* initial market - routing - store - load market data
* move drawer/drawerSlider / count/star badge to components/ui
* filter market categories
* shopItem with gem / gold
* show count of purchable items
* show count of purchable itemsshow drawer with currently owned items + DrawerHeaderTabs-Component
* show featured gear
* show Gear - filter by class - sort by (type, price, stats) - sort market items
* Component: ItemRows - shows only the max items in one row (depending on the available width)
* Sell Dialog + Balance Component
* generic buy-dialog / attributes grid with highlight
* buyItem - hide already owned gear
* filter: hide locked/pinned - lock items if not enough gold
* API: Sell multiple items
* show avatar in buy-equipment-dialog with changed gear
* market banner
* misc fixes
* filter by text
* pin/unpin gear store actions
* Sell API: amount as query-parameter
* Update user.js
* fixes
* fix sell api amount test
* add back stroke/fill currentColor
* use scss variables
* Added challenges section
* Added public fields to guilds
* Added suggestion for habitica help guild
* Added categoires to group
* Added guild category filters
* Added guild filter by member count
* Removed console.log
* Updated group count in tests to account for newly created groups
* (server) Add parties array to store invites
* (server) Lint files
* Update joinGroup, rejectGroupInvite, _inviteByUUID, and remove clearPartyInvitation.js
* Update user schema: detailed 'invitations.parties' attributes
* Code improvement and do not let invite twice
* Check if the user is already invited earlier in the code
* Added message to invitation page, and show all invitations
* Added join party confirmation alert
* Small fixes
* Created test: allow inviting a user to 2 different parties
* Updated tests
* Update invitations.parties on more places
* Small adjustments
* Updates on invitations.party references
* Show all invitations when user is already in a party
* Fixed notifications counter
* Update both 'party' and 'parties' at _handleGroupInvitation
* Updated a test
* Fixed small mistake at _handleGroupInvitation
* More test update
* Update invitation.party when removing single invite and small adjust at view
* Added text to locale
* Added achievement to content and libs
* Added achievement modal
* Added achievement to notification model and controller
* Added achievement to user schema
* Grant achievement to inviter when user registers using emailed link
* Fix icon name
* Added integration test
* Fix linting
* Added sprite
* Initial psuedo-code for checking for slurs in messages
* Initial working prototype for blocking posting of slurs. Moved check from group.js to the chat api. Still needs: to permanently revoke chat privileges, to notify the moderators, a better method for checking for the blacklisted words, and a way to get the real list of words to check.
* Permanently revoke chat privileges when attempting to post a slur.
* Removed console logs
* Fixing rebase
* Do not moderate private groups
* Moved slur check to a generic check for banned words function
* Moved list of slurs to a separate file, fixed misplacement of return in ContainsBannedWords() function
* Slurs are blocked in both public and private groups
* Added code to send a slack message for slurs
* Fixed formatting issues
* Incorporated tectContainsBannedWords() function from PR 8197, added an argument to specify the list of banned words to check
* Added initial tests for blocking slurs and revoking chat priviliges
* Uncommented line to save revoked privileges
* Check that privileges are revoked in private groups
* Moved code to email/slack mods to chat api file
* Switched to BadRequest instead of NotFound error
* Restore chat privileges after test
* Using official placeholder slur
* Fixed line to export sendSubscriptionNotification function for slack
* Replaced muteUser function in user methods with a single line in the chat controller file
* Reset chatRevoked flag to false in a single line
* Switched method of setting chatRevoked flag so that it is updated locally and in the database
* First attempt at the muteUser function: revokes user's chat privileges and notifies moderators
* Manual merge for cherry-pick
* Initial working prototype for blocking posting of slurs. Moved check from group.js to the chat api. Still needs: to permanently revoke chat privileges, to notify the moderators, a better method for checking for the blacklisted words, and a way to get the real list of words to check.
* Permanently revoke chat privileges when attempting to post a slur.
* Removed console logs
* Created report to be sent to moderators via email
* Do not moderate private groups
* Moved slur check to a generic check for banned words function
* Moved list of slurs to a separate file, fixed misplacement of return in ContainsBannedWords() function
* Slurs are blocked in both public and private groups
* Added code to send a slack message for slurs
* Fixed formatting issues
* Incorporated tectContainsBannedWords() function from PR 8197, added an argument to specify the list of banned words to check
* Added initial tests for blocking slurs and revoking chat priviliges
* Uncommented line to save revoked privileges
* Check that privileges are revoked in private groups
* Moved code to email/slack mods to chat api file
* Switched to BadRequest instead of NotFound error
* Restore chat privileges after test
* Using official placeholder slur
* Fixed line to export sendSubscriptionNotification function for slack
* Replaced muteUser function in user methods with a single line in the chat controller file
* Reset chatRevoked flag to false in a single line
* Switched method of setting chatRevoked flag so that it is updated locally and in the database
* Removed some code that got re-added after rebase
* Tests for automatic slur muting pass but are incomplete (do not check that chatRevoked flag is true)
* Moved list of banned slurs to server side
* Added warning to bannedSlurs file
* Test chat privileges revoked when posting slur in public chat
* Fix issues left over after rebase (I hope)
* Added code to test for revoked chat privileges after posting a slur in a private group
* Moved banned slur message into locales message
* Added new code to check for banned slurs (parallels banned words code)
* Fixed AUTHOR_MOTAL_URL in sendTxn for slur blocking
* Added tests that email sent on attempted slur in chat post
* Created context for slur-related-tests, fixed sandboxing of email. Successfully tests that email.sendTxn is called, but the email content test fails
* commented out slack (for now) and cleaned up tests of sending email
* Successfully tests that slur-report-to-mods email is sent
* Slack message is sent, and testing works, but some user variables seem to only work when found in chat.js and passed to slack
* Made some fixes for lint, but not sure what to do about the camel case requirement fail, since that's how they're defined in other slack calls
* Slack tests pass, skipped camelcase check around those code blocks
* Fixed InternalServerError caused by slack messaging
* Updated chat privileges revoked error
* fix(locale): typo correction
* For habit reset logic, changed day check calculation to use user’s timezone instead of server time.
