Thomas Lynch
5a7368a0a4
Add a new property to permissions metadata and reflect on frontend inability for users without that "parent" permission to edit roles/accounts to have some permissions e.g. root, edit roles, edit accs
...
Put the metadata into permissions.js (also TODO: key the metadata by bits instead? i.e [Permisions.whatever]: {})
2 years ago
Thomas Lynch
d639460bb3
Bugfix editing from actions form redirecting always to OP instead of post
2 years ago
88b5542908
fix post reporting for not logged-in users
...
That check is only relevant when we try to move a post.
2 years ago
Thomas Lynch
bc53bc1e4a
Allow roles from globalmanage to be fetched as json
2 years ago
Thomas Lynch
a1ccd6f267
Try to integrate post moving a bit better into the existing combined actions flow
...
Bugfix some move issues
2 years ago
Thomas Lynch
b391c0cb66
Make post editing a GET endpoint with perm check like editstaff/editcustompages, much more sensible
2 years ago
Thomas Lynch
1191ec4dc8
Mostly functional cross board post moving
2 years ago
Thomas Lynch
0d6323669f
Start on cross board thread moves #250
2 years ago
Thomas Lynch
29bb4856ab
2fa improvements
...
- Don't allow code re-use, successfully used codes will be invalid on repeated use for the window time
- Don't attach the full twofactor secret to user object in session for security. Only store a boolean if it's enabled for rendering, checks, etc. The full account should be fetched first before doTwoFactor()
- Better names for some keys of twofactor redis stuff
2 years ago
Thomas Lynch
e6346f9f53
Add twofactor input validation in changepassword controller
2 years ago
Thomas Lynch
4d86406483
Initial commit of 2FA for accounts, TOTP-based
2 years ago
Thomas Lynch
6db781e8b8
Limit ban note length to global limits log_message length
2 years ago
Thomas Lynch
b69337e2f1
Show ban notes in mod view tables and allow editing them
2 years ago
Thomas Lynch
0fc87e752d
make captcha font apply to text AND grid
...
set a new default font which is common on linux, in debian repos, and has the chess characters
remove 24MB font file that came from i dont even remember where
2 years ago
Thomas Lynch
cf92d77a2f
Allow tegaki only, show as attachment with replay. perhaps an option in future to disable this (why not just use spoiler?)
...
Revert condition for potentially confusing backend message, no longer needed because of above
Set color palette when opening replays to match what is set by default when drawing, to prevent weird looking color palette
Tegaki CSS fix
2 years ago
Thomas Lynch
8e5c8b5ab0
Tegaki replaying overhaul
2 years ago
Thomas Lynch
2a48b10054
Fix duplicate key in projectedsettings for board settings, and make custompages jsons get removed on deleting custom page.
...
Close #479 add endpoints for board and global settings.json to api with options that would be useful for a 3rd party app. Add the associated tasks, calls to them in settings.
Small change and add comments in lib/build/render.
2 years ago
Thomas Lynch
641c087ecc
Add public json for modlog list, logs, custompages
...
update the banners task to output json (not just render it), so it can be reached on first pageload
close #491
2 years ago
Thomas Lynch
3cb5e0197a
Revert "Close #480 dont show "register" on login page if not allowed for regular user, since users might reach it clicking "manage" after the login redirect"
...
This reverts commit 9c5dd5efa8
2 years ago
Thomas Lynch
9c5dd5efa8
Close #480 dont show "register" on login page if not allowed for regular user, since users might reach it clicking "manage" after the login redirect
2 years ago
Thomas Lynch
47ab8d22c0
Configurable hot threads max age, update migration, changelog, etc
2 years ago
Thomas Lynch
216968b053
Add middlewares to fetch account on individual blockbypass form to allow bypass permission to work (no isLoggedIn needed)
2 years ago
Thomas Lynch
47083e149b
Fix the anonymizer bypass captcha permission issue (and fix the stupid pre-bypass and postsEarly in general)
2 years ago
Thomas Lynch
3a4737ad8e
Add account permission to bypass captcha ref #435 still TODO fixing it for anonymizers
2 years ago
Thomas Lynch
962481845d
Bugfix double sending headers on return from create model, e.g. if board already exists
2 years ago
Thomas Lynch
c969814f54
First version of grid v2
2 years ago
Thomas Lynch
8f74885ba2
Add noise and paint slider options to grid captcha
2 years ago
Thomas Lynch
05413d72c6
Ref #418 add the abandoned boards handling
...
