* Added text to locale
* Added achievement to content and libs
* Added achievement modal
* Added achievement to notification model and controller
* Added achievement to user schema
* Grant achievement to inviter when user registers using emailed link
* Fix icon name
* Added integration test
* Fix linting
* Added sprite
* Initial psuedo-code for checking for slurs in messages
* Initial working prototype for blocking posting of slurs. Moved check from group.js to the chat api. Still needs: to permanently revoke chat privileges, to notify the moderators, a better method for checking for the blacklisted words, and a way to get the real list of words to check.
* Permanently revoke chat privileges when attempting to post a slur.
* Removed console logs
* Fixing rebase
* Do not moderate private groups
* Moved slur check to a generic check for banned words function
* Moved list of slurs to a separate file, fixed misplacement of return in ContainsBannedWords() function
* Slurs are blocked in both public and private groups
* Added code to send a slack message for slurs
* Fixed formatting issues
* Incorporated tectContainsBannedWords() function from PR 8197, added an argument to specify the list of banned words to check
* Added initial tests for blocking slurs and revoking chat priviliges
* Uncommented line to save revoked privileges
* Check that privileges are revoked in private groups
* Moved code to email/slack mods to chat api file
* Switched to BadRequest instead of NotFound error
* Restore chat privileges after test
* Using official placeholder slur
* Fixed line to export sendSubscriptionNotification function for slack
* Replaced muteUser function in user methods with a single line in the chat controller file
* Reset chatRevoked flag to false in a single line
* Switched method of setting chatRevoked flag so that it is updated locally and in the database
* First attempt at the muteUser function: revokes user's chat privileges and notifies moderators
* Manual merge for cherry-pick
* Initial working prototype for blocking posting of slurs. Moved check from group.js to the chat api. Still needs: to permanently revoke chat privileges, to notify the moderators, a better method for checking for the blacklisted words, and a way to get the real list of words to check.
* Permanently revoke chat privileges when attempting to post a slur.
* Removed console logs
* Created report to be sent to moderators via email
* Do not moderate private groups
* Moved slur check to a generic check for banned words function
* Moved list of slurs to a separate file, fixed misplacement of return in ContainsBannedWords() function
* Slurs are blocked in both public and private groups
* Added code to send a slack message for slurs
* Fixed formatting issues
* Incorporated tectContainsBannedWords() function from PR 8197, added an argument to specify the list of banned words to check
* Added initial tests for blocking slurs and revoking chat priviliges
* Uncommented line to save revoked privileges
* Check that privileges are revoked in private groups
* Moved code to email/slack mods to chat api file
* Switched to BadRequest instead of NotFound error
* Restore chat privileges after test
* Using official placeholder slur
* Fixed line to export sendSubscriptionNotification function for slack
* Replaced muteUser function in user methods with a single line in the chat controller file
* Reset chatRevoked flag to false in a single line
* Switched method of setting chatRevoked flag so that it is updated locally and in the database
* Removed some code that got re-added after rebase
* Tests for automatic slur muting pass but are incomplete (do not check that chatRevoked flag is true)
* Moved list of banned slurs to server side
* Added warning to bannedSlurs file
* Test chat privileges revoked when posting slur in public chat
* Fix issues left over after rebase (I hope)
* Added code to test for revoked chat privileges after posting a slur in a private group
* Moved banned slur message into locales message
* Added new code to check for banned slurs (parallels banned words code)
* Fixed AUTHOR_MOTAL_URL in sendTxn for slur blocking
* Added tests that email sent on attempted slur in chat post
* Created context for slur-related-tests, fixed sandboxing of email. Successfully tests that email.sendTxn is called, but the email content test fails
* commented out slack (for now) and cleaned up tests of sending email
* Successfully tests that slur-report-to-mods email is sent
* Slack message is sent, and testing works, but some user variables seem to only work when found in chat.js and passed to slack
* Made some fixes for lint, but not sure what to do about the camel case requirement fail, since that's how they're defined in other slack calls
* Slack tests pass, skipped camelcase check around those code blocks
* Fixed InternalServerError caused by slack messaging
* Updated chat privileges revoked error
* fix(locale): typo correction
* add possibility for group to block members from getting gems
* fixes
* fix tests
* adds some tests
* unit tests
* finish unit tests
* remove old code
* test: test that admin users can update guilds
* test: test admin removeMember privileges
* fix: allow admins to edit guilds
* fix: add edit guild options for admins
* test: test that admin can't remove current leader
* Add error msg for removing current leader
* Taskwoods Quest Line (#8156)
* feat(content): Gold Quest 2016-10
* chore(news): Bailey
* chore(i18n): update locales
* chore(sprites): compile
* 3.49.0
* chore: update express
* Fix for the ReDOS vulnerability
habitica is currently affected by the high-severity [ReDOS vulnerability](https://snyk.io/vuln/npm:tough-cookie:20160722).
