* Added text to locale
* Added achievement to content and libs
* Added achievement modal
* Added achievement to notification model and controller
* Added achievement to user schema
* Grant achievement to inviter when user registers using emailed link
* Fix icon name
* Added integration test
* Fix linting
* Added sprite
* Initial psuedo-code for checking for slurs in messages
* Initial working prototype for blocking posting of slurs. Moved check from group.js to the chat api. Still needs: to permanently revoke chat privileges, to notify the moderators, a better method for checking for the blacklisted words, and a way to get the real list of words to check.
* Permanently revoke chat privileges when attempting to post a slur.
* Removed console logs
* Fixing rebase
* Do not moderate private groups
* Moved slur check to a generic check for banned words function
* Moved list of slurs to a separate file, fixed misplacement of return in ContainsBannedWords() function
* Slurs are blocked in both public and private groups
* Added code to send a slack message for slurs
* Fixed formatting issues
* Incorporated tectContainsBannedWords() function from PR 8197, added an argument to specify the list of banned words to check
* Added initial tests for blocking slurs and revoking chat priviliges
* Uncommented line to save revoked privileges
* Check that privileges are revoked in private groups
* Moved code to email/slack mods to chat api file
* Switched to BadRequest instead of NotFound error
* Restore chat privileges after test
* Using official placeholder slur
* Fixed line to export sendSubscriptionNotification function for slack
* Replaced muteUser function in user methods with a single line in the chat controller file
* Reset chatRevoked flag to false in a single line
* Switched method of setting chatRevoked flag so that it is updated locally and in the database
* First attempt at the muteUser function: revokes user's chat privileges and notifies moderators
* Manual merge for cherry-pick
* Initial working prototype for blocking posting of slurs. Moved check from group.js to the chat api. Still needs: to permanently revoke chat privileges, to notify the moderators, a better method for checking for the blacklisted words, and a way to get the real list of words to check.
* Permanently revoke chat privileges when attempting to post a slur.
* Removed console logs
* Created report to be sent to moderators via email
* Do not moderate private groups
* Moved slur check to a generic check for banned words function
* Moved list of slurs to a separate file, fixed misplacement of return in ContainsBannedWords() function
* Slurs are blocked in both public and private groups
* Added code to send a slack message for slurs
* Fixed formatting issues
* Incorporated tectContainsBannedWords() function from PR 8197, added an argument to specify the list of banned words to check
* Added initial tests for blocking slurs and revoking chat priviliges
* Uncommented line to save revoked privileges
* Check that privileges are revoked in private groups
* Moved code to email/slack mods to chat api file
* Switched to BadRequest instead of NotFound error
* Restore chat privileges after test
* Using official placeholder slur
* Fixed line to export sendSubscriptionNotification function for slack
* Replaced muteUser function in user methods with a single line in the chat controller file
* Reset chatRevoked flag to false in a single line
* Switched method of setting chatRevoked flag so that it is updated locally and in the database
* Removed some code that got re-added after rebase
* Tests for automatic slur muting pass but are incomplete (do not check that chatRevoked flag is true)
* Moved list of banned slurs to server side
* Added warning to bannedSlurs file
* Test chat privileges revoked when posting slur in public chat
* Fix issues left over after rebase (I hope)
* Added code to test for revoked chat privileges after posting a slur in a private group
* Moved banned slur message into locales message
* Added new code to check for banned slurs (parallels banned words code)
* Fixed AUTHOR_MOTAL_URL in sendTxn for slur blocking
* Added tests that email sent on attempted slur in chat post
* Created context for slur-related-tests, fixed sandboxing of email. Successfully tests that email.sendTxn is called, but the email content test fails
* commented out slack (for now) and cleaned up tests of sending email
* Successfully tests that slur-report-to-mods email is sent
* Slack message is sent, and testing works, but some user variables seem to only work when found in chat.js and passed to slack
* Made some fixes for lint, but not sure what to do about the camel case requirement fail, since that's how they're defined in other slack calls
* Slack tests pass, skipped camelcase check around those code blocks
* Fixed InternalServerError caused by slack messaging
* Updated chat privileges revoked error
* fix(locale): typo correction
* add possibility for group to block members from getting gems
* fixes
* fix tests
* adds some tests
* unit tests
* finish unit tests
* remove old code
* test: test that admin users can update guilds
* test: test admin removeMember privileges
* fix: allow admins to edit guilds
* fix: add edit guild options for admins
* test: test that admin can't remove current leader
* Add error msg for removing current leader
* Taskwoods Quest Line (#8156)
* feat(content): Gold Quest 2016-10
* chore(news): Bailey
* chore(i18n): update locales
* chore(sprites): compile
* 3.49.0
* chore: update express
* Fix for the ReDOS vulnerability
habitica is currently affected by the high-severity [ReDOS vulnerability](https://snyk.io/vuln/npm:tough-cookie:20160722).