Fix small bug with incorrect schema for the setting
Set both schedules to immediate: false
2 years ago
Thomas Lynch
3ab0a271c4
Inactive accounts handling schedule, globalsettings for it and migration.
...
Plus the same for abandoned boards handling, just still TODO the schedule.
ref #418
2 years ago
Thomas Lynch
6ec6b32ed5
Change "wave" and "paint" text effect captcha options from toggle to slider
...
Add "noise" text captcha effect slider
Add font lib to get list of system fonts
Add "font" text captcha option
ref #469
2 years ago
Thomas Lynch
c8ebf9a579
Improvement to grid v1 to allow customising, allowing for something like this.
...
-true characters
-false characters
-question text
Make optional (and add additional options for) some filters/effects
-paint
-line
-wave
2 years ago
Thomas Lynch
c4b0e7bb28
Catch obscure error that doesnt really break anything (more motivation to replace dogshit file mupload middleware
2 years ago
Thomas Lynch
652fb0b3c0
close #458
2 years ago
Thomas Lynch
aaae81ff5b
Move alphaNumericRegex to schema checker from todo
2 years ago
Thomas Lynch
d8f2e8292f
add eslint rules
...
no-template-curly-in-string (+find and fix minor bug in redirect)
curly
no-multiple-empty-lines
2 years ago
Thomas Lynch
e7233d09e7
eslint controlers/, mostly removing all the unused schema check functions
2 years ago
Thomas Lynch
452071ebb0
debugLogs logs board and global setting changes
2 years ago
Thomas Lynch
f75fd6dfad
add imageHashes middleware to modpost route
2 years ago
Thomas Lynch
931fd4546f
bugfix errors -> error, displaying error message as single characters
2 years ago
Thomas Lynch
80a4247a66
adjustable hot threads limit and threshold
2 years ago
Thomas Lynch
62678c2b19
Bans can now be "upgraded" retroactively to expand single IP bans to qrange/hrange bans.
...
The ban table now has a column or whether a ban is of an IP or Bypass ID. (Or pruned IP, if you were dumb enough to ban one of those)
2 years ago
Thomas Lynch
bb582c2de8
"helpers" -> "lib
...
god help anybody who gets serious merge conflicts from this
close #434
2 years ago
Thomas Lynch
300dc481a6
minor bugfix to numberbodyvariable schema checker
2 years ago
Thomas Lynch
74f8e1d0f0
add board toggle
...
add globla setting of board defaults and frontend script defaults
add default tegaki size in settings
make tegaki follow theme
add migration
fixup some junk and change icons as best i can in tegaki.css, avoiding fontawesome
2 years ago
Thomas Lynch
7b784283f8
tldr dnsbl and bypass sucks cock
2 years ago
Thomas Lynch
6798cb843e
bugfixes and improvements to captcha options
...
improve gulp task for proper captchafield grid size
make globalsettings run tasks check for any captchaOptions change, not just type
bugfix grid image size wrong body name
2 years ago
Thomas Lynch
b886434c3d
implement deleting sessions
2 years ago
Thomas Lynch
43506f1479
remove unnecessary csrf middleware from mypermissions pages (they dont call req.csrfToken(), there arent any forms on the pages)
2 years ago
Thomas Lynch
f2b4ec2dd2
ability to show your login sessions, ref #353
2 years ago
Thomas Lynch
92c504e59c
rename ip.single -> ip.cloak
2 years ago
some random guy