Remove allowFileUploads ACP option (#8324)

* feat: allow awaitable upgrade scripts

* feat: allowFileUploads removal upgrade script

* refactor: remove unnecessary ACP option `allowFileUploads`

* fix: updated upgrade script template to not use callback arg

* fix: upgrade script as per @baris

* fix: add missing await

* fix: add missing await

install/data/defaults.json

@@ -32,7 +32,6 @@
     "registrationType": "normal",
     "registrationApprovalType": "normal",
     "allowAccountDelete": 1,
-    "allowFileUploads": 0,
     "privateUploads": 0,
     "allowedFileExtensions": "png,jpg,bmp,txt",
     "allowUserHomePage": 1,

public/openapi/read.yaml

@@ -2795,8 +2795,6 @@ paths:
                     type: boolean
                   allowGuestHandles:
                     type: boolean
-                  allowFileUploads:
-                    type: boolean
                   allowTopicsThumbnail:
                     type: boolean
                   usePagination:

src/controllers/api.js

@@ -34,7 +34,6 @@ apiController.loadConfig = async function (req) {
 		useOutgoingLinksPage: meta.config.useOutgoingLinksPage === 1,
 		outgoingLinksWhitelist: meta.config.useOutgoingLinksPage === 1 ? meta.config['outgoingLinks:whitelist'] : undefined,
 		allowGuestHandles: meta.config.allowGuestHandles === 1,
-		allowFileUploads: meta.config.allowFileUploads === 1,
 		allowTopicsThumbnail: meta.config.allowTopicsThumbnail === 1,
 		usePagination: meta.config.usePagination === 1,
 		disableChat: meta.config.disableChat === 1,

src/controllers/uploads.js

@@ -84,10 +84,6 @@ async function uploadAsFile(req, uploadedFile) {
 		throw new Error('[[error:no-privileges]]');
 	}
 
-	if (!meta.config.allowFileUploads) {
-		throw new Error('[[error:uploads-are-disabled]]');
-	}
-
 	const fileObj = await uploadsController.uploadFile(req.uid, uploadedFile);
 	return {
 		url: fileObj.url,

src/upgrade.js

@@ -2,6 +2,7 @@
 
 var async = require('async');
 var path = require('path');
+var util = require('util');
 var semver = require('semver');
 var readline = require('readline');
 var winston = require('winston');
@@ -140,7 +141,7 @@ Upgrade.process = function (files, skipCount, callback) {
 			}, next);
 		},
 		function (results, next) {
-			async.eachSeries(files, function (file, next) {
+			async.eachSeries(files, async (file) => {
 				var scriptExport = require(file);
 				var date = new Date(scriptExport.timestamp);
 				var version = path.dirname(file).split('/').pop();
@@ -152,35 +153,34 @@ Upgrade.process = function (files, skipCount, callback) {
 					date: date,
 				};
 
-				console.log('  → '.white + String('[' + [date.getUTCFullYear(), date.getUTCMonth() + 1, date.getUTCDate()].join('/') + '] ').gray + String(scriptExport.name).reset + '...');
+				process.stdout.write('  → '.white + String('[' + [date.getUTCFullYear(), date.getUTCMonth() + 1, date.getUTCDate()].join('/') + '] ').gray + String(scriptExport.name).reset + '...');
 
 				// For backwards compatibility, cross-reference with schemaDate (if found). If a script's date is older, skip it
 				if ((!results.schemaDate && !results.schemaLogCount) || (scriptExport.timestamp <= results.schemaDate && semver.lt(version, '1.5.0'))) {
-					readline.clearLine(process.stdout, 0);
+					process.stdout.write(' skipped\n'.grey);
-					readline.cursorTo(process.stdout, 0);
+					await db.sortedSetAdd('schemaLog', Date.now(), path.basename(file, '.js'));
-					readline.moveCursor(process.stdout, 0, -1);
-					console.log('  → '.white + String('[' + [date.getUTCFullYear(), date.getUTCMonth() + 1, date.getUTCDate()].join('/') + '] ').gray + String(scriptExport.name).reset + '... ' + 'skipped'.grey);
-					db.sortedSetAdd('schemaLog', Date.now(), path.basename(file, '.js'), next);
 					return;
 				}
 
+				// Promisify method if necessary
+				if (scriptExport.method.constructor && scriptExport.method.constructor.name !== 'AsyncFunction') {
+					scriptExport.method = util.promisify(scriptExport.method);
+				}
+
 				// Do the upgrade...
-				scriptExport.method.bind({
+				try {
-					progress: progress,
+					await scriptExport.method.bind({
-				})(function (err) {
+						progress: progress,
-					if (err) {
+					})();
-						console.error('Error occurred');
+				} catch (err) {
-						return next(err);
+					console.error('Error occurred');
-					}
+					throw err;
+				}
 
-					readline.clearLine(process.stdout, 0);
+				process.stdout.write(' OK\n'.green);
-					readline.cursorTo(process.stdout, 0);
-					readline.moveCursor(process.stdout, 0, -1);
-					console.log('  → '.white + String('[' + [date.getUTCFullYear(), date.getUTCMonth() + 1, date.getUTCDate()].join('/') + '] ').gray + String(scriptExport.name).reset + '... ' + 'OK'.green);
 