Vulnerable module: `tough-cookie`
Introduced through: ` request`
This PR fixes the ReDOS vulnerability by upgrading ` request` to version 2.74.0
Check out the [Snyk test report](https://snyk.io/test/github/HabitRPG/habitica) to review other vulnerabilities that affect this repo.
[Watch the repo](https://snyk.io/add) to
* get alerts if newly disclosed vulnerabilities affect this repo in the future.
* generate pull requests with the fixes you want, or let us do the work: when a newly disclosed vulnerability affects you, we'll submit a fix to you right away.
Stay secure,
The Snyk team
* Documentation - coupon
closes#8109
* fix(client): Allow member hp to be clickable
fixes#8016closes#8155
* chore(npm): shrinkwrap
* test: test isAbleToEditGroup
* Add isAbleToEditGroup to groupsCtrl
* Remove unnecessary ternary
* Fix linting
* Move edit permission logic out to groupsCtrl
* fix: change ternary to boolean
* Fix linting
* Fixed merge issues
* Added image
* Added new achievement to user schema
* Added new achievement to content
* Added new achievement to libs
* Added achievement text to locale
* Added achievement to notification model and controller
* Grant achievement on joining or creating first challenge
* Added achievement to modal template
* Compiled new sprites
* Added integration tests
* Fix linting error
* Updating User API Doc (part 3)
* Updating User API Doc (part 3)
Fixed trailing spaces
* Updating User API Doc (part 3)
Made changes to @apiParamExample to make multi-line (which may have been cause of apiDoc failing)
* Updated quests to add questKey
* Make flags.chatRevoked prevent sending private messages (issue #7971)
* Disallow sending gems when messages aren't allowed.
* Created function to check for objections to an interaction to user model and wired it into the API (issue #7971)
* Fixes for issues raised by reviewers.
* Added allowed values to apidoc for api.getObjectionsToInteraction.
* Refactoring of getObjectionsToInteraction and minor API changes.
* fix(objections): address PR comments
* fix(strings): use US English for base edits
* refactor(test): typos and phrasing
* Improved API documentation for hall
* Fixes typos, removes apiHeader definitions and curl example
* Fixes @apiParam and capitalization errors. Moves @apiDefines to website/server/api-doc.js
* Fixed rebase.
* Removed commented out mail sending to pass linting. Styles from settings.styl still not propagating to app.css
* fix(feedback): address PR comments
* fix(style): linting errors
* Enabled repeatables
* Added every x to weekly
* Updated new recur logic to work with tests
* Added repeatable tests back
* Added custom day start support
* Moved back to zone function
* Added zone back
* Added nextDue field
* Abstracted set next due logic, set offset, and mapped to ISO
* Removed extra codes
* Removed clone deep
* Added summary local
* Fixed every x weekly
* Prevented edit of repeats on
* Added next due date
* Fixed display of next due dates
* Fixed broken tests
* added next due date as today for weekly
* Fixed integration tests
* Updated common test
* Use user's format
* Allow user to deselect all days during week
* Removed let from front end
* Fixes apidoc error with Cast Skill
Changes Body to Query, changed example from POST body
* Updated to remove trailing space
* Wording fix per Lady Alys
* Update user.js
Kicking off another test.
