fix: show local time for ban

* feat: als

* fix: up test timeout

* fix: don't overwrite caller if it already exists

* fix: up test timeout for psql

.github/workflows/docker.yml

@@ -0,0 +1,52 @@
+name: Run Docker
+
+# Controls when the workflow will run
+on:
+  push:
+    branches:
+      - 'master'
+      - 'v*.x'
+    tags:
+      - 'v*'
+  workflow_dispatch:
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v3
+        with:
+          images: nodebb/docker
+          tags: |
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=raw,value=latest
+
+      - name: Build and push Docker images
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          file: ./Dockerfile
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+

install/package.json

@@ -2,7 +2,7 @@
     "name": "nodebb",
     "license": "GPL-3.0",
     "description": "NodeBB Forum",
-    "version": "1.17.1",
+    "version": "1.17.2",
     "homepage": "http://www.nodebb.org",
     "repository": {
         "type": "git",
@@ -88,7 +88,7 @@
         "nodebb-plugin-dbsearch": "5.0.2",
         "nodebb-plugin-emoji": "^3.5.0",
         "nodebb-plugin-emoji-android": "2.0.5",
-        "nodebb-plugin-markdown": "8.14.0",
+        "nodebb-plugin-markdown": "8.14.1",
         "nodebb-plugin-mentions": "2.13.11",
         "nodebb-plugin-spam-be-gone": "0.7.9",
         "nodebb-rewards-essentials": "0.1.5",
@@ -182,4 +182,4 @@
             "url": "https://github.com/barisusakli"
         }
     ]
-}
+}

public/src/client/account/info.js

@@ -21,7 +21,7 @@ define('forum/account/info', ['forum/account/header', 'components', 'forum/accou
 				app.alertSuccess('[[user:info.moderation-note.success]]');
 				var timestamp = Date.now();
 				var data = [{
-					note: note,
+					note: utils.escapeHTML(note),
 					user: app.user,
 					timestamp: timestamp,
 					timestampISO: utils.toISOString(timestamp),

public/src/sockets.js

@@ -208,15 +208,20 @@ socket = window.socket;
 	}
 
 	function onEventBanned(data) {
-		var message = data.until ? '[[error:user-banned-reason-until, ' + utils.toISOString(data.until) + ', ' + data.reason + ']]' : '[[error:user-banned-reason, ' + data.reason + ']]';
-
-		bootbox.alert({
-			title: '[[error:user-banned]]',
-			message: message,
-			closeButton: false,
-			callback: function () {
-				window.location.href = config.relative_path + '/';
-			},
+		require(['translator'], function (translator) {
+			var message = data.until ?
+				translator.compile('error:user-banned-reason-until', (new Date(data.until).toLocaleString()), data.reason) :
+				'[[error:user-banned-reason, ' + data.reason + ']]';
+			translator.translate(message, function (message) {
+				bootbox.alert({
+					title: '[[error:user-banned]]',
+					message: message,
+					closeButton: false,
+					callback: function () {
+						window.location.href = config.relative_path + '/';
+					},
+				});
+			});
 		});
 	}
 

src/als.js

@@ -0,0 +1,7 @@
+'use strict';
+
+const { AsyncLocalStorage } = require('async_hooks');
+
+const asyncLocalStorage = new AsyncLocalStorage();
+
+module.exports = asyncLocalStorage;

src/controllers/helpers.js

@@ -11,6 +11,7 @@ const privileges = require('../privileges');
 const categories = require('../categories');
 const plugins = require('../plugins');
 const meta = require('../meta');
+const middlewareHelpers = require('../middleware/helpers');
 
 const helpers = module.exports;
 
@@ -124,7 +125,17 @@ helpers.notAllowed = async function (req, res, error) {
 
 	if (req.loggedIn || req.uid === -1) {
 		if (res.locals.isAPI) {
-			helpers.formatApiResponse(403, res, error);
+			if (req.originalUrl.startsWith(`${relative_path}/api/v3`)) {
+				helpers.formatApiResponse(403, res, error);
+			} else {
+				res.status(403).json({
+					path: req.path.replace(/^\/api/, ''),
+					loggedIn: req.loggedIn,
+					error: error,
+					title: '[[global:403.title]]',
+					bodyClass: middlewareHelpers.buildBodyClass(req, res),
+				});
+			}
 		} else {
 			const middleware = require('../middleware');
 			await middleware.buildHeaderAsync(req, res);

src/flags.js

@@ -776,7 +776,7 @@ async function mergeBanHistory(history, targetUid, uids) {
 			meta: [
 				{
 					key: '[[user:banned]]',
-					value: cur.reason,
+					value: validator.escape(String(cur.reason)),
 					labelClass: 'danger',
 				},
 				{

src/plugins/hooks.js

@@ -96,6 +96,10 @@ Hooks.fire = async function (hook, params) {
 		winston.warn(`[plugins] Unknown hookType: ${hookType}, hook : ${hook}`);
 		return;
 	}
+	if (params && typeof params === 'object' && !params.hasOwnProperty('caller')) {
+		const als = require('../als');
+		params.caller = als.getStore();
+	}
 	const result = await hookTypeToMethod[hookType](hook, hookList, params);
 
 	if (hook !== 'action:plugins.firehook' && hook !== 'filter:plugins.firehook') {

src/socket.io/index.js

@@ -73,7 +73,8 @@ function onConnection(socket) {
 	onConnect(socket);
 	socket.onAny((event, ...args) => {
 		const payload = { data: [event].concat(args) };
-		onMessage(socket, payload);
+		const als = require('../als');
+		als.run({ uid: socket.uid }, onMessage, socket, payload);
 	});
 
 	socket.on('disconnect', () => {

src/webserver.js

@@ -171,6 +171,10 @@ function setupExpressApp(app) {
 	app.use(middleware.addHeaders);
 	app.use(middleware.processRender);
 	auth.initialize(app, middleware);
+	const als = require('./als');
+	app.use((req, res, next) => {
+		als.run({ uid: req.uid }, next);
+	});
 	app.use(middleware.autoLocale);	// must be added after auth middlewares are added
 
 	const toobusy = require('toobusy-js');

test/database/sorted.js

@@ -334,7 +334,7 @@ describe('Sorted Set methods', () => {
 		});
 
 		it('should work with big arrays (length > 100) ', async function () {
-			this.timeout(50000);
+			this.timeout(100000);
 			const keys = [];
 			for (let i = 0; i < 400; i++) {
 				/* eslint-disable no-await-in-loop */

test/emailer.js

@@ -87,7 +87,7 @@ describe('emailer', () => {
 						assert.equal(output, text);
 						done();
 					});
-				}, 500);
+				}, 2000);
 			});
 		});
 	});

test/notifications.js

@@ -359,7 +359,7 @@ describe('Notifications', () => {
 						assert(nids.includes(nid));
 						done();
 					});
-				}, 1500);
+				}, 3000);
 			});
 		});
 	});