +158,33 @@ module.exports = function (Posts) {
return await vote(voteStatus.upvoted ? 'downvote' : 'upvote', true, pid, uid);
}
async function checkDownvoteLimitation(pid, uid) {
const oneDay = 86400000;
const [reputation, targetUid, downvotedPids] = await Promise.all([
user.getUserField(uid, 'reputation'),
Posts.getPostField(pid, 'uid'),
db.getSortedSetRevRangeByScore(
'uid:' + uid + ':downvote', 0, -1, '+inf', Date.now() - oneDay
),
]);
if (reputation < meta.config['min:rep:downvote']) {
throw new Error('[[error:not-enough-reputation-to-downvote]]');
}
if (meta.config.downvotesPerDay && downvotedPids.length >= meta.config.downvotesPerDay) {
throw new Error('[[error:too-many-downvotes-today, ' + meta.config.downvotesPerDay + ']]');
}
if (meta.config.downvotesPerUserPerDay) {
const postData = await Posts.getPostsFields(downvotedPids, ['uid']);
const targetDownvotes = postData.filter(p => p.uid === targetUid).length;
if (targetDownvotes >= meta.config.downvotesPerUserPerDay) {
throw new Error('[[error:too-many-downvotes-today-user, ' + meta.config.downvotesPerUserPerDay + ']]');
}
}
}
async function vote(type, unvote, pid, uid) {
uid = parseInt(uid, 10);
if (uid <= 0) {

View File

@@ -178,6 +178,7 @@ async function deleteUsers(socket, uids, method) {
}
User.search = async function (socket, data) {
// TODO: deprecate
const searchData = await user.search({
query: data.query,
searchBy: data.searchBy,

View File

@@ -368,8 +368,15 @@ SocketGroups.cover.update = async (socket, data) => {
if (!socket.uid) {
throw new Error('[[error:no-privileges]]');
}
if (data.file || (!data.imageData && !data.position)) {
throw new Error('[[error:invalid-data]]');
}
await canModifyGroup(socket.uid, data.groupName);
return await groups.updateCover(socket.uid, data);
return await groups.updateCover(socket.uid, {
groupName: data.groupName,
imageData: data.imageData,
position: data.position,
});
};
SocketGroups.cover.remove = async (socket, data) => {
@@ -378,7 +385,9 @@ SocketGroups.cover.remove = async (socket, data) => {
}
await canModifyGroup(socket.uid, data.groupName);
await groups.removeCover(data);
await groups.removeCover({
groupName: data.groupName,
});
};
async function canModifyGroup(uid, groupName) {

View File

@@ -37,9 +37,9 @@ module.exports = function (User) {
};
if (paginate) {
var resultsPerPage = meta.config.userSearchResultsPerPage;
var start = Math.max(0, page - 1) * resultsPerPage;
var stop = start + resultsPerPage;
const resultsPerPage = data.resultsPerPage || meta.config.userSearchResultsPerPage;
const start = Math.max(0, page - 1) * resultsPerPage;
const stop = start + resultsPerPage;
searchResult.pageCount = Math.ceil(uids.length / resultsPerPage);
uids = uids.slice(start, stop);
}

View File

@@ -57,23 +57,26 @@
<form class="form-inline">
<div class="form-group">
<label>[[admin/manage/users:search.uid]]</label>
<input class="form-control" id="search-user-uid" data-search-type="uid" type="number" placeholder="[[admin/manage/users:search.uid-placeholder]]"/><br />
<input class="form-control" id="search-user-uid" data-search-type="uid" type="number" placeholder="[[admin/manage/users:search.uid-placeholder]]" value="{uidQuery}"/>
</div>
<div class="form-group">
<label>[[admin/manage/users:search.username]]</label>
<input class="form-control" id="search-user-name" data-search-type="username" type="text" placeholder="[[admin/manage/users:search.username-placeholder]]"/><br />
<input class="form-control" id="search-user-name" data-search-type="username" type="text" placeholder="[[admin/manage/users:search.username-placeholder]]" value="{usernameQuery}"/>
</div>
<div class="form-group">
<label>[[admin/manage/users:search.email]]</label>
<input class="form-control" id="search-user-email" data-search-type="email" type="text" placeholder="[[admin/manage/users:search.email-placeholder]]"/><br />
<input class="form-control" id="search-user-email" data-search-type="email" type="text" placeholder="[[admin/manage/users:search.email-placeholder]]" value="{emailQuery}"/>
</div>
<div class="form-group">
<label>[[admin/manage/users:search.ip]]</label>
<input class="form-control" id="search-user-ip" data-search-type="ip" type="text" placeholder="[[admin/manage/users:search.ip-placeholder]]"/><br />
<input class="form-control" id="search-user-ip" data-search-type="ip" type="text" placeholder="[[admin/manage/users:search.ip-placeholder]]" value="{ipQuery}"/>
</div>
</form>
<i class="fa fa-spinner fa-spin hidden"></i>
<span id="user-notfound-notify" class="label label-danger hide">[[admin/manage/users:search.not-found]]</span><br/>
<div id="user-found-notify" class="label label-info {{{if !matchCount}}}hidden{{{end}}}">[[admin/manage/users:alerts.x-users-found, {matchCount}, {timing}]]</div>
<div id="user-notfound-notify" class="label label-danger {{{if !query}}}hidden{{{end}}} {{{if matchCount}}}hidden{{{end}}}">[[admin/manage/users:search.not-found]]</div>
</div>
<!-- IF inactive -->