Vulnerable module: `tough-cookie`
Introduced through: ` request`
This PR fixes the ReDOS vulnerability by upgrading ` request` to version 2.74.0
Check out the [Snyk test report](https://snyk.io/test/github/HabitRPG/habitica) to review other vulnerabilities that affect this repo.
[Watch the repo](https://snyk.io/add) to
* get alerts if newly disclosed vulnerabilities affect this repo in the future.
* generate pull requests with the fixes you want, or let us do the work: when a newly disclosed vulnerability affects you, we'll submit a fix to you right away.
Stay secure,
The Snyk team
* Documentation - coupon
closes#8109
* fix(client): Allow member hp to be clickable
fixes#8016closes#8155
* chore(npm): shrinkwrap
* test: test isAbleToEditGroup
* Add isAbleToEditGroup to groupsCtrl
* Remove unnecessary ternary
* Fix linting
* Move edit permission logic out to groupsCtrl
* fix: change ternary to boolean
* Fix linting
* Fixed merge issues
* Added image
* Added new achievement to user schema
* Added new achievement to content
* Added new achievement to libs
* Added achievement text to locale
* Added achievement to notification model and controller
* Grant achievement on joining or creating first challenge
* Added achievement to modal template
* Compiled new sprites
* Added integration tests
* Fix linting error
* Updating User API Doc (part 3)
* Updating User API Doc (part 3)
Fixed trailing spaces
* Updating User API Doc (part 3)
Made changes to @apiParamExample to make multi-line (which may have been cause of apiDoc failing)
* Updated quests to add questKey
* Make flags.chatRevoked prevent sending private messages (issue #7971)
* Disallow sending gems when messages aren't allowed.
* Created function to check for objections to an interaction to user model and wired it into the API (issue #7971)
* Fixes for issues raised by reviewers.
* Added allowed values to apidoc for api.getObjectionsToInteraction.
* Refactoring of getObjectionsToInteraction and minor API changes.
* fix(objections): address PR comments
* fix(strings): use US English for base edits
* refactor(test): typos and phrasing
* Improved API documentation for hall
* Fixes typos, removes apiHeader definitions and curl example
* Fixes @apiParam and capitalization errors. Moves @apiDefines to website/server/api-doc.js
* Fixed rebase.
* Removed commented out mail sending to pass linting. Styles from settings.styl still not propagating to app.css
* fix(feedback): address PR comments
* fix(style): linting errors
* Enabled repeatables
* Added every x to weekly
* Updated new recur logic to work with tests
* Added repeatable tests back
* Added custom day start support
* Moved back to zone function
* Added zone back
* Added nextDue field
* Abstracted set next due logic, set offset, and mapped to ISO
* Removed extra codes
* Removed clone deep
* Added summary local
* Fixed every x weekly
* Prevented edit of repeats on
* Added next due date
* Fixed display of next due dates
* Fixed broken tests
* added next due date as today for weekly
* Fixed integration tests
* Updated common test
* Use user's format
* Allow user to deselect all days during week
* Removed let from front end
* Fixes apidoc error with Cast Skill
Changes Body to Query, changed example from POST body
* Updated to remove trailing space
* Wording fix per Lady Alys
* Update user.js
Kicking off another test.