* Update user.js
* WIP(guilds): AB test pester modal
* WIP(AB-test): guild pester cont'd
* fix(style): linting error
* fix(AB-test): markModified and notif enum
* fix(tests): update AB expectations
* fix(modal): remove extra includes
* feat(achievements): add Joined Guild cheevo
Also removes unused achievement sprites, and properly saves counter used in A/B testing
* fix(style): linting error from conflict
* Added isDue field and isDue set on create
* Added isDue update on update task
* Add isdue calc to score task
* Added isdue calc to cron
* Fixed lint issue
* Added isDue to no set and updated grammar
* Updating APIDOC for issue 8087
* Updating User API Doc (round 2)
cleaned up trailing sapces
* Updating User API Doc (round 2)
Changed mpHeal to mpheal
* Adding code to look over the most recent messages to look for spam from a user
* Adding in translatable error message
* Adding 2 tests for spam detection
* Fixing changes requested for pull request
* Adding unit tests for group and fixing requested changes
* Fixing message and tests
* Forgot to remove this import
* Fixing lint errors
* Cleaning up the code and tests to be more readable
* Fixing lint errors
* Fixed linting issues
* Syntax fixes
* Updated grammar
* Added abiltiy to add group managers
* Added ability to remove managers
* Added ability for managers to add group tasks
* Allower managers to assign tasks
* Allowed managers to unassign tasks
* Allow managers to delete group tasks
* Allowed managers to approve
* Added initial ui
* Added approval view for managers
* Allowed managers to edit
* Fixed lint issues
* Added spacing to buttons
* Removed leader from selection of group managers
* Code review updates
* Ensured approvals are only done once
* Added ability for parties to add managers
* Add notifications to all managers when approval is requests
* Removed tasks need approval notifications from all managers when task is approve
* Fixed linting issues
* Hid add managers UI from groups that are not subscribed
* Removed let from front end
* Fixed issues with post task url params
* Fixed string locales
* Removed extra limited strings
* Added cannotedit tasks function
* Added limit fields and notification check by taskId
* Localized string and other minor issues
* Added manager and leader indicator
* Added group notifications refresh on sync
* Added close button for group notifications
* Removed group approval notifications when manager is removed
* Moved leader/manager indicators to after hp
* Added manager fields to groups
* Spelling and syntax fixes
* Added block when user types a swear word listed in banned words
* Moved banned words check to server
* Removed unused code
* Moved banned words to separate file and fixed grammar.
* Updated chat test
* Changed error to BadRequest
* Fixed regex matching
* Updated test banned word
* Moved banned words and cached regex
* Updated banned word message
* Add ban filter only for tavern
* Added tavern id constant
* Added more tests for banned words
* Added warning to banned words
* Added alert
* Added new regex to capture markdown
* Fixed lint, spelling and importing
* Added email invite limit
* change error message for sending too many invitations to instruct them to email us
* fix test error message to use variable in locales string
* add comment to warn about keeping INVITES_LIMIT low
If INVITES_LIMIT is allowed to be greater than MAX_EMAIL_INVITES_BY_USER
then the inviter can send more than MAX_EMAIL_INVITES_BY_USER invitations
at once.
* Fix User > Profile showing {getProgressDisplay()}
* Remove bad nextRewardAt check
* 1st iteration of issue #8385 - more pending
* #8385 config and jade fixes, tests pending
* #8385 fixing lint errors
* Fix faqs string and test
* Fix faq.jade and add workaround for faq.js
* Fixing accidental checking for faq.js
* fix emails in faq.js
* fetch emails once in auth.js
* Fixing community manager email in auth.js
* Update API Doc #8087
Includes: GET /api/v3/user – POST /api/v3/user/buy/:key
* User API Doc update 1
Changed "GET user" description to a URL to the user model
* Update API DOC User 1
Cleaned up stray spaces
* Updated API Doc for User (part 1)
for GET user:
restored apiDescription from first PR
put link to model into "apiSuccessExample"
* Remove notifications from example responses
* Fixed trailing spaces
* Added a field in Party page with members count and maximum members in party
* Added information of invitations counter
* Limited party to 2 members on server (API)
* Fixed english text
* Consider current number of invitations in the party
* Moved PARTY_LIMIT_MEMBERS to common folder
* Access the PARTY_LIMIT_MEMBERS through groupsCtrl
* Some corrections
* Hide invite button when invite limit is reached
* Added missing trailing comma
* Do not test 'returns only first 30 invites' in a party anymore, but in a guild: party is limited to 30 members, so it would always fail
* Test: allow 30 members in a party
* Test: do not allow 30+ members in a party
* Improved 'allow 30 members in a party' test
* Test: 'allow 30+ members in a guild'
* Added missing trailing comma
* Code style corrections
* Fixed new line position
* Party limit check done inside Group.validateInvitations function
* Improved members count query
* Fixed tests
* Rewrite tests
* Removed import of BadRequest: value became unused
* Added 'await' to remaining 'Group.validateInvitations' functions
* Fixed tests that would always success