View File

@@ -17,7 +17,7 @@
</div>
<div class="col-lg-6">
<label>[[admin/extend/widgets:hide-from-groups]]</label>
<select name="groups" class="form-control" multiple size="10">
<select name="groupsHideFrom" class="form-control" multiple size="10">
<!-- BEGIN groups -->
<option value="{groups.displayName}">{groups.displayName}</option>
<!-- END groups -->

View File

@@ -32,7 +32,10 @@
<div class="col-sm-2 col-xs-12 settings-header">[[admin/settings/reputation:thresholds]]</div>
<div class="col-sm-10 col-xs-12">
<form>
<strong>[[admin/settings/reputation:min-rep-downvote]]</strong><br /> <input type="text" class="form-control" placeholder="0" data-field="min:rep:downvote"><br />
<strong>[[admin/settings/reputation:min-rep-downvote]]</strong><br /> <input type="text" class="form-control" placeholder="0"
data-field="min:rep:downvote"><br />
<strong>[[admin/settings/reputation:downvotes-per-day]]</strong><br /> <input type="text" class="form-control" placeholder="10" data-field="downvotesPerDay"><br />
<strong>[[admin/settings/reputation:downvotes-per-user-per-day]]</strong><br /> <input type="text" class="form-control" placeholder="3" data-field="downvotesPerUserPerDay"><br />
<strong>[[admin/settings/reputation:min-rep-flag]]</strong><br /> <input type="text" class="form-control" placeholder="0" data-field="min:rep:flag"><br />
<strong>[[admin/settings/reputation:min-rep-website]]</strong><br /> <input type="text" class="form-control" placeholder="0" data-field="min:rep:website"><br />
<strong>[[admin/settings/reputation:min-rep-aboutme]]</strong><br /> <input type="text" class="form-control" placeholder="0" data-field="min:rep:aboutme"><br />

View File

@@ -1387,9 +1387,9 @@ describe('Groups', function () {
});
it('should fail if user is not logged in or not owner', function (done) {
socketGroups.cover.update({ uid: 0 }, {}, function (err) {
socketGroups.cover.update({ uid: 0 }, { imageData: 'asd' }, function (err) {
assert.equal(err.message, '[[error:no-privileges]]');
socketGroups.cover.update({ uid: regularUid }, { groupName: 'Test' }, function (err) {
socketGroups.cover.update({ uid: regularUid }, { groupName: 'Test', imageData: 'asd' }, function (err) {
assert.equal(err.message, '[[error:no-privileges]]');
done();
});
@@ -1404,7 +1404,7 @@ describe('Groups', function () {
type: 'image/png',
},
};
socketGroups.cover.update({ uid: adminUid }, data, function (err, data) {
Groups.updateCover({ uid: adminUid }, data, function (err, data) {
assert.ifError(err);
Groups.getGroupFields('Test', ['cover:url'], function (err, groupData) {
assert.ifError(err);
@@ -1434,6 +1434,20 @@ describe('Groups', function () {
});
});
it('should fail to upload group cover with invalid image', function (done) {
var data = {
groupName: 'Test',
file: {
path: imagePath,
type: 'image/png',
},
};
socketGroups.cover.update({ uid: adminUid }, data, function (err) {
assert.equal(err.message, '[[error:invalid-data]]');
done();
});
});
it('should fail to upload group cover with invalid image', function (done) {
var data = {
groupName: 'Test',

View File

@@ -242,6 +242,42 @@ describe('Post\'s', function () {
});
});
});
it('should prevent downvoting more than total daily limit', async () => {
const oldValue = meta.config.downvotesPerDay;
meta.config.downvotesPerDay = 1;
let err;
const p1 = await topics.reply({
uid: voteeUid,
tid: topicData.tid,
content: 'raw content',
});
try {
await socketPosts.downvote({ uid: voterUid }, { pid: p1.pid, room_id: 'topic_1' });
} catch (_err) {
err = _err;
}
assert.equal(err.message, '[[error:too-many-downvotes-today, 1]]');
meta.config.downvotesPerDay = oldValue;
});
it('should prevent downvoting target user more than total daily limit', async () => {
const oldValue = meta.config.downvotesPerUserPerDay;
meta.config.downvotesPerUserPerDay = 1;
let err;
const p1 = await topics.reply({
uid: voteeUid,
tid: topicData.tid,
content: 'raw content',
});
try {
await socketPosts.downvote({ uid: voterUid }, { pid: p1.pid, room_id: 'topic_1' });
} catch (_err) {
err = _err;
}
assert.equal(err.message, '[[error:too-many-downvotes-today-user, 1]]');
meta.config.downvotesPerUserPerDay = oldValue;
});
});
describe('bookmarking', function () {
@@ -910,7 +946,7 @@ describe('Post\'s', function () {
it('should get pid index', function (done) {
socketPosts.getPidIndex({ uid: voterUid }, { pid: pid, tid: topicData.tid, topicPostSort: 'oldest_to_newest' }, function (err, index) {
assert.ifError(err);
assert.equal(index, 2);
assert.equal(index, 4);
done();
});
});