* Update user.js
* WIP(guilds): AB test pester modal
* WIP(AB-test): guild pester cont'd
* fix(style): linting error
* fix(AB-test): markModified and notif enum
* fix(tests): update AB expectations
* fix(modal): remove extra includes
* feat(achievements): add Joined Guild cheevo
Also removes unused achievement sprites, and properly saves counter used in A/B testing
* fix(style): linting error from conflict
* Added isDue field and isDue set on create
* Added isDue update on update task
* Add isdue calc to score task
* Added isdue calc to cron
* Fixed lint issue
* Added isDue to no set and updated grammar
* Updating APIDOC for issue 8087
* Updating User API Doc (round 2)
cleaned up trailing sapces
* Updating User API Doc (round 2)
Changed mpHeal to mpheal
* Adding code to look over the most recent messages to look for spam from a user
* Adding in translatable error message
* Adding 2 tests for spam detection
* Fixing changes requested for pull request
* Adding unit tests for group and fixing requested changes
* Fixing message and tests
* Forgot to remove this import
* Fixing lint errors
* Cleaning up the code and tests to be more readable
* Fixing lint errors
* Fixed linting issues
* Syntax fixes
* Updated grammar
* Added abiltiy to add group managers
* Added ability to remove managers
* Added ability for managers to add group tasks
* Allower managers to assign tasks
* Allowed managers to unassign tasks
* Allow managers to delete group tasks
* Allowed managers to approve
* Added initial ui
* Added approval view for managers
* Allowed managers to edit
* Fixed lint issues
* Added spacing to buttons
* Removed leader from selection of group managers
* Code review updates
* Ensured approvals are only done once
* Added ability for parties to add managers
* Add notifications to all managers when approval is requests
* Removed tasks need approval notifications from all managers when task is approve
* Fixed linting issues
* Hid add managers UI from groups that are not subscribed
* Removed let from front end
* Fixed issues with post task url params
* Fixed string locales
* Removed extra limited strings
* Added cannotedit tasks function
* Added limit fields and notification check by taskId
* Localized string and other minor issues
* Added manager and leader indicator
* Added group notifications refresh on sync
* Added close button for group notifications
* Removed group approval notifications when manager is removed
* Moved leader/manager indicators to after hp
* Added manager fields to groups
* Spelling and syntax fixes
* Added block when user types a swear word listed in banned words
* Moved banned words check to server
* Removed unused code
* Moved banned words to separate file and fixed grammar.
* Updated chat test
* Changed error to BadRequest
* Fixed regex matching
* Updated test banned word
* Moved banned words and cached regex
* Updated banned word message
* Add ban filter only for tavern
* Added tavern id constant
* Added more tests for banned words
* Added warning to banned words
* Added alert
* Added new regex to capture markdown
* Fixed lint, spelling and importing
* Added email invite limit
* change error message for sending too many invitations to instruct them to email us
* fix test error message to use variable in locales string
* add comment to warn about keeping INVITES_LIMIT low
If INVITES_LIMIT is allowed to be greater than MAX_EMAIL_INVITES_BY_USER
then the inviter can send more than MAX_EMAIL_INVITES_BY_USER invitations
at once.