-					// Record success in schemaLog
+				// Record success in schemaLog
-					db.sortedSetAdd('schemaLog', Date.now(), path.basename(file, '.js'), next);
+				await db.sortedSetAdd('schemaLog', Date.now(), path.basename(file, '.js'));
-				});
 			}, next);
 		},
 		function (next) {

src/upgrades/1.13.0/clean_flag_byCid.js

@@ -6,7 +6,7 @@ const batch = require('../../batch');
 module.exports = {
 	name: 'Clean flag byCid zsets',
 	timestamp: Date.UTC(2019, 8, 24),
-	method: async function (callback) {
+	method: async function () {
 		const progress = this.progress;
 
 		await batch.processSortedSet('flags:datetime', async function (flagIds) {
@@ -23,6 +23,5 @@ module.exports = {
 		}, {
 			progress: progress,
 		});
-		callback();
 	},
 };

src/upgrades/1.13.0/clean_post_topic_hash.js

@@ -6,11 +6,10 @@ const batch = require('../../batch');
 module.exports = {
 	name: 'Clean up post hash data',
 	timestamp: Date.UTC(2019, 9, 7),
-	method: async function (callback) {
+	method: async function () {
 		const progress = this.progress;
 		await cleanPost(progress);
 		await cleanTopic(progress);
-		callback();
 	},
 };
 

src/upgrades/1.13.0/cleanup_old_notifications.js

@@ -7,7 +7,7 @@ const user = require('../../user');
 module.exports = {
 	name: 'Clean up old notifications and hash data',
 	timestamp: Date.UTC(2019, 9, 7),
-	method: async function (callback) {
+	method: async function () {
 		const progress = this.progress;
 		const week = 604800000;
 		const cutoffTime = Date.now() - week;
@@ -47,6 +47,5 @@ module.exports = {
 			batch: 500,
 			progress: progress,
 		});
-		callback();
 	},
 };

src/upgrades/1.13.3/fix_users_sorted_sets.js

@@ -6,7 +6,7 @@ const batch = require('../../batch');
 module.exports = {
 	name: 'Fix user sorted sets',
 	timestamp: Date.UTC(2020, 4, 2),
-	method: async function (callback) {
+	method: async function () {
 		const progress = this.progress;
 		const nextUid = await db.getObjectField('global', 'nextUid');
 		const allUids = [];
@@ -58,6 +58,5 @@ module.exports = {
 		});
 
 		await db.setObjectField('global', 'userCount', totalUserCount);
-		callback();
 	},
 };

src/upgrades/1.13.4/remove_allowFileUploads_priv.js

@@ -0,0 +1,22 @@
+'use strict';
+
+const db = require('../../database');
+const privileges = require('../../privileges');
+
+module.exports = {
+	name: 'Removing file upload privilege if file uploads were disabled (`allowFileUploads`)',
+	timestamp: Date.UTC(2020, 4, 21),
+	method: async () => {
+		const allowFileUploads = parseInt(await db.getObjectField('config', 'allowFileUploads'), 10);
+		if (allowFileUploads === 1) {
+			await db.deleteObjectField('config', 'allowFileUploads');
+			return;
+		}
+
+		// Remove `upload:post:file` privilege for all groups
+		await privileges.categories.rescind(['upload:post:file'], 0, ['guests', 'registered-users', 'Global Moderators']);
+
+		// Clean up the old option from the config hash
+		await db.deleteObjectField('config', 'allowFileUploads');
+	},
+};

src/upgrades/TEMPLATE

@@ -1,17 +1,15 @@
 'use strict';
 
-var db = require('../../database');
+const db = require('../../database');
-
+const winston = require('winston');
-var async = require('async');
-var winston = require('winston');
 
 module.exports = {
 	// you should use spaces
 	// the underscores are there so you can double click to select the whole thing
 	name: 'User_friendly_upgrade_script_name',
 	// remember, month is zero-indexed (so January is 0, December is 11)
-	timestamp: Date.UTC(2019, 0, 1),
+	timestamp: Date.UTC(2020, 0, 1),
-	method: function (callback) {
+	method: async () => {
 		// Do stuff here...
 	},
 };

src/views/admin/settings/uploads.tpl

@@ -6,13 +6,6 @@
 	</div>
 	<div class="col-sm-10 col-xs-12">
 		<form>
-			<div class="checkbox">
-				<label class="mdl-switch mdl-js-switch mdl-js-ripple-effect">
-					<input class="mdl-switch__input" type="checkbox" data-field="allowFileUploads">
-					<span class="mdl-switch__label"><strong>[[admin/settings/uploads:allow-files]]</strong></span>
-				</label>
-			</div>
-
 			<div class="checkbox">
 				<label class="mdl-switch mdl-js-switch mdl-js-ripple-effect">
 					<input class="mdl-switch__input" type="checkbox" data-field="privateUploads">

test/uploads.js

@@ -131,7 +131,6 @@ describe('Upload Controllers', function () {
 
 
 		it('should upload a file to a post', function (done) {
-			meta.config.allowFileUploads = 1;
 			var oldValue = meta.config.allowedFileExtensions;
 			meta.config.allowedFileExtensions = 'png,jpg,bmp,html';
 			helpers.uploadFile(nconf.get('url') + '/api/post/upload', path.join(__dirname, '../test/files/503.html'), {}, jar, csrf_token, function (err, res, body) {