Added unit tests to check following cases:
- Weekly habit reset: Server tz is Sunday, User tz is Monday
- Weekly habit reset: Server tz is Monday, User tz is Sunday
- Monthly habit reset: Server tz is 1st of month, User tz is 2nd of month
- Monthly habit reset: Server tz is end of prev month, User tz is 1st of month
* use moment().zone() instead of utcOffset()
* typo
* Fixed check for daysMissed, added logic for CDS
Added test for CDS, fixed previous tests
* add possibility for group to block members from getting gems
* fixes
* fix tests
* adds some tests
* unit tests
* finish unit tests
* remove old code
* Translation string for error notification
* Use function instead of a link for paypal
* Inject notification service, function to check the amount of gems to purchase, function to handle payments with paypal
* Throw error if amount of gems is zero or negative
* Add condition to raise error if amount is negative
* Added gem errors for gifts 0 or less
* Fixed linting and broken test
* Fixed test syntax
* Added back needed strings
* Fixed group locales
* test: test that admin users can update guilds
* test: test admin removeMember privileges
* fix: allow admins to edit guilds
* fix: add edit guild options for admins
* test: test that admin can't remove current leader
* Add error msg for removing current leader
* Taskwoods Quest Line (#8156)
* feat(content): Gold Quest 2016-10
* chore(news): Bailey
* chore(i18n): update locales
* chore(sprites): compile
* 3.49.0
* chore: update express
* Fix for the ReDOS vulnerability
habitica is currently affected by the high-severity [ReDOS vulnerability](https://snyk.io/vuln/npm:tough-cookie:20160722).
Vulnerable module: `tough-cookie`
Introduced through: ` request`
This PR fixes the ReDOS vulnerability by upgrading ` request` to version 2.74.0
Check out the [Snyk test report](https://snyk.io/test/github/HabitRPG/habitica) to review other vulnerabilities that affect this repo.
[Watch the repo](https://snyk.io/add) to
* get alerts if newly disclosed vulnerabilities affect this repo in the future.
* generate pull requests with the fixes you want, or let us do the work: when a newly disclosed vulnerability affects you, we'll submit a fix to you right away.
Stay secure,
The Snyk team
* Documentation - coupon
closes#8109
* fix(client): Allow member hp to be clickable
fixes#8016closes#8155
* chore(npm): shrinkwrap
* test: test isAbleToEditGroup
* Add isAbleToEditGroup to groupsCtrl
* Remove unnecessary ternary
* Fix linting
* Move edit permission logic out to groupsCtrl
* fix: change ternary to boolean
* Fix linting
* Fixed merge issues
* use new email template when subscription is cancelled from joining a group plan
* use new email template when subscription is cancelled from joining a group plan - needs more code, tests
* change from sending new email as a cancel-subscription option to sending as a group plan join email
Uses a new group-member-join email template instead of old group-member-joining because new template includes mandril conditional merge tags.
Also adds tests and comments. Edits some comments for accuracy and typo fixes.
* adapt group-member-join email template for manual cancel message for iOS and Android subscriptions
* save test user so its profile name can be read by calls to sendTxn
* add documentation for the user model cancelSubscription function
* add constants for strings passed to mandrill email templates
* Use “now” for calculation of the subscription end date instead of plan.dateUpdated
* add test to show previously incorrect logic does not affect sub end date.
* Added image
* Added new achievement to user schema
* Added new achievement to content
* Added new achievement to libs
* Added achievement text to locale
* Added achievement to notification model and controller
* Grant achievement on joining or creating first challenge
* Added achievement to modal template
* Compiled new sprites
* Added integration tests
* Fix linting error
* Add card and achievement sprite for Congrats card
* Add data regarding Congrats card
* Add Get Well card
* Add Get Well images
* Add schema
* Remove `if (!target.flags) target.flags = {};` code from cards
* Remove white backgrounds for congrats sprites
* add inital tests for cards
* Fix card tests
* Fix invalid urls in tests
* Update POST-user_class_cast_spellId.test.js
* Update POST-user_class_cast_spellId.test.js
* Update POST-user_class_cast_spellId.test.js
* Update congrats card sprite
* Fix card logic
* Fix user schema
* Change achievement values for new cards to Number
* Resize congrats and getwell cards
This will make them be sized properly
* Separate Market from Drops
* Extract cards to new section
* fix(sprites): revert spritesheet changes
* Add flags if target does not have them