* Fix User > Profile showing {getProgressDisplay()}
* Remove bad nextRewardAt check
* 1st iteration of issue #8385 - more pending
* #8385 config and jade fixes, tests pending
* #8385 fixing lint errors
* Fix faqs string and test
* Fix faq.jade and add workaround for faq.js
* Fixing accidental checking for faq.js
* fix emails in faq.js
* fetch emails once in auth.js
* Fixing community manager email in auth.js
* Update API Doc #8087
Includes: GET /api/v3/user – POST /api/v3/user/buy/:key
* User API Doc update 1
Changed "GET user" description to a URL to the user model
* Update API DOC User 1
Cleaned up stray spaces
* Updated API Doc for User (part 1)
for GET user:
restored apiDescription from first PR
put link to model into "apiSuccessExample"
* Remove notifications from example responses
* Fixed trailing spaces
* Added a field in Party page with members count and maximum members in party
* Added information of invitations counter
* Limited party to 2 members on server (API)
* Fixed english text
* Consider current number of invitations in the party
* Moved PARTY_LIMIT_MEMBERS to common folder
* Access the PARTY_LIMIT_MEMBERS through groupsCtrl
* Some corrections
* Hide invite button when invite limit is reached
* Added missing trailing comma
* Do not test 'returns only first 30 invites' in a party anymore, but in a guild: party is limited to 30 members, so it would always fail
* Test: allow 30 members in a party
* Test: do not allow 30+ members in a party
* Improved 'allow 30 members in a party' test
* Test: 'allow 30+ members in a guild'
* Added missing trailing comma
* Code style corrections
* Fixed new line position
* Party limit check done inside Group.validateInvitations function
* Improved members count query
* Fixed tests
* Rewrite tests
* Removed import of BadRequest: value became unused
* Added 'await' to remaining 'Group.validateInvitations' functions
* Fixed tests that would always success
* Added subscriptions to all members when group subs
* Added unsub when group cancels
* Give user a subscription when they join a subbed group
* Removed subscription when user leaves or is removed from group
* Fixed linting issues:
* Added tests for users with a subscription being upgraded to group plan
* Added tests for checking if existing recurring user sub gets updated during group plan. Added better merging for plans
* Added test for existing gift subscriptions
* Added additional months to user when they have an existing recurring subscription and get upgraded to group sub
* Adds test for user who has cancelled with date termined in the future
* Added test to ensure date termined is reset
* Added tests for extra months carrying over
* Added test for gems bought field
* Add tests to for fields that should remain when upgrading
* Added test for all payment methods
* Added prevention for when a user joins a second group plan
* Fixed subscribing tests
* Separated group plan payment tests
* Added prevention of editing a user with a unlimited sub
* Add tests to ensure group keeps plan if they are in two and leave one
* Ensured users with two group plans do not get cancelled when on group plan is cancelled
* Ensured users without group sub are untouched when group cancels
* Fixed lint issues
* Added new emails
* Added fix for cron tests
* Add restore to stubbed methods
* Ensured cancelled group subscriptions are updated
* Changed group plan exist check to check for date terminated
* Updated you cannont delete active group message
* Removed description requirement
* Added upgrade group plan for Amazon payments
* Fixed lint issues
* Fixed broken tests
* Fixed user delete tests
* Fixed function calls
* Hid cancel button if user has group plan
* Hide difficulty from rewards
* Prevented add user functions to be called when group plan is cancelled
* Fixed merge issue
* Correctly displayed group price
* Added message when you are about to join canclled group plan
* Fixed linting issues
* Updated tests to have no redirect to homes
* Allowed leaving a group with a canceld subscription
* Fixed spelling issues
* Prevented user from changing leader with active sub
* Added payment details title to replace subscription title
* Ensured we do not count leader when displaying upcoming cost
* Prevented party tasks from being displayed twice
* Prevented cancelling and already cancelled sub
* Fixed styles of subscriptions
* Added more specific mystery item tests
* Fixed test to refer to leader
* Extended test range to account for short months
* Fixed merge conflicts
* Updated yarn file
* Added missing locales
* Trigger notification
* Removed yarn
* Fixed locales
* Fixed scope mispelling
* Fixed line endings
* Removed extra advanced options from rewards
* Prevent group leader from leaving an active group plan
* Fixed issue with extra months applied to cancelled group plan
* Ensured member count is calculated when updatedGroupPlan
* Updated amazon payment method constant name
* Added comment to cancel sub user method
* Fixed smantic issues
* Added unite test for user isSubscribed and hasNotCancelled
* Add tests for isSubscribed and hasNotCanceled
* Changed default days remaining to 2 days for group plans
* Fixed logic with adding canceled notice to group invite
* Added setting and modal for score notes
* Added persistent score notes
* Fixed linting issues and documented new field
* Added max length to task score notes
* Added check for score notes existence
* Combined tasks perferences
* Leaving a group or a guild no longer removes the user from the challenges of that group or guild.
* Updating api docs for leaving group to take into account the default path no longer leaving challenges when leaving a group.
* Updating api docs for leaving group to take into account the default path no longer leaving challenges when leaving a group.
* refactored according to blade's comments to not be a breaking change. The api now accepts a body parameter to specify wether the user
should remain in the groups challenges or leave them. The change also adds more tests around this behavior to confirm that it works
as expected.
